Skip to content

azurerm_security_center_storage_defender - support for the malware_scanning_blob_scan_results_options property#31637

Open
dixneuf19 wants to merge 2 commits intohashicorp:mainfrom
dixneuf19:feature/storage-defender-blob-scan-results-options
Open

azurerm_security_center_storage_defender - support for the malware_scanning_blob_scan_results_options property#31637
dixneuf19 wants to merge 2 commits intohashicorp:mainfrom
dixneuf19:feature/storage-defender-blob-scan-results-options

Conversation

@dixneuf19
Copy link
Copy Markdown

@dixneuf19 dixneuf19 commented Jan 31, 2026

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave "+1" or "me too" comments, they generate extra noise for PR followers and do not help prioritize for review

PR Checklist

  • Have you followed the guidelines in our Contributing Documentation?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Have you used a meaningful PR description to help maintainers and other users understand this change and help prevent duplicate work?

Changes to existing Resource / Data Source

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your resource or datasource changes?
  • Have you successfully run tests with your changes locally? If not, please provide details on testing challenges that prevented you running the tests.

Documentation Changes

  • Documentation is written in International English.
  • Documentation is written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.

Description

This PR adds support for the malware_scanning_blob_scan_results_options property in the azurerm_security_center_storage_defender resource.

This property allows users to configure how malware scan results are saved:

  • BlobIndexTags (default): Write scan results as blob index tags
  • None: Do not save scan results

This feature was recently added to the Azure API and allows users to disable the automatic tagging of scanned blobs with index tags, which can be useful in scenarios where blob index tags are not desired.

Changes made:

  1. Added BlobScanResultsOptions field to the vendored SDK model (MalwareScanningProperties) --> SDK updated since
  2. Added malware_scanning_blob_scan_results_options property to the resource schema
  3. Updated Create, Read, and Update functions to handle the new property
  4. Added tests for both default behavior (BlobIndexTags) and explicit None value
  5. Updated documentation

Related Issue(s)

Fixes #31631

Change Log

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

References

Julen Dixneuf and others added 2 commits February 24, 2026 12:30
…_scanning_blob_scan_results_options` property
Co-authored-by: Cursor <cursoragent@cursor.com>
@dixneuf19 dixneuf19 force-pushed the feature/storage-defender-blob-scan-results-options branch from 33c0898 to cada079 Compare February 24, 2026 12:14
@dixneuf19
Copy link
Copy Markdown
Author

Hi,
Updated the PR after the sdk upgrade made some changes stales. Now it is simpler, only implementing the missing use of the malware_scanning_blob_scan_results_options option

@v-yhyeo0202
Copy link
Copy Markdown
Collaborator

I have opened PR #31964 which part of it deals with the same issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Support for malware scanning blobScanResultsOptions in defender for storage

4 participants