1. Packages
  2. Azure Native
  3. API Docs
  4. storage
  5. StorageAccount
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.66.0 published on Wednesday, Oct 9, 2024 by Pulumi

azure-native.storage.StorageAccount

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.66.0 published on Wednesday, Oct 9, 2024 by Pulumi

    The storage account. Azure REST API version: 2022-09-01. Prior API version in Azure Native 1.x: 2021-02-01.

    Other available API versions: 2015-05-01-preview, 2015-06-15, 2018-11-01, 2023-01-01, 2023-04-01, 2023-05-01.

    Example Usage

    NfsV3AccountCreate

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            EnableHttpsTrafficOnly = false,
            EnableNfsV3 = true,
            IsHnsEnabled = true,
            Kind = AzureNative.Storage.Kind.BlockBlobStorage,
            Location = "eastus",
            NetworkRuleSet = new AzureNative.Storage.Inputs.NetworkRuleSetArgs
            {
                Bypass = AzureNative.Storage.Bypass.AzureServices,
                DefaultAction = AzureNative.Storage.DefaultAction.Allow,
                IpRules = new() { },
                VirtualNetworkRules = new[]
                {
                    new AzureNative.Storage.Inputs.VirtualNetworkRuleArgs
                    {
                        VirtualNetworkResourceId = "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12",
                    },
                },
            },
            ResourceGroupName = "res9101",
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Premium_LRS,
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:            pulumi.String("sto4445"),
    			EnableHttpsTrafficOnly: pulumi.Bool(false),
    			EnableNfsV3:            pulumi.Bool(true),
    			IsHnsEnabled:           pulumi.Bool(true),
    			Kind:                   pulumi.String(storage.KindBlockBlobStorage),
    			Location:               pulumi.String("eastus"),
    			NetworkRuleSet: &storage.NetworkRuleSetArgs{
    				Bypass:        pulumi.String(storage.BypassAzureServices),
    				DefaultAction: storage.DefaultActionAllow,
    				IpRules:       storage.IPRuleArray{},
    				VirtualNetworkRules: storage.VirtualNetworkRuleArray{
    					&storage.VirtualNetworkRuleArgs{
    						VirtualNetworkResourceId: pulumi.String("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"),
    					},
    				},
    			},
    			ResourceGroupName: pulumi.String("res9101"),
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Premium_LRS),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.NetworkRuleSetArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .enableHttpsTrafficOnly(false)
                .enableNfsV3(true)
                .isHnsEnabled(true)
                .kind("BlockBlobStorage")
                .location("eastus")
                .networkRuleSet(NetworkRuleSetArgs.builder()
                    .bypass("AzureServices")
                    .defaultAction("Allow")
                    .ipRules()
                    .virtualNetworkRules(VirtualNetworkRuleArgs.builder()
                        .virtualNetworkResourceId("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12")
                        .build())
                    .build())
                .resourceGroupName("res9101")
                .sku(SkuArgs.builder()
                    .name("Premium_LRS")
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        enable_https_traffic_only=False,
        enable_nfs_v3=True,
        is_hns_enabled=True,
        kind=azure_native.storage.Kind.BLOCK_BLOB_STORAGE,
        location="eastus",
        network_rule_set={
            "bypass": azure_native.storage.Bypass.AZURE_SERVICES,
            "default_action": azure_native.storage.DefaultAction.ALLOW,
            "ip_rules": [],
            "virtual_network_rules": [{
                "virtual_network_resource_id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12",
            }],
        },
        resource_group_name="res9101",
        sku={
            "name": azure_native.storage.SkuName.PREMIUM_LRS,
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        enableHttpsTrafficOnly: false,
        enableNfsV3: true,
        isHnsEnabled: true,
        kind: azure_native.storage.Kind.BlockBlobStorage,
        location: "eastus",
        networkRuleSet: {
            bypass: azure_native.storage.Bypass.AzureServices,
            defaultAction: azure_native.storage.DefaultAction.Allow,
            ipRules: [],
            virtualNetworkRules: [{
                virtualNetworkResourceId: "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12",
            }],
        },
        resourceGroupName: "res9101",
        sku: {
            name: azure_native.storage.SkuName.Premium_LRS,
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          enableHttpsTrafficOnly: false
          enableNfsV3: true
          isHnsEnabled: true
          kind: BlockBlobStorage
          location: eastus
          networkRuleSet:
            bypass: AzureServices
            defaultAction: Allow
            ipRules: []
            virtualNetworkRules:
              - virtualNetworkResourceId: /subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12
          resourceGroupName: res9101
          sku:
            name: Premium_LRS
    

    StorageAccountCreate

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            DefaultToOAuthAuthentication = false,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
            {
                Name = "losangeles001",
                Type = AzureNative.Storage.ExtendedLocationTypes.EdgeZone,
            },
            IsHnsEnabled = true,
            IsSftpEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:                  pulumi.String("sto4445"),
    			AllowBlobPublicAccess:        pulumi.Bool(false),
    			AllowSharedKeyAccess:         pulumi.Bool(true),
    			DefaultToOAuthAuthentication: pulumi.Bool(false),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			ExtendedLocation: &storage.ExtendedLocationArgs{
    				Name: pulumi.String("losangeles001"),
    				Type: pulumi.String(storage.ExtendedLocationTypesEdgeZone),
    			},
    			IsHnsEnabled:  pulumi.Bool(true),
    			IsSftpEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:              pulumi.String(storage.KindStorage),
    			Location:          pulumi.String("eastus"),
    			MinimumTlsVersion: pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			ResourceGroupName: pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.ExtendedLocationArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .defaultToOAuthAuthentication(false)
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .extendedLocation(ExtendedLocationArgs.builder()
                    .name("losangeles001")
                    .type("EdgeZone")
                    .build())
                .isHnsEnabled(true)
                .isSftpEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        default_to_o_auth_authentication=False,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        extended_location={
            "name": "losangeles001",
            "type": azure_native.storage.ExtendedLocationTypes.EDGE_ZONE,
        },
        is_hns_enabled=True,
        is_sftp_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        defaultToOAuthAuthentication: false,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        extendedLocation: {
            name: "losangeles001",
            type: azure_native.storage.ExtendedLocationTypes.EdgeZone,
        },
        isHnsEnabled: true,
        isSftpEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          defaultToOAuthAuthentication: false
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          extendedLocation:
            name: losangeles001
            type: EdgeZone
          isHnsEnabled: true
          isSftpEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreateAllowedCopyScopeToAAD

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            AllowedCopyScope = AzureNative.Storage.AllowedCopyScope.AAD,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            IsHnsEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:           pulumi.String("sto4445"),
    			AllowBlobPublicAccess: pulumi.Bool(false),
    			AllowSharedKeyAccess:  pulumi.Bool(true),
    			AllowedCopyScope:      pulumi.String(storage.AllowedCopyScopeAAD),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			IsHnsEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:              pulumi.String(storage.KindStorage),
    			Location:          pulumi.String("eastus"),
    			MinimumTlsVersion: pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			ResourceGroupName: pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .allowedCopyScope("AAD")
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .isHnsEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        allowed_copy_scope=azure_native.storage.AllowedCopyScope.AAD,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        is_hns_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        allowedCopyScope: azure_native.storage.AllowedCopyScope.AAD,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        isHnsEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          allowedCopyScope: AAD
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          isHnsEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            AllowedCopyScope = AzureNative.Storage.AllowedCopyScope.PrivateLink,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            IsHnsEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:           pulumi.String("sto4445"),
    			AllowBlobPublicAccess: pulumi.Bool(false),
    			AllowSharedKeyAccess:  pulumi.Bool(true),
    			AllowedCopyScope:      pulumi.String(storage.AllowedCopyScopePrivateLink),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			IsHnsEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:              pulumi.String(storage.KindStorage),
    			Location:          pulumi.String("eastus"),
    			MinimumTlsVersion: pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			ResourceGroupName: pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .allowedCopyScope("PrivateLink")
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .isHnsEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        allowed_copy_scope=azure_native.storage.AllowedCopyScope.PRIVATE_LINK,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        is_hns_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        allowedCopyScope: azure_native.storage.AllowedCopyScope.PrivateLink,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        isHnsEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          allowedCopyScope: PrivateLink
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          isHnsEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreateDisallowPublicNetworkAccess

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
            {
                Name = "losangeles001",
                Type = AzureNative.Storage.ExtendedLocationTypes.EdgeZone,
            },
            IsHnsEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            PublicNetworkAccess = AzureNative.Storage.PublicNetworkAccess.Disabled,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:           pulumi.String("sto4445"),
    			AllowBlobPublicAccess: pulumi.Bool(false),
    			AllowSharedKeyAccess:  pulumi.Bool(true),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			ExtendedLocation: &storage.ExtendedLocationArgs{
    				Name: pulumi.String("losangeles001"),
    				Type: pulumi.String(storage.ExtendedLocationTypesEdgeZone),
    			},
    			IsHnsEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:                pulumi.String(storage.KindStorage),
    			Location:            pulumi.String("eastus"),
    			MinimumTlsVersion:   pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			PublicNetworkAccess: pulumi.String(storage.PublicNetworkAccessDisabled),
    			ResourceGroupName:   pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.ExtendedLocationArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .extendedLocation(ExtendedLocationArgs.builder()
                    .name("losangeles001")
                    .type("EdgeZone")
                    .build())
                .isHnsEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .publicNetworkAccess("Disabled")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        extended_location={
            "name": "losangeles001",
            "type": azure_native.storage.ExtendedLocationTypes.EDGE_ZONE,
        },
        is_hns_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        public_network_access=azure_native.storage.PublicNetworkAccess.DISABLED,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        extendedLocation: {
            name: "losangeles001",
            type: azure_native.storage.ExtendedLocationTypes.EdgeZone,
        },
        isHnsEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        publicNetworkAccess: azure_native.storage.PublicNetworkAccess.Disabled,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          extendedLocation:
            name: losangeles001
            type: EdgeZone
          isHnsEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          publicNetworkAccess: Disabled
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreateDnsEndpointTypeToAzureDnsZone

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            DefaultToOAuthAuthentication = false,
            DnsEndpointType = AzureNative.Storage.DnsEndpointType.AzureDnsZone,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
            {
                Name = "losangeles001",
                Type = AzureNative.Storage.ExtendedLocationTypes.EdgeZone,
            },
            IsHnsEnabled = true,
            IsSftpEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:                  pulumi.String("sto4445"),
    			AllowBlobPublicAccess:        pulumi.Bool(false),
    			AllowSharedKeyAccess:         pulumi.Bool(true),
    			DefaultToOAuthAuthentication: pulumi.Bool(false),
    			DnsEndpointType:              pulumi.String(storage.DnsEndpointTypeAzureDnsZone),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			ExtendedLocation: &storage.ExtendedLocationArgs{
    				Name: pulumi.String("losangeles001"),
    				Type: pulumi.String(storage.ExtendedLocationTypesEdgeZone),
    			},
    			IsHnsEnabled:  pulumi.Bool(true),
    			IsSftpEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:              pulumi.String(storage.KindStorage),
    			Location:          pulumi.String("eastus"),
    			MinimumTlsVersion: pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			ResourceGroupName: pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.ExtendedLocationArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .defaultToOAuthAuthentication(false)
                .dnsEndpointType("AzureDnsZone")
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .extendedLocation(ExtendedLocationArgs.builder()
                    .name("losangeles001")
                    .type("EdgeZone")
                    .build())
                .isHnsEnabled(true)
                .isSftpEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        default_to_o_auth_authentication=False,
        dns_endpoint_type=azure_native.storage.DnsEndpointType.AZURE_DNS_ZONE,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        extended_location={
            "name": "losangeles001",
            "type": azure_native.storage.ExtendedLocationTypes.EDGE_ZONE,
        },
        is_hns_enabled=True,
        is_sftp_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        defaultToOAuthAuthentication: false,
        dnsEndpointType: azure_native.storage.DnsEndpointType.AzureDnsZone,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        extendedLocation: {
            name: "losangeles001",
            type: azure_native.storage.ExtendedLocationTypes.EdgeZone,
        },
        isHnsEnabled: true,
        isSftpEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          defaultToOAuthAuthentication: false
          dnsEndpointType: AzureDnsZone
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          extendedLocation:
            name: losangeles001
            type: EdgeZone
          isHnsEnabled: true
          isSftpEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreateDnsEndpointTypeToStandard

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            DefaultToOAuthAuthentication = false,
            DnsEndpointType = AzureNative.Storage.DnsEndpointType.Standard,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
            {
                Name = "losangeles001",
                Type = AzureNative.Storage.ExtendedLocationTypes.EdgeZone,
            },
            IsHnsEnabled = true,
            IsSftpEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:                  pulumi.String("sto4445"),
    			AllowBlobPublicAccess:        pulumi.Bool(false),
    			AllowSharedKeyAccess:         pulumi.Bool(true),
    			DefaultToOAuthAuthentication: pulumi.Bool(false),
    			DnsEndpointType:              pulumi.String(storage.DnsEndpointTypeStandard),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			ExtendedLocation: &storage.ExtendedLocationArgs{
    				Name: pulumi.String("losangeles001"),
    				Type: pulumi.String(storage.ExtendedLocationTypesEdgeZone),
    			},
    			IsHnsEnabled:  pulumi.Bool(true),
    			IsSftpEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:              pulumi.String(storage.KindStorage),
    			Location:          pulumi.String("eastus"),
    			MinimumTlsVersion: pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			ResourceGroupName: pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.ExtendedLocationArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .defaultToOAuthAuthentication(false)
                .dnsEndpointType("Standard")
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .extendedLocation(ExtendedLocationArgs.builder()
                    .name("losangeles001")
                    .type("EdgeZone")
                    .build())
                .isHnsEnabled(true)
                .isSftpEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        default_to_o_auth_authentication=False,
        dns_endpoint_type=azure_native.storage.DnsEndpointType.STANDARD,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        extended_location={
            "name": "losangeles001",
            "type": azure_native.storage.ExtendedLocationTypes.EDGE_ZONE,
        },
        is_hns_enabled=True,
        is_sftp_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        defaultToOAuthAuthentication: false,
        dnsEndpointType: azure_native.storage.DnsEndpointType.Standard,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        extendedLocation: {
            name: "losangeles001",
            type: azure_native.storage.ExtendedLocationTypes.EdgeZone,
        },
        isHnsEnabled: true,
        isSftpEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          defaultToOAuthAuthentication: false
          dnsEndpointType: Standard
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          extendedLocation:
            name: losangeles001
            type: EdgeZone
          isHnsEnabled: true
          isSftpEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreateEnablePublicNetworkAccess

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowBlobPublicAccess = false,
            AllowSharedKeyAccess = true,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
            {
                Name = "losangeles001",
                Type = AzureNative.Storage.ExtendedLocationTypes.EdgeZone,
            },
            IsHnsEnabled = true,
            KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
            {
                KeyExpirationPeriodInDays = 20,
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            PublicNetworkAccess = AzureNative.Storage.PublicNetworkAccess.Enabled,
            ResourceGroupName = "res9101",
            RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
            {
                PublishInternetEndpoints = true,
                PublishMicrosoftEndpoints = true,
                RoutingChoice = AzureNative.Storage.RoutingChoice.MicrosoftRouting,
            },
            SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
            {
                ExpirationAction = AzureNative.Storage.ExpirationAction.Log,
                SasExpirationPeriod = "1.15:59:59",
            },
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:           pulumi.String("sto4445"),
    			AllowBlobPublicAccess: pulumi.Bool(false),
    			AllowSharedKeyAccess:  pulumi.Bool(true),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			ExtendedLocation: &storage.ExtendedLocationArgs{
    				Name: pulumi.String("losangeles001"),
    				Type: pulumi.String(storage.ExtendedLocationTypesEdgeZone),
    			},
    			IsHnsEnabled: pulumi.Bool(true),
    			KeyPolicy: &storage.KeyPolicyArgs{
    				KeyExpirationPeriodInDays: pulumi.Int(20),
    			},
    			Kind:                pulumi.String(storage.KindStorage),
    			Location:            pulumi.String("eastus"),
    			MinimumTlsVersion:   pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			PublicNetworkAccess: pulumi.String(storage.PublicNetworkAccessEnabled),
    			ResourceGroupName:   pulumi.String("res9101"),
    			RoutingPreference: &storage.RoutingPreferenceArgs{
    				PublishInternetEndpoints:  pulumi.Bool(true),
    				PublishMicrosoftEndpoints: pulumi.Bool(true),
    				RoutingChoice:             pulumi.String(storage.RoutingChoiceMicrosoftRouting),
    			},
    			SasPolicy: &storage.SasPolicyArgs{
    				ExpirationAction:    pulumi.String(storage.ExpirationActionLog),
    				SasExpirationPeriod: pulumi.String("1.15:59:59"),
    			},
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.ExtendedLocationArgs;
    import com.pulumi.azurenative.storage.inputs.KeyPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.RoutingPreferenceArgs;
    import com.pulumi.azurenative.storage.inputs.SasPolicyArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowBlobPublicAccess(false)
                .allowSharedKeyAccess(true)
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .extendedLocation(ExtendedLocationArgs.builder()
                    .name("losangeles001")
                    .type("EdgeZone")
                    .build())
                .isHnsEnabled(true)
                .keyPolicy(KeyPolicyArgs.builder()
                    .keyExpirationPeriodInDays(20)
                    .build())
                .kind("Storage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .publicNetworkAccess("Enabled")
                .resourceGroupName("res9101")
                .routingPreference(RoutingPreferenceArgs.builder()
                    .publishInternetEndpoints(true)
                    .publishMicrosoftEndpoints(true)
                    .routingChoice("MicrosoftRouting")
                    .build())
                .sasPolicy(SasPolicyArgs.builder()
                    .expirationAction("Log")
                    .sasExpirationPeriod("1.15:59:59")
                    .build())
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_blob_public_access=False,
        allow_shared_key_access=True,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        extended_location={
            "name": "losangeles001",
            "type": azure_native.storage.ExtendedLocationTypes.EDGE_ZONE,
        },
        is_hns_enabled=True,
        key_policy={
            "key_expiration_period_in_days": 20,
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        public_network_access=azure_native.storage.PublicNetworkAccess.ENABLED,
        resource_group_name="res9101",
        routing_preference={
            "publish_internet_endpoints": True,
            "publish_microsoft_endpoints": True,
            "routing_choice": azure_native.storage.RoutingChoice.MICROSOFT_ROUTING,
        },
        sas_policy={
            "expiration_action": azure_native.storage.ExpirationAction.LOG,
            "sas_expiration_period": "1.15:59:59",
        },
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowBlobPublicAccess: false,
        allowSharedKeyAccess: true,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        extendedLocation: {
            name: "losangeles001",
            type: azure_native.storage.ExtendedLocationTypes.EdgeZone,
        },
        isHnsEnabled: true,
        keyPolicy: {
            keyExpirationPeriodInDays: 20,
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        publicNetworkAccess: azure_native.storage.PublicNetworkAccess.Enabled,
        resourceGroupName: "res9101",
        routingPreference: {
            publishInternetEndpoints: true,
            publishMicrosoftEndpoints: true,
            routingChoice: azure_native.storage.RoutingChoice.MicrosoftRouting,
        },
        sasPolicy: {
            expirationAction: azure_native.storage.ExpirationAction.Log,
            sasExpirationPeriod: "1.15:59:59",
        },
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowBlobPublicAccess: false
          allowSharedKeyAccess: true
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          extendedLocation:
            name: losangeles001
            type: EdgeZone
          isHnsEnabled: true
          keyPolicy:
            keyExpirationPeriodInDays: 20
          kind: Storage
          location: eastus
          minimumTlsVersion: TLS1_2
          publicNetworkAccess: Enabled
          resourceGroupName: res9101
          routingPreference:
            publishInternetEndpoints: true
            publishMicrosoftEndpoints: true
            routingChoice: MicrosoftRouting
          sasPolicy:
            expirationAction: Log
            sasExpirationPeriod: 1.15:59:59
          sku:
            name: Standard_GRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreatePremiumBlockBlobStorage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            AllowSharedKeyAccess = true,
            Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
            {
                KeySource = AzureNative.Storage.KeySource.Microsoft_Storage,
                RequireInfrastructureEncryption = false,
                Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
                {
                    Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                    File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                    {
                        Enabled = true,
                        KeyType = AzureNative.Storage.KeyType.Account,
                    },
                },
            },
            Kind = AzureNative.Storage.Kind.BlockBlobStorage,
            Location = "eastus",
            MinimumTlsVersion = AzureNative.Storage.MinimumTlsVersion.TLS1_2,
            ResourceGroupName = "res9101",
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Premium_LRS,
            },
            Tags = 
            {
                { "key1", "value1" },
                { "key2", "value2" },
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName:          pulumi.String("sto4445"),
    			AllowSharedKeyAccess: pulumi.Bool(true),
    			Encryption: &storage.EncryptionArgs{
    				KeySource:                       pulumi.String(storage.KeySource_Microsoft_Storage),
    				RequireInfrastructureEncryption: pulumi.Bool(false),
    				Services: &storage.EncryptionServicesArgs{
    					Blob: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    					File: &storage.EncryptionServiceArgs{
    						Enabled: pulumi.Bool(true),
    						KeyType: pulumi.String(storage.KeyTypeAccount),
    					},
    				},
    			},
    			Kind:              pulumi.String(storage.KindBlockBlobStorage),
    			Location:          pulumi.String("eastus"),
    			MinimumTlsVersion: pulumi.String(storage.MinimumTlsVersion_TLS1_2),
    			ResourceGroupName: pulumi.String("res9101"),
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Premium_LRS),
    			},
    			Tags: pulumi.StringMap{
    				"key1": pulumi.String("value1"),
    				"key2": pulumi.String("value2"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServicesArgs;
    import com.pulumi.azurenative.storage.inputs.EncryptionServiceArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .allowSharedKeyAccess(true)
                .encryption(EncryptionArgs.builder()
                    .keySource("Microsoft.Storage")
                    .requireInfrastructureEncryption(false)
                    .services(EncryptionServicesArgs.builder()
                        .blob(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .file(EncryptionServiceArgs.builder()
                            .enabled(true)
                            .keyType("Account")
                            .build())
                        .build())
                    .build())
                .kind("BlockBlobStorage")
                .location("eastus")
                .minimumTlsVersion("TLS1_2")
                .resourceGroupName("res9101")
                .sku(SkuArgs.builder()
                    .name("Premium_LRS")
                    .build())
                .tags(Map.ofEntries(
                    Map.entry("key1", "value1"),
                    Map.entry("key2", "value2")
                ))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        allow_shared_key_access=True,
        encryption={
            "key_source": azure_native.storage.KeySource.MICROSOFT_STORAGE,
            "require_infrastructure_encryption": False,
            "services": {
                "blob": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
                "file": {
                    "enabled": True,
                    "key_type": azure_native.storage.KeyType.ACCOUNT,
                },
            },
        },
        kind=azure_native.storage.Kind.BLOCK_BLOB_STORAGE,
        location="eastus",
        minimum_tls_version=azure_native.storage.MinimumTlsVersion.TLS1_2,
        resource_group_name="res9101",
        sku={
            "name": azure_native.storage.SkuName.PREMIUM_LRS,
        },
        tags={
            "key1": "value1",
            "key2": "value2",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        allowSharedKeyAccess: true,
        encryption: {
            keySource: azure_native.storage.KeySource.Microsoft_Storage,
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
                file: {
                    enabled: true,
                    keyType: azure_native.storage.KeyType.Account,
                },
            },
        },
        kind: azure_native.storage.Kind.BlockBlobStorage,
        location: "eastus",
        minimumTlsVersion: azure_native.storage.MinimumTlsVersion.TLS1_2,
        resourceGroupName: "res9101",
        sku: {
            name: azure_native.storage.SkuName.Premium_LRS,
        },
        tags: {
            key1: "value1",
            key2: "value2",
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          allowSharedKeyAccess: true
          encryption:
            keySource: Microsoft.Storage
            requireInfrastructureEncryption: false
            services:
              blob:
                enabled: true
                keyType: Account
              file:
                enabled: true
                keyType: Account
          kind: BlockBlobStorage
          location: eastus
          minimumTlsVersion: TLS1_2
          resourceGroupName: res9101
          sku:
            name: Premium_LRS
          tags:
            key1: value1
            key2: value2
    

    StorageAccountCreateWithImmutabilityPolicy

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
        {
            AccountName = "sto4445",
            ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
            {
                Name = "losangeles001",
                Type = AzureNative.Storage.ExtendedLocationTypes.EdgeZone,
            },
            ImmutableStorageWithVersioning = new AzureNative.Storage.Inputs.ImmutableStorageAccountArgs
            {
                Enabled = true,
                ImmutabilityPolicy = new AzureNative.Storage.Inputs.AccountImmutabilityPolicyPropertiesArgs
                {
                    AllowProtectedAppendWrites = true,
                    ImmutabilityPeriodSinceCreationInDays = 15,
                    State = AzureNative.Storage.AccountImmutabilityPolicyState.Unlocked,
                },
            },
            Kind = AzureNative.Storage.Kind.Storage,
            Location = "eastus",
            ResourceGroupName = "res9101",
            Sku = new AzureNative.Storage.Inputs.SkuArgs
            {
                Name = AzureNative.Storage.SkuName.Standard_GRS,
            },
        });
    
    });
    
    package main
    
    import (
    	storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
    			AccountName: pulumi.String("sto4445"),
    			ExtendedLocation: &storage.ExtendedLocationArgs{
    				Name: pulumi.String("losangeles001"),
    				Type: pulumi.String(storage.ExtendedLocationTypesEdgeZone),
    			},
    			ImmutableStorageWithVersioning: &storage.ImmutableStorageAccountArgs{
    				Enabled: pulumi.Bool(true),
    				ImmutabilityPolicy: &storage.AccountImmutabilityPolicyPropertiesArgs{
    					AllowProtectedAppendWrites:            pulumi.Bool(true),
    					ImmutabilityPeriodSinceCreationInDays: pulumi.Int(15),
    					State:                                 pulumi.String(storage.AccountImmutabilityPolicyStateUnlocked),
    				},
    			},
    			Kind:              pulumi.String(storage.KindStorage),
    			Location:          pulumi.String("eastus"),
    			ResourceGroupName: pulumi.String("res9101"),
    			Sku: &storage.SkuArgs{
    				Name: pulumi.String(storage.SkuName_Standard_GRS),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.ExtendedLocationArgs;
    import com.pulumi.azurenative.storage.inputs.ImmutableStorageAccountArgs;
    import com.pulumi.azurenative.storage.inputs.AccountImmutabilityPolicyPropertiesArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
                .accountName("sto4445")
                .extendedLocation(ExtendedLocationArgs.builder()
                    .name("losangeles001")
                    .type("EdgeZone")
                    .build())
                .immutableStorageWithVersioning(ImmutableStorageAccountArgs.builder()
                    .enabled(true)
                    .immutabilityPolicy(AccountImmutabilityPolicyPropertiesArgs.builder()
                        .allowProtectedAppendWrites(true)
                        .immutabilityPeriodSinceCreationInDays(15)
                        .state("Unlocked")
                        .build())
                    .build())
                .kind("Storage")
                .location("eastus")
                .resourceGroupName("res9101")
                .sku(SkuArgs.builder()
                    .name("Standard_GRS")
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    storage_account = azure_native.storage.StorageAccount("storageAccount",
        account_name="sto4445",
        extended_location={
            "name": "losangeles001",
            "type": azure_native.storage.ExtendedLocationTypes.EDGE_ZONE,
        },
        immutable_storage_with_versioning={
            "enabled": True,
            "immutability_policy": {
                "allow_protected_append_writes": True,
                "immutability_period_since_creation_in_days": 15,
                "state": azure_native.storage.AccountImmutabilityPolicyState.UNLOCKED,
            },
        },
        kind=azure_native.storage.Kind.STORAGE,
        location="eastus",
        resource_group_name="res9101",
        sku={
            "name": azure_native.storage.SkuName.STANDARD_GRS,
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const storageAccount = new azure_native.storage.StorageAccount("storageAccount", {
        accountName: "sto4445",
        extendedLocation: {
            name: "losangeles001",
            type: azure_native.storage.ExtendedLocationTypes.EdgeZone,
        },
        immutableStorageWithVersioning: {
            enabled: true,
            immutabilityPolicy: {
                allowProtectedAppendWrites: true,
                immutabilityPeriodSinceCreationInDays: 15,
                state: azure_native.storage.AccountImmutabilityPolicyState.Unlocked,
            },
        },
        kind: azure_native.storage.Kind.Storage,
        location: "eastus",
        resourceGroupName: "res9101",
        sku: {
            name: azure_native.storage.SkuName.Standard_GRS,
        },
    });
    
    resources:
      storageAccount:
        type: azure-native:storage:StorageAccount
        properties:
          accountName: sto4445
          extendedLocation:
            name: losangeles001
            type: EdgeZone
          immutableStorageWithVersioning:
            enabled: true
            immutabilityPolicy:
              allowProtectedAppendWrites: true
              immutabilityPeriodSinceCreationInDays: 15
              state: Unlocked
          kind: Storage
          location: eastus
          resourceGroupName: res9101
          sku:
            name: Standard_GRS
    

    Create StorageAccount Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new StorageAccount(name: string, args: StorageAccountArgs, opts?: CustomResourceOptions);
    @overload
    def StorageAccount(resource_name: str,
                       args: StorageAccountArgs,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def StorageAccount(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       kind: Optional[Union[str, Kind]] = None,
                       sku: Optional[SkuArgs] = None,
                       resource_group_name: Optional[str] = None,
                       identity: Optional[IdentityArgs] = None,
                       is_hns_enabled: Optional[bool] = None,
                       allowed_copy_scope: Optional[Union[str, AllowedCopyScope]] = None,
                       azure_files_identity_based_authentication: Optional[AzureFilesIdentityBasedAuthenticationArgs] = None,
                       custom_domain: Optional[CustomDomainArgs] = None,
                       default_to_o_auth_authentication: Optional[bool] = None,
                       dns_endpoint_type: Optional[Union[str, DnsEndpointType]] = None,
                       enable_https_traffic_only: Optional[bool] = None,
                       enable_nfs_v3: Optional[bool] = None,
                       encryption: Optional[EncryptionArgs] = None,
                       extended_location: Optional[ExtendedLocationArgs] = None,
                       access_tier: Optional[AccessTier] = None,
                       immutable_storage_with_versioning: Optional[ImmutableStorageAccountArgs] = None,
                       allow_shared_key_access: Optional[bool] = None,
                       is_local_user_enabled: Optional[bool] = None,
                       is_sftp_enabled: Optional[bool] = None,
                       key_policy: Optional[KeyPolicyArgs] = None,
                       allow_cross_tenant_replication: Optional[bool] = None,
                       large_file_shares_state: Optional[Union[str, LargeFileSharesState]] = None,
                       location: Optional[str] = None,
                       minimum_tls_version: Optional[Union[str, MinimumTlsVersion]] = None,
                       network_rule_set: Optional[NetworkRuleSetArgs] = None,
                       public_network_access: Optional[Union[str, PublicNetworkAccess]] = None,
                       allow_blob_public_access: Optional[bool] = None,
                       routing_preference: Optional[RoutingPreferenceArgs] = None,
                       sas_policy: Optional[SasPolicyArgs] = None,
                       account_name: Optional[str] = None,
                       tags: Optional[Mapping[str, str]] = None)
    func NewStorageAccount(ctx *Context, name string, args StorageAccountArgs, opts ...ResourceOption) (*StorageAccount, error)
    public StorageAccount(string name, StorageAccountArgs args, CustomResourceOptions? opts = null)
    public StorageAccount(String name, StorageAccountArgs args)
    public StorageAccount(String name, StorageAccountArgs args, CustomResourceOptions options)
    
    type: azure-native:storage:StorageAccount
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args StorageAccountArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args StorageAccountArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args StorageAccountArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args StorageAccountArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args StorageAccountArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var azure_nativeStorageAccountResource = new AzureNative.Storage.StorageAccount("azure-nativeStorageAccountResource", new()
    {
        Kind = "string",
        Sku = new AzureNative.Storage.Inputs.SkuArgs
        {
            Name = "string",
        },
        ResourceGroupName = "string",
        Identity = new AzureNative.Storage.Inputs.IdentityArgs
        {
            Type = "string",
            UserAssignedIdentities = new[]
            {
                "string",
            },
        },
        IsHnsEnabled = false,
        AllowedCopyScope = "string",
        AzureFilesIdentityBasedAuthentication = new AzureNative.Storage.Inputs.AzureFilesIdentityBasedAuthenticationArgs
        {
            DirectoryServiceOptions = "string",
            ActiveDirectoryProperties = new AzureNative.Storage.Inputs.ActiveDirectoryPropertiesArgs
            {
                DomainGuid = "string",
                DomainName = "string",
                AccountType = "string",
                AzureStorageSid = "string",
                DomainSid = "string",
                ForestName = "string",
                NetBiosDomainName = "string",
                SamAccountName = "string",
            },
            DefaultSharePermission = "string",
        },
        CustomDomain = new AzureNative.Storage.Inputs.CustomDomainArgs
        {
            Name = "string",
            UseSubDomainName = false,
        },
        DefaultToOAuthAuthentication = false,
        DnsEndpointType = "string",
        EnableHttpsTrafficOnly = false,
        EnableNfsV3 = false,
        Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
        {
            EncryptionIdentity = new AzureNative.Storage.Inputs.EncryptionIdentityArgs
            {
                EncryptionFederatedIdentityClientId = "string",
                EncryptionUserAssignedIdentity = "string",
            },
            KeySource = "string",
            KeyVaultProperties = new AzureNative.Storage.Inputs.KeyVaultPropertiesArgs
            {
                KeyName = "string",
                KeyVaultUri = "string",
                KeyVersion = "string",
            },
            RequireInfrastructureEncryption = false,
            Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
            {
                Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                {
                    Enabled = false,
                    KeyType = "string",
                },
                File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                {
                    Enabled = false,
                    KeyType = "string",
                },
                Queue = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                {
                    Enabled = false,
                    KeyType = "string",
                },
                Table = new AzureNative.Storage.Inputs.EncryptionServiceArgs
                {
                    Enabled = false,
                    KeyType = "string",
                },
            },
        },
        ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
        {
            Name = "string",
            Type = "string",
        },
        AccessTier = AzureNative.Storage.AccessTier.Hot,
        ImmutableStorageWithVersioning = new AzureNative.Storage.Inputs.ImmutableStorageAccountArgs
        {
            Enabled = false,
            ImmutabilityPolicy = new AzureNative.Storage.Inputs.AccountImmutabilityPolicyPropertiesArgs
            {
                AllowProtectedAppendWrites = false,
                ImmutabilityPeriodSinceCreationInDays = 0,
                State = "string",
            },
        },
        AllowSharedKeyAccess = false,
        IsLocalUserEnabled = false,
        IsSftpEnabled = false,
        KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
        {
            KeyExpirationPeriodInDays = 0,
        },
        AllowCrossTenantReplication = false,
        LargeFileSharesState = "string",
        Location = "string",
        MinimumTlsVersion = "string",
        NetworkRuleSet = new AzureNative.Storage.Inputs.NetworkRuleSetArgs
        {
            DefaultAction = AzureNative.Storage.DefaultAction.Allow,
            Bypass = "string",
            IpRules = new[]
            {
                new AzureNative.Storage.Inputs.IPRuleArgs
                {
                    IPAddressOrRange = "string",
                    Action = AzureNative.Storage.Action.Allow,
                },
            },
            ResourceAccessRules = new[]
            {
                new AzureNative.Storage.Inputs.ResourceAccessRuleArgs
                {
                    ResourceId = "string",
                    TenantId = "string",
                },
            },
            VirtualNetworkRules = new[]
            {
                new AzureNative.Storage.Inputs.VirtualNetworkRuleArgs
                {
                    VirtualNetworkResourceId = "string",
                    Action = AzureNative.Storage.Action.Allow,
                    State = "string",
                },
            },
        },
        PublicNetworkAccess = "string",
        AllowBlobPublicAccess = false,
        RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
        {
            PublishInternetEndpoints = false,
            PublishMicrosoftEndpoints = false,
            RoutingChoice = "string",
        },
        SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
        {
            ExpirationAction = "string",
            SasExpirationPeriod = "string",
        },
        AccountName = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := storage.NewStorageAccount(ctx, "azure-nativeStorageAccountResource", &storage.StorageAccountArgs{
    	Kind: pulumi.String("string"),
    	Sku: &storage.SkuArgs{
    		Name: pulumi.String("string"),
    	},
    	ResourceGroupName: pulumi.String("string"),
    	Identity: &storage.IdentityArgs{
    		Type: pulumi.String("string"),
    		UserAssignedIdentities: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	IsHnsEnabled:     pulumi.Bool(false),
    	AllowedCopyScope: pulumi.String("string"),
    	AzureFilesIdentityBasedAuthentication: &storage.AzureFilesIdentityBasedAuthenticationArgs{
    		DirectoryServiceOptions: pulumi.String("string"),
    		ActiveDirectoryProperties: &storage.ActiveDirectoryPropertiesArgs{
    			DomainGuid:        pulumi.String("string"),
    			DomainName:        pulumi.String("string"),
    			AccountType:       pulumi.String("string"),
    			AzureStorageSid:   pulumi.String("string"),
    			DomainSid:         pulumi.String("string"),
    			ForestName:        pulumi.String("string"),
    			NetBiosDomainName: pulumi.String("string"),
    			SamAccountName:    pulumi.String("string"),
    		},
    		DefaultSharePermission: pulumi.String("string"),
    	},
    	CustomDomain: &storage.CustomDomainArgs{
    		Name:             pulumi.String("string"),
    		UseSubDomainName: pulumi.Bool(false),
    	},
    	DefaultToOAuthAuthentication: pulumi.Bool(false),
    	DnsEndpointType:              pulumi.String("string"),
    	EnableHttpsTrafficOnly:       pulumi.Bool(false),
    	EnableNfsV3:                  pulumi.Bool(false),
    	Encryption: &storage.EncryptionArgs{
    		EncryptionIdentity: &storage.EncryptionIdentityArgs{
    			EncryptionFederatedIdentityClientId: pulumi.String("string"),
    			EncryptionUserAssignedIdentity:      pulumi.String("string"),
    		},
    		KeySource: pulumi.String("string"),
    		KeyVaultProperties: &storage.KeyVaultPropertiesArgs{
    			KeyName:     pulumi.String("string"),
    			KeyVaultUri: pulumi.String("string"),
    			KeyVersion:  pulumi.String("string"),
    		},
    		RequireInfrastructureEncryption: pulumi.Bool(false),
    		Services: &storage.EncryptionServicesArgs{
    			Blob: &storage.EncryptionServiceArgs{
    				Enabled: pulumi.Bool(false),
    				KeyType: pulumi.String("string"),
    			},
    			File: &storage.EncryptionServiceArgs{
    				Enabled: pulumi.Bool(false),
    				KeyType: pulumi.String("string"),
    			},
    			Queue: &storage.EncryptionServiceArgs{
    				Enabled: pulumi.Bool(false),
    				KeyType: pulumi.String("string"),
    			},
    			Table: &storage.EncryptionServiceArgs{
    				Enabled: pulumi.Bool(false),
    				KeyType: pulumi.String("string"),
    			},
    		},
    	},
    	ExtendedLocation: &storage.ExtendedLocationArgs{
    		Name: pulumi.String("string"),
    		Type: pulumi.String("string"),
    	},
    	AccessTier: storage.AccessTierHot,
    	ImmutableStorageWithVersioning: &storage.ImmutableStorageAccountArgs{
    		Enabled: pulumi.Bool(false),
    		ImmutabilityPolicy: &storage.AccountImmutabilityPolicyPropertiesArgs{
    			AllowProtectedAppendWrites:            pulumi.Bool(false),
    			ImmutabilityPeriodSinceCreationInDays: pulumi.Int(0),
    			State:                                 pulumi.String("string"),
    		},
    	},
    	AllowSharedKeyAccess: pulumi.Bool(false),
    	IsLocalUserEnabled:   pulumi.Bool(false),
    	IsSftpEnabled:        pulumi.Bool(false),
    	KeyPolicy: &storage.KeyPolicyArgs{
    		KeyExpirationPeriodInDays: pulumi.Int(0),
    	},
    	AllowCrossTenantReplication: pulumi.Bool(false),
    	LargeFileSharesState:        pulumi.String("string"),
    	Location:                    pulumi.String("string"),
    	MinimumTlsVersion:           pulumi.String("string"),
    	NetworkRuleSet: &storage.NetworkRuleSetArgs{
    		DefaultAction: storage.DefaultActionAllow,
    		Bypass:        pulumi.String("string"),
    		IpRules: storage.IPRuleArray{
    			&storage.IPRuleArgs{
    				IPAddressOrRange: pulumi.String("string"),
    				Action:           storage.ActionAllow,
    			},
    		},
    		ResourceAccessRules: storage.ResourceAccessRuleArray{
    			&storage.ResourceAccessRuleArgs{
    				ResourceId: pulumi.String("string"),
    				TenantId:   pulumi.String("string"),
    			},
    		},
    		VirtualNetworkRules: storage.VirtualNetworkRuleArray{
    			&storage.VirtualNetworkRuleArgs{
    				VirtualNetworkResourceId: pulumi.String("string"),
    				Action:                   storage.ActionAllow,
    				State:                    pulumi.String("string"),
    			},
    		},
    	},
    	PublicNetworkAccess:   pulumi.String("string"),
    	AllowBlobPublicAccess: pulumi.Bool(false),
    	RoutingPreference: &storage.RoutingPreferenceArgs{
    		PublishInternetEndpoints:  pulumi.Bool(false),
    		PublishMicrosoftEndpoints: pulumi.Bool(false),
    		RoutingChoice:             pulumi.String("string"),
    	},
    	SasPolicy: &storage.SasPolicyArgs{
    		ExpirationAction:    pulumi.String("string"),
    		SasExpirationPeriod: pulumi.String("string"),
    	},
    	AccountName: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var azure_nativeStorageAccountResource = new StorageAccount("azure-nativeStorageAccountResource", StorageAccountArgs.builder()
        .kind("string")
        .sku(SkuArgs.builder()
            .name("string")
            .build())
        .resourceGroupName("string")
        .identity(IdentityArgs.builder()
            .type("string")
            .userAssignedIdentities("string")
            .build())
        .isHnsEnabled(false)
        .allowedCopyScope("string")
        .azureFilesIdentityBasedAuthentication(AzureFilesIdentityBasedAuthenticationArgs.builder()
            .directoryServiceOptions("string")
            .activeDirectoryProperties(ActiveDirectoryPropertiesArgs.builder()
                .domainGuid("string")
                .domainName("string")
                .accountType("string")
                .azureStorageSid("string")
                .domainSid("string")
                .forestName("string")
                .netBiosDomainName("string")
                .samAccountName("string")
                .build())
            .defaultSharePermission("string")
            .build())
        .customDomain(CustomDomainArgs.builder()
            .name("string")
            .useSubDomainName(false)
            .build())
        .defaultToOAuthAuthentication(false)
        .dnsEndpointType("string")
        .enableHttpsTrafficOnly(false)
        .enableNfsV3(false)
        .encryption(EncryptionArgs.builder()
            .encryptionIdentity(EncryptionIdentityArgs.builder()
                .encryptionFederatedIdentityClientId("string")
                .encryptionUserAssignedIdentity("string")
                .build())
            .keySource("string")
            .keyVaultProperties(KeyVaultPropertiesArgs.builder()
                .keyName("string")
                .keyVaultUri("string")
                .keyVersion("string")
                .build())
            .requireInfrastructureEncryption(false)
            .services(EncryptionServicesArgs.builder()
                .blob(EncryptionServiceArgs.builder()
                    .enabled(false)
                    .keyType("string")
                    .build())
                .file(EncryptionServiceArgs.builder()
                    .enabled(false)
                    .keyType("string")
                    .build())
                .queue(EncryptionServiceArgs.builder()
                    .enabled(false)
                    .keyType("string")
                    .build())
                .table(EncryptionServiceArgs.builder()
                    .enabled(false)
                    .keyType("string")
                    .build())
                .build())
            .build())
        .extendedLocation(ExtendedLocationArgs.builder()
            .name("string")
            .type("string")
            .build())
        .accessTier("Hot")
        .immutableStorageWithVersioning(ImmutableStorageAccountArgs.builder()
            .enabled(false)
            .immutabilityPolicy(AccountImmutabilityPolicyPropertiesArgs.builder()
                .allowProtectedAppendWrites(false)
                .immutabilityPeriodSinceCreationInDays(0)
                .state("string")
                .build())
            .build())
        .allowSharedKeyAccess(false)
        .isLocalUserEnabled(false)
        .isSftpEnabled(false)
        .keyPolicy(KeyPolicyArgs.builder()
            .keyExpirationPeriodInDays(0)
            .build())
        .allowCrossTenantReplication(false)
        .largeFileSharesState("string")
        .location("string")
        .minimumTlsVersion("string")
        .networkRuleSet(NetworkRuleSetArgs.builder()
            .defaultAction("Allow")
            .bypass("string")
            .ipRules(IPRuleArgs.builder()
                .iPAddressOrRange("string")
                .action("Allow")
                .build())
            .resourceAccessRules(ResourceAccessRuleArgs.builder()
                .resourceId("string")
                .tenantId("string")
                .build())
            .virtualNetworkRules(VirtualNetworkRuleArgs.builder()
                .virtualNetworkResourceId("string")
                .action("Allow")
                .state("string")
                .build())
            .build())
        .publicNetworkAccess("string")
        .allowBlobPublicAccess(false)
        .routingPreference(RoutingPreferenceArgs.builder()
            .publishInternetEndpoints(false)
            .publishMicrosoftEndpoints(false)
            .routingChoice("string")
            .build())
        .sasPolicy(SasPolicyArgs.builder()
            .expirationAction("string")
            .sasExpirationPeriod("string")
            .build())
        .accountName("string")
        .tags(Map.of("string", "string"))
        .build());
    
    azure_native_storage_account_resource = azure_native.storage.StorageAccount("azure-nativeStorageAccountResource",
        kind="string",
        sku={
            "name": "string",
        },
        resource_group_name="string",
        identity={
            "type": "string",
            "userAssignedIdentities": ["string"],
        },
        is_hns_enabled=False,
        allowed_copy_scope="string",
        azure_files_identity_based_authentication={
            "directoryServiceOptions": "string",
            "activeDirectoryProperties": {
                "domainGuid": "string",
                "domainName": "string",
                "accountType": "string",
                "azureStorageSid": "string",
                "domainSid": "string",
                "forestName": "string",
                "netBiosDomainName": "string",
                "samAccountName": "string",
            },
            "defaultSharePermission": "string",
        },
        custom_domain={
            "name": "string",
            "useSubDomainName": False,
        },
        default_to_o_auth_authentication=False,
        dns_endpoint_type="string",
        enable_https_traffic_only=False,
        enable_nfs_v3=False,
        encryption={
            "encryptionIdentity": {
                "encryptionFederatedIdentityClientId": "string",
                "encryptionUserAssignedIdentity": "string",
            },
            "keySource": "string",
            "keyVaultProperties": {
                "keyName": "string",
                "keyVaultUri": "string",
                "keyVersion": "string",
            },
            "requireInfrastructureEncryption": False,
            "services": {
                "blob": {
                    "enabled": False,
                    "keyType": "string",
                },
                "file": {
                    "enabled": False,
                    "keyType": "string",
                },
                "queue": {
                    "enabled": False,
                    "keyType": "string",
                },
                "table": {
                    "enabled": False,
                    "keyType": "string",
                },
            },
        },
        extended_location={
            "name": "string",
            "type": "string",
        },
        access_tier=azure_native.storage.AccessTier.HOT,
        immutable_storage_with_versioning={
            "enabled": False,
            "immutabilityPolicy": {
                "allowProtectedAppendWrites": False,
                "immutabilityPeriodSinceCreationInDays": 0,
                "state": "string",
            },
        },
        allow_shared_key_access=False,
        is_local_user_enabled=False,
        is_sftp_enabled=False,
        key_policy={
            "keyExpirationPeriodInDays": 0,
        },
        allow_cross_tenant_replication=False,
        large_file_shares_state="string",
        location="string",
        minimum_tls_version="string",
        network_rule_set={
            "defaultAction": azure_native.storage.DefaultAction.ALLOW,
            "bypass": "string",
            "ipRules": [{
                "iPAddressOrRange": "string",
                "action": azure_native.storage.Action.ALLOW,
            }],
            "resourceAccessRules": [{
                "resourceId": "string",
                "tenantId": "string",
            }],
            "virtualNetworkRules": [{
                "virtualNetworkResourceId": "string",
                "action": azure_native.storage.Action.ALLOW,
                "state": "string",
            }],
        },
        public_network_access="string",
        allow_blob_public_access=False,
        routing_preference={
            "publishInternetEndpoints": False,
            "publishMicrosoftEndpoints": False,
            "routingChoice": "string",
        },
        sas_policy={
            "expirationAction": "string",
            "sasExpirationPeriod": "string",
        },
        account_name="string",
        tags={
            "string": "string",
        })
    
    const azure_nativeStorageAccountResource = new azure_native.storage.StorageAccount("azure-nativeStorageAccountResource", {
        kind: "string",
        sku: {
            name: "string",
        },
        resourceGroupName: "string",
        identity: {
            type: "string",
            userAssignedIdentities: ["string"],
        },
        isHnsEnabled: false,
        allowedCopyScope: "string",
        azureFilesIdentityBasedAuthentication: {
            directoryServiceOptions: "string",
            activeDirectoryProperties: {
                domainGuid: "string",
                domainName: "string",
                accountType: "string",
                azureStorageSid: "string",
                domainSid: "string",
                forestName: "string",
                netBiosDomainName: "string",
                samAccountName: "string",
            },
            defaultSharePermission: "string",
        },
        customDomain: {
            name: "string",
            useSubDomainName: false,
        },
        defaultToOAuthAuthentication: false,
        dnsEndpointType: "string",
        enableHttpsTrafficOnly: false,
        enableNfsV3: false,
        encryption: {
            encryptionIdentity: {
                encryptionFederatedIdentityClientId: "string",
                encryptionUserAssignedIdentity: "string",
            },
            keySource: "string",
            keyVaultProperties: {
                keyName: "string",
                keyVaultUri: "string",
                keyVersion: "string",
            },
            requireInfrastructureEncryption: false,
            services: {
                blob: {
                    enabled: false,
                    keyType: "string",
                },
                file: {
                    enabled: false,
                    keyType: "string",
                },
                queue: {
                    enabled: false,
                    keyType: "string",
                },
                table: {
                    enabled: false,
                    keyType: "string",
                },
            },
        },
        extendedLocation: {
            name: "string",
            type: "string",
        },
        accessTier: azure_native.storage.AccessTier.Hot,
        immutableStorageWithVersioning: {
            enabled: false,
            immutabilityPolicy: {
                allowProtectedAppendWrites: false,
                immutabilityPeriodSinceCreationInDays: 0,
                state: "string",
            },
        },
        allowSharedKeyAccess: false,
        isLocalUserEnabled: false,
        isSftpEnabled: false,
        keyPolicy: {
            keyExpirationPeriodInDays: 0,
        },
        allowCrossTenantReplication: false,
        largeFileSharesState: "string",
        location: "string",
        minimumTlsVersion: "string",
        networkRuleSet: {
            defaultAction: azure_native.storage.DefaultAction.Allow,
            bypass: "string",
            ipRules: [{
                iPAddressOrRange: "string",
                action: azure_native.storage.Action.Allow,
            }],
            resourceAccessRules: [{
                resourceId: "string",
                tenantId: "string",
            }],
            virtualNetworkRules: [{
                virtualNetworkResourceId: "string",
                action: azure_native.storage.Action.Allow,
                state: "string",
            }],
        },
        publicNetworkAccess: "string",
        allowBlobPublicAccess: false,
        routingPreference: {
            publishInternetEndpoints: false,
            publishMicrosoftEndpoints: false,
            routingChoice: "string",
        },
        sasPolicy: {
            expirationAction: "string",
            sasExpirationPeriod: "string",
        },
        accountName: "string",
        tags: {
            string: "string",
        },
    });
    
    type: azure-native:storage:StorageAccount
    properties:
        accessTier: Hot
        accountName: string
        allowBlobPublicAccess: false
        allowCrossTenantReplication: false
        allowSharedKeyAccess: false
        allowedCopyScope: string
        azureFilesIdentityBasedAuthentication:
            activeDirectoryProperties:
                accountType: string
                azureStorageSid: string
                domainGuid: string
                domainName: string
                domainSid: string
                forestName: string
                netBiosDomainName: string
                samAccountName: string
            defaultSharePermission: string
            directoryServiceOptions: string
        customDomain:
            name: string
            useSubDomainName: false
        defaultToOAuthAuthentication: false
        dnsEndpointType: string
        enableHttpsTrafficOnly: false
        enableNfsV3: false
        encryption:
            encryptionIdentity:
                encryptionFederatedIdentityClientId: string
                encryptionUserAssignedIdentity: string
            keySource: string
            keyVaultProperties:
                keyName: string
                keyVaultUri: string
                keyVersion: string
            requireInfrastructureEncryption: false
            services:
                blob:
                    enabled: false
                    keyType: string
                file:
                    enabled: false
                    keyType: string
                queue:
                    enabled: false
                    keyType: string
                table:
                    enabled: false
                    keyType: string
        extendedLocation:
            name: string
            type: string
        identity:
            type: string
            userAssignedIdentities:
                - string
        immutableStorageWithVersioning:
            enabled: false
            immutabilityPolicy:
                allowProtectedAppendWrites: false
                immutabilityPeriodSinceCreationInDays: 0
                state: string
        isHnsEnabled: false
        isLocalUserEnabled: false
        isSftpEnabled: false
        keyPolicy:
            keyExpirationPeriodInDays: 0
        kind: string
        largeFileSharesState: string
        location: string
        minimumTlsVersion: string
        networkRuleSet:
            bypass: string
            defaultAction: Allow
            ipRules:
                - action: Allow
                  iPAddressOrRange: string
            resourceAccessRules:
                - resourceId: string
                  tenantId: string
            virtualNetworkRules:
                - action: Allow
                  state: string
                  virtualNetworkResourceId: string
        publicNetworkAccess: string
        resourceGroupName: string
        routingPreference:
            publishInternetEndpoints: false
            publishMicrosoftEndpoints: false
            routingChoice: string
        sasPolicy:
            expirationAction: string
            sasExpirationPeriod: string
        sku:
            name: string
        tags:
            string: string
    

    StorageAccount Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The StorageAccount resource accepts the following input properties:

    Kind string | Pulumi.AzureNative.Storage.Kind
    Required. Indicates the type of storage account.
    ResourceGroupName string
    The name of the resource group within the user's subscription. The name is case insensitive.
    Sku Pulumi.AzureNative.Storage.Inputs.Sku
    Required. Gets or sets the SKU name.
    AccessTier Pulumi.AzureNative.Storage.AccessTier
    Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.
    AccountName string
    The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
    AllowBlobPublicAccess bool
    Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
    AllowCrossTenantReplication bool
    Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.
    AllowSharedKeyAccess bool
    Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
    AllowedCopyScope string | Pulumi.AzureNative.Storage.AllowedCopyScope
    Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.
    AzureFilesIdentityBasedAuthentication Pulumi.AzureNative.Storage.Inputs.AzureFilesIdentityBasedAuthentication
    Provides the identity based authentication settings for Azure Files.
    CustomDomain Pulumi.AzureNative.Storage.Inputs.CustomDomain
    User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
    DefaultToOAuthAuthentication bool
    A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.
    DnsEndpointType string | Pulumi.AzureNative.Storage.DnsEndpointType
    Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.
    EnableHttpsTrafficOnly bool
    Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
    EnableNfsV3 bool
    NFS 3.0 protocol support enabled if set to true.
    Encryption Pulumi.AzureNative.Storage.Inputs.Encryption
    Encryption settings to be used for server-side encryption for the storage account.
    ExtendedLocation Pulumi.AzureNative.Storage.Inputs.ExtendedLocation
    Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
    Identity Pulumi.AzureNative.Storage.Inputs.Identity
    The identity of the resource.
    ImmutableStorageWithVersioning Pulumi.AzureNative.Storage.Inputs.ImmutableStorageAccount
    The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.
    IsHnsEnabled bool
    Account HierarchicalNamespace enabled if sets to true.
    IsLocalUserEnabled bool
    Enables local users feature, if set to true
    IsSftpEnabled bool
    Enables Secure File Transfer Protocol, if set to true
    KeyPolicy Pulumi.AzureNative.Storage.Inputs.KeyPolicy
    KeyPolicy assigned to the storage account.
    LargeFileSharesState string | Pulumi.AzureNative.Storage.LargeFileSharesState
    Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
    Location string
    Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
    MinimumTlsVersion string | Pulumi.AzureNative.Storage.MinimumTlsVersion
    Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
    NetworkRuleSet Pulumi.AzureNative.Storage.Inputs.NetworkRuleSet
    Network rule set
    PublicNetworkAccess string | Pulumi.AzureNative.Storage.PublicNetworkAccess
    Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
    RoutingPreference Pulumi.AzureNative.Storage.Inputs.RoutingPreference
    Maintains information about the network routing choice opted by the user for data transfer
    SasPolicy Pulumi.AzureNative.Storage.Inputs.SasPolicy
    SasPolicy assigned to the storage account.
    Tags Dictionary<string, string>
    Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.
    Kind string | Kind
    Required. Indicates the type of storage account.
    ResourceGroupName string
    The name of the resource group within the user's subscription. The name is case insensitive.
    Sku SkuArgs
    Required. Gets or sets the SKU name.
    AccessTier AccessTier
    Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.
    AccountName string
    The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
    AllowBlobPublicAccess bool
    Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
    AllowCrossTenantReplication bool
    Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.
    AllowSharedKeyAccess bool
    Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
    AllowedCopyScope string | AllowedCopyScope
    Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.
    AzureFilesIdentityBasedAuthentication AzureFilesIdentityBasedAuthenticationArgs
    Provides the identity based authentication settings for Azure Files.
    CustomDomain CustomDomainArgs
    User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
    DefaultToOAuthAuthentication bool
    A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.
    DnsEndpointType string | DnsEndpointType
    Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.
    EnableHttpsTrafficOnly bool
    Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
    EnableNfsV3 bool
    NFS 3.0 protocol support enabled if set to true.
    Encryption EncryptionArgs
    Encryption settings to be used for server-side encryption for the storage account.
    ExtendedLocation ExtendedLocationArgs
    Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
    Identity IdentityArgs
    The identity of the resource.
    ImmutableStorageWithVersioning ImmutableStorageAccountArgs
    The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.
    IsHnsEnabled bool
    Account HierarchicalNamespace enabled if sets to true.
    IsLocalUserEnabled bool
    Enables local users feature, if set to true
    IsSftpEnabled bool
    Enables Secure File Transfer Protocol, if set to true
    KeyPolicy KeyPolicyArgs
    KeyPolicy assigned to the storage account.
    LargeFileSharesState string | LargeFileSharesState
    Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
    Location string
    Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
    MinimumTlsVersion string | MinimumTlsVersion
    Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
    NetworkRuleSet NetworkRuleSetArgs
    Network rule set
    PublicNetworkAccess string | PublicNetworkAccess
    Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
    RoutingPreference RoutingPreferenceArgs
    Maintains information about the network routing choice opted by the user for data transfer
    SasPolicy SasPolicyArgs
    SasPolicy assigned to the storage account.
    Tags map[string]string
    Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.
    kind String | Kind
    Required. Indicates the type of storage account.
    resourceGroupName String
    The name of the resource group within the user's subscription. The name is case insensitive.
    sku Sku
    Required. Gets or sets the SKU name.
    accessTier AccessTier
    Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.
    accountName String
    The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
    allowBlobPublicAccess Boolean
    Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
    allowCrossTenantReplication Boolean
    Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.
    allowSharedKeyAccess Boolean
    Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
    allowedCopyScope String | AllowedCopyScope
    Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.
    azureFilesIdentityBasedAuthentication AzureFilesIdentityBasedAuthentication
    Provides the identity based authentication settings for Azure Files.
    customDomain CustomDomain
    User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
    defaultToOAuthAuthentication Boolean
    A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.
    dnsEndpointType String | DnsEndpointType
    Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.
    enableHttpsTrafficOnly Boolean
    Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
    enableNfsV3 Boolean
    NFS 3.0 protocol support enabled if set to true.
    encryption Encryption
    Encryption settings to be used for server-side encryption for the storage account.
    extendedLocation ExtendedLocation
    Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
    identity Identity
    The identity of the resource.
    immutableStorageWithVersioning ImmutableStorageAccount
    The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.
    isHnsEnabled Boolean
    Account HierarchicalNamespace enabled if sets to true.
    isLocalUserEnabled Boolean
    Enables local users feature, if set to true
    isSftpEnabled Boolean
    Enables Secure File Transfer Protocol, if set to true
    keyPolicy KeyPolicy
    KeyPolicy assigned to the storage account.
    largeFileSharesState String | LargeFileSharesState
    Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
    location String
    Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
    minimumTlsVersion String | MinimumTlsVersion
    Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
    networkRuleSet NetworkRuleSet
    Network rule set
    publicNetworkAccess String | PublicNetworkAccess
    Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
    routingPreference RoutingPreference
    Maintains information about the network routing choice opted by the user for data transfer
    sasPolicy SasPolicy
    SasPolicy assigned to the storage account.
    tags Map<String,String>
    Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.
    kind string | Kind
    Required. Indicates the type of storage account.
    resourceGroupName string
    The name of the resource group within the user's subscription. The name is case insensitive.
    sku Sku
    Required. Gets or sets the SKU name.
    accessTier AccessTier
    Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.
    accountName string
    The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
    allowBlobPublicAccess boolean
    Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
    allowCrossTenantReplication boolean
    Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.
    allowSharedKeyAccess boolean
    Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
    allowedCopyScope string | AllowedCopyScope
    Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.
    azureFilesIdentityBasedAuthentication AzureFilesIdentityBasedAuthentication
    Provides the identity based authentication settings for Azure Files.
    customDomain CustomDomain
    User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
    defaultToOAuthAuthentication boolean
    A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.
    dnsEndpointType string | DnsEndpointType
    Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.
    enableHttpsTrafficOnly boolean
    Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
    enableNfsV3 boolean
    NFS 3.0 protocol support enabled if set to true.
    encryption Encryption
    Encryption settings to be used for server-side encryption for the storage account.
    extendedLocation ExtendedLocation
    Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
    identity Identity
    The identity of the resource.
    immutableStorageWithVersioning ImmutableStorageAccount
    The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.
    isHnsEnabled boolean
    Account HierarchicalNamespace enabled if sets to true.
    isLocalUserEnabled boolean
    Enables local users feature, if set to true
    isSftpEnabled boolean
    Enables Secure File Transfer Protocol, if set to true
    keyPolicy KeyPolicy
    KeyPolicy assigned to the storage account.
    largeFileSharesState string | LargeFileSharesState
    Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
    location string
    Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
    minimumTlsVersion string | MinimumTlsVersion
    Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
    networkRuleSet NetworkRuleSet
    Network rule set
    publicNetworkAccess string | PublicNetworkAccess
    Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
    routingPreference RoutingPreference
    Maintains information about the network routing choice opted by the user for data transfer
    sasPolicy SasPolicy
    SasPolicy assigned to the storage account.
    tags {[key: string]: string}
    Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.
    kind str | Kind
    Required. Indicates the type of storage account.
    resource_group_name str
    The name of the resource group within the user's subscription. The name is case insensitive.
    sku SkuArgs
    Required. Gets or sets the SKU name.
    access_tier AccessTier
    Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.
    account_name str
    The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
    allow_blob_public_access bool
    Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
    allow_cross_tenant_replication bool
    Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.
    allow_shared_key_access bool
    Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
    allowed_copy_scope str | AllowedCopyScope
    Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.
    azure_files_identity_based_authentication AzureFilesIdentityBasedAuthenticationArgs
    Provides the identity based authentication settings for Azure Files.
    custom_domain CustomDomainArgs
    User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
    default_to_o_auth_authentication bool
    A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.
    dns_endpoint_type str | DnsEndpointType
    Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.
    enable_https_traffic_only bool
    Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
    enable_nfs_v3 bool
    NFS 3.0 protocol support enabled if set to true.
    encryption EncryptionArgs
    Encryption settings to be used for server-side encryption for the storage account.
    extended_location ExtendedLocationArgs
    Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
    identity IdentityArgs
    The identity of the resource.
    immutable_storage_with_versioning ImmutableStorageAccountArgs
    The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.
    is_hns_enabled bool
    Account HierarchicalNamespace enabled if sets to true.
    is_local_user_enabled bool
    Enables local users feature, if set to true
    is_sftp_enabled bool
    Enables Secure File Transfer Protocol, if set to true
    key_policy KeyPolicyArgs
    KeyPolicy assigned to the storage account.
    large_file_shares_state str | LargeFileSharesState
    Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
    location str
    Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
    minimum_tls_version str | MinimumTlsVersion
    Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
    network_rule_set NetworkRuleSetArgs
    Network rule set
    public_network_access str | PublicNetworkAccess
    Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
    routing_preference RoutingPreferenceArgs
    Maintains information about the network routing choice opted by the user for data transfer
    sas_policy SasPolicyArgs
    SasPolicy assigned to the storage account.
    tags Mapping[str, str]
    Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.
    kind String | "Storage" | "StorageV2" | "BlobStorage" | "FileStorage" | "BlockBlobStorage"
    Required. Indicates the type of storage account.
    resourceGroupName String
    The name of the resource group within the user's subscription. The name is case insensitive.
    sku Property Map
    Required. Gets or sets the SKU name.
    accessTier "Hot" | "Cool" | "Premium"
    Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.
    accountName String
    The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
    allowBlobPublicAccess Boolean
    Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
    allowCrossTenantReplication Boolean
    Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.
    allowSharedKeyAccess Boolean
    Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
    allowedCopyScope String | "PrivateLink" | "AAD"
    Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.
    azureFilesIdentityBasedAuthentication Property Map
    Provides the identity based authentication settings for Azure Files.
    customDomain Property Map
    User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
    defaultToOAuthAuthentication Boolean
    A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.
    dnsEndpointType String | "Standard" | "AzureDnsZone"
    Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.
    enableHttpsTrafficOnly Boolean
    Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
    enableNfsV3 Boolean
    NFS 3.0 protocol support enabled if set to true.
    encryption Property Map
    Encryption settings to be used for server-side encryption for the storage account.
    extendedLocation Property Map
    Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
    identity Property Map
    The identity of the resource.
    immutableStorageWithVersioning Property Map
    The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.
    isHnsEnabled Boolean
    Account HierarchicalNamespace enabled if sets to true.
    isLocalUserEnabled Boolean
    Enables local users feature, if set to true
    isSftpEnabled Boolean
    Enables Secure File Transfer Protocol, if set to true
    keyPolicy Property Map
    KeyPolicy assigned to the storage account.
    largeFileSharesState String | "Disabled" | "Enabled"
    Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
    location String
    Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
    minimumTlsVersion String | "TLS1_0" | "TLS1_1" | "TLS1_2"
    Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
    networkRuleSet Property Map
    Network rule set
    publicNetworkAccess String | "Enabled" | "Disabled"
    Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
    routingPreference Property Map
    Maintains information about the network routing choice opted by the user for data transfer
    sasPolicy Property Map
    SasPolicy assigned to the storage account.
    tags Map<String>
    Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the StorageAccount resource produces the following output properties:

    BlobRestoreStatus Pulumi.AzureNative.Storage.Outputs.BlobRestoreStatusResponse
    Blob restore status
    CreationTime string
    Gets the creation date and time of the storage account in UTC.
    FailoverInProgress bool
    If the failover is in progress, the value will be true, otherwise, it will be null.
    GeoReplicationStats Pulumi.AzureNative.Storage.Outputs.GeoReplicationStatsResponse
    Geo Replication Stats
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyCreationTime Pulumi.AzureNative.Storage.Outputs.KeyCreationTimeResponse
    Storage account keys creation time.
    LastGeoFailoverTime string
    Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    Name string
    The name of the resource
    PrimaryEndpoints Pulumi.AzureNative.Storage.Outputs.EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.
    PrimaryLocation string
    Gets the location of the primary data center for the storage account.
    PrivateEndpointConnections List<Pulumi.AzureNative.Storage.Outputs.PrivateEndpointConnectionResponse>
    List of private endpoint connection associated with the specified storage account
    ProvisioningState string
    Gets the status of the storage account at the time the operation was called.
    SecondaryEndpoints Pulumi.AzureNative.Storage.Outputs.EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.
    SecondaryLocation string
    Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    StatusOfPrimary string
    Gets the status indicating whether the primary location of the storage account is available or unavailable.
    StatusOfSecondary string
    Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.
    Type string
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    StorageAccountSkuConversionStatus Pulumi.AzureNative.Storage.Outputs.StorageAccountSkuConversionStatusResponse
    This property is readOnly and is set by server during asynchronous storage account sku conversion operations.
    BlobRestoreStatus BlobRestoreStatusResponse
    Blob restore status
    CreationTime string
    Gets the creation date and time of the storage account in UTC.
    FailoverInProgress bool
    If the failover is in progress, the value will be true, otherwise, it will be null.
    GeoReplicationStats GeoReplicationStatsResponse
    Geo Replication Stats
    Id string
    The provider-assigned unique ID for this managed resource.
    KeyCreationTime KeyCreationTimeResponse
    Storage account keys creation time.
    LastGeoFailoverTime string
    Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    Name string
    The name of the resource
    PrimaryEndpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.
    PrimaryLocation string
    Gets the location of the primary data center for the storage account.
    PrivateEndpointConnections []PrivateEndpointConnectionResponse
    List of private endpoint connection associated with the specified storage account
    ProvisioningState string
    Gets the status of the storage account at the time the operation was called.
    SecondaryEndpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.
    SecondaryLocation string
    Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    StatusOfPrimary string
    Gets the status indicating whether the primary location of the storage account is available or unavailable.
    StatusOfSecondary string
    Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.
    Type string
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    StorageAccountSkuConversionStatus StorageAccountSkuConversionStatusResponse
    This property is readOnly and is set by server during asynchronous storage account sku conversion operations.
    blobRestoreStatus BlobRestoreStatusResponse
    Blob restore status
    creationTime String
    Gets the creation date and time of the storage account in UTC.
    failoverInProgress Boolean
    If the failover is in progress, the value will be true, otherwise, it will be null.
    geoReplicationStats GeoReplicationStatsResponse
    Geo Replication Stats
    id String
    The provider-assigned unique ID for this managed resource.
    keyCreationTime KeyCreationTimeResponse
    Storage account keys creation time.
    lastGeoFailoverTime String
    Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    name String
    The name of the resource
    primaryEndpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.
    primaryLocation String
    Gets the location of the primary data center for the storage account.
    privateEndpointConnections List<PrivateEndpointConnectionResponse>
    List of private endpoint connection associated with the specified storage account
    provisioningState String
    Gets the status of the storage account at the time the operation was called.
    secondaryEndpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.
    secondaryLocation String
    Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    statusOfPrimary String
    Gets the status indicating whether the primary location of the storage account is available or unavailable.
    statusOfSecondary String
    Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.
    type String
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    storageAccountSkuConversionStatus StorageAccountSkuConversionStatusResponse
    This property is readOnly and is set by server during asynchronous storage account sku conversion operations.
    blobRestoreStatus BlobRestoreStatusResponse
    Blob restore status
    creationTime string
    Gets the creation date and time of the storage account in UTC.
    failoverInProgress boolean
    If the failover is in progress, the value will be true, otherwise, it will be null.
    geoReplicationStats GeoReplicationStatsResponse
    Geo Replication Stats
    id string
    The provider-assigned unique ID for this managed resource.
    keyCreationTime KeyCreationTimeResponse
    Storage account keys creation time.
    lastGeoFailoverTime string
    Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    name string
    The name of the resource
    primaryEndpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.
    primaryLocation string
    Gets the location of the primary data center for the storage account.
    privateEndpointConnections PrivateEndpointConnectionResponse[]
    List of private endpoint connection associated with the specified storage account
    provisioningState string
    Gets the status of the storage account at the time the operation was called.
    secondaryEndpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.
    secondaryLocation string
    Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    statusOfPrimary string
    Gets the status indicating whether the primary location of the storage account is available or unavailable.
    statusOfSecondary string
    Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.
    type string
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    storageAccountSkuConversionStatus StorageAccountSkuConversionStatusResponse
    This property is readOnly and is set by server during asynchronous storage account sku conversion operations.
    blob_restore_status BlobRestoreStatusResponse
    Blob restore status
    creation_time str
    Gets the creation date and time of the storage account in UTC.
    failover_in_progress bool
    If the failover is in progress, the value will be true, otherwise, it will be null.
    geo_replication_stats GeoReplicationStatsResponse
    Geo Replication Stats
    id str
    The provider-assigned unique ID for this managed resource.
    key_creation_time KeyCreationTimeResponse
    Storage account keys creation time.
    last_geo_failover_time str
    Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    name str
    The name of the resource
    primary_endpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.
    primary_location str
    Gets the location of the primary data center for the storage account.
    private_endpoint_connections Sequence[PrivateEndpointConnectionResponse]
    List of private endpoint connection associated with the specified storage account
    provisioning_state str
    Gets the status of the storage account at the time the operation was called.
    secondary_endpoints EndpointsResponse
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.
    secondary_location str
    Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    status_of_primary str
    Gets the status indicating whether the primary location of the storage account is available or unavailable.
    status_of_secondary str
    Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.
    type str
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    storage_account_sku_conversion_status StorageAccountSkuConversionStatusResponse
    This property is readOnly and is set by server during asynchronous storage account sku conversion operations.
    blobRestoreStatus Property Map
    Blob restore status
    creationTime String
    Gets the creation date and time of the storage account in UTC.
    failoverInProgress Boolean
    If the failover is in progress, the value will be true, otherwise, it will be null.
    geoReplicationStats Property Map
    Geo Replication Stats
    id String
    The provider-assigned unique ID for this managed resource.
    keyCreationTime Property Map
    Storage account keys creation time.
    lastGeoFailoverTime String
    Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    name String
    The name of the resource
    primaryEndpoints Property Map
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.
    primaryLocation String
    Gets the location of the primary data center for the storage account.
    privateEndpointConnections List<Property Map>
    List of private endpoint connection associated with the specified storage account
    provisioningState String
    Gets the status of the storage account at the time the operation was called.
    secondaryEndpoints Property Map
    Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.
    secondaryLocation String
    Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.
    statusOfPrimary String
    Gets the status indicating whether the primary location of the storage account is available or unavailable.
    statusOfSecondary String
    Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.
    type String
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    storageAccountSkuConversionStatus Property Map
    This property is readOnly and is set by server during asynchronous storage account sku conversion operations.

    Supporting Types

    AccessTier, AccessTierArgs

    Hot
    Hot
    Cool
    Cool
    Premium
    Premium
    AccessTierHot
    Hot
    AccessTierCool
    Cool
    AccessTierPremium
    Premium
    Hot
    Hot
    Cool
    Cool
    Premium
    Premium
    Hot
    Hot
    Cool
    Cool
    Premium
    Premium
    HOT
    Hot
    COOL
    Cool
    PREMIUM
    Premium
    "Hot"
    Hot
    "Cool"
    Cool
    "Premium"
    Premium

    AccountImmutabilityPolicyProperties, AccountImmutabilityPolicyPropertiesArgs

    AllowProtectedAppendWrites bool
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    ImmutabilityPeriodSinceCreationInDays int
    The immutability period for the blobs in the container since the policy creation, in days.
    State string | Pulumi.AzureNative.Storage.AccountImmutabilityPolicyState
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    AllowProtectedAppendWrites bool
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    ImmutabilityPeriodSinceCreationInDays int
    The immutability period for the blobs in the container since the policy creation, in days.
    State string | AccountImmutabilityPolicyState
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allowProtectedAppendWrites Boolean
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutabilityPeriodSinceCreationInDays Integer
    The immutability period for the blobs in the container since the policy creation, in days.
    state String | AccountImmutabilityPolicyState
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allowProtectedAppendWrites boolean
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutabilityPeriodSinceCreationInDays number
    The immutability period for the blobs in the container since the policy creation, in days.
    state string | AccountImmutabilityPolicyState
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allow_protected_append_writes bool
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutability_period_since_creation_in_days int
    The immutability period for the blobs in the container since the policy creation, in days.
    state str | AccountImmutabilityPolicyState
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allowProtectedAppendWrites Boolean
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutabilityPeriodSinceCreationInDays Number
    The immutability period for the blobs in the container since the policy creation, in days.
    state String | "Unlocked" | "Locked" | "Disabled"
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.

    AccountImmutabilityPolicyPropertiesResponse, AccountImmutabilityPolicyPropertiesResponseArgs

    AllowProtectedAppendWrites bool
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    ImmutabilityPeriodSinceCreationInDays int
    The immutability period for the blobs in the container since the policy creation, in days.
    State string
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    AllowProtectedAppendWrites bool
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    ImmutabilityPeriodSinceCreationInDays int
    The immutability period for the blobs in the container since the policy creation, in days.
    State string
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allowProtectedAppendWrites Boolean
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutabilityPeriodSinceCreationInDays Integer
    The immutability period for the blobs in the container since the policy creation, in days.
    state String
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allowProtectedAppendWrites boolean
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutabilityPeriodSinceCreationInDays number
    The immutability period for the blobs in the container since the policy creation, in days.
    state string
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allow_protected_append_writes bool
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutability_period_since_creation_in_days int
    The immutability period for the blobs in the container since the policy creation, in days.
    state str
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
    allowProtectedAppendWrites Boolean
    This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
    immutabilityPeriodSinceCreationInDays Number
    The immutability period for the blobs in the container since the policy creation, in days.
    state String
    The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.

    AccountImmutabilityPolicyState, AccountImmutabilityPolicyStateArgs

    Unlocked
    Unlocked
    Locked
    Locked
    Disabled
    Disabled
    AccountImmutabilityPolicyStateUnlocked
    Unlocked
    AccountImmutabilityPolicyStateLocked
    Locked
    AccountImmutabilityPolicyStateDisabled
    Disabled
    Unlocked
    Unlocked
    Locked
    Locked
    Disabled
    Disabled
    Unlocked
    Unlocked
    Locked
    Locked
    Disabled
    Disabled
    UNLOCKED
    Unlocked
    LOCKED
    Locked
    DISABLED
    Disabled
    "Unlocked"
    Unlocked
    "Locked"
    Locked
    "Disabled"
    Disabled

    AccountType, AccountTypeArgs

    User
    User
    Computer
    Computer
    AccountTypeUser
    User
    AccountTypeComputer
    Computer
    User
    User
    Computer
    Computer
    User
    User
    Computer
    Computer
    USER
    User
    COMPUTER
    Computer
    "User"
    User
    "Computer"
    Computer

    Action, ActionArgs

    Allow
    Allow
    ActionAllow
    Allow
    Allow
    Allow
    Allow
    Allow
    ALLOW
    Allow
    "Allow"
    Allow

    ActiveDirectoryProperties, ActiveDirectoryPropertiesArgs

    DomainGuid string
    Specifies the domain GUID.
    DomainName string
    Specifies the primary domain that the AD DNS server is authoritative for.
    AccountType string | Pulumi.AzureNative.Storage.AccountType
    Specifies the Active Directory account type for Azure Storage.
    AzureStorageSid string
    Specifies the security identifier (SID) for Azure Storage.
    DomainSid string
    Specifies the security identifier (SID).
    ForestName string
    Specifies the Active Directory forest to get.
    NetBiosDomainName string
    Specifies the NetBIOS domain name.
    SamAccountName string
    Specifies the Active Directory SAMAccountName for Azure Storage.
    DomainGuid string
    Specifies the domain GUID.
    DomainName string
    Specifies the primary domain that the AD DNS server is authoritative for.
    AccountType string | AccountType
    Specifies the Active Directory account type for Azure Storage.
    AzureStorageSid string
    Specifies the security identifier (SID) for Azure Storage.
    DomainSid string
    Specifies the security identifier (SID).
    ForestName string
    Specifies the Active Directory forest to get.
    NetBiosDomainName string
    Specifies the NetBIOS domain name.
    SamAccountName string
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domainGuid String
    Specifies the domain GUID.
    domainName String
    Specifies the primary domain that the AD DNS server is authoritative for.
    accountType String | AccountType
    Specifies the Active Directory account type for Azure Storage.
    azureStorageSid String
    Specifies the security identifier (SID) for Azure Storage.
    domainSid String
    Specifies the security identifier (SID).
    forestName String
    Specifies the Active Directory forest to get.
    netBiosDomainName String
    Specifies the NetBIOS domain name.
    samAccountName String
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domainGuid string
    Specifies the domain GUID.
    domainName string
    Specifies the primary domain that the AD DNS server is authoritative for.
    accountType string | AccountType
    Specifies the Active Directory account type for Azure Storage.
    azureStorageSid string
    Specifies the security identifier (SID) for Azure Storage.
    domainSid string
    Specifies the security identifier (SID).
    forestName string
    Specifies the Active Directory forest to get.
    netBiosDomainName string
    Specifies the NetBIOS domain name.
    samAccountName string
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domain_guid str
    Specifies the domain GUID.
    domain_name str
    Specifies the primary domain that the AD DNS server is authoritative for.
    account_type str | AccountType
    Specifies the Active Directory account type for Azure Storage.
    azure_storage_sid str
    Specifies the security identifier (SID) for Azure Storage.
    domain_sid str
    Specifies the security identifier (SID).
    forest_name str
    Specifies the Active Directory forest to get.
    net_bios_domain_name str
    Specifies the NetBIOS domain name.
    sam_account_name str
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domainGuid String
    Specifies the domain GUID.
    domainName String
    Specifies the primary domain that the AD DNS server is authoritative for.
    accountType String | "User" | "Computer"
    Specifies the Active Directory account type for Azure Storage.
    azureStorageSid String
    Specifies the security identifier (SID) for Azure Storage.
    domainSid String
    Specifies the security identifier (SID).
    forestName String
    Specifies the Active Directory forest to get.
    netBiosDomainName String
    Specifies the NetBIOS domain name.
    samAccountName String
    Specifies the Active Directory SAMAccountName for Azure Storage.

    ActiveDirectoryPropertiesResponse, ActiveDirectoryPropertiesResponseArgs

    DomainGuid string
    Specifies the domain GUID.
    DomainName string
    Specifies the primary domain that the AD DNS server is authoritative for.
    AccountType string
    Specifies the Active Directory account type for Azure Storage.
    AzureStorageSid string
    Specifies the security identifier (SID) for Azure Storage.
    DomainSid string
    Specifies the security identifier (SID).
    ForestName string
    Specifies the Active Directory forest to get.
    NetBiosDomainName string
    Specifies the NetBIOS domain name.
    SamAccountName string
    Specifies the Active Directory SAMAccountName for Azure Storage.
    DomainGuid string
    Specifies the domain GUID.
    DomainName string
    Specifies the primary domain that the AD DNS server is authoritative for.
    AccountType string
    Specifies the Active Directory account type for Azure Storage.
    AzureStorageSid string
    Specifies the security identifier (SID) for Azure Storage.
    DomainSid string
    Specifies the security identifier (SID).
    ForestName string
    Specifies the Active Directory forest to get.
    NetBiosDomainName string
    Specifies the NetBIOS domain name.
    SamAccountName string
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domainGuid String
    Specifies the domain GUID.
    domainName String
    Specifies the primary domain that the AD DNS server is authoritative for.
    accountType String
    Specifies the Active Directory account type for Azure Storage.
    azureStorageSid String
    Specifies the security identifier (SID) for Azure Storage.
    domainSid String
    Specifies the security identifier (SID).
    forestName String
    Specifies the Active Directory forest to get.
    netBiosDomainName String
    Specifies the NetBIOS domain name.
    samAccountName String
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domainGuid string
    Specifies the domain GUID.
    domainName string
    Specifies the primary domain that the AD DNS server is authoritative for.
    accountType string
    Specifies the Active Directory account type for Azure Storage.
    azureStorageSid string
    Specifies the security identifier (SID) for Azure Storage.
    domainSid string
    Specifies the security identifier (SID).
    forestName string
    Specifies the Active Directory forest to get.
    netBiosDomainName string
    Specifies the NetBIOS domain name.
    samAccountName string
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domain_guid str
    Specifies the domain GUID.
    domain_name str
    Specifies the primary domain that the AD DNS server is authoritative for.
    account_type str
    Specifies the Active Directory account type for Azure Storage.
    azure_storage_sid str
    Specifies the security identifier (SID) for Azure Storage.
    domain_sid str
    Specifies the security identifier (SID).
    forest_name str
    Specifies the Active Directory forest to get.
    net_bios_domain_name str
    Specifies the NetBIOS domain name.
    sam_account_name str
    Specifies the Active Directory SAMAccountName for Azure Storage.
    domainGuid String
    Specifies the domain GUID.
    domainName String
    Specifies the primary domain that the AD DNS server is authoritative for.
    accountType String
    Specifies the Active Directory account type for Azure Storage.
    azureStorageSid String
    Specifies the security identifier (SID) for Azure Storage.
    domainSid String
    Specifies the security identifier (SID).
    forestName String
    Specifies the Active Directory forest to get.
    netBiosDomainName String
    Specifies the NetBIOS domain name.
    samAccountName String
    Specifies the Active Directory SAMAccountName for Azure Storage.

    AllowedCopyScope, AllowedCopyScopeArgs

    PrivateLink
    PrivateLink
    AAD
    AAD
    AllowedCopyScopePrivateLink
    PrivateLink
    AllowedCopyScopeAAD
    AAD
    PrivateLink
    PrivateLink
    AAD
    AAD
    PrivateLink
    PrivateLink
    AAD
    AAD
    PRIVATE_LINK
    PrivateLink
    AAD
    AAD
    "PrivateLink"
    PrivateLink
    "AAD"
    AAD

    AzureFilesIdentityBasedAuthentication, AzureFilesIdentityBasedAuthenticationArgs

    DirectoryServiceOptions string | Pulumi.AzureNative.Storage.DirectoryServiceOptions
    Indicates the directory service used. Note that this enum may be extended in the future.
    ActiveDirectoryProperties Pulumi.AzureNative.Storage.Inputs.ActiveDirectoryProperties
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    DefaultSharePermission string | Pulumi.AzureNative.Storage.DefaultSharePermission
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    DirectoryServiceOptions string | DirectoryServiceOptions
    Indicates the directory service used. Note that this enum may be extended in the future.
    ActiveDirectoryProperties ActiveDirectoryProperties
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    DefaultSharePermission string | DefaultSharePermission
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directoryServiceOptions String | DirectoryServiceOptions
    Indicates the directory service used. Note that this enum may be extended in the future.
    activeDirectoryProperties ActiveDirectoryProperties
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    defaultSharePermission String | DefaultSharePermission
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directoryServiceOptions string | DirectoryServiceOptions
    Indicates the directory service used. Note that this enum may be extended in the future.
    activeDirectoryProperties ActiveDirectoryProperties
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    defaultSharePermission string | DefaultSharePermission
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directory_service_options str | DirectoryServiceOptions
    Indicates the directory service used. Note that this enum may be extended in the future.
    active_directory_properties ActiveDirectoryProperties
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    default_share_permission str | DefaultSharePermission
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directoryServiceOptions String | "None" | "AADDS" | "AD" | "AADKERB"
    Indicates the directory service used. Note that this enum may be extended in the future.
    activeDirectoryProperties Property Map
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    defaultSharePermission String | "None" | "StorageFileDataSmbShareReader" | "StorageFileDataSmbShareContributor" | "StorageFileDataSmbShareElevatedContributor"
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.

    AzureFilesIdentityBasedAuthenticationResponse, AzureFilesIdentityBasedAuthenticationResponseArgs

    DirectoryServiceOptions string
    Indicates the directory service used. Note that this enum may be extended in the future.
    ActiveDirectoryProperties Pulumi.AzureNative.Storage.Inputs.ActiveDirectoryPropertiesResponse
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    DefaultSharePermission string
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    DirectoryServiceOptions string
    Indicates the directory service used. Note that this enum may be extended in the future.
    ActiveDirectoryProperties ActiveDirectoryPropertiesResponse
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    DefaultSharePermission string
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directoryServiceOptions String
    Indicates the directory service used. Note that this enum may be extended in the future.
    activeDirectoryProperties ActiveDirectoryPropertiesResponse
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    defaultSharePermission String
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directoryServiceOptions string
    Indicates the directory service used. Note that this enum may be extended in the future.
    activeDirectoryProperties ActiveDirectoryPropertiesResponse
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    defaultSharePermission string
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directory_service_options str
    Indicates the directory service used. Note that this enum may be extended in the future.
    active_directory_properties ActiveDirectoryPropertiesResponse
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    default_share_permission str
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.
    directoryServiceOptions String
    Indicates the directory service used. Note that this enum may be extended in the future.
    activeDirectoryProperties Property Map
    Required if directoryServiceOptions are AD, optional if they are AADKERB.
    defaultSharePermission String
    Default share permission for users using Kerberos authentication if RBAC role is not assigned.

    BlobRestoreParametersResponse, BlobRestoreParametersResponseArgs

    BlobRanges List<Pulumi.AzureNative.Storage.Inputs.BlobRestoreRangeResponse>
    Blob ranges to restore.
    TimeToRestore string
    Restore blob to the specified time.
    BlobRanges []BlobRestoreRangeResponse
    Blob ranges to restore.
    TimeToRestore string
    Restore blob to the specified time.
    blobRanges List<BlobRestoreRangeResponse>
    Blob ranges to restore.
    timeToRestore String
    Restore blob to the specified time.
    blobRanges BlobRestoreRangeResponse[]
    Blob ranges to restore.
    timeToRestore string
    Restore blob to the specified time.
    blob_ranges Sequence[BlobRestoreRangeResponse]
    Blob ranges to restore.
    time_to_restore str
    Restore blob to the specified time.
    blobRanges List<Property Map>
    Blob ranges to restore.
    timeToRestore String
    Restore blob to the specified time.

    BlobRestoreRangeResponse, BlobRestoreRangeResponseArgs

    EndRange string
    Blob end range. This is exclusive. Empty means account end.
    StartRange string
    Blob start range. This is inclusive. Empty means account start.
    EndRange string
    Blob end range. This is exclusive. Empty means account end.
    StartRange string
    Blob start range. This is inclusive. Empty means account start.
    endRange String
    Blob end range. This is exclusive. Empty means account end.
    startRange String
    Blob start range. This is inclusive. Empty means account start.
    endRange string
    Blob end range. This is exclusive. Empty means account end.
    startRange string
    Blob start range. This is inclusive. Empty means account start.
    end_range str
    Blob end range. This is exclusive. Empty means account end.
    start_range str
    Blob start range. This is inclusive. Empty means account start.
    endRange String
    Blob end range. This is exclusive. Empty means account end.
    startRange String
    Blob start range. This is inclusive. Empty means account start.

    BlobRestoreStatusResponse, BlobRestoreStatusResponseArgs

    FailureReason string
    Failure reason when blob restore is failed.
    Parameters Pulumi.AzureNative.Storage.Inputs.BlobRestoreParametersResponse
    Blob restore request parameters.
    RestoreId string
    Id for tracking blob restore request.
    Status string
    The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.
    FailureReason string
    Failure reason when blob restore is failed.
    Parameters BlobRestoreParametersResponse
    Blob restore request parameters.
    RestoreId string
    Id for tracking blob restore request.
    Status string
    The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.
    failureReason String
    Failure reason when blob restore is failed.
    parameters BlobRestoreParametersResponse
    Blob restore request parameters.
    restoreId String
    Id for tracking blob restore request.
    status String
    The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.
    failureReason string
    Failure reason when blob restore is failed.
    parameters BlobRestoreParametersResponse
    Blob restore request parameters.
    restoreId string
    Id for tracking blob restore request.
    status string
    The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.
    failure_reason str
    Failure reason when blob restore is failed.
    parameters BlobRestoreParametersResponse
    Blob restore request parameters.
    restore_id str
    Id for tracking blob restore request.
    status str
    The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.
    failureReason String
    Failure reason when blob restore is failed.
    parameters Property Map
    Blob restore request parameters.
    restoreId String
    Id for tracking blob restore request.
    status String
    The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.

    Bypass, BypassArgs

    None
    None
    Logging
    Logging
    Metrics
    Metrics
    AzureServices
    AzureServices
    BypassNone
    None
    BypassLogging
    Logging
    BypassMetrics
    Metrics
    BypassAzureServices
    AzureServices
    None
    None
    Logging
    Logging
    Metrics
    Metrics
    AzureServices
    AzureServices
    None
    None
    Logging
    Logging
    Metrics
    Metrics
    AzureServices
    AzureServices
    NONE
    None
    LOGGING
    Logging
    METRICS
    Metrics
    AZURE_SERVICES
    AzureServices
    "None"
    None
    "Logging"
    Logging
    "Metrics"
    Metrics
    "AzureServices"
    AzureServices

    CustomDomain, CustomDomainArgs

    Name string
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    UseSubDomainName bool
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    Name string
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    UseSubDomainName bool
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name String
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    useSubDomainName Boolean
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name string
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    useSubDomainName boolean
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name str
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    use_sub_domain_name bool
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name String
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    useSubDomainName Boolean
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.

    CustomDomainResponse, CustomDomainResponseArgs

    Name string
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    UseSubDomainName bool
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    Name string
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    UseSubDomainName bool
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name String
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    useSubDomainName Boolean
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name string
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    useSubDomainName boolean
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name str
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    use_sub_domain_name bool
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.
    name String
    Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.
    useSubDomainName Boolean
    Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.

    DefaultAction, DefaultActionArgs

    Allow
    Allow
    Deny
    Deny
    DefaultActionAllow
    Allow
    DefaultActionDeny
    Deny
    Allow
    Allow
    Deny
    Deny
    Allow
    Allow
    Deny
    Deny
    ALLOW
    Allow
    DENY
    Deny
    "Allow"
    Allow
    "Deny"
    Deny

    DefaultSharePermission, DefaultSharePermissionArgs

    None
    None
    StorageFileDataSmbShareReader
    StorageFileDataSmbShareReader
    StorageFileDataSmbShareContributor
    StorageFileDataSmbShareContributor
    StorageFileDataSmbShareElevatedContributor
    StorageFileDataSmbShareElevatedContributor
    DefaultSharePermissionNone
    None
    DefaultSharePermissionStorageFileDataSmbShareReader
    StorageFileDataSmbShareReader
    DefaultSharePermissionStorageFileDataSmbShareContributor
    StorageFileDataSmbShareContributor
    DefaultSharePermissionStorageFileDataSmbShareElevatedContributor
    StorageFileDataSmbShareElevatedContributor
    None
    None
    StorageFileDataSmbShareReader
    StorageFileDataSmbShareReader
    StorageFileDataSmbShareContributor
    StorageFileDataSmbShareContributor
    StorageFileDataSmbShareElevatedContributor
    StorageFileDataSmbShareElevatedContributor
    None
    None
    StorageFileDataSmbShareReader
    StorageFileDataSmbShareReader
    StorageFileDataSmbShareContributor
    StorageFileDataSmbShareContributor
    StorageFileDataSmbShareElevatedContributor
    StorageFileDataSmbShareElevatedContributor
    NONE
    None
    STORAGE_FILE_DATA_SMB_SHARE_READER
    StorageFileDataSmbShareReader
    STORAGE_FILE_DATA_SMB_SHARE_CONTRIBUTOR
    StorageFileDataSmbShareContributor
    STORAGE_FILE_DATA_SMB_SHARE_ELEVATED_CONTRIBUTOR
    StorageFileDataSmbShareElevatedContributor
    "None"
    None
    "StorageFileDataSmbShareReader"
    StorageFileDataSmbShareReader
    "StorageFileDataSmbShareContributor"
    StorageFileDataSmbShareContributor
    "StorageFileDataSmbShareElevatedContributor"
    StorageFileDataSmbShareElevatedContributor

    DirectoryServiceOptions, DirectoryServiceOptionsArgs

    None
    None
    AADDS
    AADDS
    AD
    AD
    AADKERB
    AADKERB
    DirectoryServiceOptionsNone
    None
    DirectoryServiceOptionsAADDS
    AADDS
    DirectoryServiceOptionsAD
    AD
    DirectoryServiceOptionsAADKERB
    AADKERB
    None
    None
    AADDS
    AADDS
    AD
    AD
    AADKERB
    AADKERB
    None
    None
    AADDS
    AADDS
    AD
    AD
    AADKERB
    AADKERB
    NONE
    None
    AADDS
    AADDS
    AD
    AD
    AADKERB
    AADKERB
    "None"
    None
    "AADDS"
    AADDS
    "AD"
    AD
    "AADKERB"
    AADKERB

    DnsEndpointType, DnsEndpointTypeArgs

    Standard
    Standard
    AzureDnsZone
    AzureDnsZone
    DnsEndpointTypeStandard
    Standard
    DnsEndpointTypeAzureDnsZone
    AzureDnsZone
    Standard
    Standard
    AzureDnsZone
    AzureDnsZone
    Standard
    Standard
    AzureDnsZone
    AzureDnsZone
    STANDARD
    Standard
    AZURE_DNS_ZONE
    AzureDnsZone
    "Standard"
    Standard
    "AzureDnsZone"
    AzureDnsZone

    Encryption, EncryptionArgs

    EncryptionIdentity Pulumi.AzureNative.Storage.Inputs.EncryptionIdentity
    The identity to be used with service-side encryption at rest.
    KeySource string | Pulumi.AzureNative.Storage.KeySource
    The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault
    KeyVaultProperties Pulumi.AzureNative.Storage.Inputs.KeyVaultProperties
    Properties provided by key vault.
    RequireInfrastructureEncryption bool
    A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest.
    Services Pulumi.AzureNative.Storage.Inputs.EncryptionServices
    List of services which support encryption.
    EncryptionIdentity EncryptionIdentity
    The identity to be used with service-side encryption at rest.
    KeySource string | KeySource
    The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault
    KeyVaultProperties KeyVaultProperties
    Properties provided by key vault.
    RequireInfrastructureEncryption bool
    A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest.
    Services EncryptionServices
    List of services which support encryption.
    encryptionIdentity EncryptionIdentity
    The identity to be used with service-side encryption at rest.
    keySource String | KeySource
    The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault
    keyVaultProperties KeyVaultProperties
    Properties provided by key vault.
    requireI