I want to deploy my terraform infrastructure with an Azure DevOps pipeline, but I'm running into a problem with the storage account firewall. Here an example for a storage account:
resource "azurerm_storage_account" "storage_account" {
name = "mystorageaccount"
resource_group_name = "myresourcegroup"
...
network_rules {
default_action = "Deny"
bypass = ["AzureServices", "Logging"]
ip_rules = ["192.1.1.1"]
}
}
The initial creation of the storage account is successful, but because of the firewall rule all further actions, for example adding a container, fail with a not authorized exception.
Unfortunately adding a bypass rule for "AzureServices" does not work.
The reason I have to add the firewall rule is because of company security guidelines, so I cannot just remove it.
Is there a way to handle storage account firewall rules with azure devops?