Merge pull request #128 from jloeffler7/explicitly-disable-storage-public-blob-access

Explicitly disable storage blob public access for workspace templates
2022-11-17 14:45:51 -08:00 · 2022-11-17 14:45:51 -08:00 · 878ca149f9
commit 878ca149f9
parent a9d3c7dc30 665947ee0e
3 changed files with 18 additions and 15 deletions
--- a/quickstart/101-machine-learning/workspace.tf
+++ b/quickstart/101-machine-learning/workspace.tf
@ -16,11 +16,12 @@ resource "azurerm_key_vault" "default" {
 }
 resource "azurerm_storage_account" "default" {
-  name                     = "st${var.name}${var.environment}"
+  name                            = "st${var.name}${var.environment}"
-  location                 = azurerm_resource_group.default.location
+  location                        = azurerm_resource_group.default.location
-  resource_group_name      = azurerm_resource_group.default.name
+  resource_group_name             = azurerm_resource_group.default.name
-  account_tier             = "Standard"
+  account_tier                    = "Standard"
-  account_replication_type = "GRS"
+  account_replication_type        = "GRS"
  allow_nested_items_to_be_public = false
 }
 resource "azurerm_container_registry" "default" {
--- a/quickstart/202-machine-learning-moderately-secure-existing-VNet/workspace.tf
+++ b/quickstart/202-machine-learning-moderately-secure-existing-VNet/workspace.tf
@ -21,11 +21,12 @@ resource "azurerm_key_vault" "default" {
 }
 resource "azurerm_storage_account" "default" {
-  name                     = "st${var.name}${var.environment}"
+  name                            = "st${var.name}${var.environment}"
-  location                 = azurerm_resource_group.default.location
+  location                        = azurerm_resource_group.default.location
-  resource_group_name      = azurerm_resource_group.default.name
+  resource_group_name             = azurerm_resource_group.default.name
-  account_tier             = "Standard"
+  account_tier                    = "Standard"
-  account_replication_type = "GRS"
+  account_replication_type        = "GRS"
  allow_nested_items_to_be_public = false
  network_rules {
    default_action = "Deny"
--- a/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf
@ -22,11 +22,12 @@ resource "azurerm_key_vault" "default" {
 }
 resource "azurerm_storage_account" "default" {
-  name                     = "st${var.name}${var.environment}"
+  name                            = "st${var.name}${var.environment}"
-  location                 = azurerm_resource_group.default.location
+  location                        = azurerm_resource_group.default.location
-  resource_group_name      = azurerm_resource_group.default.name
+  resource_group_name             = azurerm_resource_group.default.name
-  account_tier             = "Standard"
+  account_tier                    = "Standard"
-  account_replication_type = "GRS"
+  account_replication_type        = "GRS"
  allow_nested_items_to_be_public = false
  network_rules {
    default_action = "Deny"