fix: storage cmk

[matt-pappas-cf]

Pull Request Checklist

Fixed storage account module so that you can either input an already created KV CMK key or create one dynamically with the creation of the storage account. This module directly inputs into region setup and was creating duplicative CMK keys and not providing the ability to configure key settings. Now using the KV module additionally

Take your time to read through these, don't just click through them. Only check the boxes if they apply.

Admin

• Required: I have read the contributing guidelines for submitting a PR.

Types of changes

• 🐛 Bug fix (non-breaking change which fixes an issue)
• ❇️ New feature (non-breaking change which adds functionality)
• 💥 Breaking change (fix or feature that would cause existing functionality to change)

Testing

• Required: I have tested the proposed changes to code (i.e. packer build, terraform apply), and they are working.
• Required: All GitHub Actions ran successfully. If they didn't, I left a note in the description to address this.
• Optional: I have already applied/deployed the changes in my environment.

Please check where this code has been tested

• Locally
• Customer Environment
• Coalfire Sandbox Environment (AWS GovCloud, Azure Gov, GCP, etc.)

Documentation

• Optional, recommended: I have updated README.md.
• Optional, recommended: I have updated documentation in Confluence/Organization's relevant Wiki.
• Optional, recommended: I left comments in-line in the code to help others understand the changes.

Tagging / Assigning

• Required: I have tagged a Reviewer(s).
• Required: I have tagged an Assignee(s).
• Optional: I have tagged relevant stakeholders in a Comment.

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[ls-cf]

As usual, half of these comments are not exactly your code but good fixes

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[github-actions]

Checkov Scan Results 📖:

File	Check ID	Description	Resource	Checkov Result
/main.tf	CKV_AZURE_35	Ensure default network access rule for Storage Accounts is set to deny	azurerm_storage_account.main	FAILED
/main.tf	CKV_AZURE_244	Avoid the use of local users for Azure Storage unless necessary	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_41	Ensure storage account is configured with SAS expiration policy	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_40	Ensure storage account is not configured with Shared Key authorization	azurerm_storage_account.main	FAILED
/main.tf	CKV2_AZURE_38	Ensure soft-delete is enabled on Azure storage account	azurerm_storage_account.main	FAILED

Please review the above report. ⚠️

[github-actions]

🌟 No Terraform files were modified in this PR or all modified Terraform files passed the Checkov checks. Good job! 🌟

[github-actions]

🌟 No Terraform files were modified in this PR or all modified Terraform files passed the Checkov checks. Good job! 🌟

[github-actions]

🌟 No Terraform files were modified in this PR or all modified Terraform files passed the Checkov checks. Good job! 🌟

[github-actions]

🌟 No Terraform files were modified in this PR or all modified Terraform files passed the Checkov checks. Good job! 🌟