From 891d0d168dde1a93531e5bd9d89abb28ef4c6944 Mon Sep 17 00:00:00 2001 From: ADO DevOps Date: Thu, 30 May 2024 00:04:11 +0000 Subject: [PATCH] Updated Docs --- .../Infrastructure/ASO Helm Library Chart.md | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/docs/Developer-Reference/Infrastructure/ASO Helm Library Chart.md b/docs/Developer-Reference/Infrastructure/ASO Helm Library Chart.md index 1864382..8fd97ea 100644 --- a/docs/Developer-Reference/Infrastructure/ASO Helm Library Chart.md +++ b/docs/Developer-Reference/Infrastructure/ASO Helm Library Chart.md @@ -472,10 +472,19 @@ userAssignedIdentity: serviceAccountName: ffc-demo ``` + ### Storage Account * Template file: `_storage-account.yaml` * Template name: `adp-aso-helm-library.storage-account.yaml` + +> **Version 2.0.0 and above** +> +> Starting from version 2.0.1, the Storage Account has been enhanced with role assignments. These data role assignments are now scoped at the storage account level, introducing two new data roles: DataWriter and DataReader. +> +> The DataWriter role grants applications the ability to both read and write data in the blob container, tables, and files. Conversely, the DataReader role provides applications with read-only access to data in the blob container, tables, and files. + + An ASO `StorageAccount` object to create a Microsoft.Storage/storageAccounts resource and optionally sub resources Blob Containers and Tables. | :memo: By default, private endpoints are always enabled on storage accounts and `publicNetworkAccess` is disabled. Optionally, you can also configure `ipRules` in scenarios where you want to limit access to your storage account to requests originating from specified IP addresses. | @@ -528,7 +537,31 @@ storageAccounts: The following values need to be set in the parent chart's `values.yaml` in addition to the globally required values [listed above](#all-template-required-values). + ``` +Version 2.0.0 and above + +storageAccounts: + - name: --Storage account name. Name should be lowercase letters and numbers and Maximum character limit is `9` + roleAssignments: + roleName: --RoleAssignment Name (Accepted values = "DataWriter", "DataReader") + - name: + blobContainers: + - name: --Blob container name. Name should be lowercase and can contain only letters, numbers, and the hyphen/minus (-) character. Character limit: 3-63 + - name: + tables: + - name: --Table name. Name should be lowercase and may contain only alphanumeric characters. and Character limit: 3-63 + - name: + fileShares: + - name: --File Share name. Name should be lowercase and may contain only alphanumeric characters. and Character limit: 3-63 + - name: --File Share name. Name should be lowercase and may contain only alphanumeric characters. and Character limit: 3-63 + accessTier: --Access Tier. Allowed values are TransactionOptimized, Hot, Cold. Default is TransactionOptimized + shareQuota: --Storage Quota. Share Quota is defined in GiB. Default is 10 +``` + +``` +Version 1.0.* + storageAccounts: - name: --Storage account name. Name should be lowercase letters and numbers and Maximum character limit is `9` - name: