From 3ad769d7c9670f863a3c46e471da398afcdc46b9 Mon Sep 17 00:00:00 2001
From: Tanmay Satam <tsatam@redhat.com>
Date: Fri, 31 Jan 2025 09:47:44 -0500
Subject: [PATCH] Disable anonymous access on version SA and delete dedicated
 rp/ocp versions containers

---
 pkg/deploy/generator/resources_rp.go | 36 ++++------------------------
 1 file changed, 5 insertions(+), 31 deletions(-)

diff --git a/pkg/deploy/generator/resources_rp.go b/pkg/deploy/generator/resources_rp.go
index e5085a43ee7..bd822403d80 100644
--- a/pkg/deploy/generator/resources_rp.go
+++ b/pkg/deploy/generator/resources_rp.go
@@ -1518,36 +1518,10 @@ func (g *generator) rpACRRBAC() []*arm.Resource {
 
 func (g *generator) rpVersionStorageAccount() []*arm.Resource {
 	return []*arm.Resource{
-		g.storageAccount("[parameters('rpVersionStorageAccountName')]", &mgmtstorage.AccountProperties{
-			AllowBlobPublicAccess: to.BoolPtr(true),
-		}, map[string]*string{
-			tagKeyExemptPublicBlob: to.StringPtr(tagValueExemptPublicBlob),
-		}),
-		{
-			Resource: &mgmtstorage.BlobContainer{
-				Name: to.StringPtr("[concat(parameters('rpVersionStorageAccountName'), '/default/rpversion')]"),
-				Type: to.StringPtr("Microsoft.Storage/storageAccounts/blobServices/containers"),
-				ContainerProperties: &mgmtstorage.ContainerProperties{
-					PublicAccess: mgmtstorage.PublicAccessContainer,
-				},
-			},
-			APIVersion: azureclient.APIVersion("Microsoft.Storage"),
-			DependsOn: []string{
-				"[resourceId('Microsoft.Storage/storageAccounts', parameters('rpVersionStorageAccountName'))]",
-			},
-		},
-		{
-			Resource: &mgmtstorage.BlobContainer{
-				Name: to.StringPtr("[concat(parameters('rpVersionStorageAccountName'), '/default/ocpversions')]"),
-				Type: to.StringPtr("Microsoft.Storage/storageAccounts/blobServices/containers"),
-				ContainerProperties: &mgmtstorage.ContainerProperties{
-					PublicAccess: mgmtstorage.PublicAccessContainer,
-				},
-			},
-			APIVersion: azureclient.APIVersion("Microsoft.Storage"),
-			DependsOn: []string{
-				"[resourceId('Microsoft.Storage/storageAccounts', parameters('rpVersionStorageAccountName'))]",
-			},
-		},
+		g.storageAccount(
+			"[parameters('rpVersionStorageAccountName')]",
+			&mgmtstorage.AccountProperties{AllowBlobPublicAccess: to.BoolPtr(false)},
+			map[string]*string{},
+		),
 	}
 }