Account is the Schema for the Accounts API. Manages a Azure Storage Account.
Type
CRD
Group
storage.azure.upbound.io
Version
v1beta1
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
AccountSpec defines the desired state of Account
No description provided.
A azure_files_authentication block as defined below.
A active_directory block as defined below. Required when directory_type is AD.
A blob_properties block as defined below.
A container_delete_retention_policy block as defined below.
A cors_rule block as defined below.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A delete_retention_policy block as defined below.
A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
A custom_domain block as documented below.
A customer_managed_key block as documented below.
An identity block as defined below.
Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
An immutability_policy block as defined below. Changing this forces a new resource to be created.
A network_rules block as documented below.
Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
One or More private_link_access block as defined below.
A list of resource ids for subnets.
A queue_properties block as defined below.
A cors_rule block as defined above.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A hour_metrics block as defined below.
A logging block as defined below.
A minute_metrics block as defined below.
Reference to a ResourceGroup in azure to populate resourceGroupName.
Policies for referencing.
Selector for a ResourceGroup in azure to populate resourceGroupName.
Policies for selection.
A routing block as defined below.
A sas_policy block as defined below.
A share_properties block as defined below.
A cors_rule block as defined below.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A retention_policy block as defined below.
A smb block as defined below.
A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.
A static_website block as defined below.
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. InitProvider holds the same fields as ForProvider, with the exception of Identifier and other resource reference fields. The fields that are in InitProvider are merged into ForProvider when the resource is created. The same fields are also added to the terraform ignore_changes hook, to avoid updating them after creation. This is useful for fields that are required on creation, but we do not desire to update them after creation, for example because of an external controller is managing them, like an autoscaler.
A azure_files_authentication block as defined below.
A active_directory block as defined below. Required when directory_type is AD.
A blob_properties block as defined below.
A container_delete_retention_policy block as defined below.
A cors_rule block as defined below.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A delete_retention_policy block as defined below.
A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
A custom_domain block as documented below.
A customer_managed_key block as documented below.
An identity block as defined below.
Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
An immutability_policy block as defined below. Changing this forces a new resource to be created.
A network_rules block as documented below.
Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
One or More private_link_access block as defined below.
A list of resource ids for subnets.
A queue_properties block as defined below.
A cors_rule block as defined above.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A hour_metrics block as defined below.
A logging block as defined below.
A minute_metrics block as defined below.
A routing block as defined below.
A sas_policy block as defined below.
A share_properties block as defined below.
A cors_rule block as defined below.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A retention_policy block as defined below.
A smb block as defined below.
A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.
A static_website block as defined below.
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
AccountStatus defines the observed state of Account.
No description provided.
A azure_files_authentication block as defined below.
A active_directory block as defined below. Required when directory_type is AD.
A blob_properties block as defined below.
A container_delete_retention_policy block as defined below.
A cors_rule block as defined below.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A delete_retention_policy block as defined below.
A restore_policy block as defined below. This must be used together with delete_retention_policy set, versioning_enabled and change_feed_enabled set to true.
A custom_domain block as documented below.
A customer_managed_key block as documented below.
An identity block as defined below.
Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account.
An immutability_policy block as defined below. Changing this forces a new resource to be created.
A network_rules block as documented below.
Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None.
List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. /31 CIDRs, /32 CIDRs, and Private IP address ranges (as defined in RFC 1918), are not allowed.
One or More private_link_access block as defined below.
A list of resource ids for subnets.
A queue_properties block as defined below.
A cors_rule block as defined above.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A hour_metrics block as defined below.
A logging block as defined below.
A minute_metrics block as defined below.
A routing block as defined below.
A sas_policy block as defined below.
A share_properties block as defined below.
A cors_rule block as defined below.
A list of headers that are allowed to be a part of the cross-origin request.
A list of HTTP methods that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
A list of origin domains that will be allowed by CORS.
A list of response headers that are exposed to CORS clients.
A retention_policy block as defined below.
A smb block as defined below.
A set of SMB authentication methods. Possible values are NTLMv2, and Kerberos.
A set of SMB channel encryption. Possible values are AES-128-CCM, AES-128-GCM, and AES-256-GCM.
A set of Kerberos ticket encryption. Possible values are RC4-HMAC, and AES-256.
A set of SMB protocol versions. Possible values are SMB2.1, SMB3.0, and SMB3.1.1.
A static_website block as defined below.
Conditions of the resource.
saflow2762022
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
name: saflow2762022
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: Norway East
resourceGroupNameRef:
name: norway-watcher-rg
tags:
provisioner: crossplane
writeConnectionSecretToRef:
name: example-storage-account
namespace: upbound-system
example0001
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: machinelearningservices/v1beta1/workspace
labels:
testing.upbound.io/example-name: example0001
name: example0001
spec:
forProvider:
accountReplicationType: GRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: rgworkspace
insightsmds
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: insights/v1beta1/monitordiagnosticsetting
labels:
testing.upbound.io/example-name: insightsmds
name: insightsmds
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: insightsmds
servaccountfiltersacc
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: media/v1beta1/serviceaccountfilter
labels:
testing.upbound.io/example-name: servaccountfiltersacc
name: servaccountfiltersacc
spec:
forProvider:
accountReplicationType: GRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: servaccountfilter-rg
example0001
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: hdinsight/v1beta1/hadoopcluster
uptest.upbound.io/pre-delete-hook: testhooks/delete-hadoopcluster.sh
labels:
testing.upbound.io/example-name: example0001
name: example0001
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: rghadoopcluster
writeConnectionSecretToRef:
name: example-storage-account
namespace: upbound-system
exacc001
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: machinelearningservices/v1beta1/computecluster
labels:
testing.upbound.io/example-name: exacc001
name: exacc001
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: rgcomputecluster
dlgpexample
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: storage/v1beta1/datalakegen2path
labels:
testing.upbound.io/example-name: example
name: dlgpexample
spec:
forProvider:
accountKind: StorageV2
accountReplicationType: LRS
accountTier: Standard
isHnsEnabled: true
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
esehexample
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: timeseriesinsights/v1beta1/eventsourceeventhub
labels:
testing.upbound.io/example-name: example
name: esehexample
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
example-storage-account
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
crossplane.io/external-name: crossplestoraccsql13722
upjet.upbound.io/manual-intervention: Creation of MSSQLManagedInstance takes 4
hours, see
https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/management-operations-overview?view=azuresql#duration
name: example-storage-account
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameRef:
name: example-sql-rg
tags:
provisioner: crossplane
writeConnectionSecretToRef:
name: example-storage-account
namespace: upbound-system
upbound
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: security/v1beta1/advancedthreatprotection
upjet.upbound.io/manual-intervention: This resource is dependency of AdvancedThreatProtection.
labels:
testing.upbound.io/example-name: example
name: upbound
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
tags:
environment: example
example0001
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: machinelearningservices/v1beta1/computeinstance
labels:
testing.upbound.io/example-name: example0001
name: example0001
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: rgcomputeinstance01
hmsfdex
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: healthcareapis/v1beta1/healthcaremedtechservicefhirdestination
labels:
testing.upbound.io/example-name: example
name: hmsfdex
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: East US
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
mssqlvulnassessmentacc
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: sql/v1beta1/mssqlservervulnerabilityassessment
upjet.upbound.io/manual-intervention: Requires existing blob storage path and key
labels:
testing.upbound.io/example-name: mssqlvulnassessmentacc
name: mssqlvulnassessmentacc
spec:
forProvider:
accountReplicationType: GRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: mssqlvulnassessment-rg
accountqwertynameabc
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: synapse/v1beta1/workspaceextendedauditingpolicy
labels:
testing.upbound.io/example-name: account-label
name: accountqwertynameabc
spec:
forProvider:
accountKind: StorageV2
accountReplicationType: LRS
accountTier: Standard
isHnsEnabled: true
location: East US
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: security-alert-resource-group-label
exampleaccountservice
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: media/v1beta1/asset
labels:
testing.upbound.io/example-name: example
name: exampleaccountservice
spec:
forProvider:
accountReplicationType: GRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
writeConnectionSecretToRef:
name: example-storage-account
namespace: upbound-system
upteststorageacc
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: storage/v1beta1/blob
labels:
testing.upbound.io/example-name: example
name: upteststorageacc
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example-storage-blob
integruntimeaccountab
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: synapse/v1beta1/integrationruntimeselfhosted
labels:
testing.upbound.io/example-name: account-label
name: integruntimeaccountab
spec:
forProvider:
accountKind: StorageV2
accountReplicationType: LRS
accountTier: Standard
isHnsEnabled: true
location: UAE North
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: integration-rg-label
lsabsexample
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: datafactory/v1beta1/linkedserviceazureblobstorage
labels:
testing.upbound.io/example-name: example
name: lsabsexample
spec:
forProvider:
accountKind: BlobStorage
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
assessmentaccountexample
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: synapse/v1beta1/workspacevulnerabilityassessment
labels:
testing.upbound.io/example-name: account-example-label
name: assessmentaccountexample
spec:
forProvider:
accountKind: StorageV2
accountReplicationType: LRS
accountTier: Standard
isHnsEnabled: true
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: ws-vulnerability-rg-label
tomonitor
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
labels:
testing.upbound.io/example-name: to_monitor
name: tomonitor
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example-insights
winfunctionappacc
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: web/v1beta1/windowsfunctionapp
uptest.upbound.io/timeout: "3600"
labels:
testing.upbound.io/example-name: winfunctionappacc
name: winfunctionappacc
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: East US
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: winfunctionapp-rg
systemtopicacc
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: eventgrid/v1beta1/systemtopic
labels:
testing.upbound.io/example-name: systemtopicacc
name: systemtopicacc
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: systemtopic-rg
tags:
environment: staging
accountqwertynameabcde
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: synapse/v1beta1/sparkpool
labels:
testing.upbound.io/example-name: account-label
name: accountqwertynameabcde
spec:
forProvider:
accountKind: StorageV2
accountReplicationType: LRS
accountTier: Standard
isHnsEnabled: true
location: East US 2
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: security-alert-resource-group-label
exampleoutputsynapse
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: streamanalytics/v1beta1/outputsynapse
labels:
testing.upbound.io/example-name: example
name: exampleoutputsynapse
spec:
forProvider:
accountKind: StorageV2
accountReplicationType: LRS
accountTier: Standard
isHnsEnabled: true
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
testuser001
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: recoveryservices/v1beta1/backupcontainerstorageaccount
labels:
testing.upbound.io/example-name: testuser001
name: testuser001
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: West Europe
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example
splsexample
apiVersion: storage.azure.upbound.io/v1beta1
kind: Account
metadata:
annotations:
meta.upbound.io/example-id: search/v1beta1/sharedprivatelinkservice
labels:
testing.upbound.io/example-name: example
name: splsexample
spec:
forProvider:
accountReplicationType: LRS
accountTier: Standard
location: east us
resourceGroupNameSelector:
matchLabels:
testing.upbound.io/example-name: example