Home > Blockchain >  Access storage account using SAS in terraform
Access storage account using SAS in terraform

Time:02-18

I do not have access to a storage account. I am provided only with SAS token at container level. Need to upload a file(create a blob within the container) to the storage account as blob in terraform.

This is my below code. Where to use the SAS token inorder to create a blob within the container.

data "azurerm_storage_account" "eg" {
  name                = "abc"
  resource_group_name = "xyz-rg"
}

resource "azurerm_storage_blob" "test" {
  name                   = "${local.currentdate}_${var.filename}"
  storage_account_name   = data.azurerm_storage_account.eg.name
  storage_container_name = "ctr"
  type                   = "Block"
  source                 = "./myfile.txt"
}

If my storage account is in another subscription will they following block of code work. I am getting ResourceNotFound error.

resource "azurerm_storage_blob" "test" {
  provider               = azurerm.aabbxx
  name                   = "${local.currentdate}_${var.filename}"
  storage_account_name   = "mystacc"
  storage_container_name = "ctr"
  type                   = "Block"

  provisioner "local-exec" {
    command = "az storage blob upload --account-name mystacc -f ./myFile.csv -c ctr -n MyBlob --sas-token {SAS-token}"
  }

CodePudding user response:

simple answer: if you do not have access to the storage account resource, you will not be able to manage/create the blob like that. You could use a local-exec with azure CLI

Something like this

resource "foo" "bar" {
  provisioner "local-exec" {
    command = "az storage blob upload -f /path/to/file -c mycontainer -n MyBlob --sas-token {MY-SAS}"
  }
}

https://docs.microsoft.com/en-us/cli/azure/storage/blob?view=azure-cli-latest#az-storage-blob-upload

  • Related