Community Note

• Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

Listing storage accounts under the scope of a subscription causing a lot of data consistency issues as is reported in #15048. Almost, all the list calls come from the invocation of

The main reason to call the list is to map a storage account name to a storage account ID, with its API model (contains the different storage service endpoints).

There are multiple call points, which can be catagorized into the following:

• Non-storage resources reference a storage account by name (e.g. azurerm_machine_learning_datastore_blobstorage): This is mostly because the API is designed to contain only the storage account name and a container name, while the provider tends to combine them into a storage container id (for UX).
• Storage data plane resources: The ID of these resources are their data plane URL, from which only the storage account name can be extracted. Calling the list API will return the storage details including the primary endpoints for each storage services (e.g. blob, table, etc.). This is then used to initialize the data plane client.

In the other case, that are covered by this PR is that the resource itself has the full storage account ID (instead of the name):

• azurerm_storage_account, azurerm_storage_account_static_website, azurerm_storage_account_queue_properties: The resource id is just the storage account resource id
• azurerm_storage_containers DS: It references the storage account id

For these cases, a simple storage account targeted GET is enough.

For the long run, I think the storage account detail is not necessary for those data plane resources to build their clients. Since those data plane resources have their service-specific endpoint as the their resource id, we can then statically build the endpoints for other services, with a little more care about the Azure DNS zone endpoints. I'll hold on implementing this part until we've reached an agreement on this direction.

PR Checklist

• I have followed the guidelines in our Contributing Documentation.
• I have checked to ensure there aren't other open Pull Requests for the same update/change.
• I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
• I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
• I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
  For example: “resource_name_here - description of change e.g. adding property new_property_name_here”

Changes to existing Resource / Data Source

• I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
• I have written new tests for my resource or datasource changes & updated any relevent documentation.
• I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
• (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

• My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)

💤  TF_ACC=1 go test -v -parallel 6 -timeout=20h -run='TestAccStorageAccount_DNSEndpointTypeAzure|TestAccStorageAccount_basic|TestAccDataSourceStorageContainers_basic|TestAccountStaticWebsiteResource_update' ./internal/services/storage
=== RUN   TestAccStorageAccount_basic
=== PAUSE TestAccStorageAccount_basic
=== RUN   TestAccStorageAccount_DNSEndpointTypeAzure
=== PAUSE TestAccStorageAccount_DNSEndpointTypeAzure
=== RUN   TestAccountStaticWebsiteResource_update
=== PAUSE TestAccountStaticWebsiteResource_update
=== RUN   TestAccDataSourceStorageContainers_basic
=== PAUSE TestAccDataSourceStorageContainers_basic
=== CONT  TestAccStorageAccount_basic
=== CONT  TestAccountStaticWebsiteResource_update
=== CONT  TestAccDataSourceStorageContainers_basic
=== CONT  TestAccStorageAccount_DNSEndpointTypeAzure
--- PASS: TestAccStorageAccount_DNSEndpointTypeAzure (119.34s)
--- PASS: TestAccDataSourceStorageContainers_basic (130.44s)
--- PASS: TestAccStorageAccount_basic (198.03s)
--- PASS: TestAccountStaticWebsiteResource_update (250.28s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/storage       250.305s

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

• azurerm_resource - support for the thing1 property [GH-00000]

This is a (please select all that apply):

• Bug Fix
• New Feature (ie adding a service, resource, or data source)
• Enhancement
• Breaking Change

Related Issue(s)

Relating to #15048