From 4cd0cf4cd8ce99376ae30078aabdd3bd33975267 Mon Sep 17 00:00:00 2001
From: Basilio Bogado <541149+basiliskus@users.noreply.github.com>
Date: Tue, 5 Dec 2023 15:21:03 -0800
Subject: [PATCH] Added needed container access permissions

---
 operations/template/storage.tf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/operations/template/storage.tf b/operations/template/storage.tf
index b9c467cae..3ec6bc231 100644
--- a/operations/template/storage.tf
+++ b/operations/template/storage.tf
@@ -13,3 +13,9 @@ resource "azurerm_storage_container" "metadata" {
   storage_account_name  = azurerm_storage_account.storage.name
   container_access_type = "private"
 }
+
+resource "azurerm_role_assignment" "allow_api_read_write" {
+  scope                = azurerm_storage_container.metadata.id
+  role_definition_name = "Storage Blob Data Contributor"
+  principal_id         = azurerm_linux_web_app.api.identity.0.principal_id
+}