variables.table.tf (53 lines of code) (raw):
variable "tables" {
type = map(object({
name = string
signed_identifiers = optional(list(object({
id = string
access_policy = optional(object({
expiry_time = string
permission = string
start_time = string
}))
})))
role_assignments = optional(map(object({
role_definition_id_or_name = string
principal_id = string
description = optional(string, null)
skip_service_principal_aad_check = optional(bool, false)
condition = optional(string, null)
condition_version = optional(string, null)
delegated_managed_identity_resource_id = optional(string, null)
})), {})
timeouts = optional(object({
create = optional(string)
delete = optional(string)
read = optional(string)
update = optional(string)
}))
}))
default = {}
description = <<-EOT
- `name` - (Required) The name of the storage table. Only Alphanumeric characters allowed, starting with a letter. Must be unique within the storage account the table is located. Changing this forces a new resource to be created.
---
`acl` block supports the following:
- `id` - (Required) The ID which should be used for this Shared Identifier.
---
`access_policy` block supports the following:
- `expiry` - (Required) The ISO8061 UTC time at which this Access Policy should be valid until.
- `permissions` - (Required) The permissions which should associated with this Shared Identifier.
- `start` - (Required) The ISO8061 UTC time at which this Access Policy should be valid from.
---
`timeouts` block supports the following:
- `create` - (Defaults to 30 minutes) Used when creating the Storage Table.
- `delete` - (Defaults to 30 minutes) Used when deleting the Storage Table.
- `read` - (Defaults to 5 minutes) Used when retrieving the Storage Table.
- `update` - (Defaults to 30 minutes) Used when updating the Storage Table.
Supply role assignments in the same way as for `var.role_assignments`.
EOT
nullable = false
}
variable "table_encryption_key_type" {
type = string
default = null
description = "(Optional) The encryption type of the table service. Possible values are `Service` and `Account`. Changing this forces a new resource to be created. Default value is `Service`."
}