aliencube · justinyoo · Sep 14, 2024 · Aug 31, 2024 · Aug 31, 2024 · Sep 1, 2024
diff --git a/infra/aspire.bicep b/infra/aspire.bicep
@@ -39,6 +39,14 @@ var resourceToken = uniqueString(resourceGroup().id)
 #disable-next-line no-unused-vars
 // var apiServiceName = 'python-api'
 
+
+// Define tables for the storage account
+param tables array = [
+    {
+        name: 'events'
+    }
+]
+
 // Add resources to be provisioned below.
 
 // Provision Key Vault
@@ -54,6 +62,17 @@ module keyVault './core/security/keyvault.bicep' = {
   }
 }
 
+// Provision Storage Account
+module storageAccount 'core/storage/storage-account.bicep' = {
+    name: 'storageAccount'
+    params: {
+        name: 'st${resourceToken}'
+        location: location
+        tags: tags
+        tables: tables
+    }
+}
+
 // Add outputs from the deployment here, if needed.
 //
 // This allows the outputs to be referenced by other bicep deployments in the deployment pipeline,

diff --git a/infra/core/storage/storage-account.bicep b/infra/core/storage/storage-account.bicep
@@ -0,0 +1,107 @@
+metadata description = 'Creates an Azure storage account.'
+param name string
+param location string = resourceGroup().location
+param tags object = {}
+
+@allowed([
+  'Cool'
+  'Hot'
+  'Premium' ])
+param accessTier string = 'Hot'
+param allowBlobPublicAccess bool = true
+param allowCrossTenantReplication bool = true
+param allowSharedKeyAccess bool = true
+param containers array = []
+param corsRules array = []
+param defaultToOAuthAuthentication bool = false
+param deleteRetentionPolicy object = {}
+@allowed([ 'AzureDnsZone', 'Standard' ])
+param dnsEndpointType string = 'Standard'
+param files array = []
+param kind string = 'StorageV2'
+param minimumTlsVersion string = 'TLS1_2'
+param queues array = []
+param shareDeleteRetentionPolicy object = {}
+param supportsHttpsTrafficOnly bool = true
+param tables array = []
+param networkAcls object = {
+  bypass: 'AzureServices'
+  defaultAction: 'Allow'
+}
+@allowed([ 'Enabled', 'Disabled' ])
+param publicNetworkAccess string = 'Enabled'
+param sku object = { name: 'Standard_LRS' }
+
+resource storage 'Microsoft.Storage/storageAccounts@2023-01-01' = {
+  name: name
+  location: location
+  tags: tags
+  kind: kind
+  sku: sku
+  properties: {
+    accessTier: accessTier
+    allowBlobPublicAccess: allowBlobPublicAccess
+    allowCrossTenantReplication: allowCrossTenantReplication
+    allowSharedKeyAccess: allowSharedKeyAccess
+    defaultToOAuthAuthentication: defaultToOAuthAuthentication
+    dnsEndpointType: dnsEndpointType
+    minimumTlsVersion: minimumTlsVersion
+    networkAcls: networkAcls
+    publicNetworkAccess: publicNetworkAccess
+    supportsHttpsTrafficOnly: supportsHttpsTrafficOnly
+  }
+
+  resource blobServices 'blobServices' = if (!empty(containers)) {
+    name: 'default'
+    properties: {
+      cors: {
+        corsRules: corsRules
+      }
+      deleteRetentionPolicy: deleteRetentionPolicy
+    }
+    resource container 'containers' = [for container in containers: {
+      name: container.name
+      properties: {
+        // todo: Warning use-safe-access: Use the safe access (.?) operator instead of checking object contents with the 'contains' function. [https://aka.ms/bicep/linter/use-safe-access]
+        publicAccess: contains(container, 'publicAccess') ? container.publicAccess : 'None'
+      }
+    }]
+  }
+
+  resource fileServices 'fileServices' = if (!empty(files)) {
+    name: 'default'
+    properties: {
+      cors: {
+        corsRules: corsRules
+      }
+      shareDeleteRetentionPolicy: shareDeleteRetentionPolicy
+    }
+  }
+
+  resource queueServices 'queueServices' = if (!empty(queues)) {
+    name: 'default'
+    properties: {
+
+    }
+    resource queue 'queues' = [for queue in queues: {
+      name: queue.name
+      properties: {
+        metadata: {}
+      }
+    }]
+  }
+
+  resource tableServices 'tableServices' = if (!empty(tables)) {
+    name: 'default'
+    properties: {}
+    // create tables pre-defined in aspire.bicep
+    resource table 'tables' = [for table in tables: {
+      name: table.name
+      properties: {}
+    }]
+  }
+}
+
+output id string = storage.id
+output name string = storage.name
+output primaryEndpoints object = storage.properties.primaryEndpoints