data "azurerm_client_config" "current" {}

locals {
  storage_account_name = (
    var.storage_account_name != null &&
    trimspace(var.storage_account_name) != "" ?
    var.storage_account_name :
    "${coalesce(var.storage_account_base_name, "")}${substr(md5("${data.azurerm_client_config.current.subscription_id}/${var.rg_name}/${coalesce(var.storage_account_base_name, "")}"), 0, 6)}"
  )
}

# Azure Storage Account
resource "azurerm_storage_account" "this" {
  name                     = local.storage_account_name
  resource_group_name      = var.rg_name
  location                 = var.location
  account_tier             = var.account_tier
  account_replication_type = var.account_replication_type
  account_kind             = "StorageV2"

  shared_access_key_enabled       = false
  allow_nested_items_to_be_public = var.allow_nested_items_to_be_public
  https_traffic_only_enabled      = true
  public_network_access_enabled   = var.public_network_access_enabled
  min_tls_version                 = "TLS1_2"

  tags = var.tags
}

# Azure Storage Container
resource "azurerm_storage_container" "containers" {
  for_each              = { for container in values(var.containers) : container.name => container }
  name                  = each.value.name
  storage_account_id    = azurerm_storage_account.this.id
  container_access_type = each.value.container_access_type
}