Terraform: Support for Storage Private Endpoints #964
Description
Is your feature request related to a problem? Please describe.
Storage Account trips our security scanner.
Describe the solution you'd like
It would be great if options on the module existed to disable public_network_access_enabled on the storage, add network_rules and create (or utilize existing) private endpoints.
Describe alternatives you've considered
Forking the module, or using Terraform data sources to get the storage account and updating it
Greetings and thanks for this software, we just started using it and it really does the job. Much appreciated.
We use automated security scanning and compliance software to monitor Azure and alert us to things that need addressing. After installing Acmebot, we got alerts that the storage of the Function App has triggerred two rules:
- TEST 104: Cloud Storage Public Access Disabled
- TEST 253: Azure Storage Accounts Accessed Via Private Endpoints
Looking through the code, it doesn't look like this is supported. It would be great if this was added. I'm attempting a workaround where we get the storage as a data source and attempt to use Terrafrom to add what's needed after the fact.