From 0923efab2ba0d37a037d89bbe0c897dd6dc737f8 Mon Sep 17 00:00:00 2001
From: Sebastian Hana <43113824+sebastianlolv@users.noreply.github.com>
Date: Wed, 11 May 2022 09:41:44 +0200
Subject: [PATCH] feat: add file rentention policy (#16)

* Add variable 'file_retention_policy'
---
 README.md    | 1 +
 main.tf      | 6 ++++++
 variables.tf | 6 ++++++
 3 files changed, 13 insertions(+)

diff --git a/README.md b/README.md
index 4fd6743..678f535 100644
--- a/README.md
+++ b/README.md
@@ -108,6 +108,7 @@ No modules.
 | <a name="input_environment"></a> [environment](#input\_environment) | The environment to create the resources for. | `string` | n/a | yes |
 | <a name="input_file_contributors"></a> [file\_contributors](#input\_file\_contributors) | The IDs of the Azure AD objects that should have Contributor access to this File Storage. | `list(string)` | `[]` | no |
 | <a name="input_file_readers"></a> [file\_readers](#input\_file\_readers) | The IDs of the Azure AD objects that should have Reader access to this File Storage. | `list(string)` | `[]` | no |
+| <a name="input_file_retention_policy"></a> [file\_retention\_policy](#input\_file\_retention\_policy) | The number of days that files should be retained. | `number` | `30` | no |
 | <a name="input_location"></a> [location](#input\_location) | The supported Azure location where the resources exist. | `string` | n/a | yes |
 | <a name="input_log_analytics_workspace_id"></a> [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | The ID of the Log Analytics Workspace to send diagnostics to. | `string` | n/a | yes |
 | <a name="input_network_ip_rules"></a> [network\_ip\_rules](#input\_network\_ip\_rules) | The public IPs or IP ranges in CIDR format that should be able to access this Storage Account. Only IPv4 addresses are allowed. | `list(string)` | `[]` | no |
diff --git a/main.tf b/main.tf
index 7b38019..a4b845a 100644
--- a/main.tf
+++ b/main.tf
@@ -33,6 +33,12 @@ resource "azurerm_storage_account" "this" {
     }
   }
 
+  share_properties {
+    retention_policy {
+      days = var.file_retention_policy
+    }
+  }
+
   network_rules {
     default_action = length(var.network_ip_rules) == 0 ? "Allow" : "Deny"
     bypass         = ["AzureServices"]
diff --git a/variables.tf b/variables.tf
index 118ccf8..3b8fa88 100644
--- a/variables.tf
+++ b/variables.tf
@@ -66,6 +66,12 @@ variable "blob_delete_retention_policy" {
   default     = 30
 }
 
+variable "file_retention_policy" {
+  description = "The number of days that files should be retained."
+  type        = number
+  default     = 30
+}
+
 variable "network_ip_rules" {
   description = "The public IPs or IP ranges in CIDR format that should be able to access this Storage Account. Only IPv4 addresses are allowed."
   type        = list(string)