Clean up

microsoft · Jul 18, 2024 · 8f61eb6 · 8f61eb6
1 parent 89a9570
commit 8f61eb6
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 16 deletions.
diff --git a/deployment/bin/lib b/deployment/bin/lib
@@ -143,7 +143,8 @@ function disable_shared_access_keys() {
             --resource-group ${SAK_RESOURCE_GROUP} \
             --allow-shared-key-access false \
             --subscription ${ARM_SUBSCRIPTION_ID} \
-            --output none
+            --output none \
+            --only-show-errors
 
         if [ $? -ne 0 ]; then
             echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
@@ -170,7 +171,8 @@ function enable_shared_access_keys() {
             --resource-group ${SAK_RESOURCE_GROUP} \
             --allow-shared-key-access true \
             --subscription ${ARM_SUBSCRIPTION_ID} \
-            --output none
+            --output none \
+            --only-show-errors
     done
 
     sleep 10
@@ -185,7 +187,8 @@ function add_ip_to_firewalls() {
         -n "${KEY_VAULT_NAME}" \
         --ip-address "$cidr" \
         --subscription "${ARM_SUBSCRIPTION_ID}" \
-        --output none
+        --output none \
+        --only-show-errors
 
     # Also add the IP to the terraform state storage account
     for FW_STORAGE_ACCOUNT in "${!FW_STORAGE_ACCOUNTS[@]}"; do
@@ -196,7 +199,8 @@ function add_ip_to_firewalls() {
             -n "${FW_STORAGE_ACCOUNT}" \
             --ip-address "$cidr" \
             --subscription "${ARM_SUBSCRIPTION_ID}" \
-            --output none
+        --output none \
+        --only-show-errors
     done
 
     sleep 10
@@ -211,7 +215,8 @@ function remove_ip_from_firewalls() {
         -n ${KEY_VAULT_NAME} \
         --ip-address $cidr \
         --subscription ${ARM_SUBSCRIPTION_ID} \
-        --output none
+        --output none \
+        --only-show-errors
 
     for FW_STORAGE_ACCOUNT in "${!FW_STORAGE_ACCOUNTS[@]}"; do
         FW_RESOURCE_GROUP=${FW_STORAGE_ACCOUNTS[$FW_STORAGE_ACCOUNT]}
@@ -221,6 +226,7 @@ function remove_ip_from_firewalls() {
             -n ${FW_STORAGE_ACCOUNT} \
             --ip-address $cidr \
             --subscription ${ARM_SUBSCRIPTION_ID} \
-            --output none
+            --output none \
+            --only-show-errors
     done
 }
diff --git a/deployment/terraform/resources/storage_account.tf b/deployment/terraform/resources/storage_account.tf
@@ -10,11 +10,6 @@ resource "azurerm_storage_account" "pc" {
   network_rules {
     default_action             = "Deny"
     virtual_network_subnet_ids = [azurerm_subnet.node_subnet.id, azurerm_subnet.function_subnet.id, data.azurerm_subnet.sas_node_subnet.id]
-
-    private_link_access {
-      endpoint_resource_id = "/subscriptions/a84a690d-585b-4c7c-80d9-851a48af5a50/providers/Microsoft.Security/datascanners/storageDataScanner"
-      endpoint_tenant_id   = "72f988bf-86f1-41af-91ab-2d7cd011db47"
-    }
   }
 
   # Disabling shared access keys breaks terraform's ability to do subsequent
@@ -65,9 +60,4 @@ resource "azurerm_storage_account_network_rules" "pcfunc-vnet-access" {
 
   default_action             = "Deny"
   virtual_network_subnet_ids = [azurerm_subnet.function_subnet.id]
-
-  private_link_access {
-    endpoint_resource_id = "/subscriptions/a84a690d-585b-4c7c-80d9-851a48af5a50/providers/Microsoft.Security/datascanners/storageDataScanner"
-    endpoint_tenant_id   = "72f988bf-86f1-41af-91ab-2d7cd011db47"
-  }
 }