Skip to content

Commit

Permalink
azurerm_storage_account - improve validation around the `immutabili…
Browse files Browse the repository at this point in the history 
…ty_policy` being used with `blob_properties` (#24938)
  • Loading branch information
@magodo
magodo authored Feb 20, 2024
1 parent 147fcc0 commit e3ab0f4
Showing 1 changed file with 14 additions and 3 deletions.
17 changes: 14 additions & 3 deletions internal/services/storage/storage_account_resource.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1560,9 +1560,20 @@ func resourceStorageAccountCreate(d *pluginsdk.ResourceData, meta interface{}) e
return fmt.Errorf("`versioning_enabled` can't be true when `is_hns_enabled` is true")
}

if (blobProperties.IsVersioningEnabled != nil && !*blobProperties.IsVersioningEnabled) && (blobProperties.RestorePolicy != nil && blobProperties.RestorePolicy.Enabled != nil && *blobProperties.RestorePolicy.Enabled) {
// Otherwise, API returns: "Conflicting feature 'restorePolicy' is enabled. Please disable it and retry."
return fmt.Errorf("`blob_properties.restore_policy` can't be set when `versioning_enabled` is false")
if blobProperties.IsVersioningEnabled != nil && !*blobProperties.IsVersioningEnabled {
if blobProperties.RestorePolicy != nil && blobProperties.RestorePolicy.Enabled != nil && *blobProperties.RestorePolicy.Enabled {
// Otherwise, API returns: "Conflicting feature 'restorePolicy' is enabled. Please disable it and retry."
return fmt.Errorf("`blob_properties.restore_policy` can't be set when `versioning_enabled` is false")
}
if account.AccountProperties != nil &&
account.AccountProperties.ImmutableStorageWithVersioning != nil &&
account.AccountProperties.ImmutableStorageWithVersioning.ImmutabilityPolicy != nil &&
account.AccountProperties.ImmutableStorageWithVersioning.Enabled != nil &&
*account.AccountProperties.ImmutableStorageWithVersioning.Enabled {
// Otherwise, API returns: "Conflicting feature 'Account level WORM' is enabled. Please disable it and retry."
// See: https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-policy-configure-version-scope?tabs=azure-portal#prerequisites
return fmt.Errorf("`immutability_policy` can't be set when `versioning_enabled` is false")
}
}

if _, err = blobClient.SetServiceProperties(ctx, id.ResourceGroupName, id.StorageAccountName, *blobProperties); err != nil {
Expand Down

0 comments on commit e3ab0f4

Please sign in to comment.