All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.azure.storage.kotlin.AccountNetworkRulesArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 6.14.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.azure.storage.kotlin

import com.pulumi.azure.storage.AccountNetworkRulesArgs.builder
import com.pulumi.azure.storage.kotlin.inputs.AccountNetworkRulesPrivateLinkAccessRuleArgs
import com.pulumi.azure.storage.kotlin.inputs.AccountNetworkRulesPrivateLinkAccessRuleArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName

/**
 * Manages network rules inside of a Azure Storage Account.
 * > **NOTE:** Network Rules can be defined either directly on the `azure.storage.Account` resource, or using the `azure.storage.AccountNetworkRules` resource - but the two cannot be used together. Spurious changes will occur if both are used against the same Storage Account.
 * > **NOTE:** Only one `azure.storage.AccountNetworkRules` can be tied to an `azure.storage.Account`. Spurious changes will occur if more than `azure.storage.AccountNetworkRules` is tied to the same `azure.storage.Account`.
 * > **NOTE:** Deleting this resource updates the storage account back to the default values it had when the storage account was created.
 * ## Example Usage
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as azure from "@pulumi/azure";
 * const example = new azure.core.ResourceGroup("example", {
 *     name: "example-resources",
 *     location: "West Europe",
 * });
 * const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
 *     name: "example-vnet",
 *     addressSpaces: ["10.0.0.0/16"],
 *     location: example.location,
 *     resourceGroupName: example.name,
 * });
 * const exampleSubnet = new azure.network.Subnet("example", {
 *     name: "example-subnet",
 *     resourceGroupName: example.name,
 *     virtualNetworkName: exampleVirtualNetwork.name,
 *     addressPrefixes: ["10.0.2.0/24"],
 *     serviceEndpoints: ["Microsoft.Storage"],
 * });
 * const exampleAccount = new azure.storage.Account("example", {
 *     name: "storageaccountname",
 *     resourceGroupName: example.name,
 *     location: example.location,
 *     accountTier: "Standard",
 *     accountReplicationType: "GRS",
 *     tags: {
 *         environment: "staging",
 *     },
 * });
 * const exampleAccountNetworkRules = new azure.storage.AccountNetworkRules("example", {
 *     storageAccountId: exampleAccount.id,
 *     defaultAction: "Allow",
 *     ipRules: ["127.0.0.1"],
 *     virtualNetworkSubnetIds: [exampleSubnet.id],
 *     bypasses: ["Metrics"],
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_azure as azure
 * example = azure.core.ResourceGroup("example",
 *     name="example-resources",
 *     location="West Europe")
 * example_virtual_network = azure.network.VirtualNetwork("example",
 *     name="example-vnet",
 *     address_spaces=["10.0.0.0/16"],
 *     location=example.location,
 *     resource_group_name=example.name)
 * example_subnet = azure.network.Subnet("example",
 *     name="example-subnet",
 *     resource_group_name=example.name,
 *     virtual_network_name=example_virtual_network.name,
 *     address_prefixes=["10.0.2.0/24"],
 *     service_endpoints=["Microsoft.Storage"])
 * example_account = azure.storage.Account("example",
 *     name="storageaccountname",
 *     resource_group_name=example.name,
 *     location=example.location,
 *     account_tier="Standard",
 *     account_replication_type="GRS",
 *     tags={
 *         "environment": "staging",
 *     })
 * example_account_network_rules = azure.storage.AccountNetworkRules("example",
 *     storage_account_id=example_account.id,
 *     default_action="Allow",
 *     ip_rules=["127.0.0.1"],
 *     virtual_network_subnet_ids=[example_subnet.id],
 *     bypasses=["Metrics"])
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Azure = Pulumi.Azure;
 * return await Deployment.RunAsync(() =>
 * {
 *     var example = new Azure.Core.ResourceGroup("example", new()
 *     {
 *         Name = "example-resources",
 *         Location = "West Europe",
 *     });
 *     var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
 *     {
 *         Name = "example-vnet",
 *         AddressSpaces = new[]
 *         {
 *             "10.0.0.0/16",
 *         },
 *         Location = example.Location,
 *         ResourceGroupName = example.Name,
 *     });
 *     var exampleSubnet = new Azure.Network.Subnet("example", new()
 *     {
 *         Name = "example-subnet",
 *         ResourceGroupName = example.Name,
 *         VirtualNetworkName = exampleVirtualNetwork.Name,
 *         AddressPrefixes = new[]
 *         {
 *             "10.0.2.0/24",
 *         },
 *         ServiceEndpoints = new[]
 *         {
 *             "Microsoft.Storage",
 *         },
 *     });
 *     var exampleAccount = new Azure.Storage.Account("example", new()
 *     {
 *         Name = "storageaccountname",
 *         ResourceGroupName = example.Name,
 *         Location = example.Location,
 *         AccountTier = "Standard",
 *         AccountReplicationType = "GRS",
 *         Tags =
 *         {
 *             { "environment", "staging" },
 *         },
 *     });
 *     var exampleAccountNetworkRules = new Azure.Storage.AccountNetworkRules("example", new()
 *     {
 *         StorageAccountId = exampleAccount.Id,
 *         DefaultAction = "Allow",
 *         IpRules = new[]
 *         {
 *             "127.0.0.1",
 *         },
 *         VirtualNetworkSubnetIds = new[]
 *         {
 *             exampleSubnet.Id,
 *         },
 *         Bypasses = new[]
 *         {
 *             "Metrics",
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
 * 	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
 * 	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
 * 			Name:     pulumi.String("example-resources"),
 * 			Location: pulumi.String("West Europe"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
 * 			Name: pulumi.String("example-vnet"),
 * 			AddressSpaces: pulumi.StringArray{
 * 				pulumi.String("10.0.0.0/16"),
 * 			},
 * 			Location:          example.Location,
 * 			ResourceGroupName: example.Name,
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
 * 			Name:               pulumi.String("example-subnet"),
 * 			ResourceGroupName:  example.Name,
 * 			VirtualNetworkName: exampleVirtualNetwork.Name,
 * 			AddressPrefixes: pulumi.StringArray{
 * 				pulumi.String("10.0.2.0/24"),
 * 			},
 * 			ServiceEndpoints: pulumi.StringArray{
 * 				pulumi.String("Microsoft.Storage"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
 * 			Name:                   pulumi.String("storageaccountname"),
 * 			ResourceGroupName:      example.Name,
 * 			Location:               example.Location,
 * 			AccountTier:            pulumi.String("Standard"),
 * 			AccountReplicationType: pulumi.String("GRS"),
 * 			Tags: pulumi.StringMap{
 * 				"environment": pulumi.String("staging"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = storage.NewAccountNetworkRules(ctx, "example", &storage.AccountNetworkRulesArgs{
 * 			StorageAccountId: exampleAccount.ID(),
 * 			DefaultAction:    pulumi.String("Allow"),
 * 			IpRules: pulumi.StringArray{
 * 				pulumi.String("127.0.0.1"),
 * 			},
 * 			VirtualNetworkSubnetIds: pulumi.StringArray{
 * 				exampleSubnet.ID(),
 * 			},
 * 			Bypasses: pulumi.StringArray{
 * 				pulumi.String("Metrics"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.azure.core.ResourceGroup;
 * import com.pulumi.azure.core.ResourceGroupArgs;
 * import com.pulumi.azure.network.VirtualNetwork;
 * import com.pulumi.azure.network.VirtualNetworkArgs;
 * import com.pulumi.azure.network.Subnet;
 * import com.pulumi.azure.network.SubnetArgs;
 * import com.pulumi.azure.storage.Account;
 * import com.pulumi.azure.storage.AccountArgs;
 * import com.pulumi.azure.storage.AccountNetworkRules;
 * import com.pulumi.azure.storage.AccountNetworkRulesArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var example = new ResourceGroup("example", ResourceGroupArgs.builder()
 *             .name("example-resources")
 *             .location("West Europe")
 *             .build());
 *         var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
 *             .name("example-vnet")
 *             .addressSpaces("10.0.0.0/16")
 *             .location(example.location())
 *             .resourceGroupName(example.name())
 *             .build());
 *         var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
 *             .name("example-subnet")
 *             .resourceGroupName(example.name())
 *             .virtualNetworkName(exampleVirtualNetwork.name())
 *             .addressPrefixes("10.0.2.0/24")
 *             .serviceEndpoints("Microsoft.Storage")
 *             .build());
 *         var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
 *             .name("storageaccountname")
 *             .resourceGroupName(example.name())
 *             .location(example.location())
 *             .accountTier("Standard")
 *             .accountReplicationType("GRS")
 *             .tags(Map.of("environment", "staging"))
 *             .build());
 *         var exampleAccountNetworkRules = new AccountNetworkRules("exampleAccountNetworkRules", AccountNetworkRulesArgs.builder()
 *             .storageAccountId(exampleAccount.id())
 *             .defaultAction("Allow")
 *             .ipRules("127.0.0.1")
 *             .virtualNetworkSubnetIds(exampleSubnet.id())
 *             .bypasses("Metrics")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   example:
 *     type: azure:core:ResourceGroup
 *     properties:
 *       name: example-resources
 *       location: West Europe
 *   exampleVirtualNetwork:
 *     type: azure:network:VirtualNetwork
 *     name: example
 *     properties:
 *       name: example-vnet
 *       addressSpaces:
 *         - 10.0.0.0/16
 *       location: ${example.location}
 *       resourceGroupName: ${example.name}
 *   exampleSubnet:
 *     type: azure:network:Subnet
 *     name: example
 *     properties:
 *       name: example-subnet
 *       resourceGroupName: ${example.name}
 *       virtualNetworkName: ${exampleVirtualNetwork.name}
 *       addressPrefixes:
 *         - 10.0.2.0/24
 *       serviceEndpoints:
 *         - Microsoft.Storage
 *   exampleAccount:
 *     type: azure:storage:Account
 *     name: example
 *     properties:
 *       name: storageaccountname
 *       resourceGroupName: ${example.name}
 *       location: ${example.location}
 *       accountTier: Standard
 *       accountReplicationType: GRS
 *       tags:
 *         environment: staging
 *   exampleAccountNetworkRules:
 *     type: azure:storage:AccountNetworkRules
 *     name: example
 *     properties:
 *       storageAccountId: ${exampleAccount.id}
 *       defaultAction: Allow
 *       ipRules:
 *         - 127.0.0.1
 *       virtualNetworkSubnetIds:
 *         - ${exampleSubnet.id}
 *       bypasses:
 *         - Metrics
 * ```
 * 
 * ## Import
 * Storage Account Network Rules can be imported using the `resource id`, e.g.
 * ```sh
 * $ pulumi import azure:storage/accountNetworkRules:AccountNetworkRules storageAcc1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Storage/storageAccounts/myaccount
 * ```
 * @property bypasses Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`.
 * > **NOTE** User has to explicitly set `bypass` to empty slice (`[]`) to remove it.
 * @property defaultAction Specifies the default action of allow or deny when no other rules match. Valid options are `Deny` or `Allow`.
 * @property ipRules List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. Private IP address ranges (as defined in [RFC 1918](https://tools.ietf.org/html/rfc1918#section-3)) are not allowed.
 * > **NOTE** Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
 * > **NOTE** IP network rules have no effect on requests originating from the same Azure region as the storage account. Use Virtual network rules to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot restrict access to specific Azure services based on their public outbound IP address range.
 * > **NOTE** User has to explicitly set `ip_rules` to empty slice (`[]`) to remove it.
 * @property privateLinkAccessRules One or more `private_link_access` block as defined below.
 * @property storageAccountId Specifies the ID of the storage account. Changing this forces a new resource to be created.
 * @property virtualNetworkSubnetIds A list of virtual network subnet ids to secure the storage account.
 * > **NOTE** User has to explicitly set `virtual_network_subnet_ids` to empty slice (`[]`) to remove it.
 */
public data class AccountNetworkRulesArgs(
    public val bypasses: Output>? = null,
    public val defaultAction: Output? = null,
    public val ipRules: Output>? = null,
    public val privateLinkAccessRules: Output>? =
        null,
    public val storageAccountId: Output? = null,
    public val virtualNetworkSubnetIds: Output>? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.azure.storage.AccountNetworkRulesArgs =
        com.pulumi.azure.storage.AccountNetworkRulesArgs.builder()
            .bypasses(bypasses?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .defaultAction(defaultAction?.applyValue({ args0 -> args0 }))
            .ipRules(ipRules?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .privateLinkAccessRules(
                privateLinkAccessRules?.applyValue({ args0 ->
                    args0.map({ args0 ->
                        args0.let({ args0 -> args0.toJava() })
                    })
                }),
            )
            .storageAccountId(storageAccountId?.applyValue({ args0 -> args0 }))
            .virtualNetworkSubnetIds(
                virtualNetworkSubnetIds?.applyValue({ args0 ->
                    args0.map({ args0 ->
                        args0
                    })
                }),
            ).build()
}

/**
 * Builder for [AccountNetworkRulesArgs].
 */
@PulumiTagMarker
public class AccountNetworkRulesArgsBuilder internal constructor() {
    private var bypasses: Output>? = null

    private var defaultAction: Output? = null

    private var ipRules: Output>? = null

    private var privateLinkAccessRules: Output>? =
        null

    private var storageAccountId: Output? = null

    private var virtualNetworkSubnetIds: Output>? = null

    /**
     * @param value Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`.
     * > **NOTE** User has to explicitly set `bypass` to empty slice (`[]`) to remove it.
     */
    @JvmName("mmaxvhenxulxdjaj")
    public suspend fun bypasses(`value`: Output>) {
        this.bypasses = value
    }

    @JvmName("njpgvkgyoetysuqu")
    public suspend fun bypasses(vararg values: Output) {
        this.bypasses = Output.all(values.asList())
    }

    /**
     * @param values Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`.
     * > **NOTE** User has to explicitly set `bypass` to empty slice (`[]`) to remove it.
     */
    @JvmName("kxrkrnrgyworomhe")
    public suspend fun bypasses(values: List>) {
        this.bypasses = Output.all(values)
    }

    /**
     * @param value Specifies the default action of allow or deny when no other rules match. Valid options are `Deny` or `Allow`.
     */
    @JvmName("gjuhbbvjhbkgdwpu")
    public suspend fun defaultAction(`value`: Output) {
        this.defaultAction = value
    }

    /**
     * @param value List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. Private IP address ranges (as defined in [RFC 1918](https://tools.ietf.org/html/rfc1918#section-3)) are not allowed.
     * > **NOTE** Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
     * > **NOTE** IP network rules have no effect on requests originating from the same Azure region as the storage account. Use Virtual network rules to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot restrict access to specific Azure services based on their public outbound IP address range.
     * > **NOTE** User has to explicitly set `ip_rules` to empty slice (`[]`) to remove it.
     */
    @JvmName("synjdrsrqjteuext")
    public suspend fun ipRules(`value`: Output>) {
        this.ipRules = value
    }

    @JvmName("rofjqjvorpiuaxoi")
    public suspend fun ipRules(vararg values: Output) {
        this.ipRules = Output.all(values.asList())
    }

    /**
     * @param values List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. Private IP address ranges (as defined in [RFC 1918](https://tools.ietf.org/html/rfc1918#section-3)) are not allowed.
     * > **NOTE** Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
     * > **NOTE** IP network rules have no effect on requests originating from the same Azure region as the storage account. Use Virtual network rules to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot restrict access to specific Azure services based on their public outbound IP address range.
     * > **NOTE** User has to explicitly set `ip_rules` to empty slice (`[]`) to remove it.
     */
    @JvmName("lxlxwhoexoytawhf")
    public suspend fun ipRules(values: List>) {
        this.ipRules = Output.all(values)
    }

    /**
     * @param value One or more `private_link_access` block as defined below.
     */
    @JvmName("btajtrfctfrldbjp")
    public suspend
    fun privateLinkAccessRules(`value`: Output>) {
        this.privateLinkAccessRules = value
    }

    @JvmName("hrcdaktqrtakpdrq")
    public suspend fun privateLinkAccessRules(
        vararg
        values: Output,
    ) {
        this.privateLinkAccessRules = Output.all(values.asList())
    }

    /**
     * @param values One or more `private_link_access` block as defined below.
     */
    @JvmName("jvgsxgvxokfdnier")
    public suspend
    fun privateLinkAccessRules(values: List>) {
        this.privateLinkAccessRules = Output.all(values)
    }

    /**
     * @param value Specifies the ID of the storage account. Changing this forces a new resource to be created.
     */
    @JvmName("gifslbnyaychfglj")
    public suspend fun storageAccountId(`value`: Output) {
        this.storageAccountId = value
    }

    /**
     * @param value A list of virtual network subnet ids to secure the storage account.
     * > **NOTE** User has to explicitly set `virtual_network_subnet_ids` to empty slice (`[]`) to remove it.
     */
    @JvmName("bayyrjdefdxglrvj")
    public suspend fun virtualNetworkSubnetIds(`value`: Output>) {
        this.virtualNetworkSubnetIds = value
    }

    @JvmName("tyoipuonbbqypdck")
    public suspend fun virtualNetworkSubnetIds(vararg values: Output) {
        this.virtualNetworkSubnetIds = Output.all(values.asList())
    }

    /**
     * @param values A list of virtual network subnet ids to secure the storage account.
     * > **NOTE** User has to explicitly set `virtual_network_subnet_ids` to empty slice (`[]`) to remove it.
     */
    @JvmName("gnocqtvvdbqkdnhi")
    public suspend fun virtualNetworkSubnetIds(values: List>) {
        this.virtualNetworkSubnetIds = Output.all(values)
    }

    /**
     * @param value Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`.
     * > **NOTE** User has to explicitly set `bypass` to empty slice (`[]`) to remove it.
     */
    @JvmName("iwuagrdvqfxuerss")
    public suspend fun bypasses(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.bypasses = mapped
    }

    /**
     * @param values Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`.
     * > **NOTE** User has to explicitly set `bypass` to empty slice (`[]`) to remove it.
     */
    @JvmName("cnbgdgpyfradcnkr")
    public suspend fun bypasses(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.bypasses = mapped
    }

    /**
     * @param value Specifies the default action of allow or deny when no other rules match. Valid options are `Deny` or `Allow`.
     */
    @JvmName("njvmcucchqwoamlq")
    public suspend fun defaultAction(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.defaultAction = mapped
    }

    /**
     * @param value List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. Private IP address ranges (as defined in [RFC 1918](https://tools.ietf.org/html/rfc1918#section-3)) are not allowed.
     * > **NOTE** Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
     * > **NOTE** IP network rules have no effect on requests originating from the same Azure region as the storage account. Use Virtual network rules to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot restrict access to specific Azure services based on their public outbound IP address range.
     * > **NOTE** User has to explicitly set `ip_rules` to empty slice (`[]`) to remove it.
     */
    @JvmName("letjcqcybhnbokyj")
    public suspend fun ipRules(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.ipRules = mapped
    }

    /**
     * @param values List of public IP or IP ranges in CIDR Format. Only IPv4 addresses are allowed. Private IP address ranges (as defined in [RFC 1918](https://tools.ietf.org/html/rfc1918#section-3)) are not allowed.
     * > **NOTE** Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
     * > **NOTE** IP network rules have no effect on requests originating from the same Azure region as the storage account. Use Virtual network rules to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot restrict access to specific Azure services based on their public outbound IP address range.
     * > **NOTE** User has to explicitly set `ip_rules` to empty slice (`[]`) to remove it.
     */
    @JvmName("odulyktfwkknpuhw")
    public suspend fun ipRules(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.ipRules = mapped
    }

    /**
     * @param value One or more `private_link_access` block as defined below.
     */
    @JvmName("idcwfrjecmpiumry")
    public suspend
    fun privateLinkAccessRules(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.privateLinkAccessRules = mapped
    }

    /**
     * @param argument One or more `private_link_access` block as defined below.
     */
    @JvmName("ugcxgnoacuwalsbg")
    public suspend
    fun privateLinkAccessRules(argument: List Unit>) {
        val toBeMapped = argument.toList().map {
            AccountNetworkRulesPrivateLinkAccessRuleArgsBuilder().applySuspend { it() }.build()
        }
        val mapped = of(toBeMapped)
        this.privateLinkAccessRules = mapped
    }

    /**
     * @param argument One or more `private_link_access` block as defined below.
     */
    @JvmName("hgospswkhujmetps")
    public suspend fun privateLinkAccessRules(
        vararg
        argument: suspend AccountNetworkRulesPrivateLinkAccessRuleArgsBuilder.() -> Unit,
    ) {
        val toBeMapped = argument.toList().map {
            AccountNetworkRulesPrivateLinkAccessRuleArgsBuilder().applySuspend { it() }.build()
        }
        val mapped = of(toBeMapped)
        this.privateLinkAccessRules = mapped
    }

    /**
     * @param argument One or more `private_link_access` block as defined below.
     */
    @JvmName("rwvglluklnrtoysg")
    public suspend
    fun privateLinkAccessRules(argument: suspend AccountNetworkRulesPrivateLinkAccessRuleArgsBuilder.() -> Unit) {
        val toBeMapped = listOf(
            AccountNetworkRulesPrivateLinkAccessRuleArgsBuilder().applySuspend {
                argument()
            }.build(),
        )
        val mapped = of(toBeMapped)
        this.privateLinkAccessRules = mapped
    }

    /**
     * @param values One or more `private_link_access` block as defined below.
     */
    @JvmName("cvhueigabqyiqpsh")
    public suspend fun privateLinkAccessRules(
        vararg
        values: AccountNetworkRulesPrivateLinkAccessRuleArgs,
    ) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.privateLinkAccessRules = mapped
    }

    /**
     * @param value Specifies the ID of the storage account. Changing this forces a new resource to be created.
     */
    @JvmName("sfitubiihmwsvyjm")
    public suspend fun storageAccountId(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.storageAccountId = mapped
    }

    /**
     * @param value A list of virtual network subnet ids to secure the storage account.
     * > **NOTE** User has to explicitly set `virtual_network_subnet_ids` to empty slice (`[]`) to remove it.
     */
    @JvmName("phqevevkhvefggvy")
    public suspend fun virtualNetworkSubnetIds(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.virtualNetworkSubnetIds = mapped
    }

    /**
     * @param values A list of virtual network subnet ids to secure the storage account.
     * > **NOTE** User has to explicitly set `virtual_network_subnet_ids` to empty slice (`[]`) to remove it.
     */
    @JvmName("deypcohnfkdcfmkc")
    public suspend fun virtualNetworkSubnetIds(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.virtualNetworkSubnetIds = mapped
    }

    internal fun build(): AccountNetworkRulesArgs = AccountNetworkRulesArgs(
        bypasses = bypasses,
        defaultAction = defaultAction,
        ipRules = ipRules,
        privateLinkAccessRules = privateLinkAccessRules,
        storageAccountId = storageAccountId,
        virtualNetworkSubnetIds = virtualNetworkSubnetIds,
    )
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy