azure_rm_storageaccount: support for hierarchical-namespace (data lake gen2)

[joaocc]

SUMMARY

Add support for creation of Data Lake Gen2 enabled storage accounts (hierarchical namespace).

ISSUE TYPE

• Feature Idea

COMPONENT NAME

azure_rm_storageaccount

ADDITIONAL INFORMATION

Currently azure_rm_storageaccount doesn't support creation of Data Lake Gen2 storage accounts, preventing automation of deployments that include those. The only (not ideal) alternative is to do that via shell/azure-cli, which make idempotency and simpler scripts harder to write

      azure_rm_storageaccount:
        name:           "{{ item.value.name |mandatory }}"
        state:          present

        resource_group: "{{ item.value.rg           |default( az__default_rg        |mandatory ) }}"
        location:       "{{ item.value.location |default( az__default_region |default(omit)) }}"

        kind:           "{{ item.value.kind         |default('StorageV2')    }}"
        account_type:   "{{ item.value.account_type |default('Standard_ZRS') }}"
        access_tier:    "{{ item.value.access_tier  |default('Hot') }}"

        allow_blob_public_access: "{{ item.value.allow_blob_public_access |default(false, true) }}"
        blob_cors:                "{{ item.value.cors_blob |default( [] ) }}"

        cert_validation_mode:    "{{ item.value.cert_validation_mode |default (omit) }}"
        custom_domain:           "{{ item.value.custom_domain        |default (omit) }}"

        https_only:              "{{ item.value.https_only          |default( true, true ) }}"
        minimum_tls_version:     "{{ item.value.minimum_tls_version |default( 'TLS1_2'   ) }}"

        network_acls:            "{{ item.value.network_acls        |default( omit ) }}"

        hierarchical_namespace: true

[Fred-sun]

@joaocc Thank you for submitting this issue and we will investigate this feature as soon as possible!

[LvffY]

@Fred-sun Is there any update on this issue ?

For anyone falling here, I came up to the following script to create an Storage Account with hieharchical namespace (you could add any option to the azure-cli that you need)

- name: "Install azure-cli in {{ working_directory }}/venv"
  ansible.builtin.pip:
    name: azure-cli
    virtualenv: "/tmp/{{ inventory_hostname }}/venv"
    virtualenv_python: python3
    state: latest

- name: Create a datalake gen 2 account
  ansible.builtin.shell: |
    set -e
    source venv/bin/activate
    az login --service-principal --username "{{ client_id }}" --password "{{ secret }}" --tenant "{{ tenant }}"
    if az storage account show --name my_abfs --resource-group my_abfs_rg ; then
        echo "Here you can run the az storage account update you need." 
        echo "Be careful, you can't update all parameters after storage account creation (for example, hierarchical-namespace)"
        az storage account update --name my_abfs \
                                  --resource-group my_abfs_rg \
                                  --tags FOO=BAR FOO2=BAR2
    else
        az storage account create --name my_abfs \
                                  --resource-group my_abfs_rg \
                                  --enable-hierarchical-namespace true \
                                  --tags FOO=BAR FOO2=BAR2
    fi
  args:
    executable: /bin/bash
    chdir: "/tmp/{{ inventory_hostname }}"

- name: Remove python virtual env
  ansible.builtin.file:
    path: "/tmp/{{ inventory_hostname }}/venv"
    state: absent

[adthorn]

@Fred-sun Any updates on this?

[ryanjeskymicrosoft]

@Fred-sun do we have any updates on ADLS Gen2 accounts being supported? Can you please share an ETA for the availability of this feature? Thank you in advance.

[Fred-sun]

@ryanjeskymicrosoft We are meeting your needs and will inform you as soon as we are complete. Thank you very much!

[Fred-sun]

Added in #998