Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_storage_account default allow_blob_public_access to false #7784

Merged
merged 1 commit into from
Jul 20, 2020
Merged

azurerm_storage_account default allow_blob_public_access to false #7784

merged 1 commit into from
Jul 20, 2020

Conversation

marc-sensenich
Copy link
Contributor

@marc-sensenich marc-sensenich commented Jul 16, 2020

For azurerm_storage_account resources, default allow_blob_public_access to false to align with behavior prior to 2.19

Closes #7781

TF_ACC=1 go test -v ./azurerm/internal/services/storage/tests/ -run=TestAccAzureRMStorageAccount_allowBlobPublicAccess -timeout 60m -ldflags="-X=github.com/terraform-providers/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccAzureRMStorageAccount_allowBlobPublicAccess
=== PAUSE TestAccAzureRMStorageAccount_allowBlobPublicAccess
=== CONT  TestAccAzureRMStorageAccount_allowBlobPublicAccess
--- PASS: TestAccAzureRMStorageAccount_allowBlobPublicAccess (150.29s)
PASS
ok      github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/storage/tests 150.313s

Copy link
Collaborator

@WodansSon WodansSon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@marc-sensenich, thanks for this! Pretty straight forward, this LGTM! Thanks again for the contribution! 🚀

@KulkarniAbhishek
Copy link

I am getting the following error:
_Error: Unsupported argument

on main.tf line 17, in resource "azurerm_storage_account" "test_sa":
17: allow_blob_public_access = false

An argument named "allow_blob_public_access" is not expected here._

Terraform version: v0.12.28
"azurerm" provider version: 2.0.0

How do I resolve this?

@marc-sensenich
Copy link
Contributor Author

marc-sensenich commented Jul 17, 2020

@KulkarniAbhishek this feature was added in version 2.19.0 of the provider, if you are running 2.0.0 of this provider you shouldn't be affected by #7739 or have the attribute available on the resource

@KulkarniAbhishek
Copy link

@KulkarniAbhishek this feature was added in version 2.19.0 of the provider, if you are running 2.0.0 of this provider you shouldn't be affected by #7739 or have the attribute available on the resource

Upgrading to 2.19.0 worked for me. Thank you.

Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

THis is a breaking change and should potentially wait until 3.0 @WodansSon ?

@katbyte katbyte modified the milestones: v2.20.0, v3.0.0 Jul 20, 2020
@BenWaller
Copy link

THis is a breaking change and should potentially wait until 3.0 @WodansSon ?

This reverts a breaking change from the 2.19.0 release, so having it fixed before 3.0 would be nice.

Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reading up on the ticket i'm going to approve this breaking change due to the security implications of defaulting public access to true.

@ghost
Copy link

ghost commented Jul 23, 2020

This has been released in version 2.20.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.20.0"
}
# ... other configuration ...

@petenorth
Copy link

Thanks for the breaking change.

@ghost
Copy link

ghost commented Aug 20, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!

@ghost ghost locked and limited conversation to collaborators Aug 20, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

azurerm_storage_account property allow_blob_public_access should default to false
7 participants