We recommend using Azure Native.
azure.storage.Account
Explore with Pulumi AI
Manages an Azure Storage Account.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
    name: "example-resources",
    location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
    name: "storageaccountname",
    resourceGroupName: example.name,
    location: example.location,
    accountTier: "Standard",
    accountReplicationType: "GRS",
    tags: {
        environment: "staging",
    },
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
    name="example-resources",
    location="West Europe")
example_account = azure.storage.Account("example",
    name="storageaccountname",
    resource_group_name=example.name,
    location=example.location,
    account_tier="Standard",
    account_replication_type="GRS",
    tags={
        "environment": "staging",
    })
package main
import (
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Name:     pulumi.String("example-resources"),
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
			Name:                   pulumi.String("storageaccountname"),
			ResourceGroupName:      example.Name,
			Location:               example.Location,
			AccountTier:            pulumi.String("Standard"),
			AccountReplicationType: pulumi.String("GRS"),
			Tags: pulumi.StringMap{
				"environment": pulumi.String("staging"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Name = "example-resources",
        Location = "West Europe",
    });
    var exampleAccount = new Azure.Storage.Account("example", new()
    {
        Name = "storageaccountname",
        ResourceGroupName = example.Name,
        Location = example.Location,
        AccountTier = "Standard",
        AccountReplicationType = "GRS",
        Tags = 
        {
            { "environment", "staging" },
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("example-resources")
            .location("West Europe")
            .build());
        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .name("storageaccountname")
            .resourceGroupName(example.name())
            .location(example.location())
            .accountTier("Standard")
            .accountReplicationType("GRS")
            .tags(Map.of("environment", "staging"))
            .build());
    }
}
resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: example-resources
      location: West Europe
  exampleAccount:
    type: azure:storage:Account
    name: example
    properties:
      name: storageaccountname
      resourceGroupName: ${example.name}
      location: ${example.location}
      accountTier: Standard
      accountReplicationType: GRS
      tags:
        environment: staging
With Network Rules
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
    name: "example-resources",
    location: "West Europe",
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
    name: "virtnetname",
    addressSpaces: ["10.0.0.0/16"],
    location: example.location,
    resourceGroupName: example.name,
});
const exampleSubnet = new azure.network.Subnet("example", {
    name: "subnetname",
    resourceGroupName: example.name,
    virtualNetworkName: exampleVirtualNetwork.name,
    addressPrefixes: ["10.0.2.0/24"],
    serviceEndpoints: [
        "Microsoft.Sql",
        "Microsoft.Storage",
    ],
});
const exampleAccount = new azure.storage.Account("example", {
    name: "storageaccountname",
    resourceGroupName: example.name,
    location: example.location,
    accountTier: "Standard",
    accountReplicationType: "LRS",
    networkRules: {
        defaultAction: "Deny",
        ipRules: ["100.0.0.1"],
        virtualNetworkSubnetIds: [exampleSubnet.id],
    },
    tags: {
        environment: "staging",
    },
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
    name="example-resources",
    location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("example",
    name="virtnetname",
    address_spaces=["10.0.0.0/16"],
    location=example.location,
    resource_group_name=example.name)
example_subnet = azure.network.Subnet("example",
    name="subnetname",
    resource_group_name=example.name,
    virtual_network_name=example_virtual_network.name,
    address_prefixes=["10.0.2.0/24"],
    service_endpoints=[
        "Microsoft.Sql",
        "Microsoft.Storage",
    ])
example_account = azure.storage.Account("example",
    name="storageaccountname",
    resource_group_name=example.name,
    location=example.location,
    account_tier="Standard",
    account_replication_type="LRS",
    network_rules={
        "default_action": "Deny",
        "ip_rules": ["100.0.0.1"],
        "virtual_network_subnet_ids": [example_subnet.id],
    },
    tags={
        "environment": "staging",
    })
package main
import (
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Name:     pulumi.String("example-resources"),
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
			Name: pulumi.String("virtnetname"),
			AddressSpaces: pulumi.StringArray{
				pulumi.String("10.0.0.0/16"),
			},
			Location:          example.Location,
			ResourceGroupName: example.Name,
		})
		if err != nil {
			return err
		}
		exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
			Name:               pulumi.String("subnetname"),
			ResourceGroupName:  example.Name,
			VirtualNetworkName: exampleVirtualNetwork.Name,
			AddressPrefixes: pulumi.StringArray{
				pulumi.String("10.0.2.0/24"),
			},
			ServiceEndpoints: pulumi.StringArray{
				pulumi.String("Microsoft.Sql"),
				pulumi.String("Microsoft.Storage"),
			},
		})
		if err != nil {
			return err
		}
		_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
			Name:                   pulumi.String("storageaccountname"),
			ResourceGroupName:      example.Name,
			Location:               example.Location,
			AccountTier:            pulumi.String("Standard"),
			AccountReplicationType: pulumi.String("LRS"),
			NetworkRules: &storage.AccountNetworkRulesTypeArgs{
				DefaultAction: pulumi.String("Deny"),
				IpRules: pulumi.StringArray{
					pulumi.String("100.0.0.1"),
				},
				VirtualNetworkSubnetIds: pulumi.StringArray{
					exampleSubnet.ID(),
				},
			},
			Tags: pulumi.StringMap{
				"environment": pulumi.String("staging"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Name = "example-resources",
        Location = "West Europe",
    });
    var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
    {
        Name = "virtnetname",
        AddressSpaces = new[]
        {
            "10.0.0.0/16",
        },
        Location = example.Location,
        ResourceGroupName = example.Name,
    });
    var exampleSubnet = new Azure.Network.Subnet("example", new()
    {
        Name = "subnetname",
        ResourceGroupName = example.Name,
        VirtualNetworkName = exampleVirtualNetwork.Name,
        AddressPrefixes = new[]
        {
            "10.0.2.0/24",
        },
        ServiceEndpoints = new[]
        {
            "Microsoft.Sql",
            "Microsoft.Storage",
        },
    });
    var exampleAccount = new Azure.Storage.Account("example", new()
    {
        Name = "storageaccountname",
        ResourceGroupName = example.Name,
        Location = example.Location,
        AccountTier = "Standard",
        AccountReplicationType = "LRS",
        NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs
        {
            DefaultAction = "Deny",
            IpRules = new[]
            {
                "100.0.0.1",
            },
            VirtualNetworkSubnetIds = new[]
            {
                exampleSubnet.Id,
            },
        },
        Tags = 
        {
            { "environment", "staging" },
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.inputs.AccountNetworkRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("example-resources")
            .location("West Europe")
            .build());
        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .name("virtnetname")
            .addressSpaces("10.0.0.0/16")
            .location(example.location())
            .resourceGroupName(example.name())
            .build());
        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .name("subnetname")
            .resourceGroupName(example.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.2.0/24")
            .serviceEndpoints(            
                "Microsoft.Sql",
                "Microsoft.Storage")
            .build());
        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .name("storageaccountname")
            .resourceGroupName(example.name())
            .location(example.location())
            .accountTier("Standard")
            .accountReplicationType("LRS")
            .networkRules(AccountNetworkRulesArgs.builder()
                .defaultAction("Deny")
                .ipRules("100.0.0.1")
                .virtualNetworkSubnetIds(exampleSubnet.id())
                .build())
            .tags(Map.of("environment", "staging"))
            .build());
    }
}
resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: example-resources
      location: West Europe
  exampleVirtualNetwork:
    type: azure:network:VirtualNetwork
    name: example
    properties:
      name: virtnetname
      addressSpaces:
        - 10.0.0.0/16
      location: ${example.location}
      resourceGroupName: ${example.name}
  exampleSubnet:
    type: azure:network:Subnet
    name: example
    properties:
      name: subnetname
      resourceGroupName: ${example.name}
      virtualNetworkName: ${exampleVirtualNetwork.name}
      addressPrefixes:
        - 10.0.2.0/24
      serviceEndpoints:
        - Microsoft.Sql
        - Microsoft.Storage
  exampleAccount:
    type: azure:storage:Account
    name: example
    properties:
      name: storageaccountname
      resourceGroupName: ${example.name}
      location: ${example.location}
      accountTier: Standard
      accountReplicationType: LRS
      networkRules:
        defaultAction: Deny
        ipRules:
          - 100.0.0.1
        virtualNetworkSubnetIds:
          - ${exampleSubnet.id}
      tags:
        environment: staging
Create Account Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Account(name: string, args: AccountArgs, opts?: CustomResourceOptions);@overload
def Account(resource_name: str,
            args: AccountArgs,
            opts: Optional[ResourceOptions] = None)
@overload
def Account(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            account_tier: Optional[str] = None,
            resource_group_name: Optional[str] = None,
            account_replication_type: Optional[str] = None,
            is_hns_enabled: Optional[bool] = None,
            local_user_enabled: Optional[bool] = None,
            allowed_copy_scope: Optional[str] = None,
            azure_files_authentication: Optional[AccountAzureFilesAuthenticationArgs] = None,
            blob_properties: Optional[AccountBlobPropertiesArgs] = None,
            cross_tenant_replication_enabled: Optional[bool] = None,
            custom_domain: Optional[AccountCustomDomainArgs] = None,
            customer_managed_key: Optional[AccountCustomerManagedKeyArgs] = None,
            default_to_oauth_authentication: Optional[bool] = None,
            dns_endpoint_type: Optional[str] = None,
            edge_zone: Optional[str] = None,
            https_traffic_only_enabled: Optional[bool] = None,
            identity: Optional[AccountIdentityArgs] = None,
            immutability_policy: Optional[AccountImmutabilityPolicyArgs] = None,
            infrastructure_encryption_enabled: Optional[bool] = None,
            access_tier: Optional[str] = None,
            allow_nested_items_to_be_public: Optional[bool] = None,
            large_file_share_enabled: Optional[bool] = None,
            location: Optional[str] = None,
            min_tls_version: Optional[str] = None,
            name: Optional[str] = None,
            network_rules: Optional[AccountNetworkRulesArgs] = None,
            nfsv3_enabled: Optional[bool] = None,
            public_network_access_enabled: Optional[bool] = None,
            queue_encryption_key_type: Optional[str] = None,
            queue_properties: Optional[AccountQueuePropertiesArgs] = None,
            account_kind: Optional[str] = None,
            routing: Optional[AccountRoutingArgs] = None,
            sas_policy: Optional[AccountSasPolicyArgs] = None,
            sftp_enabled: Optional[bool] = None,
            share_properties: Optional[AccountSharePropertiesArgs] = None,
            shared_access_key_enabled: Optional[bool] = None,
            static_website: Optional[AccountStaticWebsiteArgs] = None,
            table_encryption_key_type: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None)func NewAccount(ctx *Context, name string, args AccountArgs, opts ...ResourceOption) (*Account, error)public Account(string name, AccountArgs args, CustomResourceOptions? opts = null)
public Account(String name, AccountArgs args)
public Account(String name, AccountArgs args, CustomResourceOptions options)
type: azure:storage:Account
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var exampleaccountResourceResourceFromStorageaccount = new Azure.Storage.Account("exampleaccountResourceResourceFromStorageaccount", new()
{
    AccountTier = "string",
    ResourceGroupName = "string",
    AccountReplicationType = "string",
    IsHnsEnabled = false,
    LocalUserEnabled = false,
    AllowedCopyScope = "string",
    AzureFilesAuthentication = new Azure.Storage.Inputs.AccountAzureFilesAuthenticationArgs
    {
        DirectoryType = "string",
        ActiveDirectory = new Azure.Storage.Inputs.AccountAzureFilesAuthenticationActiveDirectoryArgs
        {
            DomainGuid = "string",
            DomainName = "string",
            DomainSid = "string",
            ForestName = "string",
            NetbiosDomainName = "string",
            StorageSid = "string",
        },
        DefaultShareLevelPermission = "string",
    },
    BlobProperties = new Azure.Storage.Inputs.AccountBlobPropertiesArgs
    {
        ChangeFeedEnabled = false,
        ChangeFeedRetentionInDays = 0,
        ContainerDeleteRetentionPolicy = new Azure.Storage.Inputs.AccountBlobPropertiesContainerDeleteRetentionPolicyArgs
        {
            Days = 0,
        },
        CorsRules = new[]
        {
            new Azure.Storage.Inputs.AccountBlobPropertiesCorsRuleArgs
            {
                AllowedHeaders = new[]
                {
                    "string",
                },
                AllowedMethods = new[]
                {
                    "string",
                },
                AllowedOrigins = new[]
                {
                    "string",
                },
                ExposedHeaders = new[]
                {
                    "string",
                },
                MaxAgeInSeconds = 0,
            },
        },
        DefaultServiceVersion = "string",
        DeleteRetentionPolicy = new Azure.Storage.Inputs.AccountBlobPropertiesDeleteRetentionPolicyArgs
        {
            Days = 0,
            PermanentDeleteEnabled = false,
        },
        LastAccessTimeEnabled = false,
        RestorePolicy = new Azure.Storage.Inputs.AccountBlobPropertiesRestorePolicyArgs
        {
            Days = 0,
        },
        VersioningEnabled = false,
    },
    CrossTenantReplicationEnabled = false,
    CustomDomain = new Azure.Storage.Inputs.AccountCustomDomainArgs
    {
        Name = "string",
        UseSubdomain = false,
    },
    CustomerManagedKey = new Azure.Storage.Inputs.AccountCustomerManagedKeyArgs
    {
        UserAssignedIdentityId = "string",
        KeyVaultKeyId = "string",
        ManagedHsmKeyId = "string",
    },
    DefaultToOauthAuthentication = false,
    DnsEndpointType = "string",
    EdgeZone = "string",
    HttpsTrafficOnlyEnabled = false,
    Identity = new Azure.Storage.Inputs.AccountIdentityArgs
    {
        Type = "string",
        IdentityIds = new[]
        {
            "string",
        },
        PrincipalId = "string",
        TenantId = "string",
    },
    ImmutabilityPolicy = new Azure.Storage.Inputs.AccountImmutabilityPolicyArgs
    {
        AllowProtectedAppendWrites = false,
        PeriodSinceCreationInDays = 0,
        State = "string",
    },
    InfrastructureEncryptionEnabled = false,
    AccessTier = "string",
    AllowNestedItemsToBePublic = false,
    LargeFileShareEnabled = false,
    Location = "string",
    MinTlsVersion = "string",
    Name = "string",
    NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs
    {
        DefaultAction = "string",
        Bypasses = new[]
        {
            "string",
        },
        IpRules = new[]
        {
            "string",
        },
        PrivateLinkAccesses = new[]
        {
            new Azure.Storage.Inputs.AccountNetworkRulesPrivateLinkAccessArgs
            {
                EndpointResourceId = "string",
                EndpointTenantId = "string",
            },
        },
        VirtualNetworkSubnetIds = new[]
        {
            "string",
        },
    },
    Nfsv3Enabled = false,
    PublicNetworkAccessEnabled = false,
    QueueEncryptionKeyType = "string",
    AccountKind = "string",
    Routing = new Azure.Storage.Inputs.AccountRoutingArgs
    {
        Choice = "string",
        PublishInternetEndpoints = false,
        PublishMicrosoftEndpoints = false,
    },
    SasPolicy = new Azure.Storage.Inputs.AccountSasPolicyArgs
    {
        ExpirationPeriod = "string",
        ExpirationAction = "string",
    },
    SftpEnabled = false,
    ShareProperties = new Azure.Storage.Inputs.AccountSharePropertiesArgs
    {
        CorsRules = new[]
        {
            new Azure.Storage.Inputs.AccountSharePropertiesCorsRuleArgs
            {
                AllowedHeaders = new[]
                {
                    "string",
                },
                AllowedMethods = new[]
                {
                    "string",
                },
                AllowedOrigins = new[]
                {
                    "string",
                },
                ExposedHeaders = new[]
                {
                    "string",
                },
                MaxAgeInSeconds = 0,
            },
        },
        RetentionPolicy = new Azure.Storage.Inputs.AccountSharePropertiesRetentionPolicyArgs
        {
            Days = 0,
        },
        Smb = new Azure.Storage.Inputs.AccountSharePropertiesSmbArgs
        {
            AuthenticationTypes = new[]
            {
                "string",
            },
            ChannelEncryptionTypes = new[]
            {
                "string",
            },
            KerberosTicketEncryptionTypes = new[]
            {
                "string",
            },
            MultichannelEnabled = false,
            Versions = new[]
            {
                "string",
            },
        },
    },
    SharedAccessKeyEnabled = false,
    TableEncryptionKeyType = "string",
    Tags = 
    {
        { "string", "string" },
    },
});
example, err := storage.NewAccount(ctx, "exampleaccountResourceResourceFromStorageaccount", &storage.AccountArgs{
	AccountTier:            pulumi.String("string"),
	ResourceGroupName:      pulumi.String("string"),
	AccountReplicationType: pulumi.String("string"),
	IsHnsEnabled:           pulumi.Bool(false),
	LocalUserEnabled:       pulumi.Bool(false),
	AllowedCopyScope:       pulumi.String("string"),
	AzureFilesAuthentication: &storage.AccountAzureFilesAuthenticationArgs{
		DirectoryType: pulumi.String("string"),
		ActiveDirectory: &storage.AccountAzureFilesAuthenticationActiveDirectoryArgs{
			DomainGuid:        pulumi.String("string"),
			DomainName:        pulumi.String("string"),
			DomainSid:         pulumi.String("string"),
			ForestName:        pulumi.String("string"),
			NetbiosDomainName: pulumi.String("string"),
			StorageSid:        pulumi.String("string"),
		},
		DefaultShareLevelPermission: pulumi.String("string"),
	},
	BlobProperties: &storage.AccountBlobPropertiesArgs{
		ChangeFeedEnabled:         pulumi.Bool(false),
		ChangeFeedRetentionInDays: pulumi.Int(0),
		ContainerDeleteRetentionPolicy: &storage.AccountBlobPropertiesContainerDeleteRetentionPolicyArgs{
			Days: pulumi.Int(0),
		},
		CorsRules: storage.AccountBlobPropertiesCorsRuleArray{
			&storage.AccountBlobPropertiesCorsRuleArgs{
				AllowedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedMethods: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedOrigins: pulumi.StringArray{
					pulumi.String("string"),
				},
				ExposedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				MaxAgeInSeconds: pulumi.Int(0),
			},
		},
		DefaultServiceVersion: pulumi.String("string"),
		DeleteRetentionPolicy: &storage.AccountBlobPropertiesDeleteRetentionPolicyArgs{
			Days:                   pulumi.Int(0),
			PermanentDeleteEnabled: pulumi.Bool(false),
		},
		LastAccessTimeEnabled: pulumi.Bool(false),
		RestorePolicy: &storage.AccountBlobPropertiesRestorePolicyArgs{
			Days: pulumi.Int(0),
		},
		VersioningEnabled: pulumi.Bool(false),
	},
	CrossTenantReplicationEnabled: pulumi.Bool(false),
	CustomDomain: &storage.AccountCustomDomainArgs{
		Name:         pulumi.String("string"),
		UseSubdomain: pulumi.Bool(false),
	},
	CustomerManagedKey: &storage.AccountCustomerManagedKeyArgs{
		UserAssignedIdentityId: pulumi.String("string"),
		KeyVaultKeyId:          pulumi.String("string"),
		ManagedHsmKeyId:        pulumi.String("string"),
	},
	DefaultToOauthAuthentication: pulumi.Bool(false),
	DnsEndpointType:              pulumi.String("string"),
	EdgeZone:                     pulumi.String("string"),
	HttpsTrafficOnlyEnabled:      pulumi.Bool(false),
	Identity: &storage.AccountIdentityArgs{
		Type: pulumi.String("string"),
		IdentityIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		PrincipalId: pulumi.String("string"),
		TenantId:    pulumi.String("string"),
	},
	ImmutabilityPolicy: &storage.AccountImmutabilityPolicyArgs{
		AllowProtectedAppendWrites: pulumi.Bool(false),
		PeriodSinceCreationInDays:  pulumi.Int(0),
		State:                      pulumi.String("string"),
	},
	InfrastructureEncryptionEnabled: pulumi.Bool(false),
	AccessTier:                      pulumi.String("string"),
	AllowNestedItemsToBePublic:      pulumi.Bool(false),
	LargeFileShareEnabled:           pulumi.Bool(false),
	Location:                        pulumi.String("string"),
	MinTlsVersion:                   pulumi.String("string"),
	Name:                            pulumi.String("string"),
	NetworkRules: &storage.AccountNetworkRulesTypeArgs{
		DefaultAction: pulumi.String("string"),
		Bypasses: pulumi.StringArray{
			pulumi.String("string"),
		},
		IpRules: pulumi.StringArray{
			pulumi.String("string"),
		},
		PrivateLinkAccesses: storage.AccountNetworkRulesPrivateLinkAccessArray{
			&storage.AccountNetworkRulesPrivateLinkAccessArgs{
				EndpointResourceId: pulumi.String("string"),
				EndpointTenantId:   pulumi.String("string"),
			},
		},
		VirtualNetworkSubnetIds: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
	Nfsv3Enabled:               pulumi.Bool(false),
	PublicNetworkAccessEnabled: pulumi.Bool(false),
	QueueEncryptionKeyType:     pulumi.String("string"),
	AccountKind:                pulumi.String("string"),
	Routing: &storage.AccountRoutingArgs{
		Choice:                    pulumi.String("string"),
		PublishInternetEndpoints:  pulumi.Bool(false),
		PublishMicrosoftEndpoints: pulumi.Bool(false),
	},
	SasPolicy: &storage.AccountSasPolicyArgs{
		ExpirationPeriod: pulumi.String("string"),
		ExpirationAction: pulumi.String("string"),
	},
	SftpEnabled: pulumi.Bool(false),
	ShareProperties: &storage.AccountSharePropertiesArgs{
		CorsRules: storage.AccountSharePropertiesCorsRuleArray{
			&storage.AccountSharePropertiesCorsRuleArgs{
				AllowedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedMethods: pulumi.StringArray{
					pulumi.String("string"),
				},
				AllowedOrigins: pulumi.StringArray{
					pulumi.String("string"),
				},
				ExposedHeaders: pulumi.StringArray{
					pulumi.String("string"),
				},
				MaxAgeInSeconds: pulumi.Int(0),
			},
		},
		RetentionPolicy: &storage.AccountSharePropertiesRetentionPolicyArgs{
			Days: pulumi.Int(0),
		},
		Smb: &storage.AccountSharePropertiesSmbArgs{
			AuthenticationTypes: pulumi.StringArray{
				pulumi.String("string"),
			},
			ChannelEncryptionTypes: pulumi.StringArray{
				pulumi.String("string"),
			},
			KerberosTicketEncryptionTypes: pulumi.StringArray{
				pulumi.String("string"),
			},
			MultichannelEnabled: pulumi.Bool(false),
			Versions: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
	},
	SharedAccessKeyEnabled: pulumi.Bool(false),
	TableEncryptionKeyType: pulumi.String("string"),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
})
var exampleaccountResourceResourceFromStorageaccount = new com.pulumi.azure.storage.Account("exampleaccountResourceResourceFromStorageaccount", com.pulumi.azure.storage.AccountArgs.builder()
    .accountTier("string")
    .resourceGroupName("string")
    .accountReplicationType("string")
    .isHnsEnabled(false)
    .localUserEnabled(false)
    .allowedCopyScope("string")
    .azureFilesAuthentication(AccountAzureFilesAuthenticationArgs.builder()
        .directoryType("string")
        .activeDirectory(AccountAzureFilesAuthenticationActiveDirectoryArgs.builder()
            .domainGuid("string")
            .domainName("string")
            .domainSid("string")
            .forestName("string")
            .netbiosDomainName("string")
            .storageSid("string")
            .build())
        .defaultShareLevelPermission("string")
        .build())
    .blobProperties(AccountBlobPropertiesArgs.builder()
        .changeFeedEnabled(false)
        .changeFeedRetentionInDays(0)
        .containerDeleteRetentionPolicy(AccountBlobPropertiesContainerDeleteRetentionPolicyArgs.builder()
            .days(0)
            .build())
        .corsRules(AccountBlobPropertiesCorsRuleArgs.builder()
            .allowedHeaders("string")
            .allowedMethods("string")
            .allowedOrigins("string")
            .exposedHeaders("string")
            .maxAgeInSeconds(0)
            .build())
        .defaultServiceVersion("string")
        .deleteRetentionPolicy(AccountBlobPropertiesDeleteRetentionPolicyArgs.builder()
            .days(0)
            .permanentDeleteEnabled(false)
            .build())
        .lastAccessTimeEnabled(false)
        .restorePolicy(AccountBlobPropertiesRestorePolicyArgs.builder()
            .days(0)
            .build())
        .versioningEnabled(false)
        .build())
    .crossTenantReplicationEnabled(false)
    .customDomain(AccountCustomDomainArgs.builder()
        .name("string")
        .useSubdomain(false)
        .build())
    .customerManagedKey(AccountCustomerManagedKeyArgs.builder()
        .userAssignedIdentityId("string")
        .keyVaultKeyId("string")
        .managedHsmKeyId("string")
        .build())
    .defaultToOauthAuthentication(false)
    .dnsEndpointType("string")
    .edgeZone("string")
    .httpsTrafficOnlyEnabled(false)
    .identity(AccountIdentityArgs.builder()
        .type("string")
        .identityIds("string")
        .principalId("string")
        .tenantId("string")
        .build())
    .immutabilityPolicy(AccountImmutabilityPolicyArgs.builder()
        .allowProtectedAppendWrites(false)
        .periodSinceCreationInDays(0)
        .state("string")
        .build())
    .infrastructureEncryptionEnabled(false)
    .accessTier("string")
    .allowNestedItemsToBePublic(false)
    .largeFileShareEnabled(false)
    .location("string")
    .minTlsVersion("string")
    .name("string")
    .networkRules(AccountNetworkRulesArgs.builder()
        .defaultAction("string")
        .bypasses("string")
        .ipRules("string")
        .privateLinkAccesses(AccountNetworkRulesPrivateLinkAccessArgs.builder()
            .endpointResourceId("string")
            .endpointTenantId("string")
            .build())
        .virtualNetworkSubnetIds("string")
        .build())
    .nfsv3Enabled(false)
    .publicNetworkAccessEnabled(false)
    .queueEncryptionKeyType("string")
    .accountKind("string")
    .routing(AccountRoutingArgs.builder()
        .choice("string")
        .publishInternetEndpoints(false)
        .publishMicrosoftEndpoints(false)
        .build())
    .sasPolicy(AccountSasPolicyArgs.builder()
        .expirationPeriod("string")
        .expirationAction("string")
        .build())
    .sftpEnabled(false)
    .shareProperties(AccountSharePropertiesArgs.builder()
        .corsRules(AccountSharePropertiesCorsRuleArgs.builder()
            .allowedHeaders("string")
            .allowedMethods("string")
            .allowedOrigins("string")
            .exposedHeaders("string")
            .maxAgeInSeconds(0)
            .build())
        .retentionPolicy(AccountSharePropertiesRetentionPolicyArgs.builder()
            .days(0)
            .build())
        .smb(AccountSharePropertiesSmbArgs.builder()
            .authenticationTypes("string")
            .channelEncryptionTypes("string")
            .kerberosTicketEncryptionTypes("string")
            .multichannelEnabled(false)
            .versions("string")
            .build())
        .build())
    .sharedAccessKeyEnabled(false)
    .tableEncryptionKeyType("string")
    .tags(Map.of("string", "string"))
    .build());
exampleaccount_resource_resource_from_storageaccount = azure.storage.Account("exampleaccountResourceResourceFromStorageaccount",
    account_tier="string",
    resource_group_name="string",
    account_replication_type="string",
    is_hns_enabled=False,
    local_user_enabled=False,
    allowed_copy_scope="string",
    azure_files_authentication={
        "directory_type": "string",
        "active_directory": {
            "domain_guid": "string",
            "domain_name": "string",
            "domain_sid": "string",
            "forest_name": "string",
            "netbios_domain_name": "string",
            "storage_sid": "string",
        },
        "default_share_level_permission": "string",
    },
    blob_properties={
        "change_feed_enabled": False,
        "change_feed_retention_in_days": 0,
        "container_delete_retention_policy": {
            "days": 0,
        },
        "cors_rules": [{
            "allowed_headers": ["string"],
            "allowed_methods": ["string"],
            "allowed_origins": ["string"],
            "exposed_headers": ["string"],
            "max_age_in_seconds": 0,
        }],
        "default_service_version": "string",
        "delete_retention_policy": {
            "days": 0,
            "permanent_delete_enabled": False,
        },
        "last_access_time_enabled": False,
        "restore_policy": {
            "days": 0,
        },
        "versioning_enabled": False,
    },
    cross_tenant_replication_enabled=False,
    custom_domain={
        "name": "string",
        "use_subdomain": False,
    },
    customer_managed_key={
        "user_assigned_identity_id": "string",
        "key_vault_key_id": "string",
        "managed_hsm_key_id": "string",
    },
    default_to_oauth_authentication=False,
    dns_endpoint_type="string",
    edge_zone="string",
    https_traffic_only_enabled=False,
    identity={
        "type": "string",
        "identity_ids": ["string"],
        "principal_id": "string",
        "tenant_id": "string",
    },
    immutability_policy={
        "allow_protected_append_writes": False,
        "period_since_creation_in_days": 0,
        "state": "string",
    },
    infrastructure_encryption_enabled=False,
    access_tier="string",
    allow_nested_items_to_be_public=False,
    large_file_share_enabled=False,
    location="string",
    min_tls_version="string",
    name="string",
    network_rules={
        "default_action": "string",
        "bypasses": ["string"],
        "ip_rules": ["string"],
        "private_link_accesses": [{
            "endpoint_resource_id": "string",
            "endpoint_tenant_id": "string",
        }],
        "virtual_network_subnet_ids": ["string"],
    },
    nfsv3_enabled=False,
    public_network_access_enabled=False,
    queue_encryption_key_type="string",
    account_kind="string",
    routing={
        "choice": "string",
        "publish_internet_endpoints": False,
        "publish_microsoft_endpoints": False,
    },
    sas_policy={
        "expiration_period": "string",
        "expiration_action": "string",
    },
    sftp_enabled=False,
    share_properties={
        "cors_rules": [{
            "allowed_headers": ["string"],
            "allowed_methods": ["string"],
            "allowed_origins": ["string"],
            "exposed_headers": ["string"],
            "max_age_in_seconds": 0,
        }],
        "retention_policy": {
            "days": 0,
        },
        "smb": {
            "authentication_types": ["string"],
            "channel_encryption_types": ["string"],
            "kerberos_ticket_encryption_types": ["string"],
            "multichannel_enabled": False,
            "versions": ["string"],
        },
    },
    shared_access_key_enabled=False,
    table_encryption_key_type="string",
    tags={
        "string": "string",
    })
const exampleaccountResourceResourceFromStorageaccount = new azure.storage.Account("exampleaccountResourceResourceFromStorageaccount", {
    accountTier: "string",
    resourceGroupName: "string",
    accountReplicationType: "string",
    isHnsEnabled: false,
    localUserEnabled: false,
    allowedCopyScope: "string",
    azureFilesAuthentication: {
        directoryType: "string",
        activeDirectory: {
            domainGuid: "string",
            domainName: "string",
            domainSid: "string",
            forestName: "string",
            netbiosDomainName: "string",
            storageSid: "string",
        },
        defaultShareLevelPermission: "string",
    },
    blobProperties: {
        changeFeedEnabled: false,
        changeFeedRetentionInDays: 0,
        containerDeleteRetentionPolicy: {
            days: 0,
        },
        corsRules: [{
            allowedHeaders: ["string"],
            allowedMethods: ["string"],
            allowedOrigins: ["string"],
            exposedHeaders: ["string"],
            maxAgeInSeconds: 0,
        }],
        defaultServiceVersion: "string",
        deleteRetentionPolicy: {
            days: 0,
            permanentDeleteEnabled: false,
        },
        lastAccessTimeEnabled: false,
        restorePolicy: {
            days: 0,
        },
        versioningEnabled: false,
    },
    crossTenantReplicationEnabled: false,
    customDomain: {
        name: "string",
        useSubdomain: false,
    },
    customerManagedKey: {
        userAssignedIdentityId: "string",
        keyVaultKeyId: "string",
        managedHsmKeyId: "string",
    },
    defaultToOauthAuthentication: false,
    dnsEndpointType: "string",
    edgeZone: "string",
    httpsTrafficOnlyEnabled: false,
    identity: {
        type: "string",
        identityIds: ["string"],
        principalId: "string",
        tenantId: "string",
    },
    immutabilityPolicy: {
        allowProtectedAppendWrites: false,
        periodSinceCreationInDays: 0,
        state: "string",
    },
    infrastructureEncryptionEnabled: false,
    accessTier: "string",
    allowNestedItemsToBePublic: false,
    largeFileShareEnabled: false,
    location: "string",
    minTlsVersion: "string",
    name: "string",
    networkRules: {
        defaultAction: "string",
        bypasses: ["string"],
        ipRules: ["string"],
        privateLinkAccesses: [{
            endpointResourceId: "string",
            endpointTenantId: "string",
        }],
        virtualNetworkSubnetIds: ["string"],
    },
    nfsv3Enabled: false,
    publicNetworkAccessEnabled: false,
    queueEncryptionKeyType: "string",
    accountKind: "string",
    routing: {
        choice: "string",
        publishInternetEndpoints: false,
        publishMicrosoftEndpoints: false,
    },
    sasPolicy: {
        expirationPeriod: "string",
        expirationAction: "string",
    },
    sftpEnabled: false,
    shareProperties: {
        corsRules: [{
            allowedHeaders: ["string"],
            allowedMethods: ["string"],
            allowedOrigins: ["string"],
            exposedHeaders: ["string"],
            maxAgeInSeconds: 0,
        }],
        retentionPolicy: {
            days: 0,
        },
        smb: {
            authenticationTypes: ["string"],
            channelEncryptionTypes: ["string"],
            kerberosTicketEncryptionTypes: ["string"],
            multichannelEnabled: false,
            versions: ["string"],
        },
    },
    sharedAccessKeyEnabled: false,
    tableEncryptionKeyType: "string",
    tags: {
        string: "string",
    },
});
type: azure:storage:Account
properties:
    accessTier: string
    accountKind: string
    accountReplicationType: string
    accountTier: string
    allowNestedItemsToBePublic: false
    allowedCopyScope: string
    azureFilesAuthentication:
        activeDirectory:
            domainGuid: string
            domainName: string
            domainSid: string
            forestName: string
            netbiosDomainName: string
            storageSid: string
        defaultShareLevelPermission: string
        directoryType: string
    blobProperties:
        changeFeedEnabled: false
        changeFeedRetentionInDays: 0
        containerDeleteRetentionPolicy:
            days: 0
        corsRules:
            - allowedHeaders:
                - string
              allowedMethods:
                - string
              allowedOrigins:
                - string
              exposedHeaders:
                - string
              maxAgeInSeconds: 0
        defaultServiceVersion: string
        deleteRetentionPolicy:
            days: 0
            permanentDeleteEnabled: false
        lastAccessTimeEnabled: false
        restorePolicy:
            days: 0
        versioningEnabled: false
    crossTenantReplicationEnabled: false
    customDomain:
        name: string
        useSubdomain: false
    customerManagedKey:
        keyVaultKeyId: string
        managedHsmKeyId: string
        userAssignedIdentityId: string
    defaultToOauthAuthentication: false
    dnsEndpointType: string
    edgeZone: string
    httpsTrafficOnlyEnabled: false
    identity:
        identityIds:
            - string
        principalId: string
        tenantId: string
        type: string
    immutabilityPolicy:
        allowProtectedAppendWrites: false
        periodSinceCreationInDays: 0
        state: string
    infrastructureEncryptionEnabled: false
    isHnsEnabled: false
    largeFileShareEnabled: false
    localUserEnabled: false
    location: string
    minTlsVersion: string
    name: string
    networkRules:
        bypasses:
            - string
        defaultAction: string
        ipRules:
            - string
        privateLinkAccesses:
            - endpointResourceId: string
              endpointTenantId: string
        virtualNetworkSubnetIds:
            - string
    nfsv3Enabled: false
    publicNetworkAccessEnabled: false
    queueEncryptionKeyType: string
    resourceGroupName: string
    routing:
        choice: string
        publishInternetEndpoints: false
        publishMicrosoftEndpoints: false
    sasPolicy:
        expirationAction: string
        expirationPeriod: string
    sftpEnabled: false
    shareProperties:
        corsRules:
            - allowedHeaders:
                - string
              allowedMethods:
                - string
              allowedOrigins:
                - string
              exposedHeaders:
                - string
              maxAgeInSeconds: 0
        retentionPolicy:
            days: 0
        smb:
            authenticationTypes:
                - string
            channelEncryptionTypes:
                - string
            kerberosTicketEncryptionTypes:
                - string
            multichannelEnabled: false
            versions:
                - string
    sharedAccessKeyEnabled: false
    tableEncryptionKeyType: string
    tags:
        string: string
Account Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Account resource accepts the following input properties:
- AccountReplication stringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- AccountTier string
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- ResourceGroup stringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- AccessTier string
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- AccountKind string
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- AllowNested boolItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- AllowedCopy stringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- AzureFiles AccountAuthentication Azure Files Authentication 
- A azure_files_authenticationblock as defined below.
- BlobProperties AccountBlob Properties 
- A blob_propertiesblock as defined below.
- CrossTenant boolReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- CustomDomain AccountCustom Domain 
- A custom_domainblock as documented below.
- CustomerManaged AccountKey Customer Managed Key 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- DefaultTo boolOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- DnsEndpoint stringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- EdgeZone string
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- HttpsTraffic boolOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- Identity
AccountIdentity 
- An identityblock as defined below.
- ImmutabilityPolicy AccountImmutability Policy 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- InfrastructureEncryption boolEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- IsHns boolEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- bool
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- LocalUser boolEnabled 
- Is Local User Enabled? Defaults to true.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MinTls stringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- Name string
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- NetworkRules AccountNetwork Rules 
- A network_rulesblock as documented below.
- Nfsv3Enabled bool
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- PublicNetwork boolAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- QueueEncryption stringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- QueueProperties AccountQueue Properties 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- Routing
AccountRouting 
- A routingblock as defined below.
- SasPolicy AccountSas Policy 
- A sas_policyblock as defined below.
- SftpEnabled bool
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- bool
- StaticWebsite AccountStatic Website 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- TableEncryption stringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- AccountReplication stringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- AccountTier string
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- ResourceGroup stringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- AccessTier string
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- AccountKind string
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- AllowNested boolItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- AllowedCopy stringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- AzureFiles AccountAuthentication Azure Files Authentication Args 
- A azure_files_authenticationblock as defined below.
- BlobProperties AccountBlob Properties Args 
- A blob_propertiesblock as defined below.
- CrossTenant boolReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- CustomDomain AccountCustom Domain Args 
- A custom_domainblock as documented below.
- CustomerManaged AccountKey Customer Managed Key Args 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- DefaultTo boolOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- DnsEndpoint stringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- EdgeZone string
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- HttpsTraffic boolOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- Identity
AccountIdentity Args 
- An identityblock as defined below.
- ImmutabilityPolicy AccountImmutability Policy Args 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- InfrastructureEncryption boolEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- IsHns boolEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- bool
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- LocalUser boolEnabled 
- Is Local User Enabled? Defaults to true.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MinTls stringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- Name string
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- NetworkRules AccountNetwork Rules Type Args 
- A network_rulesblock as documented below.
- Nfsv3Enabled bool
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- PublicNetwork boolAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- QueueEncryption stringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- QueueProperties AccountQueue Properties Type Args 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- Routing
AccountRouting Args 
- A routingblock as defined below.
- SasPolicy AccountSas Policy Args 
- A sas_policyblock as defined below.
- SftpEnabled bool
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties Args 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- bool
- StaticWebsite AccountStatic Website Type Args 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- TableEncryption stringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- map[string]string
- A mapping of tags to assign to the resource.
- accountReplication StringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- accountTier String
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- resourceGroup StringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- accessTier String
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- accountKind String
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- allowNested BooleanItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowedCopy StringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azureFiles AccountAuthentication Azure Files Authentication 
- A azure_files_authenticationblock as defined below.
- blobProperties AccountBlob Properties 
- A blob_propertiesblock as defined below.
- crossTenant BooleanReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- customDomain AccountCustom Domain 
- A custom_domainblock as documented below.
- customerManaged AccountKey Customer Managed Key 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- defaultTo BooleanOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dnsEndpoint StringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edgeZone String
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- httpsTraffic BooleanOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity
AccountIdentity 
- An identityblock as defined below.
- immutabilityPolicy AccountImmutability Policy 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructureEncryption BooleanEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- isHns BooleanEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- Boolean
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- localUser BooleanEnabled 
- Is Local User Enabled? Defaults to true.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minTls StringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name String
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- networkRules AccountNetwork Rules 
- A network_rulesblock as documented below.
- nfsv3Enabled Boolean
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- publicNetwork BooleanAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- queueEncryption StringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queueProperties AccountQueue Properties 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- routing
AccountRouting 
- A routingblock as defined below.
- sasPolicy AccountSas Policy 
- A sas_policyblock as defined below.
- sftpEnabled Boolean
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- Boolean
- staticWebsite AccountStatic Website 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- tableEncryption StringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Map<String,String>
- A mapping of tags to assign to the resource.
- accountReplication stringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- accountTier string
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- resourceGroup stringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- accessTier string
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- accountKind string
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- allowNested booleanItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowedCopy stringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azureFiles AccountAuthentication Azure Files Authentication 
- A azure_files_authenticationblock as defined below.
- blobProperties AccountBlob Properties 
- A blob_propertiesblock as defined below.
- crossTenant booleanReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- customDomain AccountCustom Domain 
- A custom_domainblock as documented below.
- customerManaged AccountKey Customer Managed Key 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- defaultTo booleanOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dnsEndpoint stringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edgeZone string
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- httpsTraffic booleanOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity
AccountIdentity 
- An identityblock as defined below.
- immutabilityPolicy AccountImmutability Policy 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructureEncryption booleanEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- isHns booleanEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- boolean
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- localUser booleanEnabled 
- Is Local User Enabled? Defaults to true.
- location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minTls stringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name string
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- networkRules AccountNetwork Rules 
- A network_rulesblock as documented below.
- nfsv3Enabled boolean
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- publicNetwork booleanAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- queueEncryption stringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queueProperties AccountQueue Properties 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- routing
AccountRouting 
- A routingblock as defined below.
- sasPolicy AccountSas Policy 
- A sas_policyblock as defined below.
- sftpEnabled boolean
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- boolean
- staticWebsite AccountStatic Website 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- tableEncryption stringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- account_replication_ strtype 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- account_tier str
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- resource_group_ strname 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- access_tier str
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- account_kind str
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- allow_nested_ boolitems_ to_ be_ public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowed_copy_ strscope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azure_files_ Accountauthentication Azure Files Authentication Args 
- A azure_files_authenticationblock as defined below.
- blob_properties AccountBlob Properties Args 
- A blob_propertiesblock as defined below.
- cross_tenant_ boolreplication_ enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- custom_domain AccountCustom Domain Args 
- A custom_domainblock as documented below.
- customer_managed_ Accountkey Customer Managed Key Args 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- default_to_ booloauth_ authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dns_endpoint_ strtype 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edge_zone str
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- https_traffic_ boolonly_ enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity
AccountIdentity Args 
- An identityblock as defined below.
- immutability_policy AccountImmutability Policy Args 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructure_encryption_ boolenabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- is_hns_ boolenabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- bool
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- local_user_ boolenabled 
- Is Local User Enabled? Defaults to true.
- location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- min_tls_ strversion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name str
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- network_rules AccountNetwork Rules Args 
- A network_rulesblock as documented below.
- nfsv3_enabled bool
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- public_network_ boolaccess_ enabled 
- Whether the public network access is enabled? Defaults to true.
- queue_encryption_ strkey_ type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queue_properties AccountQueue Properties Args 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- routing
AccountRouting Args 
- A routingblock as defined below.
- sas_policy AccountSas Policy Args 
- A sas_policyblock as defined below.
- sftp_enabled bool
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties Args 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- bool
- static_website AccountStatic Website Args 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- table_encryption_ strkey_ type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- accountReplication StringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- accountTier String
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- resourceGroup StringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- accessTier String
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- accountKind String
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- allowNested BooleanItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowedCopy StringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azureFiles Property MapAuthentication 
- A azure_files_authenticationblock as defined below.
- blobProperties Property Map
- A blob_propertiesblock as defined below.
- crossTenant BooleanReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- customDomain Property Map
- A custom_domainblock as documented below.
- customerManaged Property MapKey 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- defaultTo BooleanOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dnsEndpoint StringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edgeZone String
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- httpsTraffic BooleanOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity Property Map
- An identityblock as defined below.
- immutabilityPolicy Property Map
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructureEncryption BooleanEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- isHns BooleanEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- Boolean
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- localUser BooleanEnabled 
- Is Local User Enabled? Defaults to true.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minTls StringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name String
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- networkRules Property Map
- A network_rulesblock as documented below.
- nfsv3Enabled Boolean
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- publicNetwork BooleanAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- queueEncryption StringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queueProperties Property Map
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- routing Property Map
- A routingblock as defined below.
- sasPolicy Property Map
- A sas_policyblock as defined below.
- sftpEnabled Boolean
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- Property Map
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- Boolean
- staticWebsite Property Map
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- tableEncryption StringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Map<String>
- A mapping of tags to assign to the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the Account resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- PrimaryAccess stringKey 
- The primary access key for the storage account.
- PrimaryBlob stringConnection String 
- The connection string associated with the primary blob location.
- PrimaryBlob stringEndpoint 
- The endpoint URL for blob storage in the primary location.
- PrimaryBlob stringHost 
- The hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- PrimaryConnection stringString 
- The connection string associated with the primary location.
- PrimaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryFile stringEndpoint 
- The endpoint URL for file storage in the primary location.
- PrimaryFile stringHost 
- The hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- PrimaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- PrimaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- PrimaryLocation string
- The primary location of the storage account.
- PrimaryQueue stringEndpoint 
- The endpoint URL for queue storage in the primary location.
- PrimaryQueue stringHost 
- The hostname with port if applicable for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- PrimaryTable stringEndpoint 
- The endpoint URL for table storage in the primary location.
- PrimaryTable stringHost 
- The hostname with port if applicable for table storage in the primary location.
- PrimaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- PrimaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- PrimaryWeb stringEndpoint 
- The endpoint URL for web storage in the primary location.
- PrimaryWeb stringHost 
- The hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- SecondaryAccess stringKey 
- The secondary access key for the storage account.
- SecondaryBlob stringConnection String 
- The connection string associated with the secondary blob location.
- SecondaryBlob stringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryConnection stringString 
- The connection string associated with the secondary location.
- SecondaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryFile stringEndpoint 
- The endpoint URL for file storage in the secondary location.
- SecondaryFile stringHost 
- The hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- SecondaryLocation string
- The secondary location of the storage account.
- SecondaryQueue stringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- SecondaryTable stringEndpoint 
- The endpoint URL for table storage in the secondary location.
- SecondaryTable stringHost 
- The hostname with port if applicable for table storage in the secondary location.
- SecondaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- SecondaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- SecondaryWeb stringEndpoint 
- The endpoint URL for web storage in the secondary location.
- SecondaryWeb stringHost 
- The hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- Id string
- The provider-assigned unique ID for this managed resource.
- PrimaryAccess stringKey 
- The primary access key for the storage account.
- PrimaryBlob stringConnection String 
- The connection string associated with the primary blob location.
- PrimaryBlob stringEndpoint 
- The endpoint URL for blob storage in the primary location.
- PrimaryBlob stringHost 
- The hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- PrimaryConnection stringString 
- The connection string associated with the primary location.
- PrimaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryFile stringEndpoint 
- The endpoint URL for file storage in the primary location.
- PrimaryFile stringHost 
- The hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- PrimaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- PrimaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- PrimaryLocation string
- The primary location of the storage account.
- PrimaryQueue stringEndpoint 
- The endpoint URL for queue storage in the primary location.
- PrimaryQueue stringHost 
- The hostname with port if applicable for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- PrimaryTable stringEndpoint 
- The endpoint URL for table storage in the primary location.
- PrimaryTable stringHost 
- The hostname with port if applicable for table storage in the primary location.
- PrimaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- PrimaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- PrimaryWeb stringEndpoint 
- The endpoint URL for web storage in the primary location.
- PrimaryWeb stringHost 
- The hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- SecondaryAccess stringKey 
- The secondary access key for the storage account.
- SecondaryBlob stringConnection String 
- The connection string associated with the secondary blob location.
- SecondaryBlob stringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryConnection stringString 
- The connection string associated with the secondary location.
- SecondaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryFile stringEndpoint 
- The endpoint URL for file storage in the secondary location.
- SecondaryFile stringHost 
- The hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- SecondaryLocation string
- The secondary location of the storage account.
- SecondaryQueue stringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- SecondaryTable stringEndpoint 
- The endpoint URL for table storage in the secondary location.
- SecondaryTable stringHost 
- The hostname with port if applicable for table storage in the secondary location.
- SecondaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- SecondaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- SecondaryWeb stringEndpoint 
- The endpoint URL for web storage in the secondary location.
- SecondaryWeb stringHost 
- The hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- id String
- The provider-assigned unique ID for this managed resource.
- primaryAccess StringKey 
- The primary access key for the storage account.
- primaryBlob StringConnection String 
- The connection string associated with the primary blob location.
- primaryBlob StringEndpoint 
- The endpoint URL for blob storage in the primary location.
- primaryBlob StringHost 
- The hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primaryConnection StringString 
- The connection string associated with the primary location.
- primaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- primaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primaryFile StringEndpoint 
- The endpoint URL for file storage in the primary location.
- primaryFile StringHost 
- The hostname with port if applicable for file storage in the primary location.
- primaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primaryLocation String
- The primary location of the storage account.
- primaryQueue StringEndpoint 
- The endpoint URL for queue storage in the primary location.
- primaryQueue StringHost 
- The hostname with port if applicable for queue storage in the primary location.
- primaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primaryTable StringEndpoint 
- The endpoint URL for table storage in the primary location.
- primaryTable StringHost 
- The hostname with port if applicable for table storage in the primary location.
- primaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primaryWeb StringEndpoint 
- The endpoint URL for web storage in the primary location.
- primaryWeb StringHost 
- The hostname with port if applicable for web storage in the primary location.
- primaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- secondaryAccess StringKey 
- The secondary access key for the storage account.
- secondaryBlob StringConnection String 
- The connection string associated with the secondary blob location.
- secondaryBlob StringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- secondaryBlob StringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondaryConnection StringString 
- The connection string associated with the secondary location.
- secondaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryFile StringEndpoint 
- The endpoint URL for file storage in the secondary location.
- secondaryFile StringHost 
- The hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondaryLocation String
- The secondary location of the storage account.
- secondaryQueue StringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- secondaryQueue StringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondaryTable StringEndpoint 
- The endpoint URL for table storage in the secondary location.
- secondaryTable StringHost 
- The hostname with port if applicable for table storage in the secondary location.
- secondaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondaryWeb StringEndpoint 
- The endpoint URL for web storage in the secondary location.
- secondaryWeb StringHost 
- The hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- id string
- The provider-assigned unique ID for this managed resource.
- primaryAccess stringKey 
- The primary access key for the storage account.
- primaryBlob stringConnection String 
- The connection string associated with the primary blob location.
- primaryBlob stringEndpoint 
- The endpoint URL for blob storage in the primary location.
- primaryBlob stringHost 
- The hostname with port if applicable for blob storage in the primary location.
- primaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primaryConnection stringString 
- The connection string associated with the primary location.
- primaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- primaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- primaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primaryFile stringEndpoint 
- The endpoint URL for file storage in the primary location.
- primaryFile stringHost 
- The hostname with port if applicable for file storage in the primary location.
- primaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primaryLocation string
- The primary location of the storage account.
- primaryQueue stringEndpoint 
- The endpoint URL for queue storage in the primary location.
- primaryQueue stringHost 
- The hostname with port if applicable for queue storage in the primary location.
- primaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primaryTable stringEndpoint 
- The endpoint URL for table storage in the primary location.
- primaryTable stringHost 
- The hostname with port if applicable for table storage in the primary location.
- primaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primaryWeb stringEndpoint 
- The endpoint URL for web storage in the primary location.
- primaryWeb stringHost 
- The hostname with port if applicable for web storage in the primary location.
- primaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- secondaryAccess stringKey 
- The secondary access key for the storage account.
- secondaryBlob stringConnection String 
- The connection string associated with the secondary blob location.
- secondaryBlob stringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- secondaryBlob stringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondaryConnection stringString 
- The connection string associated with the secondary location.
- secondaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryFile stringEndpoint 
- The endpoint URL for file storage in the secondary location.
- secondaryFile stringHost 
- The hostname with port if applicable for file storage in the secondary location.
- secondaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondaryLocation string
- The secondary location of the storage account.
- secondaryQueue stringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- secondaryQueue stringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondaryTable stringEndpoint 
- The endpoint URL for table storage in the secondary location.
- secondaryTable stringHost 
- The hostname with port if applicable for table storage in the secondary location.
- secondaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondaryWeb stringEndpoint 
- The endpoint URL for web storage in the secondary location.
- secondaryWeb stringHost 
- The hostname with port if applicable for web storage in the secondary location.
- secondaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- id str
- The provider-assigned unique ID for this managed resource.
- primary_access_ strkey 
- The primary access key for the storage account.
- primary_blob_ strconnection_ string 
- The connection string associated with the primary blob location.
- primary_blob_ strendpoint 
- The endpoint URL for blob storage in the primary location.
- primary_blob_ strhost 
- The hostname with port if applicable for blob storage in the primary location.
- primary_blob_ strinternet_ endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primary_blob_ strinternet_ host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primary_blob_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primary_blob_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primary_connection_ strstring 
- The connection string associated with the primary location.
- primary_dfs_ strendpoint 
- The endpoint URL for DFS storage in the primary location.
- primary_dfs_ strhost 
- The hostname with port if applicable for DFS storage in the primary location.
- primary_dfs_ strinternet_ endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primary_dfs_ strinternet_ host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primary_dfs_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primary_dfs_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primary_file_ strendpoint 
- The endpoint URL for file storage in the primary location.
- primary_file_ strhost 
- The hostname with port if applicable for file storage in the primary location.
- primary_file_ strinternet_ endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primary_file_ strinternet_ host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primary_file_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primary_file_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primary_location str
- The primary location of the storage account.
- primary_queue_ strendpoint 
- The endpoint URL for queue storage in the primary location.
- primary_queue_ strhost 
- The hostname with port if applicable for queue storage in the primary location.
- primary_queue_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primary_queue_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primary_table_ strendpoint 
- The endpoint URL for table storage in the primary location.
- primary_table_ strhost 
- The hostname with port if applicable for table storage in the primary location.
- primary_table_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primary_table_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primary_web_ strendpoint 
- The endpoint URL for web storage in the primary location.
- primary_web_ strhost 
- The hostname with port if applicable for web storage in the primary location.
- primary_web_ strinternet_ endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primary_web_ strinternet_ host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primary_web_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primary_web_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- secondary_access_ strkey 
- The secondary access key for the storage account.
- secondary_blob_ strconnection_ string 
- The connection string associated with the secondary blob location.
- secondary_blob_ strendpoint 
- The endpoint URL for blob storage in the secondary location.
- secondary_blob_ strhost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondary_blob_ strinternet_ endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondary_blob_ strinternet_ host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondary_blob_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondary_blob_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondary_connection_ strstring 
- The connection string associated with the secondary location.
- secondary_dfs_ strendpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondary_dfs_ strhost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondary_dfs_ strinternet_ endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondary_dfs_ strinternet_ host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondary_dfs_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondary_dfs_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondary_file_ strendpoint 
- The endpoint URL for file storage in the secondary location.
- secondary_file_ strhost 
- The hostname with port if applicable for file storage in the secondary location.
- secondary_file_ strinternet_ endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondary_file_ strinternet_ host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondary_file_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondary_file_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondary_location str
- The secondary location of the storage account.
- secondary_queue_ strendpoint 
- The endpoint URL for queue storage in the secondary location.
- secondary_queue_ strhost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondary_queue_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondary_queue_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondary_table_ strendpoint 
- The endpoint URL for table storage in the secondary location.
- secondary_table_ strhost 
- The hostname with port if applicable for table storage in the secondary location.
- secondary_table_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondary_table_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondary_web_ strendpoint 
- The endpoint URL for web storage in the secondary location.
- secondary_web_ strhost 
- The hostname with port if applicable for web storage in the secondary location.
- secondary_web_ strinternet_ endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondary_web_ strinternet_ host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondary_web_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondary_web_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- id String
- The provider-assigned unique ID for this managed resource.
- primaryAccess StringKey 
- The primary access key for the storage account.
- primaryBlob StringConnection String 
- The connection string associated with the primary blob location.
- primaryBlob StringEndpoint 
- The endpoint URL for blob storage in the primary location.
- primaryBlob StringHost 
- The hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primaryConnection StringString 
- The connection string associated with the primary location.
- primaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- primaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primaryFile StringEndpoint 
- The endpoint URL for file storage in the primary location.
- primaryFile StringHost 
- The hostname with port if applicable for file storage in the primary location.
- primaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primaryLocation String
- The primary location of the storage account.
- primaryQueue StringEndpoint 
- The endpoint URL for queue storage in the primary location.
- primaryQueue StringHost 
- The hostname with port if applicable for queue storage in the primary location.
- primaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primaryTable StringEndpoint 
- The endpoint URL for table storage in the primary location.
- primaryTable StringHost 
- The hostname with port if applicable for table storage in the primary location.
- primaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primaryWeb StringEndpoint 
- The endpoint URL for web storage in the primary location.
- primaryWeb StringHost 
- The hostname with port if applicable for web storage in the primary location.
- primaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- secondaryAccess StringKey 
- The secondary access key for the storage account.
- secondaryBlob StringConnection String 
- The connection string associated with the secondary blob location.
- secondaryBlob StringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- secondaryBlob StringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondaryConnection StringString 
- The connection string associated with the secondary location.
- secondaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryFile StringEndpoint 
- The endpoint URL for file storage in the secondary location.
- secondaryFile StringHost 
- The hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondaryLocation String
- The secondary location of the storage account.
- secondaryQueue StringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- secondaryQueue StringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondaryTable StringEndpoint 
- The endpoint URL for table storage in the secondary location.
- secondaryTable StringHost 
- The hostname with port if applicable for table storage in the secondary location.
- secondaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondaryWeb StringEndpoint 
- The endpoint URL for web storage in the secondary location.
- secondaryWeb StringHost 
- The hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
Look up Existing Account Resource
Get an existing Account resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccountState, opts?: CustomResourceOptions): Account@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_tier: Optional[str] = None,
        account_kind: Optional[str] = None,
        account_replication_type: Optional[str] = None,
        account_tier: Optional[str] = None,
        allow_nested_items_to_be_public: Optional[bool] = None,
        allowed_copy_scope: Optional[str] = None,
        azure_files_authentication: Optional[AccountAzureFilesAuthenticationArgs] = None,
        blob_properties: Optional[AccountBlobPropertiesArgs] = None,
        cross_tenant_replication_enabled: Optional[bool] = None,
        custom_domain: Optional[AccountCustomDomainArgs] = None,
        customer_managed_key: Optional[AccountCustomerManagedKeyArgs] = None,
        default_to_oauth_authentication: Optional[bool] = None,
        dns_endpoint_type: Optional[str] = None,
        edge_zone: Optional[str] = None,
        https_traffic_only_enabled: Optional[bool] = None,
        identity: Optional[AccountIdentityArgs] = None,
        immutability_policy: Optional[AccountImmutabilityPolicyArgs] = None,
        infrastructure_encryption_enabled: Optional[bool] = None,
        is_hns_enabled: Optional[bool] = None,
        large_file_share_enabled: Optional[bool] = None,
        local_user_enabled: Optional[bool] = None,
        location: Optional[str] = None,
        min_tls_version: Optional[str] = None,
        name: Optional[str] = None,
        network_rules: Optional[AccountNetworkRulesArgs] = None,
        nfsv3_enabled: Optional[bool] = None,
        primary_access_key: Optional[str] = None,
        primary_blob_connection_string: Optional[str] = None,
        primary_blob_endpoint: Optional[str] = None,
        primary_blob_host: Optional[str] = None,
        primary_blob_internet_endpoint: Optional[str] = None,
        primary_blob_internet_host: Optional[str] = None,
        primary_blob_microsoft_endpoint: Optional[str] = None,
        primary_blob_microsoft_host: Optional[str] = None,
        primary_connection_string: Optional[str] = None,
        primary_dfs_endpoint: Optional[str] = None,
        primary_dfs_host: Optional[str] = None,
        primary_dfs_internet_endpoint: Optional[str] = None,
        primary_dfs_internet_host: Optional[str] = None,
        primary_dfs_microsoft_endpoint: Optional[str] = None,
        primary_dfs_microsoft_host: Optional[str] = None,
        primary_file_endpoint: Optional[str] = None,
        primary_file_host: Optional[str] = None,
        primary_file_internet_endpoint: Optional[str] = None,
        primary_file_internet_host: Optional[str] = None,
        primary_file_microsoft_endpoint: Optional[str] = None,
        primary_file_microsoft_host: Optional[str] = None,
        primary_location: Optional[str] = None,
        primary_queue_endpoint: Optional[str] = None,
        primary_queue_host: Optional[str] = None,
        primary_queue_microsoft_endpoint: Optional[str] = None,
        primary_queue_microsoft_host: Optional[str] = None,
        primary_table_endpoint: Optional[str] = None,
        primary_table_host: Optional[str] = None,
        primary_table_microsoft_endpoint: Optional[str] = None,
        primary_table_microsoft_host: Optional[str] = None,
        primary_web_endpoint: Optional[str] = None,
        primary_web_host: Optional[str] = None,
        primary_web_internet_endpoint: Optional[str] = None,
        primary_web_internet_host: Optional[str] = None,
        primary_web_microsoft_endpoint: Optional[str] = None,
        primary_web_microsoft_host: Optional[str] = None,
        public_network_access_enabled: Optional[bool] = None,
        queue_encryption_key_type: Optional[str] = None,
        queue_properties: Optional[AccountQueuePropertiesArgs] = None,
        resource_group_name: Optional[str] = None,
        routing: Optional[AccountRoutingArgs] = None,
        sas_policy: Optional[AccountSasPolicyArgs] = None,
        secondary_access_key: Optional[str] = None,
        secondary_blob_connection_string: Optional[str] = None,
        secondary_blob_endpoint: Optional[str] = None,
        secondary_blob_host: Optional[str] = None,
        secondary_blob_internet_endpoint: Optional[str] = None,
        secondary_blob_internet_host: Optional[str] = None,
        secondary_blob_microsoft_endpoint: Optional[str] = None,
        secondary_blob_microsoft_host: Optional[str] = None,
        secondary_connection_string: Optional[str] = None,
        secondary_dfs_endpoint: Optional[str] = None,
        secondary_dfs_host: Optional[str] = None,
        secondary_dfs_internet_endpoint: Optional[str] = None,
        secondary_dfs_internet_host: Optional[str] = None,
        secondary_dfs_microsoft_endpoint: Optional[str] = None,
        secondary_dfs_microsoft_host: Optional[str] = None,
        secondary_file_endpoint: Optional[str] = None,
        secondary_file_host: Optional[str] = None,
        secondary_file_internet_endpoint: Optional[str] = None,
        secondary_file_internet_host: Optional[str] = None,
        secondary_file_microsoft_endpoint: Optional[str] = None,
        secondary_file_microsoft_host: Optional[str] = None,
        secondary_location: Optional[str] = None,
        secondary_queue_endpoint: Optional[str] = None,
        secondary_queue_host: Optional[str] = None,
        secondary_queue_microsoft_endpoint: Optional[str] = None,
        secondary_queue_microsoft_host: Optional[str] = None,
        secondary_table_endpoint: Optional[str] = None,
        secondary_table_host: Optional[str] = None,
        secondary_table_microsoft_endpoint: Optional[str] = None,
        secondary_table_microsoft_host: Optional[str] = None,
        secondary_web_endpoint: Optional[str] = None,
        secondary_web_host: Optional[str] = None,
        secondary_web_internet_endpoint: Optional[str] = None,
        secondary_web_internet_host: Optional[str] = None,
        secondary_web_microsoft_endpoint: Optional[str] = None,
        secondary_web_microsoft_host: Optional[str] = None,
        sftp_enabled: Optional[bool] = None,
        share_properties: Optional[AccountSharePropertiesArgs] = None,
        shared_access_key_enabled: Optional[bool] = None,
        static_website: Optional[AccountStaticWebsiteArgs] = None,
        table_encryption_key_type: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None) -> Accountfunc GetAccount(ctx *Context, name string, id IDInput, state *AccountState, opts ...ResourceOption) (*Account, error)public static Account Get(string name, Input<string> id, AccountState? state, CustomResourceOptions? opts = null)public static Account get(String name, Output<String> id, AccountState state, CustomResourceOptions options)resources:  _:    type: azure:storage:Account    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- AccessTier string
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- AccountKind string
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- AccountReplication stringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- AccountTier string
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- AllowNested boolItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- AllowedCopy stringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- AzureFiles AccountAuthentication Azure Files Authentication 
- A azure_files_authenticationblock as defined below.
- BlobProperties AccountBlob Properties 
- A blob_propertiesblock as defined below.
- CrossTenant boolReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- CustomDomain AccountCustom Domain 
- A custom_domainblock as documented below.
- CustomerManaged AccountKey Customer Managed Key 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- DefaultTo boolOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- DnsEndpoint stringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- EdgeZone string
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- HttpsTraffic boolOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- Identity
AccountIdentity 
- An identityblock as defined below.
- ImmutabilityPolicy AccountImmutability Policy 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- InfrastructureEncryption boolEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- IsHns boolEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- bool
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- LocalUser boolEnabled 
- Is Local User Enabled? Defaults to true.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MinTls stringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- Name string
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- NetworkRules AccountNetwork Rules 
- A network_rulesblock as documented below.
- Nfsv3Enabled bool
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- PrimaryAccess stringKey 
- The primary access key for the storage account.
- PrimaryBlob stringConnection String 
- The connection string associated with the primary blob location.
- PrimaryBlob stringEndpoint 
- The endpoint URL for blob storage in the primary location.
- PrimaryBlob stringHost 
- The hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- PrimaryConnection stringString 
- The connection string associated with the primary location.
- PrimaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryFile stringEndpoint 
- The endpoint URL for file storage in the primary location.
- PrimaryFile stringHost 
- The hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- PrimaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- PrimaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- PrimaryLocation string
- The primary location of the storage account.
- PrimaryQueue stringEndpoint 
- The endpoint URL for queue storage in the primary location.
- PrimaryQueue stringHost 
- The hostname with port if applicable for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- PrimaryTable stringEndpoint 
- The endpoint URL for table storage in the primary location.
- PrimaryTable stringHost 
- The hostname with port if applicable for table storage in the primary location.
- PrimaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- PrimaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- PrimaryWeb stringEndpoint 
- The endpoint URL for web storage in the primary location.
- PrimaryWeb stringHost 
- The hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- PublicNetwork boolAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- QueueEncryption stringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- QueueProperties AccountQueue Properties 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- ResourceGroup stringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- Routing
AccountRouting 
- A routingblock as defined below.
- SasPolicy AccountSas Policy 
- A sas_policyblock as defined below.
- SecondaryAccess stringKey 
- The secondary access key for the storage account.
- SecondaryBlob stringConnection String 
- The connection string associated with the secondary blob location.
- SecondaryBlob stringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryConnection stringString 
- The connection string associated with the secondary location.
- SecondaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryFile stringEndpoint 
- The endpoint URL for file storage in the secondary location.
- SecondaryFile stringHost 
- The hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- SecondaryLocation string
- The secondary location of the storage account.
- SecondaryQueue stringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- SecondaryTable stringEndpoint 
- The endpoint URL for table storage in the secondary location.
- SecondaryTable stringHost 
- The hostname with port if applicable for table storage in the secondary location.
- SecondaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- SecondaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- SecondaryWeb stringEndpoint 
- The endpoint URL for web storage in the secondary location.
- SecondaryWeb stringHost 
- The hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- SftpEnabled bool
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- bool
- StaticWebsite AccountStatic Website 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- TableEncryption stringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- AccessTier string
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- AccountKind string
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- AccountReplication stringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- AccountTier string
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- AllowNested boolItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- AllowedCopy stringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- AzureFiles AccountAuthentication Azure Files Authentication Args 
- A azure_files_authenticationblock as defined below.
- BlobProperties AccountBlob Properties Args 
- A blob_propertiesblock as defined below.
- CrossTenant boolReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- CustomDomain AccountCustom Domain Args 
- A custom_domainblock as documented below.
- CustomerManaged AccountKey Customer Managed Key Args 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- DefaultTo boolOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- DnsEndpoint stringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- EdgeZone string
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- HttpsTraffic boolOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- Identity
AccountIdentity Args 
- An identityblock as defined below.
- ImmutabilityPolicy AccountImmutability Policy Args 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- InfrastructureEncryption boolEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- IsHns boolEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- bool
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- LocalUser boolEnabled 
- Is Local User Enabled? Defaults to true.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MinTls stringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- Name string
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- NetworkRules AccountNetwork Rules Type Args 
- A network_rulesblock as documented below.
- Nfsv3Enabled bool
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- PrimaryAccess stringKey 
- The primary access key for the storage account.
- PrimaryBlob stringConnection String 
- The connection string associated with the primary blob location.
- PrimaryBlob stringEndpoint 
- The endpoint URL for blob storage in the primary location.
- PrimaryBlob stringHost 
- The hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- PrimaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- PrimaryConnection stringString 
- The connection string associated with the primary location.
- PrimaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- PrimaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- PrimaryFile stringEndpoint 
- The endpoint URL for file storage in the primary location.
- PrimaryFile stringHost 
- The hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- PrimaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- PrimaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- PrimaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- PrimaryLocation string
- The primary location of the storage account.
- PrimaryQueue stringEndpoint 
- The endpoint URL for queue storage in the primary location.
- PrimaryQueue stringHost 
- The hostname with port if applicable for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- PrimaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- PrimaryTable stringEndpoint 
- The endpoint URL for table storage in the primary location.
- PrimaryTable stringHost 
- The hostname with port if applicable for table storage in the primary location.
- PrimaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- PrimaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- PrimaryWeb stringEndpoint 
- The endpoint URL for web storage in the primary location.
- PrimaryWeb stringHost 
- The hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- PrimaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- PrimaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- PublicNetwork boolAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- QueueEncryption stringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- QueueProperties AccountQueue Properties Type Args 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- ResourceGroup stringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- Routing
AccountRouting Args 
- A routingblock as defined below.
- SasPolicy AccountSas Policy Args 
- A sas_policyblock as defined below.
- SecondaryAccess stringKey 
- The secondary access key for the storage account.
- SecondaryBlob stringConnection String 
- The connection string associated with the secondary blob location.
- SecondaryBlob stringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- SecondaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- SecondaryConnection stringString 
- The connection string associated with the secondary location.
- SecondaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- SecondaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- SecondaryFile stringEndpoint 
- The endpoint URL for file storage in the secondary location.
- SecondaryFile stringHost 
- The hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- SecondaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- SecondaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- SecondaryLocation string
- The secondary location of the storage account.
- SecondaryQueue stringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- SecondaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- SecondaryTable stringEndpoint 
- The endpoint URL for table storage in the secondary location.
- SecondaryTable stringHost 
- The hostname with port if applicable for table storage in the secondary location.
- SecondaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- SecondaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- SecondaryWeb stringEndpoint 
- The endpoint URL for web storage in the secondary location.
- SecondaryWeb stringHost 
- The hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- SecondaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- SftpEnabled bool
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties Args 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- bool
- StaticWebsite AccountStatic Website Type Args 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- TableEncryption stringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- map[string]string
- A mapping of tags to assign to the resource.
- accessTier String
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- accountKind String
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- accountReplication StringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- accountTier String
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- allowNested BooleanItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowedCopy StringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azureFiles AccountAuthentication Azure Files Authentication 
- A azure_files_authenticationblock as defined below.
- blobProperties AccountBlob Properties 
- A blob_propertiesblock as defined below.
- crossTenant BooleanReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- customDomain AccountCustom Domain 
- A custom_domainblock as documented below.
- customerManaged AccountKey Customer Managed Key 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- defaultTo BooleanOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dnsEndpoint StringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edgeZone String
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- httpsTraffic BooleanOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity
AccountIdentity 
- An identityblock as defined below.
- immutabilityPolicy AccountImmutability Policy 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructureEncryption BooleanEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- isHns BooleanEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- Boolean
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- localUser BooleanEnabled 
- Is Local User Enabled? Defaults to true.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minTls StringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name String
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- networkRules AccountNetwork Rules 
- A network_rulesblock as documented below.
- nfsv3Enabled Boolean
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- primaryAccess StringKey 
- The primary access key for the storage account.
- primaryBlob StringConnection String 
- The connection string associated with the primary blob location.
- primaryBlob StringEndpoint 
- The endpoint URL for blob storage in the primary location.
- primaryBlob StringHost 
- The hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primaryConnection StringString 
- The connection string associated with the primary location.
- primaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- primaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primaryFile StringEndpoint 
- The endpoint URL for file storage in the primary location.
- primaryFile StringHost 
- The hostname with port if applicable for file storage in the primary location.
- primaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primaryLocation String
- The primary location of the storage account.
- primaryQueue StringEndpoint 
- The endpoint URL for queue storage in the primary location.
- primaryQueue StringHost 
- The hostname with port if applicable for queue storage in the primary location.
- primaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primaryTable StringEndpoint 
- The endpoint URL for table storage in the primary location.
- primaryTable StringHost 
- The hostname with port if applicable for table storage in the primary location.
- primaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primaryWeb StringEndpoint 
- The endpoint URL for web storage in the primary location.
- primaryWeb StringHost 
- The hostname with port if applicable for web storage in the primary location.
- primaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- publicNetwork BooleanAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- queueEncryption StringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queueProperties AccountQueue Properties 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- resourceGroup StringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- routing
AccountRouting 
- A routingblock as defined below.
- sasPolicy AccountSas Policy 
- A sas_policyblock as defined below.
- secondaryAccess StringKey 
- The secondary access key for the storage account.
- secondaryBlob StringConnection String 
- The connection string associated with the secondary blob location.
- secondaryBlob StringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- secondaryBlob StringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondaryConnection StringString 
- The connection string associated with the secondary location.
- secondaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryFile StringEndpoint 
- The endpoint URL for file storage in the secondary location.
- secondaryFile StringHost 
- The hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondaryLocation String
- The secondary location of the storage account.
- secondaryQueue StringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- secondaryQueue StringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondaryTable StringEndpoint 
- The endpoint URL for table storage in the secondary location.
- secondaryTable StringHost 
- The hostname with port if applicable for table storage in the secondary location.
- secondaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondaryWeb StringEndpoint 
- The endpoint URL for web storage in the secondary location.
- secondaryWeb StringHost 
- The hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- sftpEnabled Boolean
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- Boolean
- staticWebsite AccountStatic Website 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- tableEncryption StringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Map<String,String>
- A mapping of tags to assign to the resource.
- accessTier string
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- accountKind string
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- accountReplication stringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- accountTier string
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- allowNested booleanItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowedCopy stringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azureFiles AccountAuthentication Azure Files Authentication 
- A azure_files_authenticationblock as defined below.
- blobProperties AccountBlob Properties 
- A blob_propertiesblock as defined below.
- crossTenant booleanReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- customDomain AccountCustom Domain 
- A custom_domainblock as documented below.
- customerManaged AccountKey Customer Managed Key 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- defaultTo booleanOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dnsEndpoint stringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edgeZone string
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- httpsTraffic booleanOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity
AccountIdentity 
- An identityblock as defined below.
- immutabilityPolicy AccountImmutability Policy 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructureEncryption booleanEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- isHns booleanEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- boolean
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- localUser booleanEnabled 
- Is Local User Enabled? Defaults to true.
- location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minTls stringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name string
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- networkRules AccountNetwork Rules 
- A network_rulesblock as documented below.
- nfsv3Enabled boolean
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- primaryAccess stringKey 
- The primary access key for the storage account.
- primaryBlob stringConnection String 
- The connection string associated with the primary blob location.
- primaryBlob stringEndpoint 
- The endpoint URL for blob storage in the primary location.
- primaryBlob stringHost 
- The hostname with port if applicable for blob storage in the primary location.
- primaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primaryConnection stringString 
- The connection string associated with the primary location.
- primaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- primaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- primaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primaryFile stringEndpoint 
- The endpoint URL for file storage in the primary location.
- primaryFile stringHost 
- The hostname with port if applicable for file storage in the primary location.
- primaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primaryLocation string
- The primary location of the storage account.
- primaryQueue stringEndpoint 
- The endpoint URL for queue storage in the primary location.
- primaryQueue stringHost 
- The hostname with port if applicable for queue storage in the primary location.
- primaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primaryTable stringEndpoint 
- The endpoint URL for table storage in the primary location.
- primaryTable stringHost 
- The hostname with port if applicable for table storage in the primary location.
- primaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primaryWeb stringEndpoint 
- The endpoint URL for web storage in the primary location.
- primaryWeb stringHost 
- The hostname with port if applicable for web storage in the primary location.
- primaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- publicNetwork booleanAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- queueEncryption stringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queueProperties AccountQueue Properties 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- resourceGroup stringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- routing
AccountRouting 
- A routingblock as defined below.
- sasPolicy AccountSas Policy 
- A sas_policyblock as defined below.
- secondaryAccess stringKey 
- The secondary access key for the storage account.
- secondaryBlob stringConnection String 
- The connection string associated with the secondary blob location.
- secondaryBlob stringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- secondaryBlob stringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob stringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondaryBlob stringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondaryBlob stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondaryConnection stringString 
- The connection string associated with the secondary location.
- secondaryDfs stringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondaryDfs stringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs stringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs stringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryFile stringEndpoint 
- The endpoint URL for file storage in the secondary location.
- secondaryFile stringHost 
- The hostname with port if applicable for file storage in the secondary location.
- secondaryFile stringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondaryFile stringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondaryFile stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondaryFile stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondaryLocation string
- The secondary location of the storage account.
- secondaryQueue stringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- secondaryQueue stringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondaryQueue stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondaryQueue stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondaryTable stringEndpoint 
- The endpoint URL for table storage in the secondary location.
- secondaryTable stringHost 
- The hostname with port if applicable for table storage in the secondary location.
- secondaryTable stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondaryTable stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondaryWeb stringEndpoint 
- The endpoint URL for web storage in the secondary location.
- secondaryWeb stringHost 
- The hostname with port if applicable for web storage in the secondary location.
- secondaryWeb stringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondaryWeb stringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondaryWeb stringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondaryWeb stringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- sftpEnabled boolean
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- boolean
- staticWebsite AccountStatic Website 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- tableEncryption stringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- access_tier str
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- account_kind str
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- account_replication_ strtype 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- account_tier str
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- allow_nested_ boolitems_ to_ be_ public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowed_copy_ strscope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azure_files_ Accountauthentication Azure Files Authentication Args 
- A azure_files_authenticationblock as defined below.
- blob_properties AccountBlob Properties Args 
- A blob_propertiesblock as defined below.
- cross_tenant_ boolreplication_ enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- custom_domain AccountCustom Domain Args 
- A custom_domainblock as documented below.
- customer_managed_ Accountkey Customer Managed Key Args 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- default_to_ booloauth_ authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dns_endpoint_ strtype 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edge_zone str
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- https_traffic_ boolonly_ enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity
AccountIdentity Args 
- An identityblock as defined below.
- immutability_policy AccountImmutability Policy Args 
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructure_encryption_ boolenabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- is_hns_ boolenabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- bool
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- local_user_ boolenabled 
- Is Local User Enabled? Defaults to true.
- location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- min_tls_ strversion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name str
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- network_rules AccountNetwork Rules Args 
- A network_rulesblock as documented below.
- nfsv3_enabled bool
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- primary_access_ strkey 
- The primary access key for the storage account.
- primary_blob_ strconnection_ string 
- The connection string associated with the primary blob location.
- primary_blob_ strendpoint 
- The endpoint URL for blob storage in the primary location.
- primary_blob_ strhost 
- The hostname with port if applicable for blob storage in the primary location.
- primary_blob_ strinternet_ endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primary_blob_ strinternet_ host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primary_blob_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primary_blob_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primary_connection_ strstring 
- The connection string associated with the primary location.
- primary_dfs_ strendpoint 
- The endpoint URL for DFS storage in the primary location.
- primary_dfs_ strhost 
- The hostname with port if applicable for DFS storage in the primary location.
- primary_dfs_ strinternet_ endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primary_dfs_ strinternet_ host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primary_dfs_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primary_dfs_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primary_file_ strendpoint 
- The endpoint URL for file storage in the primary location.
- primary_file_ strhost 
- The hostname with port if applicable for file storage in the primary location.
- primary_file_ strinternet_ endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primary_file_ strinternet_ host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primary_file_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primary_file_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primary_location str
- The primary location of the storage account.
- primary_queue_ strendpoint 
- The endpoint URL for queue storage in the primary location.
- primary_queue_ strhost 
- The hostname with port if applicable for queue storage in the primary location.
- primary_queue_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primary_queue_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primary_table_ strendpoint 
- The endpoint URL for table storage in the primary location.
- primary_table_ strhost 
- The hostname with port if applicable for table storage in the primary location.
- primary_table_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primary_table_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primary_web_ strendpoint 
- The endpoint URL for web storage in the primary location.
- primary_web_ strhost 
- The hostname with port if applicable for web storage in the primary location.
- primary_web_ strinternet_ endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primary_web_ strinternet_ host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primary_web_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primary_web_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- public_network_ boolaccess_ enabled 
- Whether the public network access is enabled? Defaults to true.
- queue_encryption_ strkey_ type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queue_properties AccountQueue Properties Args 
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- resource_group_ strname 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- routing
AccountRouting Args 
- A routingblock as defined below.
- sas_policy AccountSas Policy Args 
- A sas_policyblock as defined below.
- secondary_access_ strkey 
- The secondary access key for the storage account.
- secondary_blob_ strconnection_ string 
- The connection string associated with the secondary blob location.
- secondary_blob_ strendpoint 
- The endpoint URL for blob storage in the secondary location.
- secondary_blob_ strhost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondary_blob_ strinternet_ endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondary_blob_ strinternet_ host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondary_blob_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondary_blob_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondary_connection_ strstring 
- The connection string associated with the secondary location.
- secondary_dfs_ strendpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondary_dfs_ strhost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondary_dfs_ strinternet_ endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondary_dfs_ strinternet_ host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondary_dfs_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondary_dfs_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondary_file_ strendpoint 
- The endpoint URL for file storage in the secondary location.
- secondary_file_ strhost 
- The hostname with port if applicable for file storage in the secondary location.
- secondary_file_ strinternet_ endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondary_file_ strinternet_ host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondary_file_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondary_file_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondary_location str
- The secondary location of the storage account.
- secondary_queue_ strendpoint 
- The endpoint URL for queue storage in the secondary location.
- secondary_queue_ strhost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondary_queue_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondary_queue_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondary_table_ strendpoint 
- The endpoint URL for table storage in the secondary location.
- secondary_table_ strhost 
- The hostname with port if applicable for table storage in the secondary location.
- secondary_table_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondary_table_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondary_web_ strendpoint 
- The endpoint URL for web storage in the secondary location.
- secondary_web_ strhost 
- The hostname with port if applicable for web storage in the secondary location.
- secondary_web_ strinternet_ endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondary_web_ strinternet_ host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondary_web_ strmicrosoft_ endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondary_web_ strmicrosoft_ host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- sftp_enabled bool
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- 
AccountShare Properties Args 
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- bool
- static_website AccountStatic Website Args 
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- table_encryption_ strkey_ type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- accessTier String
- Defines the access tier for BlobStorage,FileStorageandStorageV2accounts. Valid options areHot,Cool,ColdandPremium. Defaults toHot.
- accountKind String
- Defines the Kind of account. Valid options are - BlobStorage,- BlockBlobStorage,- FileStorage,- Storageand- StorageV2. Defaults to- StorageV2.- Note: Changing the - account_kindvalue from- Storageto- StorageV2will not trigger a force new on the storage account, it will only upgrade the existing storage account from- Storageto- StorageV2keeping the existing storage account in place.
- accountReplication StringType 
- Defines the type of replication to use for this storage account. Valid options are LRS,GRS,RAGRS,ZRS,GZRSandRAGZRS. Changing this forces a new resource to be created when typesLRS,GRSandRAGRSare changed toZRS,GZRSorRAGZRSand vice versa.
- accountTier String
- Defines the Tier to use for this storage account. Valid options are - Standardand- Premium. For- BlockBlobStorageand- FileStorageaccounts only- Premiumis valid. Changing this forces a new resource to be created.- Note: Blobs with a tier of - Premiumare of account kind- StorageV2.
- allowNested BooleanItems To Be Public 
- Allow or disallow nested items within this Account to opt into being public. Defaults to - true.- Note: At this time - allow_nested_items_to_be_publicis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- allowedCopy StringScope 
- Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Possible values are AADandPrivateLink.
- azureFiles Property MapAuthentication 
- A azure_files_authenticationblock as defined below.
- blobProperties Property Map
- A blob_propertiesblock as defined below.
- crossTenant BooleanReplication Enabled 
- Should cross Tenant replication be enabled? Defaults to false.
- customDomain Property Map
- A custom_domainblock as documented below.
- customerManaged Property MapKey 
- A - customer_managed_keyblock as documented below.- Note: It's possible to define a Customer Managed Key both within either the - customer_managed_keyblock or by using the- azure.storage.CustomerManagedKeyresource. However, it's not possible to use both methods to manage a Customer Managed Key for a Storage Account, since these will conflict. When using the- azure.storage.CustomerManagedKeyresource, you will need to use- ignore_changeson the- customer_managed_keyblock.
- defaultTo BooleanOauth Authentication 
- Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false
- dnsEndpoint StringType 
- Specifies which DNS endpoint type to use. Possible values are - Standardand- AzureDnsZone. Defaults to- Standard. Changing this forces a new resource to be created.- Note: Azure DNS zone support requires - PartitionedDnsfeature to be enabled. To enable this feature for your subscription, use the following command:- az feature register --namespace "Microsoft.Storage" --name "PartitionedDns".
- edgeZone String
- Specifies the Edge Zone within the Azure Region where this Storage Account should exist. Changing this forces a new Storage Account to be created.
- httpsTraffic BooleanOnly Enabled 
- Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true.
- identity Property Map
- An identityblock as defined below.
- immutabilityPolicy Property Map
- An immutability_policyblock as defined below. Changing this forces a new resource to be created.
- infrastructureEncryption BooleanEnabled 
- Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_kindis- StorageV2or when- account_tieris- Premiumand- account_kindis one of- BlockBlobStorageor- FileStorage.
- isHns BooleanEnabled 
- Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2 (see here for more information). Changing this forces a new resource to be created. - Note: This can only be - truewhen- account_tieris- Standardor when- account_tieris- Premiumand- account_kindis- BlockBlobStorage
- Boolean
- Are Large File Shares Enabled? Defaults to - false.- Note: Large File Shares are enabled by default when using an - account_kindof- FileStorage.
- localUser BooleanEnabled 
- Is Local User Enabled? Defaults to true.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minTls StringVersion 
- The minimum supported TLS version for the storage account. Possible values are - TLS1_0,- TLS1_1, and- TLS1_2. Defaults to- TLS1_2for new storage accounts.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. - Note: At this time - min_tls_versionis only supported in the Public Cloud, China Cloud, and US Government Cloud.
- name String
- Specifies the name of the storage account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. This must be unique across the entire Azure service, not just within the resource group.
- networkRules Property Map
- A network_rulesblock as documented below.
- nfsv3Enabled Boolean
- Is NFSv3 protocol enabled? Changing this forces a new resource to be created. Defaults to - false.- Note: This can only be - truewhen- account_tieris- Standardand- account_kindis- StorageV2, or- account_tieris- Premiumand- account_kindis- BlockBlobStorage. Additionally, the- is_hns_enabledis- trueand- account_replication_typemust be- LRSor- RAGRS.
- primaryAccess StringKey 
- The primary access key for the storage account.
- primaryBlob StringConnection String 
- The connection string associated with the primary blob location.
- primaryBlob StringEndpoint 
- The endpoint URL for blob storage in the primary location.
- primaryBlob StringHost 
- The hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the primary location.
- primaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the primary location.
- primaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the primary location.
- primaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the primary location.
- primaryConnection StringString 
- The connection string associated with the primary location.
- primaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the primary location.
- primaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the primary location.
- primaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the primary location.
- primaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the primary location.
- primaryFile StringEndpoint 
- The endpoint URL for file storage in the primary location.
- primaryFile StringHost 
- The hostname with port if applicable for file storage in the primary location.
- primaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the primary location.
- primaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the primary location.
- primaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the primary location.
- primaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the primary location.
- primaryLocation String
- The primary location of the storage account.
- primaryQueue StringEndpoint 
- The endpoint URL for queue storage in the primary location.
- primaryQueue StringHost 
- The hostname with port if applicable for queue storage in the primary location.
- primaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the primary location.
- primaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the primary location.
- primaryTable StringEndpoint 
- The endpoint URL for table storage in the primary location.
- primaryTable StringHost 
- The hostname with port if applicable for table storage in the primary location.
- primaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the primary location.
- primaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the primary location.
- primaryWeb StringEndpoint 
- The endpoint URL for web storage in the primary location.
- primaryWeb StringHost 
- The hostname with port if applicable for web storage in the primary location.
- primaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the primary location.
- primaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the primary location.
- primaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the primary location.
- primaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the primary location.
- publicNetwork BooleanAccess Enabled 
- Whether the public network access is enabled? Defaults to true.
- queueEncryption StringKey Type 
- The encryption type of the queue service. Possible values are ServiceandAccount. Changing this forces a new resource to be created. Default value isService.
- queueProperties Property Map
- A - queue_propertiesblock as defined below.- Note: - queue_propertiescan only be configured when- account_tieris set to- Standardand- account_kindis set to either- Storageor- StorageV2.
- resourceGroup StringName 
- The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
- routing Property Map
- A routingblock as defined below.
- sasPolicy Property Map
- A sas_policyblock as defined below.
- secondaryAccess StringKey 
- The secondary access key for the storage account.
- secondaryBlob StringConnection String 
- The connection string associated with the secondary blob location.
- secondaryBlob StringEndpoint 
- The endpoint URL for blob storage in the secondary location.
- secondaryBlob StringHost 
- The hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringInternet Endpoint 
- The internet routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringInternet Host 
- The internet routing hostname with port if applicable for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for blob storage in the secondary location.
- secondaryBlob StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for blob storage in the secondary location.
- secondaryConnection StringString 
- The connection string associated with the secondary location.
- secondaryDfs StringEndpoint 
- The endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringHost 
- The hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringInternet Endpoint 
- The internet routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringInternet Host 
- The internet routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for DFS storage in the secondary location.
- secondaryDfs StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for DFS storage in the secondary location.
- secondaryFile StringEndpoint 
- The endpoint URL for file storage in the secondary location.
- secondaryFile StringHost 
- The hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringInternet Endpoint 
- The internet routing endpoint URL for file storage in the secondary location.
- secondaryFile StringInternet Host 
- The internet routing hostname with port if applicable for file storage in the secondary location.
- secondaryFile StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for file storage in the secondary location.
- secondaryFile StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for file storage in the secondary location.
- secondaryLocation String
- The secondary location of the storage account.
- secondaryQueue StringEndpoint 
- The endpoint URL for queue storage in the secondary location.
- secondaryQueue StringHost 
- The hostname with port if applicable for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for queue storage in the secondary location.
- secondaryQueue StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for queue storage in the secondary location.
- secondaryTable StringEndpoint 
- The endpoint URL for table storage in the secondary location.
- secondaryTable StringHost 
- The hostname with port if applicable for table storage in the secondary location.
- secondaryTable StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for table storage in the secondary location.
- secondaryTable StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for table storage in the secondary location.
- secondaryWeb StringEndpoint 
- The endpoint URL for web storage in the secondary location.
- secondaryWeb StringHost 
- The hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringInternet Endpoint 
- The internet routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringInternet Host 
- The internet routing hostname with port if applicable for web storage in the secondary location.
- secondaryWeb StringMicrosoft Endpoint 
- The microsoft routing endpoint URL for web storage in the secondary location.
- secondaryWeb StringMicrosoft Host 
- The microsoft routing hostname with port if applicable for web storage in the secondary location.
- sftpEnabled Boolean
- Boolean, enable SFTP for the storage account - Note: SFTP support requires - is_hns_enabledset to- true. More information on SFTP support can be found here. Defaults to- false
- Property Map
- A - share_propertiesblock as defined below.- Note: - share_propertiescan only be configured when either- account_tieris- Standardand- account_kindis either- Storageor- StorageV2- or when- account_tieris- Premiumand- account_kindis- FileStorage.
- Boolean
- staticWebsite Property Map
- A - static_websiteblock as defined below.- Note: - static_websitecan only be set when the- account_kindis set to- StorageV2or- BlockBlobStorage.- Note: If - static_websiteis specified, the service will automatically create a- azure.storage.Containernamed- $web.
- tableEncryption StringKey Type 
- The encryption type of the table service. Possible values are - Serviceand- Account. Changing this forces a new resource to be created. Default value is- Service.- Note: - queue_encryption_key_typeand- table_encryption_key_typecannot be set to- Accountwhen- account_kindis set- Storage
- Map<String>
- A mapping of tags to assign to the resource.
Supporting Types
AccountAzureFilesAuthentication, AccountAzureFilesAuthenticationArgs        
- DirectoryType string
- Specifies the directory service used. Possible values are AADDS,ADandAADKERB.
- ActiveDirectory AccountAzure Files Authentication Active Directory 
- A active_directoryblock as defined below. Required whendirectory_typeisAD.
- string
- Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader,StorageFileDataSmbShareContributor,StorageFileDataSmbShareElevatedContributor, orNone.
- DirectoryType string
- Specifies the directory service used. Possible values are AADDS,ADandAADKERB.
- ActiveDirectory AccountAzure Files Authentication Active Directory 
- A active_directoryblock as defined below. Required whendirectory_typeisAD.
- string
- Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader,StorageFileDataSmbShareContributor,StorageFileDataSmbShareElevatedContributor, orNone.
- directoryType String
- Specifies the directory service used. Possible values are AADDS,ADandAADKERB.
- activeDirectory AccountAzure Files Authentication Active Directory 
- A active_directoryblock as defined below. Required whendirectory_typeisAD.
- String
- Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader,StorageFileDataSmbShareContributor,StorageFileDataSmbShareElevatedContributor, orNone.
- directoryType string
- Specifies the directory service used. Possible values are AADDS,ADandAADKERB.
- activeDirectory AccountAzure Files Authentication Active Directory 
- A active_directoryblock as defined below. Required whendirectory_typeisAD.
- string
- Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader,StorageFileDataSmbShareContributor,StorageFileDataSmbShareElevatedContributor, orNone.
- directory_type str
- Specifies the directory service used. Possible values are AADDS,ADandAADKERB.
- active_directory AccountAzure Files Authentication Active Directory 
- A active_directoryblock as defined below. Required whendirectory_typeisAD.
- str
- Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader,StorageFileDataSmbShareContributor,StorageFileDataSmbShareElevatedContributor, orNone.
- directoryType String
- Specifies the directory service used. Possible values are AADDS,ADandAADKERB.
- activeDirectory Property Map
- A active_directoryblock as defined below. Required whendirectory_typeisAD.
- String
- Specifies the default share level permissions applied to all users. Possible values are StorageFileDataSmbShareReader,StorageFileDataSmbShareContributor,StorageFileDataSmbShareElevatedContributor, orNone.
AccountAzureFilesAuthenticationActiveDirectory, AccountAzureFilesAuthenticationActiveDirectoryArgs            
- DomainGuid string
- Specifies the domain GUID.
- DomainName string
- Specifies the primary domain that the AD DNS server is authoritative for.
- DomainSid string
- Specifies the security identifier (SID). This is required when directory_typeis set toAD.
- ForestName string
- Specifies the Active Directory forest. This is required when directory_typeis set toAD.
- NetbiosDomain stringName 
- Specifies the NetBIOS domain name. This is required when directory_typeis set toAD.
- StorageSid string
- Specifies the security identifier (SID) for Azure Storage. This is required when directory_typeis set toAD.
- DomainGuid string
- Specifies the domain GUID.
- DomainName string
- Specifies the primary domain that the AD DNS server is authoritative for.
- DomainSid string
- Specifies the security identifier (SID). This is required when directory_typeis set toAD.
- ForestName string
- Specifies the Active Directory forest. This is required when directory_typeis set toAD.
- NetbiosDomain stringName 
- Specifies the NetBIOS domain name. This is required when directory_typeis set toAD.
- StorageSid string
- Specifies the security identifier (SID) for Azure Storage. This is required when directory_typeis set toAD.
- domainGuid String
- Specifies the domain GUID.
- domainName String
- Specifies the primary domain that the AD DNS server is authoritative for.
- domainSid String
- Specifies the security identifier (SID). This is required when directory_typeis set toAD.
- forestName String
- Specifies the Active Directory forest. This is required when directory_typeis set toAD.
- netbiosDomain StringName 
- Specifies the NetBIOS domain name. This is required when directory_typeis set toAD.
- storageSid String
- Specifies the security identifier (SID) for Azure Storage. This is required when directory_typeis set toAD.
- domainGuid string
- Specifies the domain GUID.
- domainName string
- Specifies the primary domain that the AD DNS server is authoritative for.
- domainSid string
- Specifies the security identifier (SID). This is required when directory_typeis set toAD.
- forestName string
- Specifies the Active Directory forest. This is required when directory_typeis set toAD.
- netbiosDomain stringName 
- Specifies the NetBIOS domain name. This is required when directory_typeis set toAD.
- storageSid string
- Specifies the security identifier (SID) for Azure Storage. This is required when directory_typeis set toAD.
- domain_guid str
- Specifies the domain GUID.
- domain_name str
- Specifies the primary domain that the AD DNS server is authoritative for.
- domain_sid str
- Specifies the security identifier (SID). This is required when directory_typeis set toAD.
- forest_name str
- Specifies the Active Directory forest. This is required when directory_typeis set toAD.
- netbios_domain_ strname 
- Specifies the NetBIOS domain name. This is required when directory_typeis set toAD.
- storage_sid str
- Specifies the security identifier (SID) for Azure Storage. This is required when directory_typeis set toAD.
- domainGuid String
- Specifies the domain GUID.
- domainName String
- Specifies the primary domain that the AD DNS server is authoritative for.
- domainSid String
- Specifies the security identifier (SID). This is required when directory_typeis set toAD.
- forestName String
- Specifies the Active Directory forest. This is required when directory_typeis set toAD.
- netbiosDomain StringName 
- Specifies the NetBIOS domain name. This is required when directory_typeis set toAD.
- storageSid String
- Specifies the security identifier (SID) for Azure Storage. This is required when directory_typeis set toAD.
AccountBlobProperties, AccountBlobPropertiesArgs      
- ChangeFeed boolEnabled 
- Is the blob service properties for change feed events enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- ChangeFeed intRetention In Days 
- The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed. - Note: This field cannot be configured when - kindis set to- Storage(V1).
- ContainerDelete AccountRetention Policy Blob Properties Container Delete Retention Policy 
- A container_delete_retention_policyblock as defined below.
- CorsRules List<AccountBlob Properties Cors Rule> 
- A cors_ruleblock as defined below.
- DefaultService stringVersion 
- The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
- DeleteRetention AccountPolicy Blob Properties Delete Retention Policy 
- A delete_retention_policyblock as defined below.
- LastAccess boolTime Enabled 
- Is the last access time based tracking enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- RestorePolicy AccountBlob Properties Restore Policy 
- A - restore_policyblock as defined below. This must be used together with- delete_retention_policyset,- versioning_enabledand- change_feed_enabledset to- true.- Note: This field cannot be configured when - kindis set to- Storage(V1).- Note: - restore_policycan not be configured when- dns_endpoint_typeis- AzureDnsZone.
- VersioningEnabled bool
- Is versioning enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- ChangeFeed boolEnabled 
- Is the blob service properties for change feed events enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- ChangeFeed intRetention In Days 
- The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed. - Note: This field cannot be configured when - kindis set to- Storage(V1).
- ContainerDelete AccountRetention Policy Blob Properties Container Delete Retention Policy 
- A container_delete_retention_policyblock as defined below.
- CorsRules []AccountBlob Properties Cors Rule 
- A cors_ruleblock as defined below.
- DefaultService stringVersion 
- The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
- DeleteRetention AccountPolicy Blob Properties Delete Retention Policy 
- A delete_retention_policyblock as defined below.
- LastAccess boolTime Enabled 
- Is the last access time based tracking enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- RestorePolicy AccountBlob Properties Restore Policy 
- A - restore_policyblock as defined below. This must be used together with- delete_retention_policyset,- versioning_enabledand- change_feed_enabledset to- true.- Note: This field cannot be configured when - kindis set to- Storage(V1).- Note: - restore_policycan not be configured when- dns_endpoint_typeis- AzureDnsZone.
- VersioningEnabled bool
- Is versioning enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- changeFeed BooleanEnabled 
- Is the blob service properties for change feed events enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- changeFeed IntegerRetention In Days 
- The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed. - Note: This field cannot be configured when - kindis set to- Storage(V1).
- containerDelete AccountRetention Policy Blob Properties Container Delete Retention Policy 
- A container_delete_retention_policyblock as defined below.
- corsRules List<AccountBlob Properties Cors Rule> 
- A cors_ruleblock as defined below.
- defaultService StringVersion 
- The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
- deleteRetention AccountPolicy Blob Properties Delete Retention Policy 
- A delete_retention_policyblock as defined below.
- lastAccess BooleanTime Enabled 
- Is the last access time based tracking enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- restorePolicy AccountBlob Properties Restore Policy 
- A - restore_policyblock as defined below. This must be used together with- delete_retention_policyset,- versioning_enabledand- change_feed_enabledset to- true.- Note: This field cannot be configured when - kindis set to- Storage(V1).- Note: - restore_policycan not be configured when- dns_endpoint_typeis- AzureDnsZone.
- versioningEnabled Boolean
- Is versioning enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- changeFeed booleanEnabled 
- Is the blob service properties for change feed events enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- changeFeed numberRetention In Days 
- The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed. - Note: This field cannot be configured when - kindis set to- Storage(V1).
- containerDelete AccountRetention Policy Blob Properties Container Delete Retention Policy 
- A container_delete_retention_policyblock as defined below.
- corsRules AccountBlob Properties Cors Rule[] 
- A cors_ruleblock as defined below.
- defaultService stringVersion 
- The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
- deleteRetention AccountPolicy Blob Properties Delete Retention Policy 
- A delete_retention_policyblock as defined below.
- lastAccess booleanTime Enabled 
- Is the last access time based tracking enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- restorePolicy AccountBlob Properties Restore Policy 
- A - restore_policyblock as defined below. This must be used together with- delete_retention_policyset,- versioning_enabledand- change_feed_enabledset to- true.- Note: This field cannot be configured when - kindis set to- Storage(V1).- Note: - restore_policycan not be configured when- dns_endpoint_typeis- AzureDnsZone.
- versioningEnabled boolean
- Is versioning enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- change_feed_ boolenabled 
- Is the blob service properties for change feed events enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- change_feed_ intretention_ in_ days 
- The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed. - Note: This field cannot be configured when - kindis set to- Storage(V1).
- container_delete_ Accountretention_ policy Blob Properties Container Delete Retention Policy 
- A container_delete_retention_policyblock as defined below.
- cors_rules Sequence[AccountBlob Properties Cors Rule] 
- A cors_ruleblock as defined below.
- default_service_ strversion 
- The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
- delete_retention_ Accountpolicy Blob Properties Delete Retention Policy 
- A delete_retention_policyblock as defined below.
- last_access_ booltime_ enabled 
- Is the last access time based tracking enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- restore_policy AccountBlob Properties Restore Policy 
- A - restore_policyblock as defined below. This must be used together with- delete_retention_policyset,- versioning_enabledand- change_feed_enabledset to- true.- Note: This field cannot be configured when - kindis set to- Storage(V1).- Note: - restore_policycan not be configured when- dns_endpoint_typeis- AzureDnsZone.
- versioning_enabled bool
- Is versioning enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- changeFeed BooleanEnabled 
- Is the blob service properties for change feed events enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- changeFeed NumberRetention In Days 
- The duration of change feed events retention in days. The possible values are between 1 and 146000 days (400 years). Setting this to null (or omit this in the configuration file) indicates an infinite retention of the change feed. - Note: This field cannot be configured when - kindis set to- Storage(V1).
- containerDelete Property MapRetention Policy 
- A container_delete_retention_policyblock as defined below.
- corsRules List<Property Map>
- A cors_ruleblock as defined below.
- defaultService StringVersion 
- The API Version which should be used by default for requests to the Data Plane API if an incoming request doesn't specify an API Version.
- deleteRetention Property MapPolicy 
- A delete_retention_policyblock as defined below.
- lastAccess BooleanTime Enabled 
- Is the last access time based tracking enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
- restorePolicy Property Map
- A - restore_policyblock as defined below. This must be used together with- delete_retention_policyset,- versioning_enabledand- change_feed_enabledset to- true.- Note: This field cannot be configured when - kindis set to- Storage(V1).- Note: - restore_policycan not be configured when- dns_endpoint_typeis- AzureDnsZone.
- versioningEnabled Boolean
- Is versioning enabled? Default to - false.- Note: This field cannot be configured when - kindis set to- Storage(V1).
AccountBlobPropertiesContainerDeleteRetentionPolicy, AccountBlobPropertiesContainerDeleteRetentionPolicyArgs              
- Days int
- Specifies the number of days that the container should be retained, between 1and365days. Defaults to7.
- Days int
- Specifies the number of days that the container should be retained, between 1and365days. Defaults to7.
- days Integer
- Specifies the number of days that the container should be retained, between 1and365days. Defaults to7.
- days number
- Specifies the number of days that the container should be retained, between 1and365days. Defaults to7.
- days int
- Specifies the number of days that the container should be retained, between 1and365days. Defaults to7.
- days Number
- Specifies the number of days that the container should be retained, between 1and365days. Defaults to7.
AccountBlobPropertiesCorsRule, AccountBlobPropertiesCorsRuleArgs          
- AllowedHeaders List<string>
- A list of headers that are allowed to be a part of the cross-origin request.
- AllowedMethods List<string>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- AllowedOrigins List<string>
- A list of origin domains that will be allowed by CORS.
- ExposedHeaders List<string>
- A list of response headers that are exposed to CORS clients.
- MaxAge intIn Seconds 
- The number of seconds the client should cache a preflight response.
- AllowedHeaders []string
- A list of headers that are allowed to be a part of the cross-origin request.
- AllowedMethods []string
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- AllowedOrigins []string
- A list of origin domains that will be allowed by CORS.
- ExposedHeaders []string
- A list of response headers that are exposed to CORS clients.
- MaxAge intIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders List<String>
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods List<String>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins List<String>
- A list of origin domains that will be allowed by CORS.
- exposedHeaders List<String>
- A list of response headers that are exposed to CORS clients.
- maxAge IntegerIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders string[]
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods string[]
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins string[]
- A list of origin domains that will be allowed by CORS.
- exposedHeaders string[]
- A list of response headers that are exposed to CORS clients.
- maxAge numberIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowed_headers Sequence[str]
- A list of headers that are allowed to be a part of the cross-origin request.
- allowed_methods Sequence[str]
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowed_origins Sequence[str]
- A list of origin domains that will be allowed by CORS.
- exposed_headers Sequence[str]
- A list of response headers that are exposed to CORS clients.
- max_age_ intin_ seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders List<String>
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods List<String>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins List<String>
- A list of origin domains that will be allowed by CORS.
- exposedHeaders List<String>
- A list of response headers that are exposed to CORS clients.
- maxAge NumberIn Seconds 
- The number of seconds the client should cache a preflight response.
AccountBlobPropertiesDeleteRetentionPolicy, AccountBlobPropertiesDeleteRetentionPolicyArgs            
- Days int
- Specifies the number of days that the blob should be retained, between 1and365days. Defaults to7.
- PermanentDelete boolEnabled 
- Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to - false.- Note: - permanent_delete_enabledcannot be set to true if a- restore_policyblock is defined.
- Days int
- Specifies the number of days that the blob should be retained, between 1and365days. Defaults to7.
- PermanentDelete boolEnabled 
- Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to - false.- Note: - permanent_delete_enabledcannot be set to true if a- restore_policyblock is defined.
- days Integer
- Specifies the number of days that the blob should be retained, between 1and365days. Defaults to7.
- permanentDelete BooleanEnabled 
- Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to - false.- Note: - permanent_delete_enabledcannot be set to true if a- restore_policyblock is defined.
- days number
- Specifies the number of days that the blob should be retained, between 1and365days. Defaults to7.
- permanentDelete booleanEnabled 
- Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to - false.- Note: - permanent_delete_enabledcannot be set to true if a- restore_policyblock is defined.
- days int
- Specifies the number of days that the blob should be retained, between 1and365days. Defaults to7.
- permanent_delete_ boolenabled 
- Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to - false.- Note: - permanent_delete_enabledcannot be set to true if a- restore_policyblock is defined.
- days Number
- Specifies the number of days that the blob should be retained, between 1and365days. Defaults to7.
- permanentDelete BooleanEnabled 
- Indicates whether permanent deletion of the soft deleted blob versions and snapshots is allowed. Defaults to - false.- Note: - permanent_delete_enabledcannot be set to true if a- restore_policyblock is defined.
AccountBlobPropertiesRestorePolicy, AccountBlobPropertiesRestorePolicyArgs          
- Days int
- Specifies the number of days that the blob can be restored, between 1and365days. This must be less than thedaysspecified fordelete_retention_policy.
- Days int
- Specifies the number of days that the blob can be restored, between 1and365days. This must be less than thedaysspecified fordelete_retention_policy.
- days Integer
- Specifies the number of days that the blob can be restored, between 1and365days. This must be less than thedaysspecified fordelete_retention_policy.
- days number
- Specifies the number of days that the blob can be restored, between 1and365days. This must be less than thedaysspecified fordelete_retention_policy.
- days int
- Specifies the number of days that the blob can be restored, between 1and365days. This must be less than thedaysspecified fordelete_retention_policy.
- days Number
- Specifies the number of days that the blob can be restored, between 1and365days. This must be less than thedaysspecified fordelete_retention_policy.
AccountCustomDomain, AccountCustomDomainArgs      
- Name string
- The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
- UseSubdomain bool
- Should the Custom Domain Name be validated by using indirect CNAME validation?
- Name string
- The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
- UseSubdomain bool
- Should the Custom Domain Name be validated by using indirect CNAME validation?
- name String
- The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
- useSubdomain Boolean
- Should the Custom Domain Name be validated by using indirect CNAME validation?
- name string
- The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
- useSubdomain boolean
- Should the Custom Domain Name be validated by using indirect CNAME validation?
- name str
- The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
- use_subdomain bool
- Should the Custom Domain Name be validated by using indirect CNAME validation?
- name String
- The Custom Domain Name to use for the Storage Account, which will be validated by Azure.
- useSubdomain Boolean
- Should the Custom Domain Name be validated by using indirect CNAME validation?
AccountCustomerManagedKey, AccountCustomerManagedKeyArgs        
- UserAssigned stringIdentity Id 
- The ID of a user assigned identity. - Note: - customer_managed_keycan only be set when the- account_kindis set to- StorageV2or- account_tierset to- Premium, and the identity type is- UserAssigned.
- KeyVault stringKey Id 
- The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- ManagedHsm stringKey Id 
- The ID of the managed HSM Key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- UserAssigned stringIdentity Id 
- The ID of a user assigned identity. - Note: - customer_managed_keycan only be set when the- account_kindis set to- StorageV2or- account_tierset to- Premium, and the identity type is- UserAssigned.
- KeyVault stringKey Id 
- The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- ManagedHsm stringKey Id 
- The ID of the managed HSM Key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- userAssigned StringIdentity Id 
- The ID of a user assigned identity. - Note: - customer_managed_keycan only be set when the- account_kindis set to- StorageV2or- account_tierset to- Premium, and the identity type is- UserAssigned.
- keyVault StringKey Id 
- The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- managedHsm StringKey Id 
- The ID of the managed HSM Key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- userAssigned stringIdentity Id 
- The ID of a user assigned identity. - Note: - customer_managed_keycan only be set when the- account_kindis set to- StorageV2or- account_tierset to- Premium, and the identity type is- UserAssigned.
- keyVault stringKey Id 
- The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- managedHsm stringKey Id 
- The ID of the managed HSM Key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- user_assigned_ stridentity_ id 
- The ID of a user assigned identity. - Note: - customer_managed_keycan only be set when the- account_kindis set to- StorageV2or- account_tierset to- Premium, and the identity type is- UserAssigned.
- key_vault_ strkey_ id 
- The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- managed_hsm_ strkey_ id 
- The ID of the managed HSM Key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- userAssigned StringIdentity Id 
- The ID of a user assigned identity. - Note: - customer_managed_keycan only be set when the- account_kindis set to- StorageV2or- account_tierset to- Premium, and the identity type is- UserAssigned.
- keyVault StringKey Id 
- The ID of the Key Vault Key, supplying a version-less key ID will enable auto-rotation of this key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
- managedHsm StringKey Id 
- The ID of the managed HSM Key. Exactly one of key_vault_key_idandmanaged_hsm_key_idmay be specified.
AccountIdentity, AccountIdentityArgs    
- Type string
- Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both).
- IdentityIds List<string>
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. - Note: This is required when - typeis set to- UserAssignedor- SystemAssigned, UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand Storage Account has been created. More details are available below.
- PrincipalId string
- The Principal ID for the Service Principal associated with the Identity of this Storage Account.
- TenantId string
- The Tenant ID for the Service Principal associated with the Identity of this Storage Account.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both).
- IdentityIds []string
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. - Note: This is required when - typeis set to- UserAssignedor- SystemAssigned, UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand Storage Account has been created. More details are available below.
- PrincipalId string
- The Principal ID for the Service Principal associated with the Identity of this Storage Account.
- TenantId string
- The Tenant ID for the Service Principal associated with the Identity of this Storage Account.
- type String
- Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both).
- identityIds List<String>
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. - Note: This is required when - typeis set to- UserAssignedor- SystemAssigned, UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand Storage Account has been created. More details are available below.
- principalId String
- The Principal ID for the Service Principal associated with the Identity of this Storage Account.
- tenantId String
- The Tenant ID for the Service Principal associated with the Identity of this Storage Account.
- type string
- Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both).
- identityIds string[]
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. - Note: This is required when - typeis set to- UserAssignedor- SystemAssigned, UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand Storage Account has been created. More details are available below.
- principalId string
- The Principal ID for the Service Principal associated with the Identity of this Storage Account.
- tenantId string
- The Tenant ID for the Service Principal associated with the Identity of this Storage Account.
- type str
- Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both).
- identity_ids Sequence[str]
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. - Note: This is required when - typeis set to- UserAssignedor- SystemAssigned, UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand Storage Account has been created. More details are available below.
- principal_id str
- The Principal ID for the Service Principal associated with the Identity of this Storage Account.
- tenant_id str
- The Tenant ID for the Service Principal associated with the Identity of this Storage Account.
- type String
- Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned(to enable both).
- identityIds List<String>
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. - Note: This is required when - typeis set to- UserAssignedor- SystemAssigned, UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand Storage Account has been created. More details are available below.
- principalId String
- The Principal ID for the Service Principal associated with the Identity of this Storage Account.
- tenantId String
- The Tenant ID for the Service Principal associated with the Identity of this Storage Account.
AccountImmutabilityPolicy, AccountImmutabilityPolicyArgs      
- AllowProtected boolAppend Writes 
- When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
- PeriodSince intCreation In Days 
- The immutability period for the blobs in the container since the policy creation, in days.
- State string
- Defines the mode of the policy. Disabledstate disables the policy,Unlockedstate allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property,Lockedstate only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing fromLockedforces a new resource to be created.
- AllowProtected boolAppend Writes 
- When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
- PeriodSince intCreation In Days 
- The immutability period for the blobs in the container since the policy creation, in days.
- State string
- Defines the mode of the policy. Disabledstate disables the policy,Unlockedstate allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property,Lockedstate only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing fromLockedforces a new resource to be created.
- allowProtected BooleanAppend Writes 
- When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
- periodSince IntegerCreation In Days 
- The immutability period for the blobs in the container since the policy creation, in days.
- state String
- Defines the mode of the policy. Disabledstate disables the policy,Unlockedstate allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property,Lockedstate only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing fromLockedforces a new resource to be created.
- allowProtected booleanAppend Writes 
- When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
- periodSince numberCreation In Days 
- The immutability period for the blobs in the container since the policy creation, in days.
- state string
- Defines the mode of the policy. Disabledstate disables the policy,Unlockedstate allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property,Lockedstate only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing fromLockedforces a new resource to be created.
- allow_protected_ boolappend_ writes 
- When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
- period_since_ intcreation_ in_ days 
- The immutability period for the blobs in the container since the policy creation, in days.
- state str
- Defines the mode of the policy. Disabledstate disables the policy,Unlockedstate allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property,Lockedstate only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing fromLockedforces a new resource to be created.
- allowProtected BooleanAppend Writes 
- When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.
- periodSince NumberCreation In Days 
- The immutability period for the blobs in the container since the policy creation, in days.
- state String
- Defines the mode of the policy. Disabledstate disables the policy,Unlockedstate allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property,Lockedstate only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing fromLockedforces a new resource to be created.
AccountNetworkRules, AccountNetworkRulesArgs      
- DefaultAction string
- Specifies the default action of allow or deny when no other rules match. Valid options are DenyorAllow.
- Bypasses List<string>
- Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging,Metrics,AzureServices, orNone.
- IpRules List<string>
- List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
- PrivateLink List<AccountAccesses Network Rules Private Link Access> 
- One or more - private_link_accessblock as defined below.- Note: If specifying - network_rules, one of either- ip_rulesor- virtual_network_subnet_idsmust be specified and- default_actionmust be set to- Deny.- Note: Network Rules can be defined either directly on the - azure.storage.Accountresource, or using the- azure.storage.AccountNetworkRulesresource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a- default_actionof- Denyto- Allowrequires defining, rather than removing, the block.- Note: The prefix of - ip_rulesmust be between 0 and 30 and only supports public IP addresses.
- VirtualNetwork List<string>Subnet Ids 
- A list of resource ids for subnets.
- DefaultAction string
- Specifies the default action of allow or deny when no other rules match. Valid options are DenyorAllow.
- Bypasses []string
- Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging,Metrics,AzureServices, orNone.
- IpRules []string
- List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
- PrivateLink []AccountAccesses Network Rules Private Link Access 
- One or more - private_link_accessblock as defined below.- Note: If specifying - network_rules, one of either- ip_rulesor- virtual_network_subnet_idsmust be specified and- default_actionmust be set to- Deny.- Note: Network Rules can be defined either directly on the - azure.storage.Accountresource, or using the- azure.storage.AccountNetworkRulesresource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a- default_actionof- Denyto- Allowrequires defining, rather than removing, the block.- Note: The prefix of - ip_rulesmust be between 0 and 30 and only supports public IP addresses.
- VirtualNetwork []stringSubnet Ids 
- A list of resource ids for subnets.
- defaultAction String
- Specifies the default action of allow or deny when no other rules match. Valid options are DenyorAllow.
- bypasses List<String>
- Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging,Metrics,AzureServices, orNone.
- ipRules List<String>
- List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
- privateLink List<AccountAccesses Network Rules Private Link Access> 
- One or more - private_link_accessblock as defined below.- Note: If specifying - network_rules, one of either- ip_rulesor- virtual_network_subnet_idsmust be specified and- default_actionmust be set to- Deny.- Note: Network Rules can be defined either directly on the - azure.storage.Accountresource, or using the- azure.storage.AccountNetworkRulesresource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a- default_actionof- Denyto- Allowrequires defining, rather than removing, the block.- Note: The prefix of - ip_rulesmust be between 0 and 30 and only supports public IP addresses.
- virtualNetwork List<String>Subnet Ids 
- A list of resource ids for subnets.
- defaultAction string
- Specifies the default action of allow or deny when no other rules match. Valid options are DenyorAllow.
- bypasses string[]
- Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging,Metrics,AzureServices, orNone.
- ipRules string[]
- List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
- privateLink AccountAccesses Network Rules Private Link Access[] 
- One or more - private_link_accessblock as defined below.- Note: If specifying - network_rules, one of either- ip_rulesor- virtual_network_subnet_idsmust be specified and- default_actionmust be set to- Deny.- Note: Network Rules can be defined either directly on the - azure.storage.Accountresource, or using the- azure.storage.AccountNetworkRulesresource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a- default_actionof- Denyto- Allowrequires defining, rather than removing, the block.- Note: The prefix of - ip_rulesmust be between 0 and 30 and only supports public IP addresses.
- virtualNetwork string[]Subnet Ids 
- A list of resource ids for subnets.
- default_action str
- Specifies the default action of allow or deny when no other rules match. Valid options are DenyorAllow.
- bypasses Sequence[str]
- Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging,Metrics,AzureServices, orNone.
- ip_rules Sequence[str]
- List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
- private_link_ Sequence[Accountaccesses Network Rules Private Link Access] 
- One or more - private_link_accessblock as defined below.- Note: If specifying - network_rules, one of either- ip_rulesor- virtual_network_subnet_idsmust be specified and- default_actionmust be set to- Deny.- Note: Network Rules can be defined either directly on the - azure.storage.Accountresource, or using the- azure.storage.AccountNetworkRulesresource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a- default_actionof- Denyto- Allowrequires defining, rather than removing, the block.- Note: The prefix of - ip_rulesmust be between 0 and 30 and only supports public IP addresses.
- virtual_network_ Sequence[str]subnet_ ids 
- A list of resource ids for subnets.
- defaultAction String
- Specifies the default action of allow or deny when no other rules match. Valid options are DenyorAllow.
- bypasses List<String>
- Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging,Metrics,AzureServices, orNone.
- ipRules List<String>
- List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
- privateLink List<Property Map>Accesses 
- One or more - private_link_accessblock as defined below.- Note: If specifying - network_rules, one of either- ip_rulesor- virtual_network_subnet_idsmust be specified and- default_actionmust be set to- Deny.- Note: Network Rules can be defined either directly on the - azure.storage.Accountresource, or using the- azure.storage.AccountNetworkRulesresource - but the two cannot be used together. If both are used against the same Storage Account, spurious changes will occur. When managing Network Rules using this resource, to change from a- default_actionof- Denyto- Allowrequires defining, rather than removing, the block.- Note: The prefix of - ip_rulesmust be between 0 and 30 and only supports public IP addresses.
- virtualNetwork List<String>Subnet Ids 
- A list of resource ids for subnets.
AccountNetworkRulesPrivateLinkAccess, AccountNetworkRulesPrivateLinkAccessArgs            
- EndpointResource stringId 
- The ID of the Azure resource that should be allowed access to the target storage account.
- EndpointTenant stringId 
- The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
- EndpointResource stringId 
- The ID of the Azure resource that should be allowed access to the target storage account.
- EndpointTenant stringId 
- The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
- endpointResource StringId 
- The ID of the Azure resource that should be allowed access to the target storage account.
- endpointTenant StringId 
- The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
- endpointResource stringId 
- The ID of the Azure resource that should be allowed access to the target storage account.
- endpointTenant stringId 
- The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
- endpoint_resource_ strid 
- The ID of the Azure resource that should be allowed access to the target storage account.
- endpoint_tenant_ strid 
- The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
- endpointResource StringId 
- The ID of the Azure resource that should be allowed access to the target storage account.
- endpointTenant StringId 
- The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
AccountQueueProperties, AccountQueuePropertiesArgs      
- CorsRules List<AccountQueue Properties Cors Rule> 
- A cors_ruleblock as defined above.
- HourMetrics AccountQueue Properties Hour Metrics 
- A hour_metricsblock as defined below.
- Logging
AccountQueue Properties Logging 
- A loggingblock as defined below.
- MinuteMetrics AccountQueue Properties Minute Metrics 
- A minute_metricsblock as defined below.
- CorsRules []AccountQueue Properties Cors Rule 
- A cors_ruleblock as defined above.
- HourMetrics AccountQueue Properties Hour Metrics 
- A hour_metricsblock as defined below.
- Logging
AccountQueue Properties Logging 
- A loggingblock as defined below.
- MinuteMetrics AccountQueue Properties Minute Metrics 
- A minute_metricsblock as defined below.
- corsRules List<AccountQueue Properties Cors Rule> 
- A cors_ruleblock as defined above.
- hourMetrics AccountQueue Properties Hour Metrics 
- A hour_metricsblock as defined below.
- logging
AccountQueue Properties Logging 
- A loggingblock as defined below.
- minuteMetrics AccountQueue Properties Minute Metrics 
- A minute_metricsblock as defined below.
- corsRules AccountQueue Properties Cors Rule[] 
- A cors_ruleblock as defined above.
- hourMetrics AccountQueue Properties Hour Metrics 
- A hour_metricsblock as defined below.
- logging
AccountQueue Properties Logging 
- A loggingblock as defined below.
- minuteMetrics AccountQueue Properties Minute Metrics 
- A minute_metricsblock as defined below.
- cors_rules Sequence[AccountQueue Properties Cors Rule] 
- A cors_ruleblock as defined above.
- hour_metrics AccountQueue Properties Hour Metrics 
- A hour_metricsblock as defined below.
- logging
AccountQueue Properties Logging 
- A loggingblock as defined below.
- minute_metrics AccountQueue Properties Minute Metrics 
- A minute_metricsblock as defined below.
- corsRules List<Property Map>
- A cors_ruleblock as defined above.
- hourMetrics Property Map
- A hour_metricsblock as defined below.
- logging Property Map
- A loggingblock as defined below.
- minuteMetrics Property Map
- A minute_metricsblock as defined below.
AccountQueuePropertiesCorsRule, AccountQueuePropertiesCorsRuleArgs          
- AllowedHeaders List<string>
- A list of headers that are allowed to be a part of the cross-origin request.
- AllowedMethods List<string>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- AllowedOrigins List<string>
- A list of origin domains that will be allowed by CORS.
- ExposedHeaders List<string>
- A list of response headers that are exposed to CORS clients.
- MaxAge intIn Seconds 
- The number of seconds the client should cache a preflight response.
- AllowedHeaders []string
- A list of headers that are allowed to be a part of the cross-origin request.
- AllowedMethods []string
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- AllowedOrigins []string
- A list of origin domains that will be allowed by CORS.
- ExposedHeaders []string
- A list of response headers that are exposed to CORS clients.
- MaxAge intIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders List<String>
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods List<String>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins List<String>
- A list of origin domains that will be allowed by CORS.
- exposedHeaders List<String>
- A list of response headers that are exposed to CORS clients.
- maxAge IntegerIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders string[]
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods string[]
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins string[]
- A list of origin domains that will be allowed by CORS.
- exposedHeaders string[]
- A list of response headers that are exposed to CORS clients.
- maxAge numberIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowed_headers Sequence[str]
- A list of headers that are allowed to be a part of the cross-origin request.
- allowed_methods Sequence[str]
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowed_origins Sequence[str]
- A list of origin domains that will be allowed by CORS.
- exposed_headers Sequence[str]
- A list of response headers that are exposed to CORS clients.
- max_age_ intin_ seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders List<String>
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods List<String>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins List<String>
- A list of origin domains that will be allowed by CORS.
- exposedHeaders List<String>
- A list of response headers that are exposed to CORS clients.
- maxAge NumberIn Seconds 
- The number of seconds the client should cache a preflight response.
AccountQueuePropertiesHourMetrics, AccountQueuePropertiesHourMetricsArgs          
- Version string
- The version of storage analytics to configure.
- IncludeApis bool
- Indicates whether metrics should generate summary statistics for called API operations.
- RetentionPolicy intDays 
- Specifies the number of days that logs will be retained.
- Version string
- The version of storage analytics to configure.
- IncludeApis bool
- Indicates whether metrics should generate summary statistics for called API operations.
- RetentionPolicy intDays 
- Specifies the number of days that logs will be retained.
- version String
- The version of storage analytics to configure.
- includeApis Boolean
- Indicates whether metrics should generate summary statistics for called API operations.
- retentionPolicy IntegerDays 
- Specifies the number of days that logs will be retained.
- version string
- The version of storage analytics to configure.
- includeApis boolean
- Indicates whether metrics should generate summary statistics for called API operations.
- retentionPolicy numberDays 
- Specifies the number of days that logs will be retained.
- version str
- The version of storage analytics to configure.
- include_apis bool
- Indicates whether metrics should generate summary statistics for called API operations.
- retention_policy_ intdays 
- Specifies the number of days that logs will be retained.
- version String
- The version of storage analytics to configure.
- includeApis Boolean
- Indicates whether metrics should generate summary statistics for called API operations.
- retentionPolicy NumberDays 
- Specifies the number of days that logs will be retained.
AccountQueuePropertiesLogging, AccountQueuePropertiesLoggingArgs        
- Delete bool
- Indicates whether all delete requests should be logged.
- Read bool
- Indicates whether all read requests should be logged.
- Version string
- The version of storage analytics to configure.
- Write bool
- Indicates whether all write requests should be logged.
- RetentionPolicy intDays 
- Specifies the number of days that logs will be retained.
- Delete bool
- Indicates whether all delete requests should be logged.
- Read bool
- Indicates whether all read requests should be logged.
- Version string
- The version of storage analytics to configure.
- Write bool
- Indicates whether all write requests should be logged.
- RetentionPolicy intDays 
- Specifies the number of days that logs will be retained.
- delete Boolean
- Indicates whether all delete requests should be logged.
- read Boolean
- Indicates whether all read requests should be logged.
- version String
- The version of storage analytics to configure.
- write Boolean
- Indicates whether all write requests should be logged.
- retentionPolicy IntegerDays 
- Specifies the number of days that logs will be retained.
- delete boolean
- Indicates whether all delete requests should be logged.
- read boolean
- Indicates whether all read requests should be logged.
- version string
- The version of storage analytics to configure.
- write boolean
- Indicates whether all write requests should be logged.
- retentionPolicy numberDays 
- Specifies the number of days that logs will be retained.
- delete bool
- Indicates whether all delete requests should be logged.
- read bool
- Indicates whether all read requests should be logged.
- version str
- The version of storage analytics to configure.
- write bool
- Indicates whether all write requests should be logged.
- retention_policy_ intdays 
- Specifies the number of days that logs will be retained.
- delete Boolean
- Indicates whether all delete requests should be logged.
- read Boolean
- Indicates whether all read requests should be logged.
- version String
- The version of storage analytics to configure.
- write Boolean
- Indicates whether all write requests should be logged.
- retentionPolicy NumberDays 
- Specifies the number of days that logs will be retained.
AccountQueuePropertiesMinuteMetrics, AccountQueuePropertiesMinuteMetricsArgs          
- Version string
- The version of storage analytics to configure.
- IncludeApis bool
- Indicates whether metrics should generate summary statistics for called API operations.
- RetentionPolicy intDays 
- Specifies the number of days that logs will be retained.
- Version string
- The version of storage analytics to configure.
- IncludeApis bool
- Indicates whether metrics should generate summary statistics for called API operations.
- RetentionPolicy intDays 
- Specifies the number of days that logs will be retained.
- version String
- The version of storage analytics to configure.
- includeApis Boolean
- Indicates whether metrics should generate summary statistics for called API operations.
- retentionPolicy IntegerDays 
- Specifies the number of days that logs will be retained.
- version string
- The version of storage analytics to configure.
- includeApis boolean
- Indicates whether metrics should generate summary statistics for called API operations.
- retentionPolicy numberDays 
- Specifies the number of days that logs will be retained.
- version str
- The version of storage analytics to configure.
- include_apis bool
- Indicates whether metrics should generate summary statistics for called API operations.
- retention_policy_ intdays 
- Specifies the number of days that logs will be retained.
- version String
- The version of storage analytics to configure.
- includeApis Boolean
- Indicates whether metrics should generate summary statistics for called API operations.
- retentionPolicy NumberDays 
- Specifies the number of days that logs will be retained.
AccountRouting, AccountRoutingArgs    
- Choice string
- Specifies the kind of network routing opted by the user. Possible values are InternetRoutingandMicrosoftRouting. Defaults toMicrosoftRouting.
- PublishInternet boolEndpoints 
- Should internet routing storage endpoints be published? Defaults to false.
- PublishMicrosoft boolEndpoints 
- Should Microsoft routing storage endpoints be published? Defaults to false.
- Choice string
- Specifies the kind of network routing opted by the user. Possible values are InternetRoutingandMicrosoftRouting. Defaults toMicrosoftRouting.
- PublishInternet boolEndpoints 
- Should internet routing storage endpoints be published? Defaults to false.
- PublishMicrosoft boolEndpoints 
- Should Microsoft routing storage endpoints be published? Defaults to false.
- choice String
- Specifies the kind of network routing opted by the user. Possible values are InternetRoutingandMicrosoftRouting. Defaults toMicrosoftRouting.
- publishInternet BooleanEndpoints 
- Should internet routing storage endpoints be published? Defaults to false.
- publishMicrosoft BooleanEndpoints 
- Should Microsoft routing storage endpoints be published? Defaults to false.
- choice string
- Specifies the kind of network routing opted by the user. Possible values are InternetRoutingandMicrosoftRouting. Defaults toMicrosoftRouting.
- publishInternet booleanEndpoints 
- Should internet routing storage endpoints be published? Defaults to false.
- publishMicrosoft booleanEndpoints 
- Should Microsoft routing storage endpoints be published? Defaults to false.
- choice str
- Specifies the kind of network routing opted by the user. Possible values are InternetRoutingandMicrosoftRouting. Defaults toMicrosoftRouting.
- publish_internet_ boolendpoints 
- Should internet routing storage endpoints be published? Defaults to false.
- publish_microsoft_ boolendpoints 
- Should Microsoft routing storage endpoints be published? Defaults to false.
- choice String
- Specifies the kind of network routing opted by the user. Possible values are InternetRoutingandMicrosoftRouting. Defaults toMicrosoftRouting.
- publishInternet BooleanEndpoints 
- Should internet routing storage endpoints be published? Defaults to false.
- publishMicrosoft BooleanEndpoints 
- Should Microsoft routing storage endpoints be published? Defaults to false.
AccountSasPolicy, AccountSasPolicyArgs      
- ExpirationPeriod string
- The SAS expiration period in format of DD.HH:MM:SS.
- ExpirationAction string
- The SAS expiration action. The only possible value is Logat this moment. Defaults toLog.
- ExpirationPeriod string
- The SAS expiration period in format of DD.HH:MM:SS.
- ExpirationAction string
- The SAS expiration action. The only possible value is Logat this moment. Defaults toLog.
- expirationPeriod String
- The SAS expiration period in format of DD.HH:MM:SS.
- expirationAction String
- The SAS expiration action. The only possible value is Logat this moment. Defaults toLog.
- expirationPeriod string
- The SAS expiration period in format of DD.HH:MM:SS.
- expirationAction string
- The SAS expiration action. The only possible value is Logat this moment. Defaults toLog.
- expiration_period str
- The SAS expiration period in format of DD.HH:MM:SS.
- expiration_action str
- The SAS expiration action. The only possible value is Logat this moment. Defaults toLog.
- expirationPeriod String
- The SAS expiration period in format of DD.HH:MM:SS.
- expirationAction String
- The SAS expiration action. The only possible value is Logat this moment. Defaults toLog.
AccountShareProperties, AccountSharePropertiesArgs      
- CorsRules List<AccountShare Properties Cors Rule> 
- A cors_ruleblock as defined below.
- RetentionPolicy AccountShare Properties Retention Policy 
- A retention_policyblock as defined below.
- Smb
AccountShare Properties Smb 
- A smbblock as defined below.
- CorsRules []AccountShare Properties Cors Rule 
- A cors_ruleblock as defined below.
- RetentionPolicy AccountShare Properties Retention Policy 
- A retention_policyblock as defined below.
- Smb
AccountShare Properties Smb 
- A smbblock as defined below.
- corsRules List<AccountShare Properties Cors Rule> 
- A cors_ruleblock as defined below.
- retentionPolicy AccountShare Properties Retention Policy 
- A retention_policyblock as defined below.
- smb
AccountShare Properties Smb 
- A smbblock as defined below.
- corsRules AccountShare Properties Cors Rule[] 
- A cors_ruleblock as defined below.
- retentionPolicy AccountShare Properties Retention Policy 
- A retention_policyblock as defined below.
- smb
AccountShare Properties Smb 
- A smbblock as defined below.
- cors_rules Sequence[AccountShare Properties Cors Rule] 
- A cors_ruleblock as defined below.
- retention_policy AccountShare Properties Retention Policy 
- A retention_policyblock as defined below.
- smb
AccountShare Properties Smb 
- A smbblock as defined below.
- corsRules List<Property Map>
- A cors_ruleblock as defined below.
- retentionPolicy Property Map
- A retention_policyblock as defined below.
- smb Property Map
- A smbblock as defined below.
AccountSharePropertiesCorsRule, AccountSharePropertiesCorsRuleArgs          
- AllowedHeaders List<string>
- A list of headers that are allowed to be a part of the cross-origin request.
- AllowedMethods List<string>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- AllowedOrigins List<string>
- A list of origin domains that will be allowed by CORS.
- ExposedHeaders List<string>
- A list of response headers that are exposed to CORS clients.
- MaxAge intIn Seconds 
- The number of seconds the client should cache a preflight response.
- AllowedHeaders []string
- A list of headers that are allowed to be a part of the cross-origin request.
- AllowedMethods []string
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- AllowedOrigins []string
- A list of origin domains that will be allowed by CORS.
- ExposedHeaders []string
- A list of response headers that are exposed to CORS clients.
- MaxAge intIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders List<String>
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods List<String>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins List<String>
- A list of origin domains that will be allowed by CORS.
- exposedHeaders List<String>
- A list of response headers that are exposed to CORS clients.
- maxAge IntegerIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders string[]
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods string[]
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins string[]
- A list of origin domains that will be allowed by CORS.
- exposedHeaders string[]
- A list of response headers that are exposed to CORS clients.
- maxAge numberIn Seconds 
- The number of seconds the client should cache a preflight response.
- allowed_headers Sequence[str]
- A list of headers that are allowed to be a part of the cross-origin request.
- allowed_methods Sequence[str]
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowed_origins Sequence[str]
- A list of origin domains that will be allowed by CORS.
- exposed_headers Sequence[str]
- A list of response headers that are exposed to CORS clients.
- max_age_ intin_ seconds 
- The number of seconds the client should cache a preflight response.
- allowedHeaders List<String>
- A list of headers that are allowed to be a part of the cross-origin request.
- allowedMethods List<String>
- A list of HTTP methods that are allowed to be executed by the origin. Valid options are
DELETE,GET,HEAD,MERGE,POST,OPTIONS,PUTorPATCH.
- allowedOrigins List<String>
- A list of origin domains that will be allowed by CORS.
- exposedHeaders List<String>
- A list of response headers that are exposed to CORS clients.
- maxAge NumberIn Seconds 
- The number of seconds the client should cache a preflight response.
AccountSharePropertiesRetentionPolicy, AccountSharePropertiesRetentionPolicyArgs          
- Days int
- Specifies the number of days that the azure.storage.Shareshould be retained, between1and365days. Defaults to7.
- Days int
- Specifies the number of days that the azure.storage.Shareshould be retained, between1and365days. Defaults to7.
- days Integer
- Specifies the number of days that the azure.storage.Shareshould be retained, between1and365days. Defaults to7.
- days number
- Specifies the number of days that the azure.storage.Shareshould be retained, between1and365days. Defaults to7.
- days int
- Specifies the number of days that the azure.storage.Shareshould be retained, between1and365days. Defaults to7.
- days Number
- Specifies the number of days that the azure.storage.Shareshould be retained, between1and365days. Defaults to7.
AccountSharePropertiesSmb, AccountSharePropertiesSmbArgs        
- AuthenticationTypes List<string>
- A set of SMB authentication methods. Possible values are NTLMv2, andKerberos.
- ChannelEncryption List<string>Types 
- A set of SMB channel encryption. Possible values are AES-128-CCM,AES-128-GCM, andAES-256-GCM.
- KerberosTicket List<string>Encryption Types 
- A set of Kerberos ticket encryption. Possible values are RC4-HMAC, andAES-256.
- MultichannelEnabled bool
- Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
- Versions List<string>
- A set of SMB protocol versions. Possible values are SMB2.1,SMB3.0, andSMB3.1.1.
- AuthenticationTypes []string
- A set of SMB authentication methods. Possible values are NTLMv2, andKerberos.
- ChannelEncryption []stringTypes 
- A set of SMB channel encryption. Possible values are AES-128-CCM,AES-128-GCM, andAES-256-GCM.
- KerberosTicket []stringEncryption Types 
- A set of Kerberos ticket encryption. Possible values are RC4-HMAC, andAES-256.
- MultichannelEnabled bool
- Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
- Versions []string
- A set of SMB protocol versions. Possible values are SMB2.1,SMB3.0, andSMB3.1.1.
- authenticationTypes List<String>
- A set of SMB authentication methods. Possible values are NTLMv2, andKerberos.
- channelEncryption List<String>Types 
- A set of SMB channel encryption. Possible values are AES-128-CCM,AES-128-GCM, andAES-256-GCM.
- kerberosTicket List<String>Encryption Types 
- A set of Kerberos ticket encryption. Possible values are RC4-HMAC, andAES-256.
- multichannelEnabled Boolean
- Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
- versions List<String>
- A set of SMB protocol versions. Possible values are SMB2.1,SMB3.0, andSMB3.1.1.
- authenticationTypes string[]
- A set of SMB authentication methods. Possible values are NTLMv2, andKerberos.
- channelEncryption string[]Types 
- A set of SMB channel encryption. Possible values are AES-128-CCM,AES-128-GCM, andAES-256-GCM.
- kerberosTicket string[]Encryption Types 
- A set of Kerberos ticket encryption. Possible values are RC4-HMAC, andAES-256.
- multichannelEnabled boolean
- Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
- versions string[]
- A set of SMB protocol versions. Possible values are SMB2.1,SMB3.0, andSMB3.1.1.
- authentication_types Sequence[str]
- A set of SMB authentication methods. Possible values are NTLMv2, andKerberos.
- channel_encryption_ Sequence[str]types 
- A set of SMB channel encryption. Possible values are AES-128-CCM,AES-128-GCM, andAES-256-GCM.
- kerberos_ticket_ Sequence[str]encryption_ types 
- A set of Kerberos ticket encryption. Possible values are RC4-HMAC, andAES-256.
- multichannel_enabled bool
- Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
- versions Sequence[str]
- A set of SMB protocol versions. Possible values are SMB2.1,SMB3.0, andSMB3.1.1.
- authenticationTypes List<String>
- A set of SMB authentication methods. Possible values are NTLMv2, andKerberos.
- channelEncryption List<String>Types 
- A set of SMB channel encryption. Possible values are AES-128-CCM,AES-128-GCM, andAES-256-GCM.
- kerberosTicket List<String>Encryption Types 
- A set of Kerberos ticket encryption. Possible values are RC4-HMAC, andAES-256.
- multichannelEnabled Boolean
- Indicates whether multichannel is enabled. Defaults to false. This is only supported on Premium storage accounts.
- versions List<String>
- A set of SMB protocol versions. Possible values are SMB2.1,SMB3.0, andSMB3.1.1.
AccountStaticWebsite, AccountStaticWebsiteArgs      
- Error404Document string
- The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
- IndexDocument string
- The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.
- Error404Document string
- The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
- IndexDocument string
- The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.
- error404Document String
- The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
- indexDocument String
- The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.
- error404Document string
- The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
- indexDocument string
- The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.
- error404_document str
- The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
- index_document str
- The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.
- error404Document String
- The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file.
- indexDocument String
- The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive.
Import
Storage Accounts can be imported using the resource id, e.g.
$ pulumi import azure:storage/account:Account storageAcc1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Storage/storageAccounts/myaccount
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the azurermTerraform Provider.