We are in the process of upgrading our ARM Templates to Bicep, one of which is for storage. In the initially ported Bicep file, everything worked fine and then as part of my PR, it was highlighted that I'd left out isHnsEnabled.
I then adjusted my bicep script to include that property setting with a parameter as we are creating module libraries:
param saName string
param storageSku string
param tags object
param isHnsEnabled bool
resource storageaccount 'Microsoft.Storage/storageAccounts@2021-04-01' = {
name: saName
location: resourceGroup().location
tags: tags
sku: {
name: storageSku
}
kind: 'StorageV2'
identity: {
type: 'SystemAssigned'
}
properties: {
minimumTlsVersion: 'TLS1_2'
allowBlobPublicAccess: false
allowCrossTenantReplication: false
allowSharedKeyAccess: true
isHnsEnabled: isHnsEnabled
networkAcls: {
virtualNetworkRules: []
defaultAction: 'Deny'
}
encryption: {
keySource: 'Microsoft.Storage'
services: {
file: {
keyType: 'Account'
enabled: true
}
}
}
}
}
output name string = storageaccount.name
output id string = storageaccount.id
output identity string = storageaccount.identity.principalId
This yields the following error:
The property 'isHnsEnabled' was specified in the input, but it cannot be updated as it is read-only
I'm not sure if I need to set other properties in combination with this one, but nothing in the Microsoft Docs suggest that.I would have assumed if the resource was already created and the properties matched that Bicep would not try to change the resource via CICD.
Any suggestions would be much appreciated.
The isHnsEnabled property (to enable hierarchical namespace) can only be set when creating new resource.
You can check this article to know when to enable this feature: Deciding whether to enable a hierarchical namespace.
To upgrade your storage, you can follow this article: Upgrade Azure Blob Storage with Azure Data Lake Storage Gen2 capabilities.
Otherwise you could delete and recreate the storage account.