Azure ARM Template

1
votes

Need you Help on something really quick :

  1. How to set storage account "soft delete" option enabled using arm template?

2.What's the property that I should be using in arm template. Tried browsing through this site but couldn't get muchinformation - https://docs.microsoft.com/en-us/rest/api/storagerp/storageaccounts/getproperties

Any help is Much Appreciated.

Rocky

3
azureazure-sql-databaseazure-active-directoryazure-web-app-serviceazure-blob-storage
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow.astaykov

3 Answers

1
votes

I do not think it is currently possible to configure soft delete using ARM. Soft delete is a blob service property, not a property of the storage account.

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-soft-delete#powershell

1
votes

It seems that with the release of the 2018-11-01 version of the storage template it's now possible to enable soft delete in your ARM template. Below you can find the template I've used:

{
    "parameters": {
        "NameForResources": {
            "type": "string",
        },
        "ResourceLocation": {
            "type": "string",
            "defaultValue": "westeurope"
        },
        "Storage_Type": {
            "type": "string",
            "defaultValue": "Standard_LRS",
            "allowedValues": [
                "Standard_LRS",
                "Standard_GRS",
                "Standard_ZRS"
            ],
            "metadata": {
                "description": "Storage Account type"
            }
        }
    },
    "resources": [
        {
            "type": "Microsoft.Storage/storageAccounts",
            "sku": {
                "name": "[parameters('Storage_Type')]"
            },
            "kind": "Storage",
            "name": "[parameters('NameForResources')]",
            "apiVersion": "2018-11-01",
            "location": "[parameters('ResourceLocation')]",
            "properties": {
                "encryption": {
                    "services": {
                        "blob": {
                            "enabled": true
                        },
                        "file": {
                            "enabled": true
                        }
                    },
                    "keySource": "Microsoft.Storage"
                },
                "supportsHttpsTrafficOnly": true
            },
            "resources": [
                {
                    "name": "[concat(parameters('NameForResources'),'/','default')]",
                    "type": "Microsoft.Storage/storageAccounts/blobServices",
                    "apiVersion": "2018-11-01",
                    "properties": {                      
                        "deleteRetentionPolicy": {
                        "enabled": true,
                        "days": 30
                        }
                    },
                    "dependsOn": ["[concat('Microsoft.Storage/storageAccounts/', parameters('NameForResources'))]"]
                }
            ]
        }
    ],
    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0"
}
0
votes

For keyvaults, use "enableSoftDelete": true.
For storage accounts, add a blob service with 1) the following properties and 2) a dependsOn condition on the storage account:

{
  "name": "[concat(parameters('storageAccountName'), '/default')]",
  "type": "Microsoft.Storage/storageAccounts/blobServices",
  "apiVersion": "2018-07-01",
  "properties": {
    "deleteRetentionPolicy": {
      "enabled": true,
      "days": 30
    }
  },
  "dependsOn": [
    "[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]"
  ]
}