Azure v6.22.1, May 12 25

We recommend using Azure Native.

Azure v6.22.1 published on Monday, May 12, 2025 by Pulumi

pulumi/pulumi-azure

azure.storage.Account

Explore with Pulumi AI

We recommend using Azure Native.

Azure v6.22.1 published on Monday, May 12, 2025 by Pulumi

pulumi/pulumi-azure

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = new azure.core.ResourceGroup("example", {
    name: "example-resources",
    location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
    name: "storageaccountname",
    resourceGroupName: example.name,
    location: example.location,
    accountTier: "Standard",
    accountReplicationType: "GRS",
    tags: {
        environment: "staging",
    },
});

import pulumi
import pulumi_azure as azure

example = azure.core.ResourceGroup("example",
    name="example-resources",
    location="West Europe")
example_account = azure.storage.Account("example",
    name="storageaccountname",
    resource_group_name=example.name,
    location=example.location,
    account_tier="Standard",
    account_replication_type="GRS",
    tags={
        "environment": "staging",
    })

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Name:     pulumi.String("example-resources"),
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
			Name:                   pulumi.String("storageaccountname"),
			ResourceGroupName:      example.Name,
			Location:               example.Location,
			AccountTier:            pulumi.String("Standard"),
			AccountReplicationType: pulumi.String("GRS"),
			Tags: pulumi.StringMap{
				"environment": pulumi.String("staging"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Name = "example-resources",
        Location = "West Europe",
    });

    var exampleAccount = new Azure.Storage.Account("example", new()
    {
        Name = "storageaccountname",
        ResourceGroupName = example.Name,
        Location = example.Location,
        AccountTier = "Standard",
        AccountReplicationType = "GRS",
        Tags = 
        {
            { "environment", "staging" },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("example-resources")
            .location("West Europe")
            .build());

        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .name("storageaccountname")
            .resourceGroupName(example.name())
            .location(example.location())
            .accountTier("Standard")
            .accountReplicationType("GRS")
            .tags(Map.of("environment", "staging"))
            .build());

    }
}

resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: example-resources
      location: West Europe
  exampleAccount:
    type: azure:storage:Account
    name: example
    properties:
      name: storageaccountname
      resourceGroupName: ${example.name}
      location: ${example.location}
      accountTier: Standard
      accountReplicationType: GRS
      tags:
        environment: staging

With Network Rules

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = new azure.core.ResourceGroup("example", {
    name: "example-resources",
    location: "West Europe",
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
    name: "virtnetname",
    addressSpaces: ["10.0.0.0/16"],
    location: example.location,
    resourceGroupName: example.name,
});
const exampleSubnet = new azure.network.Subnet("example", {
    name: "subnetname",
    resourceGroupName: example.name,
    virtualNetworkName: exampleVirtualNetwork.name,
    addressPrefixes: ["10.0.2.0/24"],
    serviceEndpoints: [
        "Microsoft.Sql",
        "Microsoft.Storage",
    ],
});
const exampleAccount = new azure.storage.Account("example", {
    name: "storageaccountname",
    resourceGroupName: example.name,
    location: example.location,
    accountTier: "Standard",
    accountReplicationType: "LRS",
    networkRules: {
        defaultAction: "Deny",
        ipRules: ["100.0.0.1"],
        virtualNetworkSubnetIds: [exampleSubnet.id],
    },
    tags: {
        environment: "staging",
    },
});

import pulumi
import pulumi_azure as azure

example = azure.core.ResourceGroup("example",
    name="example-resources",
    location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("example",
    name="virtnetname",
    address_spaces=["10.0.0.0/16"],
    location=example.location,
    resource_group_name=example.name)
example_subnet = azure.network.Subnet("example",
    name="subnetname",
    resource_group_name=example.name,
    virtual_network_name=example_virtual_network.name,
    address_prefixes=["10.0.2.0/24"],
    service_endpoints=[
        "Microsoft.Sql",
        "Microsoft.Storage",
    ])
example_account = azure.storage.Account("example",
    name="storageaccountname",
    resource_group_name=example.name,
    location=example.location,
    account_tier="Standard",
    account_replication_type="LRS",
    network_rules={
        "default_action": "Deny",
        "ip_rules": ["100.0.0.1"],
        "virtual_network_subnet_ids": [example_subnet.id],
    },
    tags={
        "environment": "staging",
    })

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Name:     pulumi.String("example-resources"),
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
			Name: pulumi.String("virtnetname"),
			AddressSpaces: pulumi.StringArray{
				pulumi.String("10.0.0.0/16"),
			},
			Location:          example.Location,
			ResourceGroupName: example.Name,
		})
		if err != nil {
			return err
		}
		exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
			Name:               pulumi.String("subnetname"),
			ResourceGroupName:  example.Name,
			VirtualNetworkName: exampleVirtualNetwork.Name,
			AddressPrefixes: pulumi.StringArray{
				pulumi.String("10.0.2.0/24"),
			},
			ServiceEndpoints: pulumi.StringArray{
				pulumi.String("Microsoft.Sql"),
				pulumi.String("Microsoft.Storage"),
			},
		})
		if err != nil {
			return err
		}
		_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
			Name:                   pulumi.String("storageaccountname"),
			ResourceGroupName:      example.Name,
			Location:               example.Location,
			AccountTier:            pulumi.String("Standard"),
			AccountReplicationType: pulumi.String("LRS"),
			NetworkRules: &storage.AccountNetworkRulesTypeArgs{
				DefaultAction: pulumi.String("Deny"),
				IpRules: pulumi.StringArray{
					pulumi.String("100.0.0.1"),
				},
				VirtualNetworkSubnetIds: pulumi.StringArray{
					exampleSubnet.ID(),
				},
			},
			Tags: pulumi.StringMap{
				"environment": pulumi.String("staging"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Name = "example-resources",
        Location = "West Europe",
    });

    var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
    {
        Name = "virtnetname",
        AddressSpaces = new[]
        {
            "10.0.0.0/16",
        },
        Location = example.Location,
        ResourceGroupName = example.Name,
    });

    var exampleSubnet = new Azure.Network.Subnet("example", new()
    {
        Name = "subnetname",
        ResourceGroupName = example.Name,
        VirtualNetworkName = exampleVirtualNetwork.Name,
        AddressPrefixes = new[]
        {
            "10.0.2.0/24",
        },
        ServiceEndpoints = new[]
        {
            "Microsoft.Sql",
            "Microsoft.Storage",
        },
    });

    var exampleAccount = new Azure.Storage.Account("example", new()
    {
        Name = "storageaccountname",
        ResourceGroupName = example.Name,
        Location = example.Location,
        AccountTier = "Standard",
        AccountReplicationType = "LRS",
        NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs
        {
            DefaultAction = "Deny",
            IpRules = new[]
            {
                "100.0.0.1",
            },
            VirtualNetworkSubnetIds = new[]
            {
                exampleSubnet.Id,
            },
        },
        Tags = 
        {
            { "environment", "staging" },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.inputs.AccountNetworkRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("example-resources")
            .location("West Europe")
            .build());

        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .name("virtnetname")
            .addressSpaces("10.0.0.0/16")
            .location(example.location())
            .resourceGroupName(example.name())
            .build());

        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .name("subnetname")
            .resourceGroupName(example.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.2.0/24")
            .serviceEndpoints(            
                "Microsoft.Sql",
                "Microsoft.Storage")
            .build());

        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .name("storageaccountname")
            .resourceGroupName(example.name())
            .location(example.location())
            .accountTier("Standard")
            .accountReplicationType("LRS")
            .networkRules(AccountNetworkRulesArgs.builder()
                .defaultAction("Deny")
                .ipRules("100.0.0.1")
                .virtualNetworkSubnetIds(exampleSubnet.id())
                .build())
            .tags(Map.of("environment", "staging"))
            .build());

    }
}

resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: example-resources
      location: West Europe
  exampleVirtualNetwork:
    type: azure:network:VirtualNetwork
    name: example
    properties:
      name: virtnetname
      addressSpaces:
        - 10.0.0.0/16
      location: ${example.location}
      resourceGroupName: ${example.name}
  exampleSubnet:
    type: azure:network:Subnet
    name: example
    properties:
      name: subnetname
      resourceGroupName: ${example.name}
      virtualNetworkName: ${exampleVirtualNetwork.name}
      addressPrefixes:
        - 10.0.2.0/24
      serviceEndpoints:
        - Microsoft.Sql
        - Microsoft.Storage
  exampleAccount:
    type: azure:storage:Account
    name: example
    properties:
      name: storageaccountname
      resourceGroupName: ${example.name}
      location: ${example.location}
      accountTier: Standard
      accountReplicationType: LRS
      networkRules:
        defaultAction: Deny
        ipRules:
          - 100.0.0.1
        virtualNetworkSubnetIds:
          - ${exampleSubnet.id}
      tags:
        environment: staging

Create Account Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Account(name: string, args: AccountArgs, opts?: CustomResourceOptions);

@overload
def Account(resource_name: str,
            args: AccountArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def Account(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            account_tier: Optional[str] = None,
            resource_group_name: Optional[str] = None,
            account_replication_type: Optional[str] = None,
            is_hns_enabled: Optional[bool] = None,
            local_user_enabled: Optional[bool] = None,
            allowed_copy_scope: Optional[str] = None,
            azure_files_authentication: Optional[AccountAzureFilesAuthenticationArgs] = None,
            blob_properties: Optional[AccountBlobPropertiesArgs] = None,
            cross_tenant_replication_enabled: Optional[bool] = None,
            custom_domain: Optional[AccountCustomDomainArgs] = None,
            customer_managed_key: Optional[AccountCustomerManagedKeyArgs] = None,
            default_to_oauth_authentication: Optional[bool] = None,
            dns_endpoint_type: Optional[str] = None,
            edge_zone: Optional[str] = None,
            https_traffic_only_enabled: Optional[bool] = None,
            identity: Optional[AccountIdentityArgs] = None,
            immutability_policy: Optional[AccountImmutabilityPolicyArgs] = None,
            infrastructure_encryption_enabled: Optional[bool] = None,
            access_tier: Optional[str] = None,
            allow_nested_items_to_be_public: Optional[bool] = None,
            large_file_share_enabled: Optional[bool] = None,
            location: Optional[str] = None,
            min_tls_version: Optional[str] = None,
            name: Optional[str] = None,
            network_rules: Optional[AccountNetworkRulesArgs] = None,
            nfsv3_enabled: Optional[bool] = None,
            public_network_access_enabled: Optional[bool] = None,
            queue_encryption_key_type: Optional[str] = None,
            queue_properties: Optional[AccountQueuePropertiesArgs] = None,
            account_kind: Optional[str] = None,
            routing: Optional[AccountRoutingArgs] = None,
            sas_policy: Optional[AccountSasPolicyArgs] = None,
            sftp_enabled: Optional[bool] = None,
            share_properties: Optional[AccountSharePropertiesArgs] = None,
            shared_access_key_enabled: Optional[bool] = None,
            static_website: Optional[AccountStaticWebsiteArgs] = None,
            table_encryption_key_type: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None)

func NewAccount(ctx *Context, name string, args AccountArgs, opts ...ResourceOption) (*Account, error)

public Account(string name, AccountArgs args, CustomResourceOptions? opts = null)

public Account(String name, AccountArgs args)
public Account(String name, AccountArgs args, CustomResourceOptions options)

type: azure:storage:Account
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AccountArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AccountArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AccountArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AccountArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AccountArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var exampleaccountResourceResourceFromStorageaccount = new Azure.Storage.Account("exampleaccountResourceResourceFromStorageaccount", new()
{
    AccountTier = "string",
    ResourceGroupName = "string",
    AccountReplicationType = "string",
    IsHnsEnabled = false,
    LocalUserEnabled = false,
    AllowedCopyScope = "string",
    AzureFilesAuthentication = new Azure.Storage.Inputs.AccountAzureFilesAuthenticationArgs
    {
        DirectoryType = "string",
        ActiveDirectory = new Azure.Storage.Inputs.AccountAzureFilesAuthenticationActiveDirectoryArgs
        {
            DomainGuid = "string",
            DomainName = "string",
            DomainSid = "string",
            ForestName = "string",
            NetbiosDomainName = "string",
            StorageSid = "string",
        },
        DefaultShareLevelPermission = "string",
    },
    BlobProperties = new Azure.Storage.Inputs.AccountBlobPropertiesArgs
    {
        ChangeFeedEnabled = false,
        ChangeFeedRetentionInDays = 0,
        ContainerDeleteRetentionPolicy = new Azure.Storage.Inputs.AccountBlobPropertiesContainerDeleteRetentionPolicyArgs
        {
            Days = 0,
        },
        CorsRules = new[]
        {
            new Azure.Storage.Inputs.AccountBlobPropertiesCorsRuleArgs
            {
                AllowedHeaders = new[]
                {
                    "string",
                },
                AllowedMethods = new[]
                {
                    "string",
                },
                AllowedOrigins = new[]
                {
                    "string",
                },
                ExposedHeaders = new[]
                {
                    "string",
                },
                MaxAgeInSeconds = 0,
            },
        },
        DefaultServiceVersion = "string",
        DeleteRetentionPolicy = new Azure.Storage.Inputs.AccountBlobPropertiesDeleteRetentionPolicyArgs
        {
            Days = 0,
            PermanentDeleteEnabled = false,
        },
        LastAccessTimeEnabled = false,
        RestorePolicy = new Azure.Storage.Inputs.AccountBlobPropertiesRestorePolicyArgs
        {
            Days = 0,
        },
        VersioningEnabled = false,
    },
    CrossTenantReplicationEnabled = false,
    CustomDomain = new Azure.Storage.Inputs.AccountCustomDomainArgs
    {
        Name = "string",
        UseSubdomain = false,
    },
    CustomerManagedKey = new Azure.Storage.Inputs.AccountCustomerManagedKeyArgs
    {
        UserAssignedIdentityId = "string",
        KeyVaultKeyId = "string",
        ManagedHsmKeyId = "string",
    },
    DefaultToOauthAuthentication = false,
    DnsEndpointType = "string",
    EdgeZone = "string",
    HttpsTrafficOnlyEnabled = false,
    Identity = new Azure.Storage.Inputs.AccountIdentityArgs
    {
        Type = "string",
        IdentityIds = new[]
        {
            "string",
        },
        PrincipalId = "string",
        TenantId = "string",
    },
    ImmutabilityPolicy = new Azure.Storage.Inputs.AccountImmutabilityPolicyArgs
    {
        AllowProtectedAppendWrites = false,
        PeriodSinceCreationInDays = 0,
        State = "string",
    },
    InfrastructureEncryptionEnabled = false,
    AccessTier = "string",
    AllowNestedItemsToBePublic = false,
    LargeFileShareEnabled = false,
    Location = "string",
    MinTlsVersion = "string",
    Name = "string",
    NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs
    {
        DefaultAction = "string",
        Bypasses = new[]
        {
            "string",
        },
        IpRules = new[]
        {
            "string",
        },
        PrivateLinkAccesses = new[]
        {
            new Azure.Storage.Inputs.AccountNetworkRulesPrivateLinkAccessArgs
            {
                EndpointResourceId = "string",
                EndpointTenantId = "string",
            },
        },
        VirtualNetworkSubnetIds = new[]
        {
            "string",
        },
    },
    Nfsv3Enabled = false,
    PublicNetworkAccessEnabled = false,
    QueueEncryptionKeyType = "string",
    AccountKind = "string",
    Routing = new Azure.Storage.Inputs.AccountRoutingArgs
    {
        Choice = "string",
        PublishInternetEndpoints = false,
        PublishMicrosoftEndpoints = false,
    },
    SasPolicy = new Azure.Storage.Inputs.AccountSasPolicyArgs
    {
        ExpirationPeriod = "string",
        ExpirationAction = "string",
    },
    SftpEnabled = false,
    ShareProperties = new Azure.Storage.Inputs.AccountSharePropertiesArgs
    {
        CorsRules = new[]
        {
            new Azure.Storage.Inputs.AccountSharePropertiesCorsRuleArgs
            {
                AllowedHeaders = new[]
                {
                    "string",
                },
                AllowedMethods = new[]
                {
                    "string",
                },
                AllowedOrigins = new[]
                {
                    "string",
                },
                ExposedHeaders = new[]
                {
                    "string",
                },
                MaxAgeInSeconds = 0,
            },
        },
        RetentionPolicy = new Azure.Storage.Inputs.AccountSharePropertiesRetentionPolicyArgs
        {
            Days = 0,
        },
        Smb = new Azure.Storage.Inputs.AccountSharePropertiesSmbArgs
        {
            AuthenticationTypes = new[]
            {
                "string",
            },
            ChannelEncryptionTypes = new[]
            {
                "string",
            },
            KerberosTicketEncryptionTypes = new[]
            {
                "string",
            },
            MultichannelEnabled = false,
            Versions = new[]
            {
                "string",
            },
        },
    },
    SharedAccessKeyEnabled = false,
    TableEncryptionKeyType = "string",
    Tags = 
    {
        { "string", "string" },
    },
});

example, err := storage.NewAccount(ctx, "exampleaccountResourceResourceFromStorageaccount", &storage.AccountArgs{
	AccountTier:            pulumi.String("string"),
	ResourceGroupName:      pulumi.String("string"),
	AccountReplicationType: pulumi.String("string"),
	IsHnsEnabled:           pulumi.Bool(false),
	LocalUserEnabled:       pulumi.Bool(false),
	AllowedCopyScope:       pulumi.String("string"),
	AzureFilesAuthentication: &storage.AccountAzureFilesAuthenticationArgs{
		DirectoryType: pulumi.String("string"),
		ActiveDirectory: &storage.AccountAzureFilesAuthenticationActiveDirectoryArgs{
			DomainGuid:        pulumi.String("string"),
			DomainName:        pulumi.String("string"),
			DomainSid:         pulumi.String("string"),
			ForestName:        pulumi.String("string"),
			NetbiosDomainName: pulumi.String("string"),
			StorageSid:        pulumi.String("string"),
		},
		DefaultShareLevelPermission: pulumi.String("string"),
	},
	BlobProperties: &storage.AccountBlobPropertiesArgs{
		ChangeFeedEnabled:         pulumi.Bool(false),
		ChangeFeedRetentionInDays: pulumi.Int(0),
		ContainerDeleteRetentionPolicy: &storage.AccountBlobPropertiesContainerDeleteRetentionPolicyArgs{
			Days: pulumi.Int(0),
		},
		CorsRules: storage.AccountBlobPropertiesCorsRuleArray{
			&storage.AccountBlobPropertiesCorsRuleArgs{
				AllowedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedMethods: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedOrigins: pulumi.StringArray{
					pulumi.String("string"),
				},
				ExposedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				MaxAgeInSeconds: pulumi.Int(0),
			},
		},
		DefaultServiceVersion: pulumi.String("string"),
		DeleteRetentionPolicy: &storage.AccountBlobPropertiesDeleteRetentionPolicyArgs{
			Days:                   pulumi.Int(0),
			PermanentDeleteEnabled: pulumi.Bool(false),
		},
		LastAccessTimeEnabled: pulumi.Bool(false),
		RestorePolicy: &storage.AccountBlobPropertiesRestorePolicyArgs{
			Days: pulumi.Int(0),
		},
		VersioningEnabled: pulumi.Bool(false),
	},
	CrossTenantReplicationEnabled: pulumi.Bool(false),
	CustomDomain: &storage.AccountCustomDomainArgs{
		Name:         pulumi.String("string"),
		UseSubdomain: pulumi.Bool(false),
	},
	CustomerManagedKey: &storage.AccountCustomerManagedKeyArgs{
		UserAssignedIdentityId: pulumi.String("string"),
		KeyVaultKeyId:          pulumi.String("string"),
		ManagedHsmKeyId:        pulumi.String("string"),
	},
	DefaultToOauthAuthentication: pulumi.Bool(false),
	DnsEndpointType:              pulumi.String("string"),
	EdgeZone:                     pulumi.String("string"),
	HttpsTrafficOnlyEnabled:      pulumi.Bool(false),
	Identity: &storage.AccountIdentityArgs{
		Type: pulumi.String("string"),
		IdentityIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		PrincipalId: pulumi.String("string"),
		TenantId:    pulumi.String("string"),
	},
	ImmutabilityPolicy: &storage.AccountImmutabilityPolicyArgs{
		AllowProtectedAppendWrites: pulumi.Bool(false),
		PeriodSinceCreationInDays:  pulumi.Int(0),
		State:                      pulumi.String("string"),
	},
	InfrastructureEncryptionEnabled: pulumi.Bool(false),
	AccessTier:                      pulumi.String("string"),
	AllowNestedItemsToBePublic:      pulumi.Bool(false),
	LargeFileShareEnabled:           pulumi.Bool(false),
	Location:                        pulumi.String("string"),
	MinTlsVersion:                   pulumi.String("string"),
	Name:                            pulumi.String("string"),
	NetworkRules: &storage.AccountNetworkRulesTypeArgs{
		DefaultAction: pulumi.String("string"),
		Bypasses: pulumi.StringArray{
			pulumi.String("string"),
		},
		IpRules: pulumi.StringArray{
			pulumi.String("string"),
		},
		PrivateLinkAccesses: storage.AccountNetworkRulesPrivateLinkAccessArray{
			&storage.AccountNetworkRulesPrivateLinkAccessArgs{
				EndpointResourceId: pulumi.String("string"),
				EndpointTenantId:   pulumi.String("string"),
			},
		},
		VirtualNetworkSubnetIds: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
	Nfsv3Enabled:               pulumi.Bool(false),
	PublicNetworkAccessEnabled: pulumi.Bool(false),
	QueueEncryptionKeyType:     pulumi.String("string"),
	AccountKind:                pulumi.String("string"),
	Routing: &storage.AccountRoutingArgs{
		Choice:                    pulumi.String("string"),
		PublishInternetEndpoints:  pulumi.Bool(false),
		PublishMicrosoftEndpoints: pulumi.Bool(false),
	},
	SasPolicy: &storage.AccountSasPolicyArgs{
		ExpirationPeriod: pulumi.String("string"),
		ExpirationAction: pulumi.String("string"),
	},
	SftpEnabled: pulumi.Bool(false),
	ShareProperties: &storage.AccountSharePropertiesArgs{
		CorsRules: storage.AccountSharePropertiesCorsRuleArray{
			&storage.AccountSharePropertiesCorsRuleArgs{
				AllowedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedMethods: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedOrigins: pulumi.StringArray{
					pulumi.String("string"),
				},
				ExposedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				MaxAgeInSeconds: pulumi.Int(0),
			},
		},
		RetentionPolicy: &storage.AccountSharePropertiesRetentionPolicyArgs{
			Days: pulumi.Int(0),
		},
		Smb: &storage.AccountSharePropertiesSmbArgs{
			AuthenticationTypes: pulumi.StringArray{
				pulumi.String("string"),
			},
			ChannelEncryptionTypes: pulumi.StringArray{
				pulumi.String("string"),
			},
			KerberosTicketEncryptionTypes: pulumi.StringArray{
				pulumi.String("string"),
			},
			MultichannelEnabled: pulumi.Bool(false),
			Versions: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
	},
	SharedAccessKeyEnabled: pulumi.Bool(false),
	TableEncryptionKeyType: pulumi.String("string"),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
})

var exampleaccountResourceResourceFromStorageaccount = new com.pulumi.azure.storage.Account("exampleaccountResourceResourceFromStorageaccount", com.pulumi.azure.storage.AccountArgs.builder()
    .accountTier("string")
    .resourceGroupName("string")
    .accountReplicationType("string")
    .isHnsEnabled(false)
    .localUserEnabled(false)
    .allowedCopyScope("string")
    .azureFilesAuthentication(AccountAzureFilesAuthenticationArgs.builder()
        .directoryType("string")
        .activeDirectory(AccountAzureFilesAuthenticationActiveDirectoryArgs.builder()
            .domainGuid("string")
            .domainName("string")
            .domainSid("string")
            .forestName("string")
            .netbiosDomainName("string")
            .storageSid("string")
            .build())
        .defaultShareLevelPermission("string")
        .build())
    .blobProperties(AccountBlobPropertiesArgs.builder()
        .changeFeedEnabled(false)
        .changeFeedRetentionInDays(0)
        .containerDeleteRetentionPolicy(AccountBlobPropertiesContainerDeleteRetentionPolicyArgs.builder()
            .days(0)
            .build())
        .corsRules(AccountBlobPropertiesCorsRuleArgs.builder()
            .allowedHeaders("string")
            .allowedMethods("string")
            .allowedOrigins("string")
            .exposedHeaders("string")
            .maxAgeInSeconds(0)
            .build())
        .defaultServiceVersion("string")
        .deleteRetentionPolicy(AccountBlobPropertiesDeleteRetentionPolicyArgs.builder()
            .days(0)
            .permanentDeleteEnabled(false)
            .build())
        .lastAccessTimeEnabled(false)
        .restorePolicy(AccountBlobPropertiesRestorePolicyArgs.builder()
            .days(0)
            .build())
        .versioningEnabled(false)
        .build())
    .crossTenantReplicationEnabled(false)
    .customDomain(AccountCustomDomainArgs.builder()
        .name("string")
        .useSubdomain(false)
        .build())
    .customerManagedKey(AccountCustomerManagedKeyArgs.builder()
        .userAssignedIdentityId("string")
        .keyVaultKeyId("string")
        .managedHsmKeyId("string")
        .build())
    .defaultToOauthAuthentication(false)
    .dnsEndpointType("string")
    .edgeZone("string")
    .httpsTrafficOnlyEnabled(false)
    .identity(AccountIdentityArgs.builder()
        .type("string")
        .identityIds("string")
        .principalId("string")
        .tenantId("string")
        .build())
    .immutabilityPolicy(AccountImmutabilityPolicyArgs.builder()
        .allowProtectedAppendWrites(false)
        .periodSinceCreationInDays(0)
        .state("string")
        .build())
    .infrastructureEncryptionEnabled(false)
    .accessTier("string")
    .allowNestedItemsToBePublic(false)
    .largeFileShareEnabled(false)
    .location("string")
    .minTlsVersion("string")
    .name("string")
    .networkRules(AccountNetworkRulesArgs.builder()
        .defaultAction("string")
        .bypasses("string")
        .ipRules("string")
        .privateLinkAccesses(AccountNetworkRulesPrivateLinkAccessArgs.builder()
            .endpointResourceId("string")
            .endpointTenantId("string")
            .build())
        .virtualNetworkSubnetIds("string")
        .build())
    .nfsv3Enabled(false)
    .publicNetworkAccessEnabled(false)
    .queueEncryptionKeyType("string")
    .accountKind("string")
    .routing(AccountRoutingArgs.builder()
        .choice("string")
        .publishInternetEndpoints(false)
        .publishMicrosoftEndpoints(false)
        .build())
    .sasPolicy(AccountSasPolicyArgs.builder()
        .expirationPeriod("string")
        .expirationAction("string")
        .build())
    .sftpEnabled(false)
    .shareProperties(AccountSharePropertiesArgs.builder()
        .corsRules(AccountSharePropertiesCorsRuleArgs.builder()
            .allowedHeaders("string")
            .allowedMethods("string")
            .allowedOrigins("string")
            .exposedHeaders("string")
            .maxAgeInSeconds(0)
            .build())
        .retentionPolicy(AccountSharePropertiesRetentionPolicyArgs.builder()
            .days(0)
            .build())
        .smb(AccountSharePropertiesSmbArgs.builder()
            .authenticationTypes("string")
            .channelEncryptionTypes("string")
            .kerberosTicketEncryptionTypes("string")
            .multichannelEnabled(false)
            .versions("string")
            .build())
        .build())
    .sharedAccessKeyEnabled(false)
    .tableEncryptionKeyType("string")
    .tags(Map.of("string", "string"))
    .build());

exampleaccount_resource_resource_from_storageaccount = azure.storage.Account("exampleaccountResourceResourceFromStorageaccount",
    account_tier="string",
    resource_group_name="string",
    account_replication_type="string",
    is_hns_enabled=False,
    local_user_enabled=False,
    allowed_copy_scope="string",
    azure_files_authentication={
        "directory_type": "string",
        "active_directory": {
            "domain_guid": "string",
            "domain_name": "string",
            "domain_sid": "string",
            "forest_name": "string",
            "netbios_domain_name": "string",
            "storage_sid": "string",
        },
        "default_share_level_permission": "string",
    },
    blob_properties={
        "change_feed_enabled": False,
        "change_feed_retention_in_days": 0,
        "container_delete_retention_policy": {
            "days": 0,
        },
        "cors_rules": [{
            "allowed_headers": ["string"],
            "allowed_methods": ["string"],
            "allowed_origins": ["string"],
            "exposed_headers": ["string"],
            "max_age_in_seconds": 0,
        }],
        "default_service_version": "string",
        "delete_retention_policy": {
            "days": 0,
            "permanent_delete_enabled": False,
        },
        "last_access_time_enabled": False,
        "restore_policy": {
            "days": 0,
        },
        "versioning_enabled": False,
    },
    cross_tenant_replication_enabled=False,
    custom_domain={
        "name": "string",
        "use_subdomain": False,
    },
    customer_managed_key={
        "user_assigned_identity_id": "string",
        "key_vault_key_id": "string",
        "managed_hsm_key_id": "string",
    },
    default_to_oauth_authentication=False,
    dns_endpoint_type="string",
    edge_zone="string",
    https_traffic_only_enabled=False,
    identity={
        "type": "string",
        "identity_ids": ["string"],
        "principal_id": "string",
        "tenant_id": "string",
    },
    immutability_policy={
        "allow_protected_append_writes": False,
        "period_since_creation_in_days": 0,
        "state": "string",
    },
    infrastructure_encryption_enabled=False,
    access_tier="string",
    allow_nested_items_to_be_public=False,
    large_file_share_enabled=False,
    location="string",
    min_tls_version="string",
    name="string",
    network_rules={
        "default_action": "string",
        "bypasses": ["string"],
        "ip_rules": ["string"],
        "private_link_accesses": [{
            "endpoint_resource_id": "string",
            "endpoint_tenant_id": "string",
        }],
        "virtual_network_subnet_ids": ["string"],
    },
    nfsv3_enabled=False,
    public_network_access_enabled=False,
    queue_encryption_key_type="string",
    account_kind="string",
    routing={
        "choice": "string",
        "publish_internet_endpoints": False,
        "publish_microsoft_endpoints": False,
    },
    sas_policy={
        "expiration_period": "string",
        "expiration_action": "string",
    },
    sftp_enabled=False,
    share_properties={
        "cors_rules": [{
            "allowed_headers": ["string"],
            "allowed_methods": ["string"],
            "allowed_origins": ["string"],
            "exposed_headers": ["string"],
            "max_age_in_seconds": 0,
        }],
        "retention_policy": {
            "days": 0,
        },
        "smb": {
            "authentication_types": ["string"],
            "channel_encryption_types": ["string"],
            "kerberos_ticket_encryption_types": ["string"],
            "multichannel_enabled": False,
            "versions": ["string"],
        },
    },
    shared_access_key_enabled=False,
    table_encryption_key_type="string",
    tags={
        "string": "string",
    })

const exampleaccountResourceResourceFromStorageaccount = new azure.storage.Account("exampleaccountResourceResourceFromStorageaccount", {
    accountTier: "string",
    resourceGroupName: "string",
    accountReplicationType: "string",
    isHnsEnabled: false,
    localUserEnabled: false,
    allowedCopyScope: "string",
    azureFilesAuthentication: {
        directoryType: "string",
        activeDirectory: {
            domainGuid: "string",
            domainName: "string",
            domainSid: "string",
            forestName: "string",
            netbiosDomainName: "string",
            storageSid: "string",
        },
        defaultShareLevelPermission: "string",
    },
    blobProperties: {
        changeFeedEnabled: false,
        changeFeedRetentionInDays: 0,
        containerDeleteRetentionPolicy: {
            days: 0,
        },
        corsRules: [{
            allowedHeaders: ["string"],
            allowedMethods: ["string"],
            allowedOrigins: ["string"],
            exposedHeaders: ["string"],
            maxAgeInSeconds: 0,
        }],
        defaultServiceVersion: "string",
        deleteRetentionPolicy: {
            days: 0,
            permanentDeleteEnabled: false,
        },
        lastAccessTimeEnabled: false,
        restorePolicy: {
            days: 0,
        },
        versioningEnabled: false,
    },
    crossTenantReplicationEnabled: false,
    customDomain: {
        name: "string",
        useSubdomain: false,
    },
    customerManagedKey: {
        userAssignedIdentityId: "string",
        keyVaultKeyId: "string",
        managedHsmKeyId: "string",
    },
    defaultToOauthAuthentication: false,
    dnsEndpointType: "string",
    edgeZone: "string",
    httpsTrafficOnlyEnabled: false,
    identity: {
        type: "string",
        identityIds: ["string"],
        principalId: "string",
        tenantId: "string",
    },
    immutabilityPolicy: {
        allowProtectedAppendWrites: false,
        periodSinceCreationInDays: 0,
        state: "string",
    },
    infrastructureEncryptionEnabled: false,
    accessTier: "string",
    allowNestedItemsToBePublic: false,
    largeFileShareEnabled: false,
    location: "string",
    minTlsVersion: "string",
    name: "string",
    networkRules: {
        defaultAction: "string",
        bypasses: ["string"],
        ipRules: ["string"],
        privateLinkAccesses: [{
            endpointResourceId: "string",
            endpointTenantId: "string",
        }],
        virtualNetworkSubnetIds: ["string"],
    },
    nfsv3Enabled: false,
    publicNetworkAccessEnabled: false,
    queueEncryptionKeyType: "string",
    accountKind: "string",
    routing: {
        choice: "string",
        publishInternetEndpoints: false,
        publishMicrosoftEndpoints: false,
    },
    sasPolicy: {
        expirationPeriod: "string",
        expirationAction: "string",
    },
    sftpEnabled: false,
    shareProperties: {
        corsRules: [{
            allowedHeaders: ["string"],
            allowedMethods: ["string"],
            allowedOrigins: ["string"],
            exposedHeaders: ["string"],
            maxAgeInSeconds: 0,
        }],
        retentionPolicy: {
            days: 0,
        },
        smb: {
            authenticationTypes: ["string"],
            channelEncryptionTypes: ["string"],
            kerberosTicketEncryptionTypes: ["string"],
            multichannelEnabled: false,
            versions: ["string"],
        },
    },
    sharedAccessKeyEnabled: false,
    tableEncryptionKeyType: "string",
    tags: {
        string: "string",
    },
});

type: azure:storage:Account
properties:
    accessTier: string
    accountKind: string
    accountReplicationType: string
    accountTier: string
    allowNestedItemsToBePublic: false
    allowedCopyScope: string
    azureFilesAuthentication:
        activeDirectory:
            domainGuid: string
            domainName: string
            domainSid: string
            forestName: string
            netbiosDomainName: string
            storageSid: string
        defaultShareLevelPermission: string
        directoryType: string
    blobProperties:
        changeFeedEnabled: false
        changeFeedRetentionInDays: 0
        containerDeleteRetentionPolicy:
            days: 0
        corsRules:
            - allowedHeaders:
                - string
              allowedMethods:
                - string
              allowedOrigins:
                - string
              exposedHeaders:
                - string
              maxAgeInSeconds: 0
        defaultServiceVersion: string
        deleteRetentionPolicy:
            days: 0
            permanentDeleteEnabled: false
        lastAccessTimeEnabled: false
        restorePolicy:
            days: 0
        versioningEnabled: false
    crossTenantReplicationEnabled: false
    customDomain:
        name: string
        useSubdomain: false
    customerManagedKey:
        keyVaultKeyId: string
        managedHsmKeyId: string
        userAssignedIdentityId: string
    defaultToOauthAuthentication: false
    dnsEndpointType: string
    edgeZone: string
    httpsTrafficOnlyEnabled: false
    identity:
        identityIds:
            - string
        principalId: string
        tenantId: string
        type: string
    immutabilityPolicy:
        allowProtectedAppendWrites: false
        periodSinceCreationInDays: 0
        state: string
    infrastructureEncryptionEnabled: false
    isHnsEnabled: false
    largeFileShareEnabled: false
    localUserEnabled: false
    location: string
    minTlsVersion: string
    name: string
    networkRules:
        bypasses:
            - string
        defaultAction: string
        ipRules:
            - string
        privateLinkAccesses:
            - endpointResourceId: string
              endpointTenantId: string
        virtualNetworkSubnetIds:
            - string
    nfsv3Enabled: false
    publicNetworkAccessEnabled: false
    queueEncryptionKeyType: string
    resourceGroupName: string
    routing:
        choice: string
        publishInternetEndpoints: false
        publishMicrosoftEndpoints: false
    sasPolicy:
        expirationAction: string
        expirationPeriod: string
    sftpEnabled: false
    shareProperties:
        corsRules:
            - allowedHeaders:
                - string
              allowedMethods:
                - string
              allowedOrigins:
                - string
              exposedHeaders:
                - string
              maxAgeInSeconds: 0
        retentionPolicy:
            days: 0
        smb:
            authenticationTypes:
                - string
            channelEncryptionTypes:
                - string
            kerberosTicketEncryptionTypes:
                - string
            multichannelEnabled: false
            versions:
                - string
    sharedAccessKeyEnabled: false
    tableEncryptionKeyType: string
    tags:
        string: string

Account Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Account resource accepts the following input properties:

AccountReplicationType string

Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa.

AccountTier string

Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid. Changing this forces a new resource to be created.

Note: Blobs with a tier of Premium are of account kind StorageV2.

ResourceGroupName string

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

AccessTier string

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

AccountKind string

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

AllowNestedItemsToBePublic bool

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

AllowedCopyScope string

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

AzureFilesAuthentication AccountAzureFilesAuthentication

A azure_files_authentication block as defined below.

BlobProperties AccountBlobProperties

A blob_properties block as defined below.

CrossTenantReplicationEnabled bool

Should cross Tenant replication be enabled? Defaults to false.

CustomDomain AccountCustomDomain

A custom_domain block as documented below.

CustomerManagedKey AccountCustomerManagedKey

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

DefaultToOauthAuthentication bool

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

DnsEndpointType string

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

EdgeZone string

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

HttpsTrafficOnlyEnabled bool

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

Identity AccountIdentity

An identity block as defined below.

ImmutabilityPolicy AccountImmutabilityPolicy

An immutability_policy block as defined below. Changing this forces a new resource to be created.

InfrastructureEncryptionEnabled bool

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

IsHnsEnabled bool

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

LargeFileShareEnabled bool

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

LocalUserEnabled bool

Is Local User Enabled? Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

MinTlsVersion string

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

Name string

Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.

NetworkRules AccountNetworkRules

A network_rules block as documented below.

Nfsv3Enabled bool

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

PublicNetworkAccessEnabled bool

Whether the public network access is enabled? Defaults to true.

QueueEncryptionKeyType string

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

QueueProperties AccountQueueProperties

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

Routing AccountRouting

A routing block as defined below.

SasPolicy AccountSasPolicy

A sas_policy block as defined below.

SftpEnabled bool

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

ShareProperties AccountShareProperties

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

SharedAccessKeyEnabled bool

StaticWebsite AccountStaticWebsite

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

TableEncryptionKeyType string

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

Tags Dictionary<string, string>

A mapping of tags to assign to the resource.

AccountReplicationType string

AccountTier string

Note: Blobs with a tier of Premium are of account kind StorageV2.

ResourceGroupName string

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

AccessTier string

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

AccountKind string

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

AllowNestedItemsToBePublic bool

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

AllowedCopyScope string

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

AzureFilesAuthentication AccountAzureFilesAuthenticationArgs

A azure_files_authentication block as defined below.

BlobProperties AccountBlobPropertiesArgs

A blob_properties block as defined below.

CrossTenantReplicationEnabled bool

Should cross Tenant replication be enabled? Defaults to false.

CustomDomain AccountCustomDomainArgs

A custom_domain block as documented below.

CustomerManagedKey AccountCustomerManagedKeyArgs

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

DefaultToOauthAuthentication bool

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

DnsEndpointType string

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

EdgeZone string

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

HttpsTrafficOnlyEnabled bool

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

Identity AccountIdentityArgs

An identity block as defined below.

ImmutabilityPolicy AccountImmutabilityPolicyArgs

An immutability_policy block as defined below. Changing this forces a new resource to be created.

InfrastructureEncryptionEnabled bool

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

IsHnsEnabled bool

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

LargeFileShareEnabled bool

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

LocalUserEnabled bool

Is Local User Enabled? Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

MinTlsVersion string

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

Name string

NetworkRules AccountNetworkRulesTypeArgs

A network_rules block as documented below.

Nfsv3Enabled bool

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

PublicNetworkAccessEnabled bool

Whether the public network access is enabled? Defaults to true.

QueueEncryptionKeyType string

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

QueueProperties AccountQueuePropertiesTypeArgs

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

Routing AccountRoutingArgs

A routing block as defined below.

SasPolicy AccountSasPolicyArgs

A sas_policy block as defined below.

SftpEnabled bool

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

ShareProperties AccountSharePropertiesArgs

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

SharedAccessKeyEnabled bool

StaticWebsite AccountStaticWebsiteTypeArgs

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

TableEncryptionKeyType string

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

Tags map[string]string

A mapping of tags to assign to the resource.

accountReplicationType String

accountTier String

Note: Blobs with a tier of Premium are of account kind StorageV2.

resourceGroupName String

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

accessTier String

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

accountKind String

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

allowNestedItemsToBePublic Boolean

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowedCopyScope String

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azureFilesAuthentication AccountAzureFilesAuthentication

A azure_files_authentication block as defined below.

blobProperties AccountBlobProperties

A blob_properties block as defined below.

crossTenantReplicationEnabled Boolean

Should cross Tenant replication be enabled? Defaults to false.

customDomain AccountCustomDomain

A custom_domain block as documented below.

customerManagedKey AccountCustomerManagedKey

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

defaultToOauthAuthentication Boolean

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dnsEndpointType String

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edgeZone String

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

httpsTrafficOnlyEnabled Boolean

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity AccountIdentity

An identity block as defined below.

immutabilityPolicy AccountImmutabilityPolicy

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructureEncryptionEnabled Boolean

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

isHnsEnabled Boolean

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

largeFileShareEnabled Boolean

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

localUserEnabled Boolean

Is Local User Enabled? Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

minTlsVersion String

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name String

networkRules AccountNetworkRules

A network_rules block as documented below.

nfsv3Enabled Boolean

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

publicNetworkAccessEnabled Boolean

Whether the public network access is enabled? Defaults to true.

queueEncryptionKeyType String

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queueProperties AccountQueueProperties

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

routing AccountRouting

A routing block as defined below.

sasPolicy AccountSasPolicy

A sas_policy block as defined below.

sftpEnabled Boolean

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

shareProperties AccountShareProperties

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

sharedAccessKeyEnabled Boolean

staticWebsite AccountStaticWebsite

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

tableEncryptionKeyType String

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags Map<String,String>

A mapping of tags to assign to the resource.

accountReplicationType string

accountTier string

Note: Blobs with a tier of Premium are of account kind StorageV2.

resourceGroupName string

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

accessTier string

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

accountKind string

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

allowNestedItemsToBePublic boolean

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowedCopyScope string

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azureFilesAuthentication AccountAzureFilesAuthentication

A azure_files_authentication block as defined below.

blobProperties AccountBlobProperties

A blob_properties block as defined below.

crossTenantReplicationEnabled boolean

Should cross Tenant replication be enabled? Defaults to false.

customDomain AccountCustomDomain

A custom_domain block as documented below.

customerManagedKey AccountCustomerManagedKey

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

defaultToOauthAuthentication boolean

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dnsEndpointType string

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edgeZone string

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

httpsTrafficOnlyEnabled boolean

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity AccountIdentity

An identity block as defined below.

immutabilityPolicy AccountImmutabilityPolicy

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructureEncryptionEnabled boolean

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

isHnsEnabled boolean

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

largeFileShareEnabled boolean

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

localUserEnabled boolean

Is Local User Enabled? Defaults to true.

location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

minTlsVersion string

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name string

networkRules AccountNetworkRules

A network_rules block as documented below.

nfsv3Enabled boolean

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

publicNetworkAccessEnabled boolean

Whether the public network access is enabled? Defaults to true.

queueEncryptionKeyType string

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queueProperties AccountQueueProperties

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

routing AccountRouting

A routing block as defined below.

sasPolicy AccountSasPolicy

A sas_policy block as defined below.

sftpEnabled boolean

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

shareProperties AccountShareProperties

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

sharedAccessKeyEnabled boolean

staticWebsite AccountStaticWebsite

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

tableEncryptionKeyType string

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags {[key: string]: string}

A mapping of tags to assign to the resource.

account_replication_type str

account_tier str

Note: Blobs with a tier of Premium are of account kind StorageV2.

resource_group_name str

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

access_tier str

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

account_kind str

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

allow_nested_items_to_be_public bool

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowed_copy_scope str

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azure_files_authentication AccountAzureFilesAuthenticationArgs

A azure_files_authentication block as defined below.

blob_properties AccountBlobPropertiesArgs

A blob_properties block as defined below.

cross_tenant_replication_enabled bool

Should cross Tenant replication be enabled? Defaults to false.

custom_domain AccountCustomDomainArgs

A custom_domain block as documented below.

customer_managed_key AccountCustomerManagedKeyArgs

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

default_to_oauth_authentication bool

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dns_endpoint_type str

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edge_zone str

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

https_traffic_only_enabled bool

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity AccountIdentityArgs

An identity block as defined below.

immutability_policy AccountImmutabilityPolicyArgs

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructure_encryption_enabled bool

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

is_hns_enabled bool

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

large_file_share_enabled bool

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

local_user_enabled bool

Is Local User Enabled? Defaults to true.

location str

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

min_tls_version str

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name str

network_rules AccountNetworkRulesArgs

A network_rules block as documented below.

nfsv3_enabled bool

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

public_network_access_enabled bool

Whether the public network access is enabled? Defaults to true.

queue_encryption_key_type str

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queue_properties AccountQueuePropertiesArgs

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

routing AccountRoutingArgs

A routing block as defined below.

sas_policy AccountSasPolicyArgs

A sas_policy block as defined below.

sftp_enabled bool

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

share_properties AccountSharePropertiesArgs

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

shared_access_key_enabled bool

static_website AccountStaticWebsiteArgs

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

table_encryption_key_type str

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags Mapping[str, str]

A mapping of tags to assign to the resource.

accountReplicationType String

accountTier String

Note: Blobs with a tier of Premium are of account kind StorageV2.

resourceGroupName String

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

accessTier String

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

accountKind String

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

allowNestedItemsToBePublic Boolean

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowedCopyScope String

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azureFilesAuthentication Property Map

A azure_files_authentication block as defined below.

blobProperties Property Map

A blob_properties block as defined below.

crossTenantReplicationEnabled Boolean

Should cross Tenant replication be enabled? Defaults to false.

customDomain Property Map

A custom_domain block as documented below.

customerManagedKey Property Map

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

defaultToOauthAuthentication Boolean

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dnsEndpointType String

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edgeZone String

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

httpsTrafficOnlyEnabled Boolean

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity Property Map

An identity block as defined below.

immutabilityPolicy Property Map

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructureEncryptionEnabled Boolean

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

isHnsEnabled Boolean

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

largeFileShareEnabled Boolean

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

localUserEnabled Boolean

Is Local User Enabled? Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

minTlsVersion String

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name String

networkRules Property Map

A network_rules block as documented below.

nfsv3Enabled Boolean

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

publicNetworkAccessEnabled Boolean

Whether the public network access is enabled? Defaults to true.

queueEncryptionKeyType String

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queueProperties Property Map

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

routing Property Map

A routing block as defined below.

sasPolicy Property Map

A sas_policy block as defined below.

sftpEnabled Boolean

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

shareProperties Property Map

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

sharedAccessKeyEnabled Boolean

staticWebsite Property Map

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

tableEncryptionKeyType String

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags Map<String>

A mapping of tags to assign to the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the Account resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
PrimaryAccessKey string: The primary access key for the storage account.
PrimaryBlobConnectionString string: The connection string associated with the primary blob location.
PrimaryBlobEndpoint string: The endpoint URL for blob storage in the primary location.
PrimaryBlobHost string: The hostname with port if applicable for blob storage in the primary location.
PrimaryBlobInternetEndpoint string: The internet routing endpoint URL for blob storage in the primary location.
PrimaryBlobInternetHost string: The internet routing hostname with port if applicable for blob storage in the primary location.
PrimaryBlobMicrosoftEndpoint string: The microsoft routing endpoint URL for blob storage in the primary location.
PrimaryBlobMicrosoftHost string: The microsoft routing hostname with port if applicable for blob storage in the primary location.
PrimaryConnectionString string: The connection string associated with the primary location.
PrimaryDfsEndpoint string: The endpoint URL for DFS storage in the primary location.
PrimaryDfsHost string: The hostname with port if applicable for DFS storage in the primary location.
PrimaryDfsInternetEndpoint string: The internet routing endpoint URL for DFS storage in the primary location.
PrimaryDfsInternetHost string: The internet routing hostname with port if applicable for DFS storage in the primary location.
PrimaryDfsMicrosoftEndpoint string: The microsoft routing endpoint URL for DFS storage in the primary location.
PrimaryDfsMicrosoftHost string: The microsoft routing hostname with port if applicable for DFS storage in the primary location.
PrimaryFileEndpoint string: The endpoint URL for file storage in the primary location.
PrimaryFileHost string: The hostname with port if applicable for file storage in the primary location.
PrimaryFileInternetEndpoint string: The internet routing endpoint URL for file storage in the primary location.
PrimaryFileInternetHost string: The internet routing hostname with port if applicable for file storage in the primary location.
PrimaryFileMicrosoftEndpoint string: The microsoft routing endpoint URL for file storage in the primary location.
PrimaryFileMicrosoftHost string: The microsoft routing hostname with port if applicable for file storage in the primary location.
PrimaryLocation string: The primary location of the storage account.
PrimaryQueueEndpoint string: The endpoint URL for queue storage in the primary location.
PrimaryQueueHost string: The hostname with port if applicable for queue storage in the primary location.
PrimaryQueueMicrosoftEndpoint string: The microsoft routing endpoint URL for queue storage in the primary location.
PrimaryQueueMicrosoftHost string: The microsoft routing hostname with port if applicable for queue storage in the primary location.
PrimaryTableEndpoint string: The endpoint URL for table storage in the primary location.
PrimaryTableHost string: The hostname with port if applicable for table storage in the primary location.
PrimaryTableMicrosoftEndpoint string: The microsoft routing endpoint URL for table storage in the primary location.
PrimaryTableMicrosoftHost string: The microsoft routing hostname with port if applicable for table storage in the primary location.
PrimaryWebEndpoint string: The endpoint URL for web storage in the primary location.
PrimaryWebHost string: The hostname with port if applicable for web storage in the primary location.
PrimaryWebInternetEndpoint string: The internet routing endpoint URL for web storage in the primary location.
PrimaryWebInternetHost string: The internet routing hostname with port if applicable for web storage in the primary location.
PrimaryWebMicrosoftEndpoint string: The microsoft routing endpoint URL for web storage in the primary location.
PrimaryWebMicrosoftHost string: The microsoft routing hostname with port if applicable for web storage in the primary location.
SecondaryAccessKey string: The secondary access key for the storage account.
SecondaryBlobConnectionString string: The connection string associated with the secondary blob location.
SecondaryBlobEndpoint string: The endpoint URL for blob storage in the secondary location.
SecondaryBlobHost string: The hostname with port if applicable for blob storage in the secondary location.
SecondaryBlobInternetEndpoint string: The internet routing endpoint URL for blob storage in the secondary location.
SecondaryBlobInternetHost string: The internet routing hostname with port if applicable for blob storage in the secondary location.
SecondaryBlobMicrosoftEndpoint string: The microsoft routing endpoint URL for blob storage in the secondary location.
SecondaryBlobMicrosoftHost string: The microsoft routing hostname with port if applicable for blob storage in the secondary location.
SecondaryConnectionString string: The connection string associated with the secondary location.
SecondaryDfsEndpoint string: The endpoint URL for DFS storage in the secondary location.
SecondaryDfsHost string: The hostname with port if applicable for DFS storage in the secondary location.
SecondaryDfsInternetEndpoint string: The internet routing endpoint URL for DFS storage in the secondary location.
SecondaryDfsInternetHost string: The internet routing hostname with port if applicable for DFS storage in the secondary location.
SecondaryDfsMicrosoftEndpoint string: The microsoft routing endpoint URL for DFS storage in the secondary location.
SecondaryDfsMicrosoftHost string: The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
SecondaryFileEndpoint string: The endpoint URL for file storage in the secondary location.
SecondaryFileHost string: The hostname with port if applicable for file storage in the secondary location.
SecondaryFileInternetEndpoint string: The internet routing endpoint URL for file storage in the secondary location.
SecondaryFileInternetHost string: The internet routing hostname with port if applicable for file storage in the secondary location.
SecondaryFileMicrosoftEndpoint string: The microsoft routing endpoint URL for file storage in the secondary location.
SecondaryFileMicrosoftHost string: The microsoft routing hostname with port if applicable for file storage in the secondary location.
SecondaryLocation string: The secondary location of the storage account.
SecondaryQueueEndpoint string: The endpoint URL for queue storage in the secondary location.
SecondaryQueueHost string: The hostname with port if applicable for queue storage in the secondary location.
SecondaryQueueMicrosoftEndpoint string: The microsoft routing endpoint URL for queue storage in the secondary location.
SecondaryQueueMicrosoftHost string: The microsoft routing hostname with port if applicable for queue storage in the secondary location.
SecondaryTableEndpoint string: The endpoint URL for table storage in the secondary location.
SecondaryTableHost string: The hostname with port if applicable for table storage in the secondary location.
SecondaryTableMicrosoftEndpoint string: The microsoft routing endpoint URL for table storage in the secondary location.
SecondaryTableMicrosoftHost string: The microsoft routing hostname with port if applicable for table storage in the secondary location.
SecondaryWebEndpoint string: The endpoint URL for web storage in the secondary location.
SecondaryWebHost string: The hostname with port if applicable for web storage in the secondary location.
SecondaryWebInternetEndpoint string: The internet routing endpoint URL for web storage in the secondary location.
SecondaryWebInternetHost string: The internet routing hostname with port if applicable for web storage in the secondary location.
SecondaryWebMicrosoftEndpoint string: The microsoft routing endpoint URL for web storage in the secondary location.
SecondaryWebMicrosoftHost string: The microsoft routing hostname with port if applicable for web storage in the secondary location.

Id string: The provider-assigned unique ID for this managed resource.
PrimaryAccessKey string: The primary access key for the storage account.
PrimaryBlobConnectionString string: The connection string associated with the primary blob location.
PrimaryBlobEndpoint string: The endpoint URL for blob storage in the primary location.
PrimaryBlobHost string: The hostname with port if applicable for blob storage in the primary location.
PrimaryBlobInternetEndpoint string: The internet routing endpoint URL for blob storage in the primary location.
PrimaryBlobInternetHost string: The internet routing hostname with port if applicable for blob storage in the primary location.
PrimaryBlobMicrosoftEndpoint string: The microsoft routing endpoint URL for blob storage in the primary location.
PrimaryBlobMicrosoftHost string: The microsoft routing hostname with port if applicable for blob storage in the primary location.
PrimaryConnectionString string: The connection string associated with the primary location.
PrimaryDfsEndpoint string: The endpoint URL for DFS storage in the primary location.
PrimaryDfsHost string: The hostname with port if applicable for DFS storage in the primary location.
PrimaryDfsInternetEndpoint string: The internet routing endpoint URL for DFS storage in the primary location.
PrimaryDfsInternetHost string: The internet routing hostname with port if applicable for DFS storage in the primary location.
PrimaryDfsMicrosoftEndpoint string: The microsoft routing endpoint URL for DFS storage in the primary location.
PrimaryDfsMicrosoftHost string: The microsoft routing hostname with port if applicable for DFS storage in the primary location.
PrimaryFileEndpoint string: The endpoint URL for file storage in the primary location.
PrimaryFileHost string: The hostname with port if applicable for file storage in the primary location.
PrimaryFileInternetEndpoint string: The internet routing endpoint URL for file storage in the primary location.
PrimaryFileInternetHost string: The internet routing hostname with port if applicable for file storage in the primary location.
PrimaryFileMicrosoftEndpoint string: The microsoft routing endpoint URL for file storage in the primary location.
PrimaryFileMicrosoftHost string: The microsoft routing hostname with port if applicable for file storage in the primary location.
PrimaryLocation string: The primary location of the storage account.
PrimaryQueueEndpoint string: The endpoint URL for queue storage in the primary location.
PrimaryQueueHost string: The hostname with port if applicable for queue storage in the primary location.
PrimaryQueueMicrosoftEndpoint string: The microsoft routing endpoint URL for queue storage in the primary location.
PrimaryQueueMicrosoftHost string: The microsoft routing hostname with port if applicable for queue storage in the primary location.
PrimaryTableEndpoint string: The endpoint URL for table storage in the primary location.
PrimaryTableHost string: The hostname with port if applicable for table storage in the primary location.
PrimaryTableMicrosoftEndpoint string: The microsoft routing endpoint URL for table storage in the primary location.
PrimaryTableMicrosoftHost string: The microsoft routing hostname with port if applicable for table storage in the primary location.
PrimaryWebEndpoint string: The endpoint URL for web storage in the primary location.
PrimaryWebHost string: The hostname with port if applicable for web storage in the primary location.
PrimaryWebInternetEndpoint string: The internet routing endpoint URL for web storage in the primary location.
PrimaryWebInternetHost string: The internet routing hostname with port if applicable for web storage in the primary location.
PrimaryWebMicrosoftEndpoint string: The microsoft routing endpoint URL for web storage in the primary location.
PrimaryWebMicrosoftHost string: The microsoft routing hostname with port if applicable for web storage in the primary location.
SecondaryAccessKey string: The secondary access key for the storage account.
SecondaryBlobConnectionString string: The connection string associated with the secondary blob location.
SecondaryBlobEndpoint string: The endpoint URL for blob storage in the secondary location.
SecondaryBlobHost string: The hostname with port if applicable for blob storage in the secondary location.
SecondaryBlobInternetEndpoint string: The internet routing endpoint URL for blob storage in the secondary location.
SecondaryBlobInternetHost string: The internet routing hostname with port if applicable for blob storage in the secondary location.
SecondaryBlobMicrosoftEndpoint string: The microsoft routing endpoint URL for blob storage in the secondary location.
SecondaryBlobMicrosoftHost string: The microsoft routing hostname with port if applicable for blob storage in the secondary location.
SecondaryConnectionString string: The connection string associated with the secondary location.
SecondaryDfsEndpoint string: The endpoint URL for DFS storage in the secondary location.
SecondaryDfsHost string: The hostname with port if applicable for DFS storage in the secondary location.
SecondaryDfsInternetEndpoint string: The internet routing endpoint URL for DFS storage in the secondary location.
SecondaryDfsInternetHost string: The internet routing hostname with port if applicable for DFS storage in the secondary location.
SecondaryDfsMicrosoftEndpoint string: The microsoft routing endpoint URL for DFS storage in the secondary location.
SecondaryDfsMicrosoftHost string: The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
SecondaryFileEndpoint string: The endpoint URL for file storage in the secondary location.
SecondaryFileHost string: The hostname with port if applicable for file storage in the secondary location.
SecondaryFileInternetEndpoint string: The internet routing endpoint URL for file storage in the secondary location.
SecondaryFileInternetHost string: The internet routing hostname with port if applicable for file storage in the secondary location.
SecondaryFileMicrosoftEndpoint string: The microsoft routing endpoint URL for file storage in the secondary location.
SecondaryFileMicrosoftHost string: The microsoft routing hostname with port if applicable for file storage in the secondary location.
SecondaryLocation string: The secondary location of the storage account.
SecondaryQueueEndpoint string: The endpoint URL for queue storage in the secondary location.
SecondaryQueueHost string: The hostname with port if applicable for queue storage in the secondary location.
SecondaryQueueMicrosoftEndpoint string: The microsoft routing endpoint URL for queue storage in the secondary location.
SecondaryQueueMicrosoftHost string: The microsoft routing hostname with port if applicable for queue storage in the secondary location.
SecondaryTableEndpoint string: The endpoint URL for table storage in the secondary location.
SecondaryTableHost string: The hostname with port if applicable for table storage in the secondary location.
SecondaryTableMicrosoftEndpoint string: The microsoft routing endpoint URL for table storage in the secondary location.
SecondaryTableMicrosoftHost string: The microsoft routing hostname with port if applicable for table storage in the secondary location.
SecondaryWebEndpoint string: The endpoint URL for web storage in the secondary location.
SecondaryWebHost string: The hostname with port if applicable for web storage in the secondary location.
SecondaryWebInternetEndpoint string: The internet routing endpoint URL for web storage in the secondary location.
SecondaryWebInternetHost string: The internet routing hostname with port if applicable for web storage in the secondary location.
SecondaryWebMicrosoftEndpoint string: The microsoft routing endpoint URL for web storage in the secondary location.
SecondaryWebMicrosoftHost string: The microsoft routing hostname with port if applicable for web storage in the secondary location.

id String: The provider-assigned unique ID for this managed resource.
primaryAccessKey String: The primary access key for the storage account.
primaryBlobConnectionString String: The connection string associated with the primary blob location.
primaryBlobEndpoint String: The endpoint URL for blob storage in the primary location.
primaryBlobHost String: The hostname with port if applicable for blob storage in the primary location.
primaryBlobInternetEndpoint String: The internet routing endpoint URL for blob storage in the primary location.
primaryBlobInternetHost String: The internet routing hostname with port if applicable for blob storage in the primary location.
primaryBlobMicrosoftEndpoint String: The microsoft routing endpoint URL for blob storage in the primary location.
primaryBlobMicrosoftHost String: The microsoft routing hostname with port if applicable for blob storage in the primary location.
primaryConnectionString String: The connection string associated with the primary location.
primaryDfsEndpoint String: The endpoint URL for DFS storage in the primary location.
primaryDfsHost String: The hostname with port if applicable for DFS storage in the primary location.
primaryDfsInternetEndpoint String: The internet routing endpoint URL for DFS storage in the primary location.
primaryDfsInternetHost String: The internet routing hostname with port if applicable for DFS storage in the primary location.
primaryDfsMicrosoftEndpoint String: The microsoft routing endpoint URL for DFS storage in the primary location.
primaryDfsMicrosoftHost String: The microsoft routing hostname with port if applicable for DFS storage in the primary location.
primaryFileEndpoint String: The endpoint URL for file storage in the primary location.
primaryFileHost String: The hostname with port if applicable for file storage in the primary location.
primaryFileInternetEndpoint String: The internet routing endpoint URL for file storage in the primary location.
primaryFileInternetHost String: The internet routing hostname with port if applicable for file storage in the primary location.
primaryFileMicrosoftEndpoint String: The microsoft routing endpoint URL for file storage in the primary location.
primaryFileMicrosoftHost String: The microsoft routing hostname with port if applicable for file storage in the primary location.
primaryLocation String: The primary location of the storage account.
primaryQueueEndpoint String: The endpoint URL for queue storage in the primary location.
primaryQueueHost String: The hostname with port if applicable for queue storage in the primary location.
primaryQueueMicrosoftEndpoint String: The microsoft routing endpoint URL for queue storage in the primary location.
primaryQueueMicrosoftHost String: The microsoft routing hostname with port if applicable for queue storage in the primary location.
primaryTableEndpoint String: The endpoint URL for table storage in the primary location.
primaryTableHost String: The hostname with port if applicable for table storage in the primary location.
primaryTableMicrosoftEndpoint String: The microsoft routing endpoint URL for table storage in the primary location.
primaryTableMicrosoftHost String: The microsoft routing hostname with port if applicable for table storage in the primary location.
primaryWebEndpoint String: The endpoint URL for web storage in the primary location.
primaryWebHost String: The hostname with port if applicable for web storage in the primary location.
primaryWebInternetEndpoint String: The internet routing endpoint URL for web storage in the primary location.
primaryWebInternetHost String: The internet routing hostname with port if applicable for web storage in the primary location.
primaryWebMicrosoftEndpoint String: The microsoft routing endpoint URL for web storage in the primary location.
primaryWebMicrosoftHost String: The microsoft routing hostname with port if applicable for web storage in the primary location.
secondaryAccessKey String: The secondary access key for the storage account.
secondaryBlobConnectionString String: The connection string associated with the secondary blob location.
secondaryBlobEndpoint String: The endpoint URL for blob storage in the secondary location.
secondaryBlobHost String: The hostname with port if applicable for blob storage in the secondary location.
secondaryBlobInternetEndpoint String: The internet routing endpoint URL for blob storage in the secondary location.
secondaryBlobInternetHost String: The internet routing hostname with port if applicable for blob storage in the secondary location.
secondaryBlobMicrosoftEndpoint String: The microsoft routing endpoint URL for blob storage in the secondary location.
secondaryBlobMicrosoftHost String: The microsoft routing hostname with port if applicable for blob storage in the secondary location.
secondaryConnectionString String: The connection string associated with the secondary location.
secondaryDfsEndpoint String: The endpoint URL for DFS storage in the secondary location.
secondaryDfsHost String: The hostname with port if applicable for DFS storage in the secondary location.
secondaryDfsInternetEndpoint String: The internet routing endpoint URL for DFS storage in the secondary location.
secondaryDfsInternetHost String: The internet routing hostname with port if applicable for DFS storage in the secondary location.
secondaryDfsMicrosoftEndpoint String: The microsoft routing endpoint URL for DFS storage in the secondary location.
secondaryDfsMicrosoftHost String: The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
secondaryFileEndpoint String: The endpoint URL for file storage in the secondary location.
secondaryFileHost String: The hostname with port if applicable for file storage in the secondary location.
secondaryFileInternetEndpoint String: The internet routing endpoint URL for file storage in the secondary location.
secondaryFileInternetHost String: The internet routing hostname with port if applicable for file storage in the secondary location.
secondaryFileMicrosoftEndpoint String: The microsoft routing endpoint URL for file storage in the secondary location.
secondaryFileMicrosoftHost String: The microsoft routing hostname with port if applicable for file storage in the secondary location.
secondaryLocation String: The secondary location of the storage account.
secondaryQueueEndpoint String: The endpoint URL for queue storage in the secondary location.
secondaryQueueHost String: The hostname with port if applicable for queue storage in the secondary location.
secondaryQueueMicrosoftEndpoint String: The microsoft routing endpoint URL for queue storage in the secondary location.
secondaryQueueMicrosoftHost String: The microsoft routing hostname with port if applicable for queue storage in the secondary location.
secondaryTableEndpoint String: The endpoint URL for table storage in the secondary location.
secondaryTableHost String: The hostname with port if applicable for table storage in the secondary location.
secondaryTableMicrosoftEndpoint String: The microsoft routing endpoint URL for table storage in the secondary location.
secondaryTableMicrosoftHost String: The microsoft routing hostname with port if applicable for table storage in the secondary location.
secondaryWebEndpoint String: The endpoint URL for web storage in the secondary location.
secondaryWebHost String: The hostname with port if applicable for web storage in the secondary location.
secondaryWebInternetEndpoint String: The internet routing endpoint URL for web storage in the secondary location.
secondaryWebInternetHost String: The internet routing hostname with port if applicable for web storage in the secondary location.
secondaryWebMicrosoftEndpoint String: The microsoft routing endpoint URL for web storage in the secondary location.
secondaryWebMicrosoftHost String: The microsoft routing hostname with port if applicable for web storage in the secondary location.

id string: The provider-assigned unique ID for this managed resource.
primaryAccessKey string: The primary access key for the storage account.
primaryBlobConnectionString string: The connection string associated with the primary blob location.
primaryBlobEndpoint string: The endpoint URL for blob storage in the primary location.
primaryBlobHost string: The hostname with port if applicable for blob storage in the primary location.
primaryBlobInternetEndpoint string: The internet routing endpoint URL for blob storage in the primary location.
primaryBlobInternetHost string: The internet routing hostname with port if applicable for blob storage in the primary location.
primaryBlobMicrosoftEndpoint string: The microsoft routing endpoint URL for blob storage in the primary location.
primaryBlobMicrosoftHost string: The microsoft routing hostname with port if applicable for blob storage in the primary location.
primaryConnectionString string: The connection string associated with the primary location.
primaryDfsEndpoint string: The endpoint URL for DFS storage in the primary location.
primaryDfsHost string: The hostname with port if applicable for DFS storage in the primary location.
primaryDfsInternetEndpoint string: The internet routing endpoint URL for DFS storage in the primary location.
primaryDfsInternetHost string: The internet routing hostname with port if applicable for DFS storage in the primary location.
primaryDfsMicrosoftEndpoint string: The microsoft routing endpoint URL for DFS storage in the primary location.
primaryDfsMicrosoftHost string: The microsoft routing hostname with port if applicable for DFS storage in the primary location.
primaryFileEndpoint string: The endpoint URL for file storage in the primary location.
primaryFileHost string: The hostname with port if applicable for file storage in the primary location.
primaryFileInternetEndpoint string: The internet routing endpoint URL for file storage in the primary location.
primaryFileInternetHost string: The internet routing hostname with port if applicable for file storage in the primary location.
primaryFileMicrosoftEndpoint string: The microsoft routing endpoint URL for file storage in the primary location.
primaryFileMicrosoftHost string: The microsoft routing hostname with port if applicable for file storage in the primary location.
primaryLocation string: The primary location of the storage account.
primaryQueueEndpoint string: The endpoint URL for queue storage in the primary location.
primaryQueueHost string: The hostname with port if applicable for queue storage in the primary location.
primaryQueueMicrosoftEndpoint string: The microsoft routing endpoint URL for queue storage in the primary location.
primaryQueueMicrosoftHost string: The microsoft routing hostname with port if applicable for queue storage in the primary location.
primaryTableEndpoint string: The endpoint URL for table storage in the primary location.
primaryTableHost string: The hostname with port if applicable for table storage in the primary location.
primaryTableMicrosoftEndpoint string: The microsoft routing endpoint URL for table storage in the primary location.
primaryTableMicrosoftHost string: The microsoft routing hostname with port if applicable for table storage in the primary location.
primaryWebEndpoint string: The endpoint URL for web storage in the primary location.
primaryWebHost string: The hostname with port if applicable for web storage in the primary location.
primaryWebInternetEndpoint string: The internet routing endpoint URL for web storage in the primary location.
primaryWebInternetHost string: The internet routing hostname with port if applicable for web storage in the primary location.
primaryWebMicrosoftEndpoint string: The microsoft routing endpoint URL for web storage in the primary location.
primaryWebMicrosoftHost string: The microsoft routing hostname with port if applicable for web storage in the primary location.
secondaryAccessKey string: The secondary access key for the storage account.
secondaryBlobConnectionString string: The connection string associated with the secondary blob location.
secondaryBlobEndpoint string: The endpoint URL for blob storage in the secondary location.
secondaryBlobHost string: The hostname with port if applicable for blob storage in the secondary location.
secondaryBlobInternetEndpoint string: The internet routing endpoint URL for blob storage in the secondary location.
secondaryBlobInternetHost string: The internet routing hostname with port if applicable for blob storage in the secondary location.
secondaryBlobMicrosoftEndpoint string: The microsoft routing endpoint URL for blob storage in the secondary location.
secondaryBlobMicrosoftHost string: The microsoft routing hostname with port if applicable for blob storage in the secondary location.
secondaryConnectionString string: The connection string associated with the secondary location.
secondaryDfsEndpoint string: The endpoint URL for DFS storage in the secondary location.
secondaryDfsHost string: The hostname with port if applicable for DFS storage in the secondary location.
secondaryDfsInternetEndpoint string: The internet routing endpoint URL for DFS storage in the secondary location.
secondaryDfsInternetHost string: The internet routing hostname with port if applicable for DFS storage in the secondary location.
secondaryDfsMicrosoftEndpoint string: The microsoft routing endpoint URL for DFS storage in the secondary location.
secondaryDfsMicrosoftHost string: The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
secondaryFileEndpoint string: The endpoint URL for file storage in the secondary location.
secondaryFileHost string: The hostname with port if applicable for file storage in the secondary location.
secondaryFileInternetEndpoint string: The internet routing endpoint URL for file storage in the secondary location.
secondaryFileInternetHost string: The internet routing hostname with port if applicable for file storage in the secondary location.
secondaryFileMicrosoftEndpoint string: The microsoft routing endpoint URL for file storage in the secondary location.
secondaryFileMicrosoftHost string: The microsoft routing hostname with port if applicable for file storage in the secondary location.
secondaryLocation string: The secondary location of the storage account.
secondaryQueueEndpoint string: The endpoint URL for queue storage in the secondary location.
secondaryQueueHost string: The hostname with port if applicable for queue storage in the secondary location.
secondaryQueueMicrosoftEndpoint string: The microsoft routing endpoint URL for queue storage in the secondary location.
secondaryQueueMicrosoftHost string: The microsoft routing hostname with port if applicable for queue storage in the secondary location.
secondaryTableEndpoint string: The endpoint URL for table storage in the secondary location.
secondaryTableHost string: The hostname with port if applicable for table storage in the secondary location.
secondaryTableMicrosoftEndpoint string: The microsoft routing endpoint URL for table storage in the secondary location.
secondaryTableMicrosoftHost string: The microsoft routing hostname with port if applicable for table storage in the secondary location.
secondaryWebEndpoint string: The endpoint URL for web storage in the secondary location.
secondaryWebHost string: The hostname with port if applicable for web storage in the secondary location.
secondaryWebInternetEndpoint string: The internet routing endpoint URL for web storage in the secondary location.
secondaryWebInternetHost string: The internet routing hostname with port if applicable for web storage in the secondary location.
secondaryWebMicrosoftEndpoint string: The microsoft routing endpoint URL for web storage in the secondary location.
secondaryWebMicrosoftHost string: The microsoft routing hostname with port if applicable for web storage in the secondary location.

id str: The provider-assigned unique ID for this managed resource.
primary_access_key str: The primary access key for the storage account.
primary_blob_connection_string str: The connection string associated with the primary blob location.
primary_blob_endpoint str: The endpoint URL for blob storage in the primary location.
primary_blob_host str: The hostname with port if applicable for blob storage in the primary location.
primary_blob_internet_endpoint str: The internet routing endpoint URL for blob storage in the primary location.
primary_blob_internet_host str: The internet routing hostname with port if applicable for blob storage in the primary location.
primary_blob_microsoft_endpoint str: The microsoft routing endpoint URL for blob storage in the primary location.
primary_blob_microsoft_host str: The microsoft routing hostname with port if applicable for blob storage in the primary location.
primary_connection_string str: The connection string associated with the primary location.
primary_dfs_endpoint str: The endpoint URL for DFS storage in the primary location.
primary_dfs_host str: The hostname with port if applicable for DFS storage in the primary location.
primary_dfs_internet_endpoint str: The internet routing endpoint URL for DFS storage in the primary location.
primary_dfs_internet_host str: The internet routing hostname with port if applicable for DFS storage in the primary location.
primary_dfs_microsoft_endpoint str: The microsoft routing endpoint URL for DFS storage in the primary location.
primary_dfs_microsoft_host str: The microsoft routing hostname with port if applicable for DFS storage in the primary location.
primary_file_endpoint str: The endpoint URL for file storage in the primary location.
primary_file_host str: The hostname with port if applicable for file storage in the primary location.
primary_file_internet_endpoint str: The internet routing endpoint URL for file storage in the primary location.
primary_file_internet_host str: The internet routing hostname with port if applicable for file storage in the primary location.
primary_file_microsoft_endpoint str: The microsoft routing endpoint URL for file storage in the primary location.
primary_file_microsoft_host str: The microsoft routing hostname with port if applicable for file storage in the primary location.
primary_location str: The primary location of the storage account.
primary_queue_endpoint str: The endpoint URL for queue storage in the primary location.
primary_queue_host str: The hostname with port if applicable for queue storage in the primary location.
primary_queue_microsoft_endpoint str: The microsoft routing endpoint URL for queue storage in the primary location.
primary_queue_microsoft_host str: The microsoft routing hostname with port if applicable for queue storage in the primary location.
primary_table_endpoint str: The endpoint URL for table storage in the primary location.
primary_table_host str: The hostname with port if applicable for table storage in the primary location.
primary_table_microsoft_endpoint str: The microsoft routing endpoint URL for table storage in the primary location.
primary_table_microsoft_host str: The microsoft routing hostname with port if applicable for table storage in the primary location.
primary_web_endpoint str: The endpoint URL for web storage in the primary location.
primary_web_host str: The hostname with port if applicable for web storage in the primary location.
primary_web_internet_endpoint str: The internet routing endpoint URL for web storage in the primary location.
primary_web_internet_host str: The internet routing hostname with port if applicable for web storage in the primary location.
primary_web_microsoft_endpoint str: The microsoft routing endpoint URL for web storage in the primary location.
primary_web_microsoft_host str: The microsoft routing hostname with port if applicable for web storage in the primary location.
secondary_access_key str: The secondary access key for the storage account.
secondary_blob_connection_string str: The connection string associated with the secondary blob location.
secondary_blob_endpoint str: The endpoint URL for blob storage in the secondary location.
secondary_blob_host str: The hostname with port if applicable for blob storage in the secondary location.
secondary_blob_internet_endpoint str: The internet routing endpoint URL for blob storage in the secondary location.
secondary_blob_internet_host str: The internet routing hostname with port if applicable for blob storage in the secondary location.
secondary_blob_microsoft_endpoint str: The microsoft routing endpoint URL for blob storage in the secondary location.
secondary_blob_microsoft_host str: The microsoft routing hostname with port if applicable for blob storage in the secondary location.
secondary_connection_string str: The connection string associated with the secondary location.
secondary_dfs_endpoint str: The endpoint URL for DFS storage in the secondary location.
secondary_dfs_host str: The hostname with port if applicable for DFS storage in the secondary location.
secondary_dfs_internet_endpoint str: The internet routing endpoint URL for DFS storage in the secondary location.
secondary_dfs_internet_host str: The internet routing hostname with port if applicable for DFS storage in the secondary location.
secondary_dfs_microsoft_endpoint str: The microsoft routing endpoint URL for DFS storage in the secondary location.
secondary_dfs_microsoft_host str: The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
secondary_file_endpoint str: The endpoint URL for file storage in the secondary location.
secondary_file_host str: The hostname with port if applicable for file storage in the secondary location.
secondary_file_internet_endpoint str: The internet routing endpoint URL for file storage in the secondary location.
secondary_file_internet_host str: The internet routing hostname with port if applicable for file storage in the secondary location.
secondary_file_microsoft_endpoint str: The microsoft routing endpoint URL for file storage in the secondary location.
secondary_file_microsoft_host str: The microsoft routing hostname with port if applicable for file storage in the secondary location.
secondary_location str: The secondary location of the storage account.
secondary_queue_endpoint str: The endpoint URL for queue storage in the secondary location.
secondary_queue_host str: The hostname with port if applicable for queue storage in the secondary location.
secondary_queue_microsoft_endpoint str: The microsoft routing endpoint URL for queue storage in the secondary location.
secondary_queue_microsoft_host str: The microsoft routing hostname with port if applicable for queue storage in the secondary location.
secondary_table_endpoint str: The endpoint URL for table storage in the secondary location.
secondary_table_host str: The hostname with port if applicable for table storage in the secondary location.
secondary_table_microsoft_endpoint str: The microsoft routing endpoint URL for table storage in the secondary location.
secondary_table_microsoft_host str: The microsoft routing hostname with port if applicable for table storage in the secondary location.
secondary_web_endpoint str: The endpoint URL for web storage in the secondary location.
secondary_web_host str: The hostname with port if applicable for web storage in the secondary location.
secondary_web_internet_endpoint str: The internet routing endpoint URL for web storage in the secondary location.
secondary_web_internet_host str: The internet routing hostname with port if applicable for web storage in the secondary location.
secondary_web_microsoft_endpoint str: The microsoft routing endpoint URL for web storage in the secondary location.
secondary_web_microsoft_host str: The microsoft routing hostname with port if applicable for web storage in the secondary location.

id String: The provider-assigned unique ID for this managed resource.
primaryAccessKey String: The primary access key for the storage account.
primaryBlobConnectionString String: The connection string associated with the primary blob location.
primaryBlobEndpoint String: The endpoint URL for blob storage in the primary location.
primaryBlobHost String: The hostname with port if applicable for blob storage in the primary location.
primaryBlobInternetEndpoint String: The internet routing endpoint URL for blob storage in the primary location.
primaryBlobInternetHost String: The internet routing hostname with port if applicable for blob storage in the primary location.
primaryBlobMicrosoftEndpoint String: The microsoft routing endpoint URL for blob storage in the primary location.
primaryBlobMicrosoftHost String: The microsoft routing hostname with port if applicable for blob storage in the primary location.
primaryConnectionString String: The connection string associated with the primary location.
primaryDfsEndpoint String: The endpoint URL for DFS storage in the primary location.
primaryDfsHost String: The hostname with port if applicable for DFS storage in the primary location.
primaryDfsInternetEndpoint String: The internet routing endpoint URL for DFS storage in the primary location.
primaryDfsInternetHost String: The internet routing hostname with port if applicable for DFS storage in the primary location.
primaryDfsMicrosoftEndpoint String: The microsoft routing endpoint URL for DFS storage in the primary location.
primaryDfsMicrosoftHost String: The microsoft routing hostname with port if applicable for DFS storage in the primary location.
primaryFileEndpoint String: The endpoint URL for file storage in the primary location.
primaryFileHost String: The hostname with port if applicable for file storage in the primary location.
primaryFileInternetEndpoint String: The internet routing endpoint URL for file storage in the primary location.
primaryFileInternetHost String: The internet routing hostname with port if applicable for file storage in the primary location.
primaryFileMicrosoftEndpoint String: The microsoft routing endpoint URL for file storage in the primary location.
primaryFileMicrosoftHost String: The microsoft routing hostname with port if applicable for file storage in the primary location.
primaryLocation String: The primary location of the storage account.
primaryQueueEndpoint String: The endpoint URL for queue storage in the primary location.
primaryQueueHost String: The hostname with port if applicable for queue storage in the primary location.
primaryQueueMicrosoftEndpoint String: The microsoft routing endpoint URL for queue storage in the primary location.
primaryQueueMicrosoftHost String: The microsoft routing hostname with port if applicable for queue storage in the primary location.
primaryTableEndpoint String: The endpoint URL for table storage in the primary location.
primaryTableHost String: The hostname with port if applicable for table storage in the primary location.
primaryTableMicrosoftEndpoint String: The microsoft routing endpoint URL for table storage in the primary location.
primaryTableMicrosoftHost String: The microsoft routing hostname with port if applicable for table storage in the primary location.
primaryWebEndpoint String: The endpoint URL for web storage in the primary location.
primaryWebHost String: The hostname with port if applicable for web storage in the primary location.
primaryWebInternetEndpoint String: The internet routing endpoint URL for web storage in the primary location.
primaryWebInternetHost String: The internet routing hostname with port if applicable for web storage in the primary location.
primaryWebMicrosoftEndpoint String: The microsoft routing endpoint URL for web storage in the primary location.
primaryWebMicrosoftHost String: The microsoft routing hostname with port if applicable for web storage in the primary location.
secondaryAccessKey String: The secondary access key for the storage account.
secondaryBlobConnectionString String: The connection string associated with the secondary blob location.
secondaryBlobEndpoint String: The endpoint URL for blob storage in the secondary location.
secondaryBlobHost String: The hostname with port if applicable for blob storage in the secondary location.
secondaryBlobInternetEndpoint String: The internet routing endpoint URL for blob storage in the secondary location.
secondaryBlobInternetHost String: The internet routing hostname with port if applicable for blob storage in the secondary location.
secondaryBlobMicrosoftEndpoint String: The microsoft routing endpoint URL for blob storage in the secondary location.
secondaryBlobMicrosoftHost String: The microsoft routing hostname with port if applicable for blob storage in the secondary location.
secondaryConnectionString String: The connection string associated with the secondary location.
secondaryDfsEndpoint String: The endpoint URL for DFS storage in the secondary location.
secondaryDfsHost String: The hostname with port if applicable for DFS storage in the secondary location.
secondaryDfsInternetEndpoint String: The internet routing endpoint URL for DFS storage in the secondary location.
secondaryDfsInternetHost String: The internet routing hostname with port if applicable for DFS storage in the secondary location.
secondaryDfsMicrosoftEndpoint String: The microsoft routing endpoint URL for DFS storage in the secondary location.
secondaryDfsMicrosoftHost String: The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
secondaryFileEndpoint String: The endpoint URL for file storage in the secondary location.
secondaryFileHost String: The hostname with port if applicable for file storage in the secondary location.
secondaryFileInternetEndpoint String: The internet routing endpoint URL for file storage in the secondary location.
secondaryFileInternetHost String: The internet routing hostname with port if applicable for file storage in the secondary location.
secondaryFileMicrosoftEndpoint String: The microsoft routing endpoint URL for file storage in the secondary location.
secondaryFileMicrosoftHost String: The microsoft routing hostname with port if applicable for file storage in the secondary location.
secondaryLocation String: The secondary location of the storage account.
secondaryQueueEndpoint String: The endpoint URL for queue storage in the secondary location.
secondaryQueueHost String: The hostname with port if applicable for queue storage in the secondary location.
secondaryQueueMicrosoftEndpoint String: The microsoft routing endpoint URL for queue storage in the secondary location.
secondaryQueueMicrosoftHost String: The microsoft routing hostname with port if applicable for queue storage in the secondary location.
secondaryTableEndpoint String: The endpoint URL for table storage in the secondary location.
secondaryTableHost String: The hostname with port if applicable for table storage in the secondary location.
secondaryTableMicrosoftEndpoint String: The microsoft routing endpoint URL for table storage in the secondary location.
secondaryTableMicrosoftHost String: The microsoft routing hostname with port if applicable for table storage in the secondary location.
secondaryWebEndpoint String: The endpoint URL for web storage in the secondary location.
secondaryWebHost String: The hostname with port if applicable for web storage in the secondary location.
secondaryWebInternetEndpoint String: The internet routing endpoint URL for web storage in the secondary location.
secondaryWebInternetHost String: The internet routing hostname with port if applicable for web storage in the secondary location.
secondaryWebMicrosoftEndpoint String: The microsoft routing endpoint URL for web storage in the secondary location.
secondaryWebMicrosoftHost String: The microsoft routing hostname with port if applicable for web storage in the secondary location.

Look up Existing Account Resource

Get an existing Account resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AccountState, opts?: CustomResourceOptions): Account

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_tier: Optional[str] = None,
        account_kind: Optional[str] = None,
        account_replication_type: Optional[str] = None,
        account_tier: Optional[str] = None,
        allow_nested_items_to_be_public: Optional[bool] = None,
        allowed_copy_scope: Optional[str] = None,
        azure_files_authentication: Optional[AccountAzureFilesAuthenticationArgs] = None,
        blob_properties: Optional[AccountBlobPropertiesArgs] = None,
        cross_tenant_replication_enabled: Optional[bool] = None,
        custom_domain: Optional[AccountCustomDomainArgs] = None,
        customer_managed_key: Optional[AccountCustomerManagedKeyArgs] = None,
        default_to_oauth_authentication: Optional[bool] = None,
        dns_endpoint_type: Optional[str] = None,
        edge_zone: Optional[str] = None,
        https_traffic_only_enabled: Optional[bool] = None,
        identity: Optional[AccountIdentityArgs] = None,
        immutability_policy: Optional[AccountImmutabilityPolicyArgs] = None,
        infrastructure_encryption_enabled: Optional[bool] = None,
        is_hns_enabled: Optional[bool] = None,
        large_file_share_enabled: Optional[bool] = None,
        local_user_enabled: Optional[bool] = None,
        location: Optional[str] = None,
        min_tls_version: Optional[str] = None,
        name: Optional[str] = None,
        network_rules: Optional[AccountNetworkRulesArgs] = None,
        nfsv3_enabled: Optional[bool] = None,
        primary_access_key: Optional[str] = None,
        primary_blob_connection_string: Optional[str] = None,
        primary_blob_endpoint: Optional[str] = None,
        primary_blob_host: Optional[str] = None,
        primary_blob_internet_endpoint: Optional[str] = None,
        primary_blob_internet_host: Optional[str] = None,
        primary_blob_microsoft_endpoint: Optional[str] = None,
        primary_blob_microsoft_host: Optional[str] = None,
        primary_connection_string: Optional[str] = None,
        primary_dfs_endpoint: Optional[str] = None,
        primary_dfs_host: Optional[str] = None,
        primary_dfs_internet_endpoint: Optional[str] = None,
        primary_dfs_internet_host: Optional[str] = None,
        primary_dfs_microsoft_endpoint: Optional[str] = None,
        primary_dfs_microsoft_host: Optional[str] = None,
        primary_file_endpoint: Optional[str] = None,
        primary_file_host: Optional[str] = None,
        primary_file_internet_endpoint: Optional[str] = None,
        primary_file_internet_host: Optional[str] = None,
        primary_file_microsoft_endpoint: Optional[str] = None,
        primary_file_microsoft_host: Optional[str] = None,
        primary_location: Optional[str] = None,
        primary_queue_endpoint: Optional[str] = None,
        primary_queue_host: Optional[str] = None,
        primary_queue_microsoft_endpoint: Optional[str] = None,
        primary_queue_microsoft_host: Optional[str] = None,
        primary_table_endpoint: Optional[str] = None,
        primary_table_host: Optional[str] = None,
        primary_table_microsoft_endpoint: Optional[str] = None,
        primary_table_microsoft_host: Optional[str] = None,
        primary_web_endpoint: Optional[str] = None,
        primary_web_host: Optional[str] = None,
        primary_web_internet_endpoint: Optional[str] = None,
        primary_web_internet_host: Optional[str] = None,
        primary_web_microsoft_endpoint: Optional[str] = None,
        primary_web_microsoft_host: Optional[str] = None,
        public_network_access_enabled: Optional[bool] = None,
        queue_encryption_key_type: Optional[str] = None,
        queue_properties: Optional[AccountQueuePropertiesArgs] = None,
        resource_group_name: Optional[str] = None,
        routing: Optional[AccountRoutingArgs] = None,
        sas_policy: Optional[AccountSasPolicyArgs] = None,
        secondary_access_key: Optional[str] = None,
        secondary_blob_connection_string: Optional[str] = None,
        secondary_blob_endpoint: Optional[str] = None,
        secondary_blob_host: Optional[str] = None,
        secondary_blob_internet_endpoint: Optional[str] = None,
        secondary_blob_internet_host: Optional[str] = None,
        secondary_blob_microsoft_endpoint: Optional[str] = None,
        secondary_blob_microsoft_host: Optional[str] = None,
        secondary_connection_string: Optional[str] = None,
        secondary_dfs_endpoint: Optional[str] = None,
        secondary_dfs_host: Optional[str] = None,
        secondary_dfs_internet_endpoint: Optional[str] = None,
        secondary_dfs_internet_host: Optional[str] = None,
        secondary_dfs_microsoft_endpoint: Optional[str] = None,
        secondary_dfs_microsoft_host: Optional[str] = None,
        secondary_file_endpoint: Optional[str] = None,
        secondary_file_host: Optional[str] = None,
        secondary_file_internet_endpoint: Optional[str] = None,
        secondary_file_internet_host: Optional[str] = None,
        secondary_file_microsoft_endpoint: Optional[str] = None,
        secondary_file_microsoft_host: Optional[str] = None,
        secondary_location: Optional[str] = None,
        secondary_queue_endpoint: Optional[str] = None,
        secondary_queue_host: Optional[str] = None,
        secondary_queue_microsoft_endpoint: Optional[str] = None,
        secondary_queue_microsoft_host: Optional[str] = None,
        secondary_table_endpoint: Optional[str] = None,
        secondary_table_host: Optional[str] = None,
        secondary_table_microsoft_endpoint: Optional[str] = None,
        secondary_table_microsoft_host: Optional[str] = None,
        secondary_web_endpoint: Optional[str] = None,
        secondary_web_host: Optional[str] = None,
        secondary_web_internet_endpoint: Optional[str] = None,
        secondary_web_internet_host: Optional[str] = None,
        secondary_web_microsoft_endpoint: Optional[str] = None,
        secondary_web_microsoft_host: Optional[str] = None,
        sftp_enabled: Optional[bool] = None,
        share_properties: Optional[AccountSharePropertiesArgs] = None,
        shared_access_key_enabled: Optional[bool] = None,
        static_website: Optional[AccountStaticWebsiteArgs] = None,
        table_encryption_key_type: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None) -> Account

func GetAccount(ctx *Context, name string, id IDInput, state *AccountState, opts ...ResourceOption) (*Account, error)

public static Account Get(string name, Input<string> id, AccountState? state, CustomResourceOptions? opts = null)

public static Account get(String name, Output<String> id, AccountState state, CustomResourceOptions options)

resources:  _:    type: azure:storage:Account    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessTier string

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

AccountKind string

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

AccountReplicationType string

AccountTier string

Note: Blobs with a tier of Premium are of account kind StorageV2.

AllowNestedItemsToBePublic bool

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

AllowedCopyScope string

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

AzureFilesAuthentication AccountAzureFilesAuthentication

A azure_files_authentication block as defined below.

BlobProperties AccountBlobProperties

A blob_properties block as defined below.

CrossTenantReplicationEnabled bool

Should cross Tenant replication be enabled? Defaults to false.

CustomDomain AccountCustomDomain

A custom_domain block as documented below.

CustomerManagedKey AccountCustomerManagedKey

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

DefaultToOauthAuthentication bool

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

DnsEndpointType string

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

EdgeZone string

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

HttpsTrafficOnlyEnabled bool

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

Identity AccountIdentity

An identity block as defined below.

ImmutabilityPolicy AccountImmutabilityPolicy

An immutability_policy block as defined below. Changing this forces a new resource to be created.

InfrastructureEncryptionEnabled bool

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

IsHnsEnabled bool

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

LargeFileShareEnabled bool

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

LocalUserEnabled bool

Is Local User Enabled? Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

MinTlsVersion string

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

Name string

NetworkRules AccountNetworkRules

A network_rules block as documented below.

Nfsv3Enabled bool

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

PrimaryAccessKey string

The primary access key for the storage account.

PrimaryBlobConnectionString string

The connection string associated with the primary blob location.

PrimaryBlobEndpoint string

The endpoint URL for blob storage in the primary location.

PrimaryBlobHost string

The hostname with port if applicable for blob storage in the primary location.

PrimaryBlobInternetEndpoint string

The internet routing endpoint URL for blob storage in the primary location.

PrimaryBlobInternetHost string

The internet routing hostname with port if applicable for blob storage in the primary location.

PrimaryBlobMicrosoftEndpoint string

The microsoft routing endpoint URL for blob storage in the primary location.

PrimaryBlobMicrosoftHost string

The microsoft routing hostname with port if applicable for blob storage in the primary location.

PrimaryConnectionString string

The connection string associated with the primary location.

PrimaryDfsEndpoint string

The endpoint URL for DFS storage in the primary location.

PrimaryDfsHost string

The hostname with port if applicable for DFS storage in the primary location.

PrimaryDfsInternetEndpoint string

The internet routing endpoint URL for DFS storage in the primary location.

PrimaryDfsInternetHost string

The internet routing hostname with port if applicable for DFS storage in the primary location.

PrimaryDfsMicrosoftEndpoint string

The microsoft routing endpoint URL for DFS storage in the primary location.

PrimaryDfsMicrosoftHost string

The microsoft routing hostname with port if applicable for DFS storage in the primary location.

PrimaryFileEndpoint string

The endpoint URL for file storage in the primary location.

PrimaryFileHost string

The hostname with port if applicable for file storage in the primary location.

PrimaryFileInternetEndpoint string

The internet routing endpoint URL for file storage in the primary location.

PrimaryFileInternetHost string

The internet routing hostname with port if applicable for file storage in the primary location.

PrimaryFileMicrosoftEndpoint string

The microsoft routing endpoint URL for file storage in the primary location.

PrimaryFileMicrosoftHost string

The microsoft routing hostname with port if applicable for file storage in the primary location.

PrimaryLocation string

The primary location of the storage account.

PrimaryQueueEndpoint string

The endpoint URL for queue storage in the primary location.

PrimaryQueueHost string

The hostname with port if applicable for queue storage in the primary location.

PrimaryQueueMicrosoftEndpoint string

The microsoft routing endpoint URL for queue storage in the primary location.

PrimaryQueueMicrosoftHost string

The microsoft routing hostname with port if applicable for queue storage in the primary location.

PrimaryTableEndpoint string

The endpoint URL for table storage in the primary location.

PrimaryTableHost string

The hostname with port if applicable for table storage in the primary location.

PrimaryTableMicrosoftEndpoint string

The microsoft routing endpoint URL for table storage in the primary location.

PrimaryTableMicrosoftHost string

The microsoft routing hostname with port if applicable for table storage in the primary location.

PrimaryWebEndpoint string

The endpoint URL for web storage in the primary location.

PrimaryWebHost string

The hostname with port if applicable for web storage in the primary location.

PrimaryWebInternetEndpoint string

The internet routing endpoint URL for web storage in the primary location.

PrimaryWebInternetHost string

The internet routing hostname with port if applicable for web storage in the primary location.

PrimaryWebMicrosoftEndpoint string

The microsoft routing endpoint URL for web storage in the primary location.

PrimaryWebMicrosoftHost string

The microsoft routing hostname with port if applicable for web storage in the primary location.

PublicNetworkAccessEnabled bool

Whether the public network access is enabled? Defaults to true.

QueueEncryptionKeyType string

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

QueueProperties AccountQueueProperties

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

ResourceGroupName string

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

Routing AccountRouting

A routing block as defined below.

SasPolicy AccountSasPolicy

A sas_policy block as defined below.

SecondaryAccessKey string

The secondary access key for the storage account.

SecondaryBlobConnectionString string

The connection string associated with the secondary blob location.

SecondaryBlobEndpoint string

The endpoint URL for blob storage in the secondary location.

SecondaryBlobHost string

The hostname with port if applicable for blob storage in the secondary location.

SecondaryBlobInternetEndpoint string

The internet routing endpoint URL for blob storage in the secondary location.

SecondaryBlobInternetHost string

The internet routing hostname with port if applicable for blob storage in the secondary location.

SecondaryBlobMicrosoftEndpoint string

The microsoft routing endpoint URL for blob storage in the secondary location.

SecondaryBlobMicrosoftHost string

The microsoft routing hostname with port if applicable for blob storage in the secondary location.

SecondaryConnectionString string

The connection string associated with the secondary location.

SecondaryDfsEndpoint string

The endpoint URL for DFS storage in the secondary location.

SecondaryDfsHost string

The hostname with port if applicable for DFS storage in the secondary location.

SecondaryDfsInternetEndpoint string

The internet routing endpoint URL for DFS storage in the secondary location.

SecondaryDfsInternetHost string

The internet routing hostname with port if applicable for DFS storage in the secondary location.

SecondaryDfsMicrosoftEndpoint string

The microsoft routing endpoint URL for DFS storage in the secondary location.

SecondaryDfsMicrosoftHost string

The microsoft routing hostname with port if applicable for DFS storage in the secondary location.

SecondaryFileEndpoint string

The endpoint URL for file storage in the secondary location.

SecondaryFileHost string

The hostname with port if applicable for file storage in the secondary location.

SecondaryFileInternetEndpoint string

The internet routing endpoint URL for file storage in the secondary location.

SecondaryFileInternetHost string

The internet routing hostname with port if applicable for file storage in the secondary location.

SecondaryFileMicrosoftEndpoint string

The microsoft routing endpoint URL for file storage in the secondary location.

SecondaryFileMicrosoftHost string

The microsoft routing hostname with port if applicable for file storage in the secondary location.

SecondaryLocation string

The secondary location of the storage account.

SecondaryQueueEndpoint string

The endpoint URL for queue storage in the secondary location.

SecondaryQueueHost string

The hostname with port if applicable for queue storage in the secondary location.

SecondaryQueueMicrosoftEndpoint string

The microsoft routing endpoint URL for queue storage in the secondary location.

SecondaryQueueMicrosoftHost string

The microsoft routing hostname with port if applicable for queue storage in the secondary location.

SecondaryTableEndpoint string

The endpoint URL for table storage in the secondary location.

SecondaryTableHost string

The hostname with port if applicable for table storage in the secondary location.

SecondaryTableMicrosoftEndpoint string

The microsoft routing endpoint URL for table storage in the secondary location.

SecondaryTableMicrosoftHost string

The microsoft routing hostname with port if applicable for table storage in the secondary location.

SecondaryWebEndpoint string

The endpoint URL for web storage in the secondary location.

SecondaryWebHost string

The hostname with port if applicable for web storage in the secondary location.

SecondaryWebInternetEndpoint string

The internet routing endpoint URL for web storage in the secondary location.

SecondaryWebInternetHost string

The internet routing hostname with port if applicable for web storage in the secondary location.

SecondaryWebMicrosoftEndpoint string

The microsoft routing endpoint URL for web storage in the secondary location.

SecondaryWebMicrosoftHost string

The microsoft routing hostname with port if applicable for web storage in the secondary location.

SftpEnabled bool

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

ShareProperties AccountShareProperties

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

SharedAccessKeyEnabled bool

StaticWebsite AccountStaticWebsite

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

TableEncryptionKeyType string

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

Tags Dictionary<string, string>

A mapping of tags to assign to the resource.

AccessTier string

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

AccountKind string

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

AccountReplicationType string

AccountTier string

Note: Blobs with a tier of Premium are of account kind StorageV2.

AllowNestedItemsToBePublic bool

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

AllowedCopyScope string

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

AzureFilesAuthentication AccountAzureFilesAuthenticationArgs

A azure_files_authentication block as defined below.

BlobProperties AccountBlobPropertiesArgs

A blob_properties block as defined below.

CrossTenantReplicationEnabled bool

Should cross Tenant replication be enabled? Defaults to false.

CustomDomain AccountCustomDomainArgs

A custom_domain block as documented below.

CustomerManagedKey AccountCustomerManagedKeyArgs

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

DefaultToOauthAuthentication bool

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

DnsEndpointType string

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

EdgeZone string

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

HttpsTrafficOnlyEnabled bool

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

Identity AccountIdentityArgs

An identity block as defined below.

ImmutabilityPolicy AccountImmutabilityPolicyArgs

An immutability_policy block as defined below. Changing this forces a new resource to be created.

InfrastructureEncryptionEnabled bool

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

IsHnsEnabled bool

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

LargeFileShareEnabled bool

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

LocalUserEnabled bool

Is Local User Enabled? Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

MinTlsVersion string

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

Name string

NetworkRules AccountNetworkRulesTypeArgs

A network_rules block as documented below.

Nfsv3Enabled bool

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

PrimaryAccessKey string

The primary access key for the storage account.

PrimaryBlobConnectionString string

The connection string associated with the primary blob location.

PrimaryBlobEndpoint string

The endpoint URL for blob storage in the primary location.

PrimaryBlobHost string

The hostname with port if applicable for blob storage in the primary location.

PrimaryBlobInternetEndpoint string

The internet routing endpoint URL for blob storage in the primary location.

PrimaryBlobInternetHost string

The internet routing hostname with port if applicable for blob storage in the primary location.

PrimaryBlobMicrosoftEndpoint string

The microsoft routing endpoint URL for blob storage in the primary location.

PrimaryBlobMicrosoftHost string

The microsoft routing hostname with port if applicable for blob storage in the primary location.

PrimaryConnectionString string

The connection string associated with the primary location.

PrimaryDfsEndpoint string

The endpoint URL for DFS storage in the primary location.

PrimaryDfsHost string

The hostname with port if applicable for DFS storage in the primary location.

PrimaryDfsInternetEndpoint string

The internet routing endpoint URL for DFS storage in the primary location.

PrimaryDfsInternetHost string

The internet routing hostname with port if applicable for DFS storage in the primary location.

PrimaryDfsMicrosoftEndpoint string

The microsoft routing endpoint URL for DFS storage in the primary location.

PrimaryDfsMicrosoftHost string

The microsoft routing hostname with port if applicable for DFS storage in the primary location.

PrimaryFileEndpoint string

The endpoint URL for file storage in the primary location.

PrimaryFileHost string

The hostname with port if applicable for file storage in the primary location.

PrimaryFileInternetEndpoint string

The internet routing endpoint URL for file storage in the primary location.

PrimaryFileInternetHost string

The internet routing hostname with port if applicable for file storage in the primary location.

PrimaryFileMicrosoftEndpoint string

The microsoft routing endpoint URL for file storage in the primary location.

PrimaryFileMicrosoftHost string

The microsoft routing hostname with port if applicable for file storage in the primary location.

PrimaryLocation string

The primary location of the storage account.

PrimaryQueueEndpoint string

The endpoint URL for queue storage in the primary location.

PrimaryQueueHost string

The hostname with port if applicable for queue storage in the primary location.

PrimaryQueueMicrosoftEndpoint string

The microsoft routing endpoint URL for queue storage in the primary location.

PrimaryQueueMicrosoftHost string

The microsoft routing hostname with port if applicable for queue storage in the primary location.

PrimaryTableEndpoint string

The endpoint URL for table storage in the primary location.

PrimaryTableHost string

The hostname with port if applicable for table storage in the primary location.

PrimaryTableMicrosoftEndpoint string

The microsoft routing endpoint URL for table storage in the primary location.

PrimaryTableMicrosoftHost string

The microsoft routing hostname with port if applicable for table storage in the primary location.

PrimaryWebEndpoint string

The endpoint URL for web storage in the primary location.

PrimaryWebHost string

The hostname with port if applicable for web storage in the primary location.

PrimaryWebInternetEndpoint string

The internet routing endpoint URL for web storage in the primary location.

PrimaryWebInternetHost string

The internet routing hostname with port if applicable for web storage in the primary location.

PrimaryWebMicrosoftEndpoint string

The microsoft routing endpoint URL for web storage in the primary location.

PrimaryWebMicrosoftHost string

The microsoft routing hostname with port if applicable for web storage in the primary location.

PublicNetworkAccessEnabled bool

Whether the public network access is enabled? Defaults to true.

QueueEncryptionKeyType string

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

QueueProperties AccountQueuePropertiesTypeArgs

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

ResourceGroupName string

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

Routing AccountRoutingArgs

A routing block as defined below.

SasPolicy AccountSasPolicyArgs

A sas_policy block as defined below.

SecondaryAccessKey string

The secondary access key for the storage account.

SecondaryBlobConnectionString string

The connection string associated with the secondary blob location.

SecondaryBlobEndpoint string

The endpoint URL for blob storage in the secondary location.

SecondaryBlobHost string

The hostname with port if applicable for blob storage in the secondary location.

SecondaryBlobInternetEndpoint string

The internet routing endpoint URL for blob storage in the secondary location.

SecondaryBlobInternetHost string

The internet routing hostname with port if applicable for blob storage in the secondary location.

SecondaryBlobMicrosoftEndpoint string

The microsoft routing endpoint URL for blob storage in the secondary location.

SecondaryBlobMicrosoftHost string

The microsoft routing hostname with port if applicable for blob storage in the secondary location.

SecondaryConnectionString string

The connection string associated with the secondary location.

SecondaryDfsEndpoint string

The endpoint URL for DFS storage in the secondary location.

SecondaryDfsHost string

The hostname with port if applicable for DFS storage in the secondary location.

SecondaryDfsInternetEndpoint string

The internet routing endpoint URL for DFS storage in the secondary location.

SecondaryDfsInternetHost string

The internet routing hostname with port if applicable for DFS storage in the secondary location.

SecondaryDfsMicrosoftEndpoint string

The microsoft routing endpoint URL for DFS storage in the secondary location.

SecondaryDfsMicrosoftHost string

The microsoft routing hostname with port if applicable for DFS storage in the secondary location.

SecondaryFileEndpoint string

The endpoint URL for file storage in the secondary location.

SecondaryFileHost string

The hostname with port if applicable for file storage in the secondary location.

SecondaryFileInternetEndpoint string

The internet routing endpoint URL for file storage in the secondary location.

SecondaryFileInternetHost string

The internet routing hostname with port if applicable for file storage in the secondary location.

SecondaryFileMicrosoftEndpoint string

The microsoft routing endpoint URL for file storage in the secondary location.

SecondaryFileMicrosoftHost string

The microsoft routing hostname with port if applicable for file storage in the secondary location.

SecondaryLocation string

The secondary location of the storage account.

SecondaryQueueEndpoint string

The endpoint URL for queue storage in the secondary location.

SecondaryQueueHost string

The hostname with port if applicable for queue storage in the secondary location.

SecondaryQueueMicrosoftEndpoint string

The microsoft routing endpoint URL for queue storage in the secondary location.

SecondaryQueueMicrosoftHost string

The microsoft routing hostname with port if applicable for queue storage in the secondary location.

SecondaryTableEndpoint string

The endpoint URL for table storage in the secondary location.

SecondaryTableHost string

The hostname with port if applicable for table storage in the secondary location.

SecondaryTableMicrosoftEndpoint string

The microsoft routing endpoint URL for table storage in the secondary location.

SecondaryTableMicrosoftHost string

The microsoft routing hostname with port if applicable for table storage in the secondary location.

SecondaryWebEndpoint string

The endpoint URL for web storage in the secondary location.

SecondaryWebHost string

The hostname with port if applicable for web storage in the secondary location.

SecondaryWebInternetEndpoint string

The internet routing endpoint URL for web storage in the secondary location.

SecondaryWebInternetHost string

The internet routing hostname with port if applicable for web storage in the secondary location.

SecondaryWebMicrosoftEndpoint string

The microsoft routing endpoint URL for web storage in the secondary location.

SecondaryWebMicrosoftHost string

The microsoft routing hostname with port if applicable for web storage in the secondary location.

SftpEnabled bool

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

ShareProperties AccountSharePropertiesArgs

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

SharedAccessKeyEnabled bool

StaticWebsite AccountStaticWebsiteTypeArgs

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

TableEncryptionKeyType string

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

Tags map[string]string

A mapping of tags to assign to the resource.

accessTier String

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

accountKind String

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

accountReplicationType String

accountTier String

Note: Blobs with a tier of Premium are of account kind StorageV2.

allowNestedItemsToBePublic Boolean

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowedCopyScope String

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azureFilesAuthentication AccountAzureFilesAuthentication

A azure_files_authentication block as defined below.

blobProperties AccountBlobProperties

A blob_properties block as defined below.

crossTenantReplicationEnabled Boolean

Should cross Tenant replication be enabled? Defaults to false.

customDomain AccountCustomDomain

A custom_domain block as documented below.

customerManagedKey AccountCustomerManagedKey

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

defaultToOauthAuthentication Boolean

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dnsEndpointType String

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edgeZone String

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

httpsTrafficOnlyEnabled Boolean

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity AccountIdentity

An identity block as defined below.

immutabilityPolicy AccountImmutabilityPolicy

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructureEncryptionEnabled Boolean

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

isHnsEnabled Boolean

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

largeFileShareEnabled Boolean

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

localUserEnabled Boolean

Is Local User Enabled? Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

minTlsVersion String

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name String

networkRules AccountNetworkRules

A network_rules block as documented below.

nfsv3Enabled Boolean

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

primaryAccessKey String

The primary access key for the storage account.

primaryBlobConnectionString String

The connection string associated with the primary blob location.

primaryBlobEndpoint String

The endpoint URL for blob storage in the primary location.

primaryBlobHost String

The hostname with port if applicable for blob storage in the primary location.

primaryBlobInternetEndpoint String

The internet routing endpoint URL for blob storage in the primary location.

primaryBlobInternetHost String

The internet routing hostname with port if applicable for blob storage in the primary location.

primaryBlobMicrosoftEndpoint String

The microsoft routing endpoint URL for blob storage in the primary location.

primaryBlobMicrosoftHost String

The microsoft routing hostname with port if applicable for blob storage in the primary location.

primaryConnectionString String

The connection string associated with the primary location.

primaryDfsEndpoint String

The endpoint URL for DFS storage in the primary location.

primaryDfsHost String

The hostname with port if applicable for DFS storage in the primary location.

primaryDfsInternetEndpoint String

The internet routing endpoint URL for DFS storage in the primary location.

primaryDfsInternetHost String

The internet routing hostname with port if applicable for DFS storage in the primary location.

primaryDfsMicrosoftEndpoint String

The microsoft routing endpoint URL for DFS storage in the primary location.

primaryDfsMicrosoftHost String

The microsoft routing hostname with port if applicable for DFS storage in the primary location.

primaryFileEndpoint String

The endpoint URL for file storage in the primary location.

primaryFileHost String

The hostname with port if applicable for file storage in the primary location.

primaryFileInternetEndpoint String

The internet routing endpoint URL for file storage in the primary location.

primaryFileInternetHost String

The internet routing hostname with port if applicable for file storage in the primary location.

primaryFileMicrosoftEndpoint String

The microsoft routing endpoint URL for file storage in the primary location.

primaryFileMicrosoftHost String

The microsoft routing hostname with port if applicable for file storage in the primary location.

primaryLocation String

The primary location of the storage account.

primaryQueueEndpoint String

The endpoint URL for queue storage in the primary location.

primaryQueueHost String

The hostname with port if applicable for queue storage in the primary location.

primaryQueueMicrosoftEndpoint String

The microsoft routing endpoint URL for queue storage in the primary location.

primaryQueueMicrosoftHost String

The microsoft routing hostname with port if applicable for queue storage in the primary location.

primaryTableEndpoint String

The endpoint URL for table storage in the primary location.

primaryTableHost String

The hostname with port if applicable for table storage in the primary location.

primaryTableMicrosoftEndpoint String

The microsoft routing endpoint URL for table storage in the primary location.

primaryTableMicrosoftHost String

The microsoft routing hostname with port if applicable for table storage in the primary location.

primaryWebEndpoint String

The endpoint URL for web storage in the primary location.

primaryWebHost String

The hostname with port if applicable for web storage in the primary location.

primaryWebInternetEndpoint String

The internet routing endpoint URL for web storage in the primary location.

primaryWebInternetHost String

The internet routing hostname with port if applicable for web storage in the primary location.

primaryWebMicrosoftEndpoint String

The microsoft routing endpoint URL for web storage in the primary location.

primaryWebMicrosoftHost String

The microsoft routing hostname with port if applicable for web storage in the primary location.

publicNetworkAccessEnabled Boolean

Whether the public network access is enabled? Defaults to true.

queueEncryptionKeyType String

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queueProperties AccountQueueProperties

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

resourceGroupName String

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

routing AccountRouting

A routing block as defined below.

sasPolicy AccountSasPolicy

A sas_policy block as defined below.

secondaryAccessKey String

The secondary access key for the storage account.

secondaryBlobConnectionString String

The connection string associated with the secondary blob location.

secondaryBlobEndpoint String

The endpoint URL for blob storage in the secondary location.

secondaryBlobHost String

The hostname with port if applicable for blob storage in the secondary location.

secondaryBlobInternetEndpoint String

The internet routing endpoint URL for blob storage in the secondary location.

secondaryBlobInternetHost String

The internet routing hostname with port if applicable for blob storage in the secondary location.

secondaryBlobMicrosoftEndpoint String

The microsoft routing endpoint URL for blob storage in the secondary location.

secondaryBlobMicrosoftHost String

The microsoft routing hostname with port if applicable for blob storage in the secondary location.

secondaryConnectionString String

The connection string associated with the secondary location.

secondaryDfsEndpoint String

The endpoint URL for DFS storage in the secondary location.

secondaryDfsHost String

The hostname with port if applicable for DFS storage in the secondary location.

secondaryDfsInternetEndpoint String

The internet routing endpoint URL for DFS storage in the secondary location.

secondaryDfsInternetHost String

The internet routing hostname with port if applicable for DFS storage in the secondary location.

secondaryDfsMicrosoftEndpoint String

The microsoft routing endpoint URL for DFS storage in the secondary location.

secondaryDfsMicrosoftHost String

The microsoft routing hostname with port if applicable for DFS storage in the secondary location.

secondaryFileEndpoint String

The endpoint URL for file storage in the secondary location.

secondaryFileHost String

The hostname with port if applicable for file storage in the secondary location.

secondaryFileInternetEndpoint String

The internet routing endpoint URL for file storage in the secondary location.

secondaryFileInternetHost String

The internet routing hostname with port if applicable for file storage in the secondary location.

secondaryFileMicrosoftEndpoint String

The microsoft routing endpoint URL for file storage in the secondary location.

secondaryFileMicrosoftHost String

The microsoft routing hostname with port if applicable for file storage in the secondary location.

secondaryLocation String

The secondary location of the storage account.

secondaryQueueEndpoint String

The endpoint URL for queue storage in the secondary location.

secondaryQueueHost String

The hostname with port if applicable for queue storage in the secondary location.

secondaryQueueMicrosoftEndpoint String

The microsoft routing endpoint URL for queue storage in the secondary location.

secondaryQueueMicrosoftHost String

The microsoft routing hostname with port if applicable for queue storage in the secondary location.

secondaryTableEndpoint String

The endpoint URL for table storage in the secondary location.

secondaryTableHost String

The hostname with port if applicable for table storage in the secondary location.

secondaryTableMicrosoftEndpoint String

The microsoft routing endpoint URL for table storage in the secondary location.

secondaryTableMicrosoftHost String

The microsoft routing hostname with port if applicable for table storage in the secondary location.

secondaryWebEndpoint String

The endpoint URL for web storage in the secondary location.

secondaryWebHost String

The hostname with port if applicable for web storage in the secondary location.

secondaryWebInternetEndpoint String

The internet routing endpoint URL for web storage in the secondary location.

secondaryWebInternetHost String

The internet routing hostname with port if applicable for web storage in the secondary location.

secondaryWebMicrosoftEndpoint String

The microsoft routing endpoint URL for web storage in the secondary location.

secondaryWebMicrosoftHost String

The microsoft routing hostname with port if applicable for web storage in the secondary location.

sftpEnabled Boolean

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

shareProperties AccountShareProperties

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

sharedAccessKeyEnabled Boolean

staticWebsite AccountStaticWebsite

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

tableEncryptionKeyType String

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags Map<String,String>

A mapping of tags to assign to the resource.

accessTier string

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

accountKind string

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

accountReplicationType string

accountTier string

Note: Blobs with a tier of Premium are of account kind StorageV2.

allowNestedItemsToBePublic boolean

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowedCopyScope string

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azureFilesAuthentication AccountAzureFilesAuthentication

A azure_files_authentication block as defined below.

blobProperties AccountBlobProperties

A blob_properties block as defined below.

crossTenantReplicationEnabled boolean

Should cross Tenant replication be enabled? Defaults to false.

customDomain AccountCustomDomain

A custom_domain block as documented below.

customerManagedKey AccountCustomerManagedKey

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

defaultToOauthAuthentication boolean

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dnsEndpointType string

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edgeZone string

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

httpsTrafficOnlyEnabled boolean

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity AccountIdentity

An identity block as defined below.

immutabilityPolicy AccountImmutabilityPolicy

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructureEncryptionEnabled boolean

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

isHnsEnabled boolean

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

largeFileShareEnabled boolean

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

localUserEnabled boolean

Is Local User Enabled? Defaults to true.

location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

minTlsVersion string

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name string

networkRules AccountNetworkRules

A network_rules block as documented below.

nfsv3Enabled boolean

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

primaryAccessKey string

The primary access key for the storage account.

primaryBlobConnectionString string

The connection string associated with the primary blob location.

primaryBlobEndpoint string

The endpoint URL for blob storage in the primary location.

primaryBlobHost string

The hostname with port if applicable for blob storage in the primary location.

primaryBlobInternetEndpoint string

The internet routing endpoint URL for blob storage in the primary location.

primaryBlobInternetHost string

The internet routing hostname with port if applicable for blob storage in the primary location.

primaryBlobMicrosoftEndpoint string

The microsoft routing endpoint URL for blob storage in the primary location.

primaryBlobMicrosoftHost string

The microsoft routing hostname with port if applicable for blob storage in the primary location.

primaryConnectionString string

The connection string associated with the primary location.

primaryDfsEndpoint string

The endpoint URL for DFS storage in the primary location.

primaryDfsHost string

The hostname with port if applicable for DFS storage in the primary location.

primaryDfsInternetEndpoint string

The internet routing endpoint URL for DFS storage in the primary location.

primaryDfsInternetHost string

The internet routing hostname with port if applicable for DFS storage in the primary location.

primaryDfsMicrosoftEndpoint string

The microsoft routing endpoint URL for DFS storage in the primary location.

primaryDfsMicrosoftHost string

The microsoft routing hostname with port if applicable for DFS storage in the primary location.

primaryFileEndpoint string

The endpoint URL for file storage in the primary location.

primaryFileHost string

The hostname with port if applicable for file storage in the primary location.

primaryFileInternetEndpoint string

The internet routing endpoint URL for file storage in the primary location.

primaryFileInternetHost string

The internet routing hostname with port if applicable for file storage in the primary location.

primaryFileMicrosoftEndpoint string

The microsoft routing endpoint URL for file storage in the primary location.

primaryFileMicrosoftHost string

The microsoft routing hostname with port if applicable for file storage in the primary location.

primaryLocation string

The primary location of the storage account.

primaryQueueEndpoint string

The endpoint URL for queue storage in the primary location.

primaryQueueHost string

The hostname with port if applicable for queue storage in the primary location.

primaryQueueMicrosoftEndpoint string

The microsoft routing endpoint URL for queue storage in the primary location.

primaryQueueMicrosoftHost string

The microsoft routing hostname with port if applicable for queue storage in the primary location.

primaryTableEndpoint string

The endpoint URL for table storage in the primary location.

primaryTableHost string

The hostname with port if applicable for table storage in the primary location.

primaryTableMicrosoftEndpoint string

The microsoft routing endpoint URL for table storage in the primary location.

primaryTableMicrosoftHost string

The microsoft routing hostname with port if applicable for table storage in the primary location.

primaryWebEndpoint string

The endpoint URL for web storage in the primary location.

primaryWebHost string

The hostname with port if applicable for web storage in the primary location.

primaryWebInternetEndpoint string

The internet routing endpoint URL for web storage in the primary location.

primaryWebInternetHost string

The internet routing hostname with port if applicable for web storage in the primary location.

primaryWebMicrosoftEndpoint string

The microsoft routing endpoint URL for web storage in the primary location.

primaryWebMicrosoftHost string

The microsoft routing hostname with port if applicable for web storage in the primary location.

publicNetworkAccessEnabled boolean

Whether the public network access is enabled? Defaults to true.

queueEncryptionKeyType string

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queueProperties AccountQueueProperties

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

resourceGroupName string

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

routing AccountRouting

A routing block as defined below.

sasPolicy AccountSasPolicy

A sas_policy block as defined below.

secondaryAccessKey string

The secondary access key for the storage account.

secondaryBlobConnectionString string

The connection string associated with the secondary blob location.

secondaryBlobEndpoint string

The endpoint URL for blob storage in the secondary location.

secondaryBlobHost string

The hostname with port if applicable for blob storage in the secondary location.

secondaryBlobInternetEndpoint string

The internet routing endpoint URL for blob storage in the secondary location.

secondaryBlobInternetHost string

The internet routing hostname with port if applicable for blob storage in the secondary location.

secondaryBlobMicrosoftEndpoint string

The microsoft routing endpoint URL for blob storage in the secondary location.

secondaryBlobMicrosoftHost string

The microsoft routing hostname with port if applicable for blob storage in the secondary location.

secondaryConnectionString string

The connection string associated with the secondary location.

secondaryDfsEndpoint string

The endpoint URL for DFS storage in the secondary location.

secondaryDfsHost string

The hostname with port if applicable for DFS storage in the secondary location.

secondaryDfsInternetEndpoint string

The internet routing endpoint URL for DFS storage in the secondary location.

secondaryDfsInternetHost string

The internet routing hostname with port if applicable for DFS storage in the secondary location.

secondaryDfsMicrosoftEndpoint string

The microsoft routing endpoint URL for DFS storage in the secondary location.

secondaryDfsMicrosoftHost string

The microsoft routing hostname with port if applicable for DFS storage in the secondary location.

secondaryFileEndpoint string

The endpoint URL for file storage in the secondary location.

secondaryFileHost string

The hostname with port if applicable for file storage in the secondary location.

secondaryFileInternetEndpoint string

The internet routing endpoint URL for file storage in the secondary location.

secondaryFileInternetHost string

The internet routing hostname with port if applicable for file storage in the secondary location.

secondaryFileMicrosoftEndpoint string

The microsoft routing endpoint URL for file storage in the secondary location.

secondaryFileMicrosoftHost string

The microsoft routing hostname with port if applicable for file storage in the secondary location.

secondaryLocation string

The secondary location of the storage account.

secondaryQueueEndpoint string

The endpoint URL for queue storage in the secondary location.

secondaryQueueHost string

The hostname with port if applicable for queue storage in the secondary location.

secondaryQueueMicrosoftEndpoint string

The microsoft routing endpoint URL for queue storage in the secondary location.

secondaryQueueMicrosoftHost string

The microsoft routing hostname with port if applicable for queue storage in the secondary location.

secondaryTableEndpoint string

The endpoint URL for table storage in the secondary location.

secondaryTableHost string

The hostname with port if applicable for table storage in the secondary location.

secondaryTableMicrosoftEndpoint string

The microsoft routing endpoint URL for table storage in the secondary location.

secondaryTableMicrosoftHost string

The microsoft routing hostname with port if applicable for table storage in the secondary location.

secondaryWebEndpoint string

The endpoint URL for web storage in the secondary location.

secondaryWebHost string

The hostname with port if applicable for web storage in the secondary location.

secondaryWebInternetEndpoint string

The internet routing endpoint URL for web storage in the secondary location.

secondaryWebInternetHost string

The internet routing hostname with port if applicable for web storage in the secondary location.

secondaryWebMicrosoftEndpoint string

The microsoft routing endpoint URL for web storage in the secondary location.

secondaryWebMicrosoftHost string

The microsoft routing hostname with port if applicable for web storage in the secondary location.

sftpEnabled boolean

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

shareProperties AccountShareProperties

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

sharedAccessKeyEnabled boolean

staticWebsite AccountStaticWebsite

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

tableEncryptionKeyType string

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags {[key: string]: string}

A mapping of tags to assign to the resource.

access_tier str

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

account_kind str

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

account_replication_type str

account_tier str

Note: Blobs with a tier of Premium are of account kind StorageV2.

allow_nested_items_to_be_public bool

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowed_copy_scope str

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azure_files_authentication AccountAzureFilesAuthenticationArgs

A azure_files_authentication block as defined below.

blob_properties AccountBlobPropertiesArgs

A blob_properties block as defined below.

cross_tenant_replication_enabled bool

Should cross Tenant replication be enabled? Defaults to false.

custom_domain AccountCustomDomainArgs

A custom_domain block as documented below.

customer_managed_key AccountCustomerManagedKeyArgs

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

default_to_oauth_authentication bool

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dns_endpoint_type str

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edge_zone str

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

https_traffic_only_enabled bool

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity AccountIdentityArgs

An identity block as defined below.

immutability_policy AccountImmutabilityPolicyArgs

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructure_encryption_enabled bool

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

is_hns_enabled bool

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

large_file_share_enabled bool

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

local_user_enabled bool

Is Local User Enabled? Defaults to true.

location str

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

min_tls_version str

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name str

network_rules AccountNetworkRulesArgs

A network_rules block as documented below.

nfsv3_enabled bool

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

primary_access_key str

The primary access key for the storage account.

primary_blob_connection_string str

The connection string associated with the primary blob location.

primary_blob_endpoint str

The endpoint URL for blob storage in the primary location.

primary_blob_host str

The hostname with port if applicable for blob storage in the primary location.

primary_blob_internet_endpoint str

The internet routing endpoint URL for blob storage in the primary location.

primary_blob_internet_host str

The internet routing hostname with port if applicable for blob storage in the primary location.

primary_blob_microsoft_endpoint str

The microsoft routing endpoint URL for blob storage in the primary location.

primary_blob_microsoft_host str

The microsoft routing hostname with port if applicable for blob storage in the primary location.

primary_connection_string str

The connection string associated with the primary location.

primary_dfs_endpoint str

The endpoint URL for DFS storage in the primary location.

primary_dfs_host str

The hostname with port if applicable for DFS storage in the primary location.

primary_dfs_internet_endpoint str

The internet routing endpoint URL for DFS storage in the primary location.

primary_dfs_internet_host str

The internet routing hostname with port if applicable for DFS storage in the primary location.

primary_dfs_microsoft_endpoint str

The microsoft routing endpoint URL for DFS storage in the primary location.

primary_dfs_microsoft_host str

The microsoft routing hostname with port if applicable for DFS storage in the primary location.

primary_file_endpoint str

The endpoint URL for file storage in the primary location.

primary_file_host str

The hostname with port if applicable for file storage in the primary location.

primary_file_internet_endpoint str

The internet routing endpoint URL for file storage in the primary location.

primary_file_internet_host str

The internet routing hostname with port if applicable for file storage in the primary location.

primary_file_microsoft_endpoint str

The microsoft routing endpoint URL for file storage in the primary location.

primary_file_microsoft_host str

The microsoft routing hostname with port if applicable for file storage in the primary location.

primary_location str

The primary location of the storage account.

primary_queue_endpoint str

The endpoint URL for queue storage in the primary location.

primary_queue_host str

The hostname with port if applicable for queue storage in the primary location.

primary_queue_microsoft_endpoint str

The microsoft routing endpoint URL for queue storage in the primary location.

primary_queue_microsoft_host str

The microsoft routing hostname with port if applicable for queue storage in the primary location.

primary_table_endpoint str

The endpoint URL for table storage in the primary location.

primary_table_host str

The hostname with port if applicable for table storage in the primary location.

primary_table_microsoft_endpoint str

The microsoft routing endpoint URL for table storage in the primary location.

primary_table_microsoft_host str

The microsoft routing hostname with port if applicable for table storage in the primary location.

primary_web_endpoint str

The endpoint URL for web storage in the primary location.

primary_web_host str

The hostname with port if applicable for web storage in the primary location.

primary_web_internet_endpoint str

The internet routing endpoint URL for web storage in the primary location.

primary_web_internet_host str

The internet routing hostname with port if applicable for web storage in the primary location.

primary_web_microsoft_endpoint str

The microsoft routing endpoint URL for web storage in the primary location.

primary_web_microsoft_host str

The microsoft routing hostname with port if applicable for web storage in the primary location.

public_network_access_enabled bool

Whether the public network access is enabled? Defaults to true.

queue_encryption_key_type str

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queue_properties AccountQueuePropertiesArgs

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

resource_group_name str

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

routing AccountRoutingArgs

A routing block as defined below.

sas_policy AccountSasPolicyArgs

A sas_policy block as defined below.

secondary_access_key str

The secondary access key for the storage account.

secondary_blob_connection_string str

The connection string associated with the secondary blob location.

secondary_blob_endpoint str

The endpoint URL for blob storage in the secondary location.

secondary_blob_host str

The hostname with port if applicable for blob storage in the secondary location.

secondary_blob_internet_endpoint str

The internet routing endpoint URL for blob storage in the secondary location.

secondary_blob_internet_host str

The internet routing hostname with port if applicable for blob storage in the secondary location.

secondary_blob_microsoft_endpoint str

The microsoft routing endpoint URL for blob storage in the secondary location.

secondary_blob_microsoft_host str

The microsoft routing hostname with port if applicable for blob storage in the secondary location.

secondary_connection_string str

The connection string associated with the secondary location.

secondary_dfs_endpoint str

The endpoint URL for DFS storage in the secondary location.

secondary_dfs_host str

The hostname with port if applicable for DFS storage in the secondary location.

secondary_dfs_internet_endpoint str

The internet routing endpoint URL for DFS storage in the secondary location.

secondary_dfs_internet_host str

The internet routing hostname with port if applicable for DFS storage in the secondary location.

secondary_dfs_microsoft_endpoint str

The microsoft routing endpoint URL for DFS storage in the secondary location.

secondary_dfs_microsoft_host str

The microsoft routing hostname with port if applicable for DFS storage in the secondary location.

secondary_file_endpoint str

The endpoint URL for file storage in the secondary location.

secondary_file_host str

The hostname with port if applicable for file storage in the secondary location.

secondary_file_internet_endpoint str

The internet routing endpoint URL for file storage in the secondary location.

secondary_file_internet_host str

The internet routing hostname with port if applicable for file storage in the secondary location.

secondary_file_microsoft_endpoint str

The microsoft routing endpoint URL for file storage in the secondary location.

secondary_file_microsoft_host str

The microsoft routing hostname with port if applicable for file storage in the secondary location.

secondary_location str

The secondary location of the storage account.

secondary_queue_endpoint str

The endpoint URL for queue storage in the secondary location.

secondary_queue_host str

The hostname with port if applicable for queue storage in the secondary location.

secondary_queue_microsoft_endpoint str

The microsoft routing endpoint URL for queue storage in the secondary location.

secondary_queue_microsoft_host str

The microsoft routing hostname with port if applicable for queue storage in the secondary location.

secondary_table_endpoint str

The endpoint URL for table storage in the secondary location.

secondary_table_host str

The hostname with port if applicable for table storage in the secondary location.

secondary_table_microsoft_endpoint str

The microsoft routing endpoint URL for table storage in the secondary location.

secondary_table_microsoft_host str

The microsoft routing hostname with port if applicable for table storage in the secondary location.

secondary_web_endpoint str

The endpoint URL for web storage in the secondary location.

secondary_web_host str

The hostname with port if applicable for web storage in the secondary location.

secondary_web_internet_endpoint str

The internet routing endpoint URL for web storage in the secondary location.

secondary_web_internet_host str

The internet routing hostname with port if applicable for web storage in the secondary location.

secondary_web_microsoft_endpoint str

The microsoft routing endpoint URL for web storage in the secondary location.

secondary_web_microsoft_host str

The microsoft routing hostname with port if applicable for web storage in the secondary location.

sftp_enabled bool

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

share_properties AccountSharePropertiesArgs

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

shared_access_key_enabled bool

static_website AccountStaticWebsiteArgs

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

table_encryption_key_type str

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags Mapping[str, str]

A mapping of tags to assign to the resource.

accessTier String

Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium. Defaults to Hot.

accountKind String

Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2.

Note: Changing the account_kind value from Storage to StorageV2 will not trigger a force new on the storage account, it will only upgrade the existing storage account from Storage to StorageV2 keeping the existing storage account in place.

accountReplicationType String

accountTier String

Note: Blobs with a tier of Premium are of account kind StorageV2.

allowNestedItemsToBePublic Boolean

Allow or disallow nested items within this Account to opt into being public. Defaults to true.

Note: At this time allow_nested_items_to_be_public is only supported in the Public Cloud, China Cloud, and US Government Cloud.

allowedCopyScope String

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AAD and PrivateLink.

azureFilesAuthentication Property Map

A azure_files_authentication block as defined below.

blobProperties Property Map

A blob_properties block as defined below.

crossTenantReplicationEnabled Boolean

Should cross Tenant replication be enabled? Defaults to false.

customDomain Property Map

A custom_domain block as documented below.

customerManagedKey Property Map

A customer_managed_key block as documented below.

Note: It's possible to define a Customer Managed Key both within either the customer_managed_key block or by using the azure.storage.CustomerManagedKey resource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the azure.storage.CustomerManagedKey resource, you will need to use ignore_changes on the customer_managed_key block.

defaultToOauthAuthentication Boolean

Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false

dnsEndpointType String

Specifies which DNS endpoint type to use. Possible values are Standard and AzureDnsZone. Defaults to Standard. Changing this forces a new resource to be created.

Note: Azure DNS zone support requires PartitionedDns feature to be enabled. To enable this feature for your subscription, use the following command: az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".

edgeZone String

Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.

httpsTrafficOnlyEnabled Boolean

Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.

identity Property Map

An identity block as defined below.

immutabilityPolicy Property Map

An immutability_policy block as defined below. Changing this forces a new resource to be created.

infrastructureEncryptionEnabled Boolean

Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.

isHnsEnabled Boolean

Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created.

Note: This can only be true when account_tier is Standard or when account_tier is Premium and account_kind is BlockBlobStorage

largeFileShareEnabled Boolean

Are Large File Shares Enabled? Defaults to false.

Note: Large File Shares are enabled by default when using an account_kind of FileStorage.

localUserEnabled Boolean

Is Local User Enabled? Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

minTlsVersion String

The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2 for new storage accounts.

NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more.

Note: At this time min_tls_version is only supported in the Public Cloud, China Cloud, and US Government Cloud.

name String

networkRules Property Map

A network_rules block as documented below.

nfsv3Enabled Boolean

Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to false.

Note: This can only be true when account_tier is Standard and account_kind is StorageV2, or account_tier is Premium and account_kind is BlockBlobStorage. Additionally, the is_hns_enabled is true and account_replication_type must be LRS or RAGRS.

primaryAccessKey String

The primary access key for the storage account.

primaryBlobConnectionString String

The connection string associated with the primary blob location.

primaryBlobEndpoint String

The endpoint URL for blob storage in the primary location.

primaryBlobHost String

The hostname with port if applicable for blob storage in the primary location.

primaryBlobInternetEndpoint String

The internet routing endpoint URL for blob storage in the primary location.

primaryBlobInternetHost String

The internet routing hostname with port if applicable for blob storage in the primary location.

primaryBlobMicrosoftEndpoint String

The microsoft routing endpoint URL for blob storage in the primary location.

primaryBlobMicrosoftHost String

The microsoft routing hostname with port if applicable for blob storage in the primary location.

primaryConnectionString String

The connection string associated with the primary location.

primaryDfsEndpoint String

The endpoint URL for DFS storage in the primary location.

primaryDfsHost String

The hostname with port if applicable for DFS storage in the primary location.

primaryDfsInternetEndpoint String

The internet routing endpoint URL for DFS storage in the primary location.

primaryDfsInternetHost String

The internet routing hostname with port if applicable for DFS storage in the primary location.

primaryDfsMicrosoftEndpoint String

The microsoft routing endpoint URL for DFS storage in the primary location.

primaryDfsMicrosoftHost String

The microsoft routing hostname with port if applicable for DFS storage in the primary location.

primaryFileEndpoint String

The endpoint URL for file storage in the primary location.

primaryFileHost String

The hostname with port if applicable for file storage in the primary location.

primaryFileInternetEndpoint String

The internet routing endpoint URL for file storage in the primary location.

primaryFileInternetHost String

The internet routing hostname with port if applicable for file storage in the primary location.

primaryFileMicrosoftEndpoint String

The microsoft routing endpoint URL for file storage in the primary location.

primaryFileMicrosoftHost String

The microsoft routing hostname with port if applicable for file storage in the primary location.

primaryLocation String

The primary location of the storage account.

primaryQueueEndpoint String

The endpoint URL for queue storage in the primary location.

primaryQueueHost String

The hostname with port if applicable for queue storage in the primary location.

primaryQueueMicrosoftEndpoint String

The microsoft routing endpoint URL for queue storage in the primary location.

primaryQueueMicrosoftHost String

The microsoft routing hostname with port if applicable for queue storage in the primary location.

primaryTableEndpoint String

The endpoint URL for table storage in the primary location.

primaryTableHost String

The hostname with port if applicable for table storage in the primary location.

primaryTableMicrosoftEndpoint String

The microsoft routing endpoint URL for table storage in the primary location.

primaryTableMicrosoftHost String

The microsoft routing hostname with port if applicable for table storage in the primary location.

primaryWebEndpoint String

The endpoint URL for web storage in the primary location.

primaryWebHost String

The hostname with port if applicable for web storage in the primary location.

primaryWebInternetEndpoint String

The internet routing endpoint URL for web storage in the primary location.

primaryWebInternetHost String

The internet routing hostname with port if applicable for web storage in the primary location.

primaryWebMicrosoftEndpoint String

The microsoft routing endpoint URL for web storage in the primary location.

primaryWebMicrosoftHost String

The microsoft routing hostname with port if applicable for web storage in the primary location.

publicNetworkAccessEnabled Boolean

Whether the public network access is enabled? Defaults to true.

queueEncryptionKeyType String

The encryption type of the queue service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

queueProperties Property Map

A queue_properties block as defined below.

Note: queue_properties can only be configured when account_tier is set to Standard and account_kind is set to either Storage or StorageV2.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountQueueProperties resource and will be removed in v5.0 of the AzureRM provider

resourceGroupName String

The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.

routing Property Map

A routing block as defined below.

sasPolicy Property Map

A sas_policy block as defined below.

secondaryAccessKey String

The secondary access key for the storage account.

secondaryBlobConnectionString String

The connection string associated with the secondary blob location.

secondaryBlobEndpoint String

The endpoint URL for blob storage in the secondary location.

secondaryBlobHost String

The hostname with port if applicable for blob storage in the secondary location.

secondaryBlobInternetEndpoint String

The internet routing endpoint URL for blob storage in the secondary location.

secondaryBlobInternetHost String

The internet routing hostname with port if applicable for blob storage in the secondary location.

secondaryBlobMicrosoftEndpoint String

The microsoft routing endpoint URL for blob storage in the secondary location.

secondaryBlobMicrosoftHost String

The microsoft routing hostname with port if applicable for blob storage in the secondary location.

secondaryConnectionString String

The connection string associated with the secondary location.

secondaryDfsEndpoint String

The endpoint URL for DFS storage in the secondary location.

secondaryDfsHost String

The hostname with port if applicable for DFS storage in the secondary location.

secondaryDfsInternetEndpoint String

The internet routing endpoint URL for DFS storage in the secondary location.

secondaryDfsInternetHost String

The internet routing hostname with port if applicable for DFS storage in the secondary location.

secondaryDfsMicrosoftEndpoint String

The microsoft routing endpoint URL for DFS storage in the secondary location.

secondaryDfsMicrosoftHost String

The microsoft routing hostname with port if applicable for DFS storage in the secondary location.

secondaryFileEndpoint String

The endpoint URL for file storage in the secondary location.

secondaryFileHost String

The hostname with port if applicable for file storage in the secondary location.

secondaryFileInternetEndpoint String

The internet routing endpoint URL for file storage in the secondary location.

secondaryFileInternetHost String

The internet routing hostname with port if applicable for file storage in the secondary location.

secondaryFileMicrosoftEndpoint String

The microsoft routing endpoint URL for file storage in the secondary location.

secondaryFileMicrosoftHost String

The microsoft routing hostname with port if applicable for file storage in the secondary location.

secondaryLocation String

The secondary location of the storage account.

secondaryQueueEndpoint String

The endpoint URL for queue storage in the secondary location.

secondaryQueueHost String

The hostname with port if applicable for queue storage in the secondary location.

secondaryQueueMicrosoftEndpoint String

The microsoft routing endpoint URL for queue storage in the secondary location.

secondaryQueueMicrosoftHost String

The microsoft routing hostname with port if applicable for queue storage in the secondary location.

secondaryTableEndpoint String

The endpoint URL for table storage in the secondary location.

secondaryTableHost String

The hostname with port if applicable for table storage in the secondary location.

secondaryTableMicrosoftEndpoint String

The microsoft routing endpoint URL for table storage in the secondary location.

secondaryTableMicrosoftHost String

The microsoft routing hostname with port if applicable for table storage in the secondary location.

secondaryWebEndpoint String

The endpoint URL for web storage in the secondary location.

secondaryWebHost String

The hostname with port if applicable for web storage in the secondary location.

secondaryWebInternetEndpoint String

The internet routing endpoint URL for web storage in the secondary location.

secondaryWebInternetHost String

The internet routing hostname with port if applicable for web storage in the secondary location.

secondaryWebMicrosoftEndpoint String

The microsoft routing endpoint URL for web storage in the secondary location.

secondaryWebMicrosoftHost String

The microsoft routing hostname with port if applicable for web storage in the secondary location.

sftpEnabled Boolean

Boolean, enable SFTP for the storage account

Note: SFTP support requires is_hns_enabled set to true. More information on SFTP support can be found here. Defaults to false

shareProperties Property Map

A share_properties block as defined below.

Note: share_properties can only be configured when either account_tier is Standard and account_kind is either Storage or StorageV2 - or when account_tier is Premium and account_kind is FileStorage.

sharedAccessKeyEnabled Boolean

staticWebsite Property Map

A static_website block as defined below.

Note: static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage.

Note: If static_website is specified, the service will automatically create a azure.storage.Container named $web.

Deprecated: this block has been deprecated and superseded by the azure.storage.AccountStaticWebsite resource and will be removed in v5.0 of the AzureRM provider

tableEncryptionKeyType String

The encryption type of the table service. Possible values are Service and Account. Changing this forces a new resource to be created. Default value is Service.

Note: queue_encryption_key_type and table_encryption_key_type cannot be set to Account when account_kind is set Storage

tags Map<String>

A mapping of tags to assign to the resource.

Supporting Types

AccountAzureFilesAuthentication, AccountAzureFilesAuthenticationArgs

DirectoryType string: Specifies the directory service used. Possible values are AADDS, AD and AADKERB.
ActiveDirectory AccountAzureFilesAuthenticationActiveDirectory: A active_directory block as defined below. Required when directory_type is AD.
DefaultShareLevelPermission string: Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader, StorageFileDataSmbShareContributor, StorageFileDataSmbShareElevatedContributor, or None.

DirectoryType string: Specifies the directory service used. Possible values are AADDS, AD and AADKERB.
ActiveDirectory AccountAzureFilesAuthenticationActiveDirectory: A active_directory block as defined below. Required when directory_type is AD.
DefaultShareLevelPermission string: Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader, StorageFileDataSmbShareContributor, StorageFileDataSmbShareElevatedContributor, or None.

directoryType String: Specifies the directory service used. Possible values are AADDS, AD and AADKERB.
activeDirectory AccountAzureFilesAuthenticationActiveDirectory: A active_directory block as defined below. Required when directory_type is AD.
defaultShareLevelPermission String: Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader, StorageFileDataSmbShareContributor, StorageFileDataSmbShareElevatedContributor, or None.

directoryType string: Specifies the directory service used. Possible values are AADDS, AD and AADKERB.
activeDirectory AccountAzureFilesAuthenticationActiveDirectory: A active_directory block as defined below. Required when directory_type is AD.
defaultShareLevelPermission string: Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader, StorageFileDataSmbShareContributor, StorageFileDataSmbShareElevatedContributor, or None.

directory_type str: Specifies the directory service used. Possible values are AADDS, AD and AADKERB.
active_directory AccountAzureFilesAuthenticationActiveDirectory: A active_directory block as defined below. Required when directory_type is AD.
default_share_level_permission str: Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader, StorageFileDataSmbShareContributor, StorageFileDataSmbShareElevatedContributor, or None.

directoryType String: Specifies the directory service used. Possible values are AADDS, AD and AADKERB.
activeDirectory Property Map: A active_directory block as defined below. Required when directory_type is AD.
defaultShareLevelPermission String: Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader, StorageFileDataSmbShareContributor, StorageFileDataSmbShareElevatedContributor, or None.

AccountAzureFilesAuthenticationActiveDirectory, AccountAzureFilesAuthenticationActiveDirectoryArgs

DomainGuid string: Specifies the domain GUID.
DomainName string: Specifies the primary domain that the AD DNS server is authoritative for.
DomainSid string: Specifies the security identifier (SID). This is required when directory_type is set to AD.
ForestName string: Specifies the Active Directory forest. This is required when directory_type is set to AD.
NetbiosDomainName string: Specifies the NetBIOS domain name. This is required when directory_type is set to AD.
StorageSid string: Specifies the security identifier (SID) for Azure Storage. This is required when directory_type is set to AD.

DomainGuid string: Specifies the domain GUID.
DomainName string: Specifies the primary domain that the AD DNS server is authoritative for.
DomainSid string: Specifies the security identifier (SID). This is required when directory_type is set to AD.
ForestName string: Specifies the Active Directory forest. This is required when directory_type is set to AD.
NetbiosDomainName string: Specifies the NetBIOS domain name. This is required when directory_type is set to AD.
StorageSid string: Specifies the security identifier (SID) for Azure Storage. This is required when directory_type is set to AD.

domainGuid String: Specifies the domain GUID.
domainName String: Specifies the primary domain that the AD DNS server is authoritative for.
domainSid String: Specifies the security identifier (SID). This is required when directory_type is set to AD.
forestName String: Specifies the Active Directory forest. This is required when directory_type is set to AD.
netbiosDomainName String: Specifies the NetBIOS domain name. This is required when directory_type is set to AD.
storageSid String: Specifies the security identifier (SID) for Azure Storage. This is required when directory_type is set to AD.

domainGuid string: Specifies the domain GUID.
domainName string: Specifies the primary domain that the AD DNS server is authoritative for.
domainSid string: Specifies the security identifier (SID). This is required when directory_type is set to AD.
forestName string: Specifies the Active Directory forest. This is required when directory_type is set to AD.
netbiosDomainName string: Specifies the NetBIOS domain name. This is required when directory_type is set to AD.
storageSid string: Specifies the security identifier (SID) for Azure Storage. This is required when directory_type is set to AD.

domain_guid str: Specifies the domain GUID.
domain_name str: Specifies the primary domain that the AD DNS server is authoritative for.
domain_sid str: Specifies the security identifier (SID). This is required when directory_type is set to AD.
forest_name str: Specifies the Active Directory forest. This is required when directory_type is set to AD.
netbios_domain_name str: Specifies the NetBIOS domain name. This is required when directory_type is set to AD.
storage_sid str: Specifies the security identifier (SID) for Azure Storage. This is required when directory_type is set to AD.

domainGuid String: Specifies the domain GUID.
domainName String: Specifies the primary domain that the AD DNS server is authoritative for.
domainSid String: Specifies the security identifier (SID). This is required when directory_type is set to AD.
forestName String: Specifies the Active Directory forest. This is required when directory_type is set to AD.
netbiosDomainName String: Specifies the NetBIOS domain name. This is required when directory_type is set to AD.
storageSid String: Specifies the security identifier (SID) for Azure Storage. This is required when directory_type is set to AD.

AccountBlobProperties, AccountBlobPropertiesArgs

ChangeFeedEnabled bool: Is the blob service properties for change feed events enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
ChangeFeedRetentionInDays int: The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed.
Note: This field cannot be configured when kind is set to Storage (V1).
ContainerDeleteRetentionPolicy AccountBlobPropertiesContainerDeleteRetentionPolicy: A container_delete_retention_policy block as defined below.
CorsRules List<AccountBlobPropertiesCorsRule>: A cors_rule block as defined below.
DefaultServiceVersion string: The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
DeleteRetentionPolicy AccountBlobPropertiesDeleteRetentionPolicy: A delete_retention_policy block as defined below.
LastAccessTimeEnabled bool: Is the last access time based tracking enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
RestorePolicy AccountBlobPropertiesRestorePolicy: A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
Note: This field cannot be configured when kind is set to Storage (V1).
Note: restore_policy can not be configured when dns_endpoint_type is AzureDnsZone.
VersioningEnabled bool: Is versioning enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).

ChangeFeedEnabled bool: Is the blob service properties for change feed events enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
ChangeFeedRetentionInDays int: The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed.
Note: This field cannot be configured when kind is set to Storage (V1).
ContainerDeleteRetentionPolicy AccountBlobPropertiesContainerDeleteRetentionPolicy: A container_delete_retention_policy block as defined below.
CorsRules []AccountBlobPropertiesCorsRule: A cors_rule block as defined below.
DefaultServiceVersion string: The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
DeleteRetentionPolicy AccountBlobPropertiesDeleteRetentionPolicy: A delete_retention_policy block as defined below.
LastAccessTimeEnabled bool: Is the last access time based tracking enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
RestorePolicy AccountBlobPropertiesRestorePolicy: A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
Note: This field cannot be configured when kind is set to Storage (V1).
Note: restore_policy can not be configured when dns_endpoint_type is AzureDnsZone.
VersioningEnabled bool: Is versioning enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).

changeFeedEnabled Boolean: Is the blob service properties for change feed events enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
changeFeedRetentionInDays Integer: The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed.
Note: This field cannot be configured when kind is set to Storage (V1).
containerDeleteRetentionPolicy AccountBlobPropertiesContainerDeleteRetentionPolicy: A container_delete_retention_policy block as defined below.
corsRules List<AccountBlobPropertiesCorsRule>: A cors_rule block as defined below.
defaultServiceVersion String: The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
deleteRetentionPolicy AccountBlobPropertiesDeleteRetentionPolicy: A delete_retention_policy block as defined below.
lastAccessTimeEnabled Boolean: Is the last access time based tracking enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
restorePolicy AccountBlobPropertiesRestorePolicy: A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
Note: This field cannot be configured when kind is set to Storage (V1).
Note: restore_policy can not be configured when dns_endpoint_type is AzureDnsZone.
versioningEnabled Boolean: Is versioning enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).

changeFeedEnabled boolean: Is the blob service properties for change feed events enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
changeFeedRetentionInDays number: The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed.
Note: This field cannot be configured when kind is set to Storage (V1).
containerDeleteRetentionPolicy AccountBlobPropertiesContainerDeleteRetentionPolicy: A container_delete_retention_policy block as defined below.
corsRules AccountBlobPropertiesCorsRule[]: A cors_rule block as defined below.
defaultServiceVersion string: The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
deleteRetentionPolicy AccountBlobPropertiesDeleteRetentionPolicy: A delete_retention_policy block as defined below.
lastAccessTimeEnabled boolean: Is the last access time based tracking enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
restorePolicy AccountBlobPropertiesRestorePolicy: A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
Note: This field cannot be configured when kind is set to Storage (V1).
Note: restore_policy can not be configured when dns_endpoint_type is AzureDnsZone.
versioningEnabled boolean: Is versioning enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).

change_feed_enabled bool: Is the blob service properties for change feed events enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
change_feed_retention_in_days int: The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed.
Note: This field cannot be configured when kind is set to Storage (V1).
container_delete_retention_policy AccountBlobPropertiesContainerDeleteRetentionPolicy: A container_delete_retention_policy block as defined below.
cors_rules Sequence[AccountBlobPropertiesCorsRule]: A cors_rule block as defined below.
default_service_version str: The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
delete_retention_policy AccountBlobPropertiesDeleteRetentionPolicy: A delete_retention_policy block as defined below.
last_access_time_enabled bool: Is the last access time based tracking enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
restore_policy AccountBlobPropertiesRestorePolicy: A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
Note: This field cannot be configured when kind is set to Storage (V1).
Note: restore_policy can not be configured when dns_endpoint_type is AzureDnsZone.
versioning_enabled bool: Is versioning enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).

changeFeedEnabled Boolean: Is the blob service properties for change feed events enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
changeFeedRetentionInDays Number: The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed.
Note: This field cannot be configured when kind is set to Storage (V1).
containerDeleteRetentionPolicy Property Map: A container_delete_retention_policy block as defined below.
corsRules List<Property Map>: A cors_rule block as defined below.
defaultServiceVersion String: The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
deleteRetentionPolicy Property Map: A delete_retention_policy block as defined below.
lastAccessTimeEnabled Boolean: Is the last access time based tracking enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).
restorePolicy Property Map: A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
Note: This field cannot be configured when kind is set to Storage (V1).
Note: restore_policy can not be configured when dns_endpoint_type is AzureDnsZone.
versioningEnabled Boolean: Is versioning enabled? Default to false.
Note: This field cannot be configured when kind is set to Storage (V1).

AccountBlobPropertiesContainerDeleteRetentionPolicy, AccountBlobPropertiesContainerDeleteRetentionPolicyArgs

Days int: Specifies the number of days that the container should be retained, between 1 and 365 days. Defaults to 7.

Days int: Specifies the number of days that the container should be retained, between 1 and 365 days. Defaults to 7.

days Integer: Specifies the number of days that the container should be retained, between 1 and 365 days. Defaults to 7.

days number: Specifies the number of days that the container should be retained, between 1 and 365 days. Defaults to 7.

days int: Specifies the number of days that the container should be retained, between 1 and 365 days. Defaults to 7.

days Number: Specifies the number of days that the container should be retained, between 1 and 365 days. Defaults to 7.

AccountBlobPropertiesCorsRule, AccountBlobPropertiesCorsRuleArgs

AllowedHeaders List<string>: A list of headers that are allowed to be a part of the cross-origin request.
AllowedMethods List<string>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
AllowedOrigins List<string>: A list of origin domains that will be allowed by CORS.
ExposedHeaders List<string>: A list of response headers that are exposed to CORS clients.
MaxAgeInSeconds int: The number of seconds the client should cache a preflight response.

AllowedHeaders []string: A list of headers that are allowed to be a part of the cross-origin request.
AllowedMethods []string: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
AllowedOrigins []string: A list of origin domains that will be allowed by CORS.
ExposedHeaders []string: A list of response headers that are exposed to CORS clients.
MaxAgeInSeconds int: The number of seconds the client should cache a preflight response.

allowedHeaders List<String>: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods List<String>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins List<String>: A list of origin domains that will be allowed by CORS.
exposedHeaders List<String>: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds Integer: The number of seconds the client should cache a preflight response.

allowedHeaders string[]: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods string[]: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins string[]: A list of origin domains that will be allowed by CORS.
exposedHeaders string[]: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds number: The number of seconds the client should cache a preflight response.

allowed_headers Sequence[str]: A list of headers that are allowed to be a part of the cross-origin request.
allowed_methods Sequence[str]: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowed_origins Sequence[str]: A list of origin domains that will be allowed by CORS.
exposed_headers Sequence[str]: A list of response headers that are exposed to CORS clients.
max_age_in_seconds int: The number of seconds the client should cache a preflight response.

allowedHeaders List<String>: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods List<String>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins List<String>: A list of origin domains that will be allowed by CORS.
exposedHeaders List<String>: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds Number: The number of seconds the client should cache a preflight response.

AccountBlobPropertiesDeleteRetentionPolicy, AccountBlobPropertiesDeleteRetentionPolicyArgs

Days int: Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7.
PermanentDeleteEnabled bool: Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to false.
Note: permanent_delete_enabled cannot be set to true if a restore_policy block is defined.

Days int: Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7.
PermanentDeleteEnabled bool: Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to false.
Note: permanent_delete_enabled cannot be set to true if a restore_policy block is defined.

days Integer: Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7.
permanentDeleteEnabled Boolean: Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to false.
Note: permanent_delete_enabled cannot be set to true if a restore_policy block is defined.

days number: Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7.
permanentDeleteEnabled boolean: Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to false.
Note: permanent_delete_enabled cannot be set to true if a restore_policy block is defined.

days int: Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7.
permanent_delete_enabled bool: Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to false.
Note: permanent_delete_enabled cannot be set to true if a restore_policy block is defined.

days Number: Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7.
permanentDeleteEnabled Boolean: Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to false.
Note: permanent_delete_enabled cannot be set to true if a restore_policy block is defined.

AccountBlobPropertiesRestorePolicy, AccountBlobPropertiesRestorePolicyArgs

Days int: Specifies the number of days that the blob can be restored, between 1 and 365 days. This must be less than the days specified for delete_retention_policy.

Days int: Specifies the number of days that the blob can be restored, between 1 and 365 days. This must be less than the days specified for delete_retention_policy.

days Integer: Specifies the number of days that the blob can be restored, between 1 and 365 days. This must be less than the days specified for delete_retention_policy.

days number: Specifies the number of days that the blob can be restored, between 1 and 365 days. This must be less than the days specified for delete_retention_policy.

days int: Specifies the number of days that the blob can be restored, between 1 and 365 days. This must be less than the days specified for delete_retention_policy.

days Number: Specifies the number of days that the blob can be restored, between 1 and 365 days. This must be less than the days specified for delete_retention_policy.

AccountCustomDomain, AccountCustomDomainArgs

Name string: The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
UseSubdomain bool: Should the Custom Domain Name be validated by using indirect CNAME validation?

Name string: The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
UseSubdomain bool: Should the Custom Domain Name be validated by using indirect CNAME validation?

name String: The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
useSubdomain Boolean: Should the Custom Domain Name be validated by using indirect CNAME validation?

name string: The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
useSubdomain boolean: Should the Custom Domain Name be validated by using indirect CNAME validation?

name str: The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
use_subdomain bool: Should the Custom Domain Name be validated by using indirect CNAME validation?

name String: The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
useSubdomain Boolean: Should the Custom Domain Name be validated by using indirect CNAME validation?

AccountCustomerManagedKey, AccountCustomerManagedKeyArgs

UserAssignedIdentityId string: The ID of a user assigned identity.
Note: customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
KeyVaultKeyId string: The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.
ManagedHsmKeyId string: The ID of the managed HSM Key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.

UserAssignedIdentityId string: The ID of a user assigned identity.
Note: customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
KeyVaultKeyId string: The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.
ManagedHsmKeyId string: The ID of the managed HSM Key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.

userAssignedIdentityId String: The ID of a user assigned identity.
Note: customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
keyVaultKeyId String: The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.
managedHsmKeyId String: The ID of the managed HSM Key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.

userAssignedIdentityId string: The ID of a user assigned identity.
Note: customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
keyVaultKeyId string: The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.
managedHsmKeyId string: The ID of the managed HSM Key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.

user_assigned_identity_id str: The ID of a user assigned identity.
Note: customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
key_vault_key_id str: The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.
managed_hsm_key_id str: The ID of the managed HSM Key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.

userAssignedIdentityId String: The ID of a user assigned identity.
Note: customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
keyVaultKeyId String: The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.
managedHsmKeyId String: The ID of the managed HSM Key. Exactly one of key_vault_key_id and managed_hsm_key_id may be specified.

AccountIdentity, AccountIdentityArgs

Type string: Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
IdentityIds List<string>: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
Note: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
The assigned principal_id and tenant_id can be retrieved after the identity type has been set to SystemAssigned and Storage Account has been created. More details are available below.
PrincipalId string: The Principal ID for the Service Principal associated with the Identity of this Storage Account.
TenantId string: The Tenant ID for the Service Principal associated with the Identity of this Storage Account.

Type string: Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
IdentityIds []string: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
Note: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
The assigned principal_id and tenant_id can be retrieved after the identity type has been set to SystemAssigned and Storage Account has been created. More details are available below.
PrincipalId string: The Principal ID for the Service Principal associated with the Identity of this Storage Account.
TenantId string: The Tenant ID for the Service Principal associated with the Identity of this Storage Account.

type String: Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds List<String>: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
Note: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
The assigned principal_id and tenant_id can be retrieved after the identity type has been set to SystemAssigned and Storage Account has been created. More details are available below.
principalId String: The Principal ID for the Service Principal associated with the Identity of this Storage Account.
tenantId String: The Tenant ID for the Service Principal associated with the Identity of this Storage Account.

type string: Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds string[]: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
Note: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
The assigned principal_id and tenant_id can be retrieved after the identity type has been set to SystemAssigned and Storage Account has been created. More details are available below.
principalId string: The Principal ID for the Service Principal associated with the Identity of this Storage Account.
tenantId string: The Tenant ID for the Service Principal associated with the Identity of this Storage Account.

type str: Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identity_ids Sequence[str]: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
Note: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
The assigned principal_id and tenant_id can be retrieved after the identity type has been set to SystemAssigned and Storage Account has been created. More details are available below.
principal_id str: The Principal ID for the Service Principal associated with the Identity of this Storage Account.
tenant_id str: The Tenant ID for the Service Principal associated with the Identity of this Storage Account.

type String: Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds List<String>: Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
Note: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
The assigned principal_id and tenant_id can be retrieved after the identity type has been set to SystemAssigned and Storage Account has been created. More details are available below.
principalId String: The Principal ID for the Service Principal associated with the Identity of this Storage Account.
tenantId String: The Tenant ID for the Service Principal associated with the Identity of this Storage Account.

AccountImmutabilityPolicy, AccountImmutabilityPolicyArgs

AllowProtectedAppendWrites bool: When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
PeriodSinceCreationInDays int: The immutability period for the blobs in the container since the policy creation, in days.
State string: Defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from Locked forces a new resource to be created.

AllowProtectedAppendWrites bool: When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
PeriodSinceCreationInDays int: The immutability period for the blobs in the container since the policy creation, in days.
State string: Defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from Locked forces a new resource to be created.

allowProtectedAppendWrites Boolean: When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
periodSinceCreationInDays Integer: The immutability period for the blobs in the container since the policy creation, in days.
state String: Defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from Locked forces a new resource to be created.

allowProtectedAppendWrites boolean: When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
periodSinceCreationInDays number: The immutability period for the blobs in the container since the policy creation, in days.
state string: Defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from Locked forces a new resource to be created.

allow_protected_append_writes bool: When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
period_since_creation_in_days int: The immutability period for the blobs in the container since the policy creation, in days.
state str: Defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from Locked forces a new resource to be created.

allowProtectedAppendWrites Boolean: When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
periodSinceCreationInDays Number: The immutability period for the blobs in the container since the policy creation, in days.
state String: Defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from Locked forces a new resource to be created.

AccountNetworkRules, AccountNetworkRulesArgs

DefaultAction string: Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow.
Bypasses List<string>: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
IpRules List<string>: List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
PrivateLinkAccesses List<AccountNetworkRulesPrivateLinkAccess>: One or more private_link_access block as defined below.
Note: If specifying network_rules, one of either ip_rules or virtual_network_subnet_ids must be specified and default_action must be set to Deny.
Note: Network Rules can be defined either directly on the azure.storage.Account resource, or using the azure.storage.AccountNetworkRules resource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a default_action of Deny to Allow requires defining, rather than removing, the block.
Note: The prefix of ip_rules must be between 0 and 30 and only supports public IP addresses.
Note: More information on Validation is available here
VirtualNetworkSubnetIds List<string>: A list of resource ids for subnets.

DefaultAction string: Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow.
Bypasses []string: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
IpRules []string: List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
PrivateLinkAccesses []AccountNetworkRulesPrivateLinkAccess: One or more private_link_access block as defined below.
Note: If specifying network_rules, one of either ip_rules or virtual_network_subnet_ids must be specified and default_action must be set to Deny.
Note: Network Rules can be defined either directly on the azure.storage.Account resource, or using the azure.storage.AccountNetworkRules resource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a default_action of Deny to Allow requires defining, rather than removing, the block.
Note: The prefix of ip_rules must be between 0 and 30 and only supports public IP addresses.
Note: More information on Validation is available here
VirtualNetworkSubnetIds []string: A list of resource ids for subnets.

defaultAction String: Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow.
bypasses List<String>: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
ipRules List<String>: List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
privateLinkAccesses List<AccountNetworkRulesPrivateLinkAccess>: One or more private_link_access block as defined below.
Note: If specifying network_rules, one of either ip_rules or virtual_network_subnet_ids must be specified and default_action must be set to Deny.
Note: Network Rules can be defined either directly on the azure.storage.Account resource, or using the azure.storage.AccountNetworkRules resource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a default_action of Deny to Allow requires defining, rather than removing, the block.
Note: The prefix of ip_rules must be between 0 and 30 and only supports public IP addresses.
Note: More information on Validation is available here
virtualNetworkSubnetIds List<String>: A list of resource ids for subnets.

defaultAction string: Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow.
bypasses string[]: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
ipRules string[]: List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
privateLinkAccesses AccountNetworkRulesPrivateLinkAccess[]: One or more private_link_access block as defined below.
Note: If specifying network_rules, one of either ip_rules or virtual_network_subnet_ids must be specified and default_action must be set to Deny.
Note: Network Rules can be defined either directly on the azure.storage.Account resource, or using the azure.storage.AccountNetworkRules resource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a default_action of Deny to Allow requires defining, rather than removing, the block.
Note: The prefix of ip_rules must be between 0 and 30 and only supports public IP addresses.
Note: More information on Validation is available here
virtualNetworkSubnetIds string[]: A list of resource ids for subnets.

default_action str: Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow.
bypasses Sequence[str]: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
ip_rules Sequence[str]: List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
private_link_accesses Sequence[AccountNetworkRulesPrivateLinkAccess]: One or more private_link_access block as defined below.
Note: If specifying network_rules, one of either ip_rules or virtual_network_subnet_ids must be specified and default_action must be set to Deny.
Note: Network Rules can be defined either directly on the azure.storage.Account resource, or using the azure.storage.AccountNetworkRules resource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a default_action of Deny to Allow requires defining, rather than removing, the block.
Note: The prefix of ip_rules must be between 0 and 30 and only supports public IP addresses.
Note: More information on Validation is available here
virtual_network_subnet_ids Sequence[str]: A list of resource ids for subnets.

defaultAction String: Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow.
bypasses List<String>: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
ipRules List<String>: List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
privateLinkAccesses List<Property Map>: One or more private_link_access block as defined below.
Note: If specifying network_rules, one of either ip_rules or virtual_network_subnet_ids must be specified and default_action must be set to Deny.
Note: Network Rules can be defined either directly on the azure.storage.Account resource, or using the azure.storage.AccountNetworkRules resource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a default_action of Deny to Allow requires defining, rather than removing, the block.
Note: The prefix of ip_rules must be between 0 and 30 and only supports public IP addresses.
Note: More information on Validation is available here
virtualNetworkSubnetIds List<String>: A list of resource ids for subnets.

AccountNetworkRulesPrivateLinkAccess, AccountNetworkRulesPrivateLinkAccessArgs

EndpointResourceId string: The ID of the Azure resource that should be allowed access to the target storage account.
EndpointTenantId string: The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.

EndpointResourceId string: The ID of the Azure resource that should be allowed access to the target storage account.
EndpointTenantId string: The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.

endpointResourceId String: The ID of the Azure resource that should be allowed access to the target storage account.
endpointTenantId String: The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.

endpointResourceId string: The ID of the Azure resource that should be allowed access to the target storage account.
endpointTenantId string: The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.

endpoint_resource_id str: The ID of the Azure resource that should be allowed access to the target storage account.
endpoint_tenant_id str: The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.

endpointResourceId String: The ID of the Azure resource that should be allowed access to the target storage account.
endpointTenantId String: The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.

AccountQueueProperties, AccountQueuePropertiesArgs

CorsRules List<AccountQueuePropertiesCorsRule>: A cors_rule block as defined above.
HourMetrics AccountQueuePropertiesHourMetrics: A hour_metrics block as defined below.
Logging AccountQueuePropertiesLogging: A logging block as defined below.
MinuteMetrics AccountQueuePropertiesMinuteMetrics: A minute_metrics block as defined below.

CorsRules []AccountQueuePropertiesCorsRule: A cors_rule block as defined above.
HourMetrics AccountQueuePropertiesHourMetrics: A hour_metrics block as defined below.
Logging AccountQueuePropertiesLogging: A logging block as defined below.
MinuteMetrics AccountQueuePropertiesMinuteMetrics: A minute_metrics block as defined below.

corsRules List<AccountQueuePropertiesCorsRule>: A cors_rule block as defined above.
hourMetrics AccountQueuePropertiesHourMetrics: A hour_metrics block as defined below.
logging AccountQueuePropertiesLogging: A logging block as defined below.
minuteMetrics AccountQueuePropertiesMinuteMetrics: A minute_metrics block as defined below.

corsRules AccountQueuePropertiesCorsRule[]: A cors_rule block as defined above.
hourMetrics AccountQueuePropertiesHourMetrics: A hour_metrics block as defined below.
logging AccountQueuePropertiesLogging: A logging block as defined below.
minuteMetrics AccountQueuePropertiesMinuteMetrics: A minute_metrics block as defined below.

cors_rules Sequence[AccountQueuePropertiesCorsRule]: A cors_rule block as defined above.
hour_metrics AccountQueuePropertiesHourMetrics: A hour_metrics block as defined below.
logging AccountQueuePropertiesLogging: A logging block as defined below.
minute_metrics AccountQueuePropertiesMinuteMetrics: A minute_metrics block as defined below.

corsRules List<Property Map>: A cors_rule block as defined above.
hourMetrics Property Map: A hour_metrics block as defined below.
logging Property Map: A logging block as defined below.
minuteMetrics Property Map: A minute_metrics block as defined below.

AccountQueuePropertiesCorsRule, AccountQueuePropertiesCorsRuleArgs

AllowedHeaders List<string>: A list of headers that are allowed to be a part of the cross-origin request.
AllowedMethods List<string>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
AllowedOrigins List<string>: A list of origin domains that will be allowed by CORS.
ExposedHeaders List<string>: A list of response headers that are exposed to CORS clients.
MaxAgeInSeconds int: The number of seconds the client should cache a preflight response.

AllowedHeaders []string: A list of headers that are allowed to be a part of the cross-origin request.
AllowedMethods []string: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
AllowedOrigins []string: A list of origin domains that will be allowed by CORS.
ExposedHeaders []string: A list of response headers that are exposed to CORS clients.
MaxAgeInSeconds int: The number of seconds the client should cache a preflight response.

allowedHeaders List<String>: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods List<String>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins List<String>: A list of origin domains that will be allowed by CORS.
exposedHeaders List<String>: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds Integer: The number of seconds the client should cache a preflight response.

allowedHeaders string[]: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods string[]: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins string[]: A list of origin domains that will be allowed by CORS.
exposedHeaders string[]: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds number: The number of seconds the client should cache a preflight response.

allowed_headers Sequence[str]: A list of headers that are allowed to be a part of the cross-origin request.
allowed_methods Sequence[str]: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowed_origins Sequence[str]: A list of origin domains that will be allowed by CORS.
exposed_headers Sequence[str]: A list of response headers that are exposed to CORS clients.
max_age_in_seconds int: The number of seconds the client should cache a preflight response.

allowedHeaders List<String>: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods List<String>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins List<String>: A list of origin domains that will be allowed by CORS.
exposedHeaders List<String>: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds Number: The number of seconds the client should cache a preflight response.

AccountQueuePropertiesHourMetrics, AccountQueuePropertiesHourMetricsArgs

Version string: The version of storage analytics to configure.
IncludeApis bool: Indicates whether metrics should generate summary statistics for called API operations.
RetentionPolicyDays int: Specifies the number of days that logs will be retained.

Version string: The version of storage analytics to configure.
IncludeApis bool: Indicates whether metrics should generate summary statistics for called API operations.
RetentionPolicyDays int: Specifies the number of days that logs will be retained.

version String: The version of storage analytics to configure.
includeApis Boolean: Indicates whether metrics should generate summary statistics for called API operations.
retentionPolicyDays Integer: Specifies the number of days that logs will be retained.

version string: The version of storage analytics to configure.
includeApis boolean: Indicates whether metrics should generate summary statistics for called API operations.
retentionPolicyDays number: Specifies the number of days that logs will be retained.

version str: The version of storage analytics to configure.
include_apis bool: Indicates whether metrics should generate summary statistics for called API operations.
retention_policy_days int: Specifies the number of days that logs will be retained.

version String: The version of storage analytics to configure.
includeApis Boolean: Indicates whether metrics should generate summary statistics for called API operations.
retentionPolicyDays Number: Specifies the number of days that logs will be retained.

AccountQueuePropertiesLogging, AccountQueuePropertiesLoggingArgs

Delete bool: Indicates whether all delete requests should be logged.
Read bool: Indicates whether all read requests should be logged.
Version string: The version of storage analytics to configure.
Write bool: Indicates whether all write requests should be logged.
RetentionPolicyDays int: Specifies the number of days that logs will be retained.

Delete bool: Indicates whether all delete requests should be logged.
Read bool: Indicates whether all read requests should be logged.
Version string: The version of storage analytics to configure.
Write bool: Indicates whether all write requests should be logged.
RetentionPolicyDays int: Specifies the number of days that logs will be retained.

delete Boolean: Indicates whether all delete requests should be logged.
read Boolean: Indicates whether all read requests should be logged.
version String: The version of storage analytics to configure.
write Boolean: Indicates whether all write requests should be logged.
retentionPolicyDays Integer: Specifies the number of days that logs will be retained.

delete boolean: Indicates whether all delete requests should be logged.
read boolean: Indicates whether all read requests should be logged.
version string: The version of storage analytics to configure.
write boolean: Indicates whether all write requests should be logged.
retentionPolicyDays number: Specifies the number of days that logs will be retained.

delete bool: Indicates whether all delete requests should be logged.
read bool: Indicates whether all read requests should be logged.
version str: The version of storage analytics to configure.
write bool: Indicates whether all write requests should be logged.
retention_policy_days int: Specifies the number of days that logs will be retained.

delete Boolean: Indicates whether all delete requests should be logged.
read Boolean: Indicates whether all read requests should be logged.
version String: The version of storage analytics to configure.
write Boolean: Indicates whether all write requests should be logged.
retentionPolicyDays Number: Specifies the number of days that logs will be retained.

AccountQueuePropertiesMinuteMetrics, AccountQueuePropertiesMinuteMetricsArgs

Version string: The version of storage analytics to configure.
IncludeApis bool: Indicates whether metrics should generate summary statistics for called API operations.
RetentionPolicyDays int: Specifies the number of days that logs will be retained.

Version string: The version of storage analytics to configure.
IncludeApis bool: Indicates whether metrics should generate summary statistics for called API operations.
RetentionPolicyDays int: Specifies the number of days that logs will be retained.

version String: The version of storage analytics to configure.
includeApis Boolean: Indicates whether metrics should generate summary statistics for called API operations.
retentionPolicyDays Integer: Specifies the number of days that logs will be retained.

version string: The version of storage analytics to configure.
includeApis boolean: Indicates whether metrics should generate summary statistics for called API operations.
retentionPolicyDays number: Specifies the number of days that logs will be retained.

version str: The version of storage analytics to configure.
include_apis bool: Indicates whether metrics should generate summary statistics for called API operations.
retention_policy_days int: Specifies the number of days that logs will be retained.

version String: The version of storage analytics to configure.
includeApis Boolean: Indicates whether metrics should generate summary statistics for called API operations.
retentionPolicyDays Number: Specifies the number of days that logs will be retained.

AccountRouting, AccountRoutingArgs

Choice string: Specifies the kind of network routing opted by the user. Possible values are InternetRouting and MicrosoftRouting. Defaults to MicrosoftRouting.
PublishInternetEndpoints bool: Should internet routing storage endpoints be published? Defaults to false.
PublishMicrosoftEndpoints bool: Should Microsoft routing storage endpoints be published? Defaults to false.

Choice string: Specifies the kind of network routing opted by the user. Possible values are InternetRouting and MicrosoftRouting. Defaults to MicrosoftRouting.
PublishInternetEndpoints bool: Should internet routing storage endpoints be published? Defaults to false.
PublishMicrosoftEndpoints bool: Should Microsoft routing storage endpoints be published? Defaults to false.

choice String: Specifies the kind of network routing opted by the user. Possible values are InternetRouting and MicrosoftRouting. Defaults to MicrosoftRouting.
publishInternetEndpoints Boolean: Should internet routing storage endpoints be published? Defaults to false.
publishMicrosoftEndpoints Boolean: Should Microsoft routing storage endpoints be published? Defaults to false.

choice string: Specifies the kind of network routing opted by the user. Possible values are InternetRouting and MicrosoftRouting. Defaults to MicrosoftRouting.
publishInternetEndpoints boolean: Should internet routing storage endpoints be published? Defaults to false.
publishMicrosoftEndpoints boolean: Should Microsoft routing storage endpoints be published? Defaults to false.

choice str: Specifies the kind of network routing opted by the user. Possible values are InternetRouting and MicrosoftRouting. Defaults to MicrosoftRouting.
publish_internet_endpoints bool: Should internet routing storage endpoints be published? Defaults to false.
publish_microsoft_endpoints bool: Should Microsoft routing storage endpoints be published? Defaults to false.

choice String: Specifies the kind of network routing opted by the user. Possible values are InternetRouting and MicrosoftRouting. Defaults to MicrosoftRouting.
publishInternetEndpoints Boolean: Should internet routing storage endpoints be published? Defaults to false.
publishMicrosoftEndpoints Boolean: Should Microsoft routing storage endpoints be published? Defaults to false.

AccountSasPolicy, AccountSasPolicyArgs

ExpirationPeriod string: The SAS expiration period in format of DD.HH:MM:SS.
ExpirationAction string: The SAS expiration action. The only possible value is Log at this moment. Defaults to Log.

ExpirationPeriod string: The SAS expiration period in format of DD.HH:MM:SS.
ExpirationAction string: The SAS expiration action. The only possible value is Log at this moment. Defaults to Log.

expirationPeriod String: The SAS expiration period in format of DD.HH:MM:SS.
expirationAction String: The SAS expiration action. The only possible value is Log at this moment. Defaults to Log.

expirationPeriod string: The SAS expiration period in format of DD.HH:MM:SS.
expirationAction string: The SAS expiration action. The only possible value is Log at this moment. Defaults to Log.

expiration_period str: The SAS expiration period in format of DD.HH:MM:SS.
expiration_action str: The SAS expiration action. The only possible value is Log at this moment. Defaults to Log.

expirationPeriod String: The SAS expiration period in format of DD.HH:MM:SS.
expirationAction String: The SAS expiration action. The only possible value is Log at this moment. Defaults to Log.

AccountShareProperties, AccountSharePropertiesArgs

CorsRules List<AccountSharePropertiesCorsRule>: A cors_rule block as defined below.
RetentionPolicy AccountSharePropertiesRetentionPolicy: A retention_policy block as defined below.
Smb AccountSharePropertiesSmb: A smb block as defined below.

CorsRules []AccountSharePropertiesCorsRule: A cors_rule block as defined below.
RetentionPolicy AccountSharePropertiesRetentionPolicy: A retention_policy block as defined below.
Smb AccountSharePropertiesSmb: A smb block as defined below.

corsRules List<AccountSharePropertiesCorsRule>: A cors_rule block as defined below.
retentionPolicy AccountSharePropertiesRetentionPolicy: A retention_policy block as defined below.
smb AccountSharePropertiesSmb: A smb block as defined below.

corsRules AccountSharePropertiesCorsRule[]: A cors_rule block as defined below.
retentionPolicy AccountSharePropertiesRetentionPolicy: A retention_policy block as defined below.
smb AccountSharePropertiesSmb: A smb block as defined below.

cors_rules Sequence[AccountSharePropertiesCorsRule]: A cors_rule block as defined below.
retention_policy AccountSharePropertiesRetentionPolicy: A retention_policy block as defined below.
smb AccountSharePropertiesSmb: A smb block as defined below.

corsRules List<Property Map>: A cors_rule block as defined below.
retentionPolicy Property Map: A retention_policy block as defined below.
smb Property Map: A smb block as defined below.

AccountSharePropertiesCorsRule, AccountSharePropertiesCorsRuleArgs

AllowedHeaders List<string>: A list of headers that are allowed to be a part of the cross-origin request.
AllowedMethods List<string>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
AllowedOrigins List<string>: A list of origin domains that will be allowed by CORS.
ExposedHeaders List<string>: A list of response headers that are exposed to CORS clients.
MaxAgeInSeconds int: The number of seconds the client should cache a preflight response.

AllowedHeaders []string: A list of headers that are allowed to be a part of the cross-origin request.
AllowedMethods []string: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
AllowedOrigins []string: A list of origin domains that will be allowed by CORS.
ExposedHeaders []string: A list of response headers that are exposed to CORS clients.
MaxAgeInSeconds int: The number of seconds the client should cache a preflight response.

allowedHeaders List<String>: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods List<String>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins List<String>: A list of origin domains that will be allowed by CORS.
exposedHeaders List<String>: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds Integer: The number of seconds the client should cache a preflight response.

allowedHeaders string[]: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods string[]: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins string[]: A list of origin domains that will be allowed by CORS.
exposedHeaders string[]: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds number: The number of seconds the client should cache a preflight response.

allowed_headers Sequence[str]: A list of headers that are allowed to be a part of the cross-origin request.
allowed_methods Sequence[str]: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowed_origins Sequence[str]: A list of origin domains that will be allowed by CORS.
exposed_headers Sequence[str]: A list of response headers that are exposed to CORS clients.
max_age_in_seconds int: The number of seconds the client should cache a preflight response.

allowedHeaders List<String>: A list of headers that are allowed to be a part of the cross-origin request.
allowedMethods List<String>: A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowedOrigins List<String>: A list of origin domains that will be allowed by CORS.
exposedHeaders List<String>: A list of response headers that are exposed to CORS clients.
maxAgeInSeconds Number: The number of seconds the client should cache a preflight response.

AccountSharePropertiesRetentionPolicy, AccountSharePropertiesRetentionPolicyArgs

Days int: Specifies the number of days that the azure.storage.Share should be retained, between 1 and 365 days. Defaults to 7.

Days int: Specifies the number of days that the azure.storage.Share should be retained, between 1 and 365 days. Defaults to 7.

days Integer: Specifies the number of days that the azure.storage.Share should be retained, between 1 and 365 days. Defaults to 7.

days number: Specifies the number of days that the azure.storage.Share should be retained, between 1 and 365 days. Defaults to 7.

days int: Specifies the number of days that the azure.storage.Share should be retained, between 1 and 365 days. Defaults to 7.

days Number: Specifies the number of days that the azure.storage.Share should be retained, between 1 and 365 days. Defaults to 7.

AccountSharePropertiesSmb, AccountSharePropertiesSmbArgs

AuthenticationTypes List<string>: A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
ChannelEncryptionTypes List<string>: A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
KerberosTicketEncryptionTypes List<string>: A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
MultichannelEnabled bool: Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
Versions List<string>: A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.

AuthenticationTypes []string: A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
ChannelEncryptionTypes []string: A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
KerberosTicketEncryptionTypes []string: A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
MultichannelEnabled bool: Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
Versions []string: A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.

authenticationTypes List<String>: A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
channelEncryptionTypes List<String>: A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
kerberosTicketEncryptionTypes List<String>: A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
multichannelEnabled Boolean: Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
versions List<String>: A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.

authenticationTypes string[]: A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
channelEncryptionTypes string[]: A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
kerberosTicketEncryptionTypes string[]: A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
multichannelEnabled boolean: Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
versions string[]: A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.

authentication_types Sequence[str]: A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
channel_encryption_types Sequence[str]: A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
kerberos_ticket_encryption_types Sequence[str]: A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
multichannel_enabled bool: Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
versions Sequence[str]: A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.

authenticationTypes List<String>: A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
channelEncryptionTypes List<String>: A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
kerberosTicketEncryptionTypes List<String>: A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
multichannelEnabled Boolean: Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
versions List<String>: A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.

AccountStaticWebsite, AccountStaticWebsiteArgs

Error404Document string: The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
IndexDocument string: The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.

Error404Document string: The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
IndexDocument string: The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.

error404Document String: The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
indexDocument String: The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.

error404Document string: The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
indexDocument string: The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.

error404_document str: The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
index_document str: The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.

error404Document String: The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
indexDocument String: The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.

Import

Storage Accounts can be imported using the resource id, e.g.

$ pulumi import azure:storage/account:Account storageAcc1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Storage/storageAccounts/myaccount

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Azure Classic pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

We recommend using Azure Native.

Azure v6.22.1 published on Monday, May 12, 2025 by Pulumi

pulumi/pulumi-azure

azure.storage.Account

On this page

On this page

Example Usage

With Network Rules

Create Account Resource

Constructor syntax

Parameters

Constructor example

Account Resource Properties

Inputs

Outputs

Look up Existing Account Resource

Supporting Types

AccountAzureFilesAuthentication, AccountAzureFilesAuthenticationArgs

AccountAzureFilesAuthenticationActiveDirectory, AccountAzureFilesAuthenticationActiveDirectoryArgs

AccountBlobProperties, AccountBlobPropertiesArgs

AccountBlobPropertiesContainerDeleteRetentionPolicy, AccountBlobPropertiesContainerDeleteRetentionPolicyArgs

AccountBlobPropertiesCorsRule, AccountBlobPropertiesCorsRuleArgs

AccountBlobPropertiesDeleteRetentionPolicy, AccountBlobPropertiesDeleteRetentionPolicyArgs

AccountBlobPropertiesRestorePolicy, AccountBlobPropertiesRestorePolicyArgs

AccountCustomDomain, AccountCustomDomainArgs

AccountCustomerManagedKey, AccountCustomerManagedKeyArgs

AccountIdentity, AccountIdentityArgs

AccountImmutabilityPolicy, AccountImmutabilityPolicyArgs

AccountNetworkRules, AccountNetworkRulesArgs

AccountNetworkRulesPrivateLinkAccess, AccountNetworkRulesPrivateLinkAccessArgs

AccountQueueProperties, AccountQueuePropertiesArgs

AccountQueuePropertiesCorsRule, AccountQueuePropertiesCorsRuleArgs

AccountQueuePropertiesHourMetrics, AccountQueuePropertiesHourMetricsArgs

AccountQueuePropertiesLogging, AccountQueuePropertiesLoggingArgs

AccountQueuePropertiesMinuteMetrics, AccountQueuePropertiesMinuteMetricsArgs

AccountRouting, AccountRoutingArgs

AccountSasPolicy, AccountSasPolicyArgs

AccountShareProperties, AccountSharePropertiesArgs

AccountSharePropertiesCorsRule, AccountSharePropertiesCorsRuleArgs

AccountSharePropertiesRetentionPolicy, AccountSharePropertiesRetentionPolicyArgs

AccountSharePropertiesSmb, AccountSharePropertiesSmbArgs

AccountStaticWebsite, AccountStaticWebsiteArgs

Import

Package Details

On this page

On this page