Enable Azure StorageV2 static website (preview) feature using ARM template

Asked 3/7, 2018 at 7:51 Answered 5/11, 2021 at 14:55

Solved azure azure-storage azure-blob-storage azure-resource-manager

Im trying to write an ARM template that creates a storage account with the new static website (preview) feature:

When I go to the Automation Script blade I don't see any related settings within the ARM template:

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "storageAccounts_spastore_name": {
            "defaultValue": "spastore",
            "type": "String"
        }
    },
    "variables": {},
    "resources": [
        {
            "type": "Microsoft.Storage/storageAccounts",
            "sku": {
                "name": "Standard_LRS",
                "tier": "Standard"
            },
            "kind": "StorageV2",
            "name": "[parameters('storageAccounts_spastore_name')]",
            "apiVersion": "2018-02-01",
            "location": "westeurope",
            "tags": {
                "purpose": "example"
            },
            "scale": null,
            "properties": {
                "networkAcls": {
                    "bypass": "AzureServices",
                    "virtualNetworkRules": [],
                    "ipRules": [],
                    "defaultAction": "Allow"
                },
                "supportsHttpsTrafficOnly": false,
                "encryption": {
                    "services": {
                        "file": {
                            "enabled": true
                        },
                        "blob": {
                            "enabled": true
                        }
                    },
                    "keySource": "Microsoft.Storage"
                },
                "accessTier": "Hot"
            },
            "dependsOn": []
        }
    ]
}

I also don't see any related settings within the Azure Resource Explorer. I am aware that I have to use a newer API version as well but I don't know how to enable the feature using an ARM Template?

Qualified answered 3/7, 2018 at 7:51 Comment(0)

I don't think you can (at least as of today). ARM templates are meant for controlling the Control Plane whereas Static Websites Settings feature is exposed as part of Data Plane which is accessed by Storage Service REST API.

With the announcement of RBAC (and Azure AD roles) for Azure Storage, I am seeing some of the operations from Storage Service REST API becoming available in Storage Resource Provider API, so my guess is that sooner or later this functionality will be exposed there as well. Then you should be able to configure it through ARM templates.

Culliton answered 3/7, 2018 at 8:1 Comment(9)

That might be the reason. Thanks Gaurav! I will do some further research and accept your answer If I don't find any related ARM setting for that – Qualified 3/7, 2018 at 8:8

Please do. If you find anything, please post that as an answer. Thanks. – Culliton 3/7, 2018 at 8:11

Can I mention you in my blog article? about-azure.com/2018/07/03/… – Qualified 3/7, 2018 at 22:7

Please go ahead. Thanks! – Culliton 4/7, 2018 at 2:3

Does anybody knows if this is already possible via ARM templates? – Waxbill 15/1, 2019 at 16:47

Hugo Barona - looks like not but you can use this approach frankysnotes.com/2019/03/… – Ersatz 3/10, 2019 at 12:3

Just got off call with Microsoft, their suggested method is to use a PowerShell script to enable this feature, post-deployment. It is still not an available option in ARM. – Bael 17/11, 2020 at 11:51

You can also do it using a deployment script in the template: learn.microsoft.com/en-us/azure/azure-resource-manager/… – Stevie 18/3, 2021 at 16:58

How do we print the primary endpoint of the blob static website in ARM outputs section? – Barnie 29/1, 2022 at 11:12

It is ugly but you can do it with a deployment script in arm/bicep:

param deploymentScriptTimestamp string = utcNow()
param indexDocument string = 'index.html'
param errorDocument404Path string = 'error.html'

var storageAccountContributorRoleDefinitionId = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '17d1049b-9a84-46fb-8f53-869881c3d3ab')

resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
  name: 'DeploymentScript'
  location: location
}

resource roleAssignment 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
  scope: storageAccount
  name: guid(resourceGroup().id, storageAccountContributorRoleDefinitionId)
  properties: {
    roleDefinitionId: storageAccountContributorRoleDefinitionId
    principalId: managedIdentity.properties.principalId
  }
}

resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
  name: 'deploymentScript'
  location: location
  kind: 'AzurePowerShell'
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }
  dependsOn: [
    roleAssignment
    storageAccount
  ]
  properties: {
    azPowerShellVersion: '3.0'
    scriptContent: '''
param(
    [string] $ResourceGroupName,
    [string] $StorageAccountName,
    [string] $IndexDocument,
    [string] $ErrorDocument404Path)
$ErrorActionPreference = 'Stop'
$storageAccount = Get-AzStorageAccount -ResourceGroupName $ResourceGroupName -AccountName $StorageAccountName
$ctx = $storageAccount.Context
Enable-AzStorageStaticWebsite -Context $ctx -IndexDocument $IndexDocument -ErrorDocument404Path $ErrorDocument404Path
'''
    forceUpdateTag: deploymentScriptTimestamp
    retentionInterval: 'PT4H'
    arguments: '-ResourceGroupName ${resourceGroup().name} -StorageAccountName ${accountName} -IndexDocument ${indexDocument} -ErrorDocument404Path ${errorDocument404Path}'
  }
}

see: azure example for static website, resource templates and scripts

Iterative answered 5/11, 2021 at 14:55 Comment(2)

How do we print the primary endpoint of the blob static website in ARM outputs section? – Barnie 29/1, 2022 at 11:12

Add the following two lines to the end of the script $DeploymentScriptOutputs = @{} $DeploymentScriptOutputs['url'] = $storageAccount.PrimaryEndpoints.Web This will return the primary url, from the deployment script back to the ARM Template for you to use within the rest of you ARM Template. – Carpogonium 4/6, 2022 at 19:29

Recommended topics

Hot tags