Skip to content

Commit

Permalink
feat: Add possibility to specify CORS rules for file services & queue. (
Browse files Browse the repository at this point in the history 
#4117)

## Description

- Added support for CORSRules to File & Queue Services
- Added test cases
- Added UDT for CORSRules
- Updated current implementation of CORSRules in Storage Accout
BlobServices to avoid overwriting current settings by default (tested)

> Re-Based from PR : #3862

## Pipeline Reference

<!-- Insert your Pipeline Status Badge below -->

| Pipeline |
| -------- |
|
[![avm.res.storage.storage-account](https://github.com/AlexanderSehr/bicep-registry-modules/actions/workflows/avm.res.storage.storage-account.yml/badge.svg?branch=users%2Falsehr%2Fheadcr4sh_feature%2F3861_rebase&event=workflow_dispatch)](https://github.com/AlexanderSehr/bicep-registry-modules/actions/workflows/avm.res.storage.storage-account.yml)
|

## Type of Change

<!-- Use the checkboxes [x] on the options that are relevant. -->

- [ ] Update to CI Environment or utilities (Non-module affecting
changes)
- [x] Azure Verified Module updates:
- [ ] Bugfix containing backwards-compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [ ] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [ ] Breaking changes and I have bumped the MAJOR version in
`version.json`.
  - [ ] Update to documentation

---------

Co-authored-by: Benjamin P. Jung <[email protected]>
Co-authored-by: Benjamin P. Jung <[email protected]>
  • Loading branch information
@AlexanderSehr @headcr4sh
3 people authored Jan 20, 2025
1 parent f1cb564 commit 77907bb
Show file tree
Hide file tree
Showing 16 changed files with 1,358 additions and 37 deletions.
276 changes: 276 additions & 0 deletions avm/res/storage/storage-account/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -507,6 +507,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
publicAccess: 'None'
}
]
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
deleteRetentionPolicyDays: 9
deleteRetentionPolicyEnabled: true
diagnosticSettings: [
Expand Down Expand Up @@ -543,6 +566,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
enableNfsV3: true
enableSftp: true
fileServices: {
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
diagnosticSettings: [
{
eventHubAuthorizationRuleResourceId: '<eventHubAuthorizationRuleResourceId>'
Expand Down Expand Up @@ -757,6 +803,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
}
]
queueServices: {
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
diagnosticSettings: [
{
eventHubAuthorizationRuleResourceId: '<eventHubAuthorizationRuleResourceId>'
Expand Down Expand Up @@ -825,6 +894,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
sasExpirationPeriod: '180.00:00:00'
skuName: 'Standard_LRS'
tableServices: {
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
diagnosticSettings: [
{
eventHubAuthorizationRuleResourceId: '<eventHubAuthorizationRuleResourceId>'
Expand Down Expand Up @@ -949,6 +1041,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
"publicAccess": "None"
}
],
"corsRules": [
{
"allowedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"allowedMethods": [
"GET",
"PUT"
],
"allowedOrigins": [
"http://*.contoso.com",
"http://www.fabrikam.com"
],
"exposedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"maxAgeInSeconds": 200
}
],
"deleteRetentionPolicyDays": 9,
"deleteRetentionPolicyEnabled": true,
"diagnosticSettings": [
Expand Down Expand Up @@ -995,6 +1110,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
},
"fileServices": {
"value": {
"corsRules": [
{
"allowedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"allowedMethods": [
"GET",
"PUT"
],
"allowedOrigins": [
"http://*.contoso.com",
"http://www.fabrikam.com"
],
"exposedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"maxAgeInSeconds": 200
}
],
"diagnosticSettings": [
{
"eventHubAuthorizationRuleResourceId": "<eventHubAuthorizationRuleResourceId>",
Expand Down Expand Up @@ -1227,6 +1365,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
},
"queueServices": {
"value": {
"corsRules": [
{
"allowedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"allowedMethods": [
"GET",
"PUT"
],
"allowedOrigins": [
"http://*.contoso.com",
"http://www.fabrikam.com"
],
"exposedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"maxAgeInSeconds": 200
}
],
"diagnosticSettings": [
{
"eventHubAuthorizationRuleResourceId": "<eventHubAuthorizationRuleResourceId>",
Expand Down Expand Up @@ -1305,6 +1466,29 @@ module storageAccount 'br/public:avm/res/storage/storage-account:<version>' = {
},
"tableServices": {
"value": {
"corsRules": [
{
"allowedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"allowedMethods": [
"GET",
"PUT"
],
"allowedOrigins": [
"http://*.contoso.com",
"http://www.fabrikam.com"
],
"exposedHeaders": [
"x-ms-meta-data",
"x-ms-meta-source-path",
"x-ms-meta-target-path"
],
"maxAgeInSeconds": 200
}
],
"diagnosticSettings": [
{
"eventHubAuthorizationRuleResourceId": "<eventHubAuthorizationRuleResourceId>",
Expand Down Expand Up @@ -1425,6 +1609,29 @@ param blobServices = {
publicAccess: 'None'
}
]
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
deleteRetentionPolicyDays: 9
deleteRetentionPolicyEnabled: true
diagnosticSettings: [
Expand Down Expand Up @@ -1461,6 +1668,29 @@ param enableHierarchicalNamespace = true
enableNfsV3: true
param enableSftp = true
param fileServices = {
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
diagnosticSettings: [
{
eventHubAuthorizationRuleResourceId: '<eventHubAuthorizationRuleResourceId>'
Expand Down Expand Up @@ -1675,6 +1905,29 @@ param privateEndpoints = [
}
]
param queueServices = {
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
diagnosticSettings: [
{
eventHubAuthorizationRuleResourceId: '<eventHubAuthorizationRuleResourceId>'
Expand Down Expand Up @@ -1743,6 +1996,29 @@ param roleAssignments = [
param sasExpirationPeriod = '180.00:00:00'
param skuName = 'Standard_LRS'
param tableServices = {
corsRules: [
{
allowedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
allowedMethods: [
'GET'
'PUT'
]
allowedOrigins: [
'http://*.contoso.com'
'http://www.fabrikam.com'
]
exposedHeaders: [
'x-ms-meta-data'
'x-ms-meta-source-path'
'x-ms-meta-target-path'
]
maxAgeInSeconds: 200
}
]
diagnosticSettings: [
{
eventHubAuthorizationRuleResourceId: '<eventHubAuthorizationRuleResourceId>'
Expand Down
Loading

0 comments on commit 77907bb

Please sign in to comment.