fix: Storage Account - Storage Account - Incorrect Handling of denyEncryptionScopeOverride Parameter #4446
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ules into users/alsehr/PetterHL_main_rebase
microsoft-github-policy-service
bot
added
the
Needs: Triage 🔍
microsoft-github-policy-service
bot
added
the
Type: AVM 🅰️ ✌️ Ⓜ️
Closed
1 task
Closed
11 tasks
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
AlexanderSehr
temporarily deployed
to
avm-validation
GitHub Actions
Inactive
avm-team-linter
bot
added
the
Needs: Module Owner 📣
|
Ready to go @ktremain. |
ktremain
approved these changes
Feb 14, 2025
anderseide
pushed a commit
to anderseide/avm-bicep-registry-modules
that referenced
this pull request
Feb 19, 2025
…cryptionScopeOverride Parameter (Azure#4446) ## Description Rebased from Azure#4435 ### Original description: Ref: Azure#4258 Issue Summary: When deploying the Storage Account module with a Blob container, the denyEncryptionScopeOverride parameter in the container's main.bicep template is incorrectly being set to null instead of explicitly retaining the expected false value when configured as such. This behavior causes potential misconfigurations when deployed on a existing storage account that already has this variable set to false, as you are not allowed to change this property after its creation. ## Pipeline Reference <!-- Insert your Pipeline Status Badge below --> | Pipeline | | -------- | | [](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.storage.storage-account.yml) | ## Type of Change <!-- Use the checkboxes [x] on the options that are relevant. --> - [ ] Update to CI Environment or utilities (Non-module affecting changes) - [ ] Azure Verified Module updates: - [x] Bugfix containing backwards-compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `version.json`: - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `version.json`. - [ ] Breaking changes and I have bumped the MAJOR version in `version.json`. - [ ] Update to documentation --------- Co-authored-by: Petter Høvik Lintoft <[email protected]>
](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.storage.storage-account.yml){kind=link}
anderseide
pushed a commit
to anderseide/avm-bicep-registry-modules
that referenced
this pull request
Feb 23, 2025
…cryptionScopeOverride Parameter (Azure#4446) ## Description Rebased from Azure#4435 ### Original description: Ref: Azure#4258 Issue Summary: When deploying the Storage Account module with a Blob container, the denyEncryptionScopeOverride parameter in the container's main.bicep template is incorrectly being set to null instead of explicitly retaining the expected false value when configured as such. This behavior causes potential misconfigurations when deployed on a existing storage account that already has this variable set to false, as you are not allowed to change this property after its creation. ## Pipeline Reference <!-- Insert your Pipeline Status Badge below --> | Pipeline | | -------- | | [](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.storage.storage-account.yml) | ## Type of Change <!-- Use the checkboxes [x] on the options that are relevant. --> - [ ] Update to CI Environment or utilities (Non-module affecting changes) - [ ] Azure Verified Module updates: - [x] Bugfix containing backwards-compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `version.json`: - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `version.json`. - [ ] Breaking changes and I have bumped the MAJOR version in `version.json`. - [ ] Update to documentation --------- Co-authored-by: Petter Høvik Lintoft <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Rebased from #4435
Original description:
Ref: #4258
Issue Summary:
When deploying the Storage Account module with a Blob container, the denyEncryptionScopeOverride parameter in the container's main.bicep template is incorrectly being set to null instead of explicitly retaining the expected false value when configured as such.
This behavior causes potential misconfigurations when deployed on a existing storage account that already has this variable set to false, as you are not allowed to change this property after its creation.
cc: @PetterHL
Pipeline Reference
Type of Change
version.json:version.json.version.json.