Azure Storage Account (secure-by-default)
Storage account with containers/file shares, lifecycle rules, network rules, CMK encryption and private endpoint options — Azure's most-deployed resource done right.
Verification
Live-testedReally deployed, verified, idempotent and destroyed in a cloud sandbox.
Conformance
- Static validation (fmt · validate · tflint)
- Security scan: findings disclosed (Checkov)
- Plan tests (mocked: validation rules · outputs)
Provenance
- SHA-256 checksum
- Signature (pending)
Functional
- Live-tested — applied, verified, destroyed
Last verified 2026-06-29 · how we verify
Documentation
azure-storage-account
Storage account with containers/file shares, lifecycle rules, network rules,
CMK encryption and private endpoint options — Azure's most-deployed resource
done right. Secure by default: HTTPS-only with TLS 1.2+, Entra-ID-first auth
(shared keys off), anonymous blob access off, network default-deny with
trusted-services bypass, infrastructure (double) encryption, blob versioning
and 7-day blob/container soft delete. Works with Terraform and OpenTofu
(>= 1.6), azurerm provider >= 4.0, < 5.0.
Requirements
| Requirement | Version |
|---|---|
| Terraform / OpenTofu | >= 1.6 |
hashicorp/azurerm | >= 4.0, < 5.0 |
Verification
Static-validated (fmt, validate, tflint). Live apply/destroy testing pending cloud sandbox availability — see catalog status.
License
Commercial — IaC Bazaar EULA. © IaC Bazaar. Original work (not derived from a third-party module).
Usage code & full reference unlock after purchase
The complete copy-paste usage, the full input/output reference, and operational notes ship with your licence — shown here and bundled in the download.
- Usage
- Inputs
- Outputs
- Notes — the auth toggles that trip people up