Avoid deprecated terraform arguments

DFE-Digital · Nov 22, 2024 · c32c8a5 · c32c8a5
1 parent 0fd1b69
commit c32c8a5
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 48 deletions.
diff --git a/terraform/azure-remote-state/main.tf b/terraform/azure-remote-state/main.tf
@@ -11,7 +11,7 @@ terraform {
 }
 
 provider "azurerm" {
-  skip_provider_registration = "true"
+  resource_provider_registrations = "none"
 
   features {}
 }
@@ -37,32 +37,11 @@ resource "azurerm_storage_account" "tfstate" {
   resource_group_name             = azurerm_resource_group.tfstate.name
   location                        = var.default_azure_region
   account_tier                    = "Standard"
+  account_kind                    = "StorageV2"
   min_tls_version                 = "TLS1_2"
   account_replication_type        = "LRS"
   allow_nested_items_to_be_public = false
 
-  queue_properties {
-    logging {
-      delete                = true
-      read                  = true
-      write                 = true
-      version               = "1.0"
-      retention_policy_days = 10
-    }
-    hour_metrics {
-      enabled               = true
-      include_apis          = true
-      version               = "1.0"
-      retention_policy_days = 10
-    }
-    minute_metrics {
-      enabled               = true
-      include_apis          = true
-      version               = "1.0"
-      retention_policy_days = 10
-    }
-  }
-
   tags = merge(local.common_tags, {
     "Region" = var.default_azure_region
   })
@@ -75,10 +54,34 @@ resource "azurerm_storage_account" "tfstate" {
   #checkov:skip=CKV2_AZURE_33:VNet not configured
 }
 
+resource "azurerm_storage_account_queue_properties" "tfstateq" {
+  storage_account_id = azurerm_storage_account.tfstate.id
+
+  logging {
+    version               = "1.0"
+    delete                = true
+    read                  = true
+    write                 = true
+    retention_policy_days = 10
+  }
+
+  hour_metrics {
+    version               = "1.0"
+    include_apis          = true
+    retention_policy_days = 10
+  }
+
+  minute_metrics {
+    version               = "1.0"
+    include_apis          = true
+    retention_policy_days = 10
+  }
+}
+
 resource "azurerm_storage_container" "tfstate" {
   name                  = "${var.resource_name_prefix}-tfstate-stc"
-  storage_account_name  = azurerm_storage_account.tfstate.name
+  storage_account_id    = azurerm_storage_account.tfstate.id
   container_access_type = "private"
 
   #checkov:skip=CKV2_AZURE_21:Logging not required
-}
+}
diff --git a/terraform/modules/azure-storage/storage.tf b/terraform/modules/azure-storage/storage.tf
@@ -3,34 +3,13 @@ resource "azurerm_storage_account" "sa" {
   resource_group_name              = var.resource_group
   location                         = var.location
   account_tier                     = "Standard"
+  account_kind                     = "StorageV2"
   min_tls_version                  = "TLS1_2"
   account_replication_type         = "LRS"
   allow_nested_items_to_be_public  = false
   cross_tenant_replication_enabled = false
   shared_access_key_enabled        = true
 
-  queue_properties {
-    logging {
-      delete                = true
-      read                  = true
-      write                 = true
-      version               = "1.0"
-      retention_policy_days = 10
-    }
-    hour_metrics {
-      enabled               = true
-      include_apis          = true
-      version               = "1.0"
-      retention_policy_days = 10
-    }
-    minute_metrics {
-      enabled               = true
-      include_apis          = true
-      version               = "1.0"
-      retention_policy_days = 10
-    }
-  }
-
   blob_properties {
     delete_retention_policy {
       days = 7
@@ -58,6 +37,30 @@ resource "azurerm_storage_account" "sa" {
   #checkov:skip=CKV2_AZURE_33:VNet not configured
 }
 
+resource "azurerm_storage_account_queue_properties" "saq" {
+  storage_account_id = azurerm_storage_account.sa.id
+
+  logging {
+    version               = "1.0"
+    delete                = true
+    read                  = true
+    write                 = true
+    retention_policy_days = 10
+  }
+
+  hour_metrics {
+    version               = "1.0"
+    include_apis          = true
+    retention_policy_days = 10
+  }
+
+  minute_metrics {
+    version               = "1.0"
+    include_apis          = true
+    retention_policy_days = 10
+  }
+}
+
 resource "azurerm_storage_account_network_rules" "sa_network_rules" {
   storage_account_id         = azurerm_storage_account.sa.id
   default_action             = "Deny"
@@ -68,7 +71,7 @@ resource "azurerm_storage_account_network_rules" "sa_network_rules" {
 
 resource "azurerm_storage_container" "data_protection" {
   name                  = "data-protection"
-  storage_account_name  = azurerm_storage_account.sa.name
+  storage_account_id    = azurerm_storage_account.sa.id
   container_access_type = "private"
 
   #checkov:skip=CKV2_AZURE_21:Logging not required