azurerm_security_center_storage_defender - support for the malware_scanning_blob_scan_results_options property

[dixneuf19]

Community Note

• Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
• Please do not leave "+1" or "me too" comments, they generate extra noise for PR followers and do not help prioritize for review

PR Checklist

• Have you followed the guidelines in our Contributing Documentation?
• Have you checked to ensure there aren't other open Pull Requests for the same update/change?
• Have you used a meaningful PR description to help maintainers and other users understand this change and help prevent duplicate work?

Changes to existing Resource / Data Source

• Have you added an explanation of what your changes do and why you'd like us to include them?
• Have you written new tests for your resource or datasource changes?
• Have you successfully run tests with your changes locally? If not, please provide details on testing challenges that prevented you running the tests.

Documentation Changes

• Documentation is written in International English.
• Documentation is written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.

Description

This PR adds support for the malware_scanning_blob_scan_results_options property in the azurerm_security_center_storage_defender resource.

This property allows users to configure how malware scan results are saved:

• BlobIndexTags (default): Write scan results as blob index tags
• None: Do not save scan results

This feature was recently added to the Azure API and allows users to disable the automatic tagging of scanned blobs with index tags, which can be useful in scenarios where blob index tags are not desired.

Changes made:

1. Added BlobScanResultsOptions field to the vendored SDK model (MalwareScanningProperties) --> SDK updated since
2. Added malware_scanning_blob_scan_results_options property to the resource schema
3. Updated Create, Read, and Update functions to handle the new property
4. Added tests for both default behavior (BlobIndexTags) and explicit None value
5. Updated documentation

Related Issue(s)

Fixes #31631

Change Log

• azurerm_security_center_storage_defender - support for the malware_scanning_blob_scan_results_options property [Support for malware scanning blobScanResultsOptions in defender for storage #31631]

This is a (please select all that apply):

• Bug Fix
• New Feature (ie adding a service, resource, or data source)
• Enhancement
• Breaking Change

References

• https://techcommunity.microsoft.com/blog/microsoftdefendercloudblog/new-feature-in-defender-for-storage-optional-index-tags/4427987
• https://learn.microsoft.com/en-us/rest/api/defenderforcloud-composite/defender-for-storage/create?view=rest-defenderforcloud-composite-stable&tabs=HTTP#blobscanresultsoptions

[dixneuf19]

Hi,
Updated the PR after the sdk upgrade made some changes stales. Now it is simpler, only implementing the missing use of the malware_scanning_blob_scan_results_options option

[v-yhyeo0202]

I have opened PR #31964 which part of it deals with the same issue.