mirror of
https://github.com/Azure-Samples/graphrag-accelerator.git
synced 2025-10-20 05:15:21 +00:00
79 lines
2.4 KiB
Bicep
79 lines
2.4 KiB
Bicep
// Copyright (c) Microsoft Corporation.
|
|
// Licensed under the MIT License.
|
|
|
|
@description('The name of the Storage Account resource.')
|
|
param name string
|
|
|
|
@description('The location of the Storage Account resource.')
|
|
param location string = resourceGroup().location
|
|
|
|
param tags object = {}
|
|
|
|
@allowed([ 'Hot', 'Cool', 'Premium' ])
|
|
param accessTier string = 'Hot'
|
|
param allowBlobPublicAccess bool = false
|
|
param allowCrossTenantReplication bool = true
|
|
param allowSharedKeyAccess bool = false
|
|
param defaultToOAuthAuthentication bool = false
|
|
param deleteRetentionPolicy object = {}
|
|
@allowed([ 'AzureDnsZone', 'Standard' ])
|
|
param dnsEndpointType string = 'Standard'
|
|
param kind string = 'StorageV2'
|
|
param minimumTlsVersion string = 'TLS1_2'
|
|
@allowed([ 'Enabled', 'Disabled' ])
|
|
param publicNetworkAccess string = 'Disabled'
|
|
param containers array = []
|
|
|
|
@description('Array of objects with fields principalId, principalType, roleDefinitionId')
|
|
param roleAssignments array = []
|
|
|
|
resource storage 'Microsoft.Storage/storageAccounts@2023-01-01' = {
|
|
name: name
|
|
location: location
|
|
tags: tags
|
|
kind: kind
|
|
sku: { name: 'Standard_LRS' }
|
|
properties: {
|
|
accessTier: accessTier
|
|
allowBlobPublicAccess: allowBlobPublicAccess
|
|
allowCrossTenantReplication: allowCrossTenantReplication
|
|
allowSharedKeyAccess: allowSharedKeyAccess
|
|
defaultToOAuthAuthentication: defaultToOAuthAuthentication
|
|
dnsEndpointType: dnsEndpointType
|
|
isHnsEnabled: true
|
|
minimumTlsVersion: minimumTlsVersion
|
|
networkAcls: {
|
|
bypass: 'AzureServices'
|
|
defaultAction: 'Allow'
|
|
}
|
|
publicNetworkAccess: publicNetworkAccess
|
|
}
|
|
|
|
resource blobServices 'blobServices' = if (!empty(containers)) {
|
|
name: 'default'
|
|
properties: {
|
|
deleteRetentionPolicy: deleteRetentionPolicy
|
|
}
|
|
resource container 'containers' = [
|
|
for container in containers: {
|
|
name: container.name
|
|
properties: {
|
|
publicAccess: contains(container, 'publicAccess') ? container.publicAccess : 'None'
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
|
|
resource roleAssignmentResources 'Microsoft.Authorization/roleAssignments@2022-04-01' = [
|
|
for roleAssignment in roleAssignments: {
|
|
name: guid('${roleAssignment.principalId}-${roleAssignment.principalType}-${roleAssignment.roleDefinitionId}')
|
|
scope: storage
|
|
properties: roleAssignment
|
|
}
|
|
]
|
|
|
|
output id string = storage.id
|
|
output name string = storage.name
|
|
output primaryEndpoints object = storage.properties.primaryEndpoints
|