azureterraformazure-functionsazure-storageterraform-provider-azure
Terraform is complaining that azurerm_linux_function_app cannot support a storage_account block, but the docs state otherwise
My Azure file contains a Linux function and a storage account (as necessary for functions). I am trying to add a storage_account block, which is defined in the docs, but I am getting an error which says that storage_account blocks are not supported here.
# Configure the Azure provider
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 3.0.2"
}
}
required_version = ">= 1.1.0"
}
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "ytapp" {
name = "ytapp"
location = "eastus"
}
resource "azurerm_storage_account" "ytapp-storage" {
name = "ytappstorage"
resource_group_name = azurerm_resource_group.ytapp.name
location = azurerm_resource_group.ytapp.location
account_tier = "Standard"
account_replication_type = "LRS"
access_tier = "Hot"
}
resource "azurerm_storage_share" "ytapp-storage-share" {
name = "ytapp-storage-share"
storage_account_name = azurerm_storage_account.ytapp-storage
quota = 300
acl {
id = "redacted"
access_policy {
permissions = "rwdl"
}
}
}
resource "azurerm_service_plan" "ytapp-service-plan" {
name = "ytapp-service-plan"
resource_group_name = azurerm_resource_group.ytapp.name
location = azurerm_resource_group.ytapp.location
os_type = "Linux"
sku_name = "Y1"
}
resource "azurerm_application_insights" "ytapp-insights" {
name = "ytapp-insights"
location = azurerm_resource_group.ytapp.location
resource_group_name = azurerm_resource_group.ytapp
application_type = "other"
retention_in_days = 90
disable_ip_masking = false
}
output "instrumentation_key" {
value = azurerm_application_insights.ytapp-insights.instrumentation_key
}
output "app_id" {
value = azurerm_application_insights.ytapp-insights.app_id
}
resource "azurerm_linux_function_app" "ytapp-functions" {
name = "ytapp-functions"
resource_group_name = azurerm_resource_group.ytapp.name
location = azurerm_resource_group.ytapp.location
service_plan_id = azurerm_service_plan.ytapp-service-plan.id
site_config {
application_insights_key = azurerm_application_insights.ytapp-insights.instrumentation_key
}
storage_account {
access_key = azurerm_storage_account.ytapp-storage.primary_access_key
account_name = azurerm_storage_account.ytapp-storage.name
name = "ytapp-data"
share_name = azurerm_storage_share.ytapp-storage-share.name
type = "AzureFiles"
mount_path = "/videos"
}
}
│ Error: Unsupported block type
│
│ on main.tf line 80, in resource "azurerm_linux_function_app" "ytapp-functions":
│ 80: storage_account {
│
│ Blocks of type "storage_account" are not expected here.
I tried Googling, ChatGPT, I tried moving the block inside of the site_config (at ChatGPT's suggestion). I really want to keep this block so that I can mount a file store to my function.
Solution
Firstly, if you include the storage_account block in your terraform code, you must also include storage_account_name. The storage_account_access_key argument is optional because it is already provided in the storage_account block. There will be a conflict if you do not include this.
And, as @Marcin pointed out, always use the most recently released provider versions because some arguments and attribute references are not supported in earlier versions.
I modified your code as below and it worked for me as expected.
main.tf:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.61.0"
}
}
}
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "ytapp" {
name = "ytapp"
location = "eastus"
}
resource "azurerm_storage_account" "ytapp-storage" {
name = "ytappstorage"
resource_group_name = azurerm_resource_group.ytapp.name
location = azurerm_resource_group.ytapp.location
account_tier = "Standard"
account_replication_type = "LRS"
access_tier = "Hot"
}
resource "azurerm_storage_share" "ytapp-storage-share" {
name = "ytapp-storage-share"
storage_account_name = "ytappstorage"
quota = 300
acl {
id = "redacted"
access_policy {
permissions = "rwdl"
}
}
}
resource "azurerm_service_plan" "ytapp-service-plan" {
name = "ytapp-service-plan"
resource_group_name = azurerm_resource_group.ytapp.name
location = azurerm_resource_group.ytapp.location
os_type = "Linux"
sku_name = "Y1"
}
resource "azurerm_application_insights" "ytapp-insights" {
name = "ytapp-insights"
location = azurerm_resource_group.ytapp.location
resource_group_name = azurerm_resource_group.ytapp.name
application_type = "other"
retention_in_days = 90
disable_ip_masking = false
}
output "app_id" {
value = azurerm_application_insights.ytapp-insights.app_id
}
resource "azurerm_linux_function_app" "ytapp-functions" {
name = "ytapp-functions"
resource_group_name = azurerm_resource_group.ytapp.name
location = azurerm_resource_group.ytapp.location
service_plan_id = azurerm_service_plan.ytapp-service-plan.id
site_config {
application_insights_key = azurerm_application_insights.ytapp-insights.instrumentation_key
}
storage_account_name = "ytappstorage"
storage_account {
name = "MynewShare"
type = "AzureFiles"
account_name = azurerm_storage_account.ytapp-storage.name
share_name = "sharedaccount"
access_key = azurerm_storage_account.ytapp-storage.primary_access_key
mount_path = "/directory"
}
}
terraform init:
terraform plan:
terraform apply:
The storage account has been successfully linked to the linux_function_app.
- How can I define compile time constants in bicep configuration language?
- Outlook calendar don't render with FullCalendar
- Azure functions decoding error for IotHub device connection state message schema
- How do I set scope in Azure API Manager (APIM) when using D_application_id
- How to mount multiple disks in a loop using ansible
- How can I get sub value in nested json via KQL?
- Azure .NET SDK: Scale Azure SQL databases through SDK
- How can I invoke Azure Trusted Signing from a Linux OS?
- How to transfer "Set Variable" activity output into Json file using "Copy Data" activity or any other options?
- Verify Microsoft Access token on my ASP.NET Core Web API
- I'm trying to install the package from a private Azure DevOps repository using the pip install command, but I'm encountering an error
- Unable to define the sites for an App Registration for SahrePoint with Site.Selected
- Check if the resource exists before using data
- Not able to see azure 'LifecyclePolicyCompleted event' log
- Direct Web Push gives Error when used from Notification Hub
- Azure Remove User Consent to API
- Flutter-Azure Deviops pipelineThe discrepancy between the number of tests reported as passed or failed in the pipeline output and the test report
- App_location on deployment of a static webapp
- MSINotEnabled - Can't use KeyVault Reference in Azure Function
- Reading values from a key value based file and passing these values to azure devops template
- Deleting an Azure Loadbalancer Frontend IP configuration from python?
- How to retrieve the front door id from a Microsoft CDN (classic)
- What is HEAD operation in CosmosDB reported in Azure Monitoring
- Deploying a Python App to Azure App Service with Github Actions
- How to Query User Access Logs for Azure Front Door
- How can I add email recipients to a Graph API request programmatically?
- How to create Azure Devops Service Connection Docker Registry Type Other
- Problem with CORS policy in React front end with FastAPI on the back trying to use Microsoft Single Sign-on
- Azure Document Intelligence Custom Classification Python API
- Azure Function App unaccounted for time in Application Insights Timeline