Merge pull request #16255 from CDCgov/ms/devsecops/tf-timeouts

adding sftp timeouts, addressing some drift

Author: devopsmatt

operations/app/terraform/modules/sftp/storage.tf

@@ -7,6 +7,7 @@ resource "azurerm_storage_account" "sftp" {
   account_replication_type        = "GRS"
   min_tls_version                 = "TLS1_2"
   allow_nested_items_to_be_public = false
+  large_file_share_enabled        = false
 
   network_rules {
     default_action = "Allow"
@@ -19,20 +20,41 @@ resource "azurerm_storage_account" "sftp" {
   tags = {
     environment = var.environment
   }
+
+  timeouts {
+    create = var.timeout_create
+    read   = var.timeout_read
+    delete = var.timeout_delete
+    update = var.timeout_update
+  }
 }
 
 # SSH host keys share
 resource "azurerm_storage_share" "sftp_admin" {
   name                 = "${var.resource_prefix}-sftp-admin-share"
   storage_account_name = azurerm_storage_account.sftp.name
   quota                = 1
+
+  timeouts {
+    create = var.timeout_create
+    read   = var.timeout_read
+    delete = var.timeout_delete
+    update = var.timeout_update
+  }
 }
 
 # SFTP startup scripts share
 resource "azurerm_storage_share" "sftp_scripts" {
   name                 = "${var.resource_prefix}-sftp-scripts-share"
   storage_account_name = azurerm_storage_account.sftp.name
   quota                = 1
+
+  timeouts {
+    create = var.timeout_create
+    read   = var.timeout_read
+    delete = var.timeout_delete
+    update = var.timeout_update
+  }
 }
 
 # SFTP startup script

operations/app/terraform/modules/sftp/~inputs.tf

@@ -60,3 +60,28 @@ variable "sshinstances" {
 variable "sftp_dir" {
   description = "SFTP Script Directory"
 }
+
+# TF timeouts for storage operations
+variable "timeout_create" {
+  description = "Timeout for create operations"
+  type        = string
+  default     = "60m" # module default 30m
+}
+
+variable "timeout_read" {
+  description = "Timeout for read operations"
+  type        = string
+  default     = "60m" # module default 5m
+}
+
+variable "timeout_update" {
+  description = "Timeout for update operations"
+  type        = string
+  default     = "60m" # module default 30m
+}
+
+variable "timeout_delete" {
+  description = "Timeout for delete operations"
+  type        = string
+  default     = "60m" # module default 30m
+}

operations/app/terraform/modules/storage/main.tf

@@ -175,6 +175,7 @@ resource "azurerm_storage_account" "storage_public" {
   allow_nested_items_to_be_public = false
   https_traffic_only_enabled      = true
   local_user_enabled              = false
+  large_file_share_enabled        = false
 
   static_website {
     index_document     = "index.html"