Remove support for Internet Service Tag for Data Provider IP addresses

[craddm]

✅ Checklist

• You have given your pull request a meaningful title (e.g. Enable foobar integration rather than 515 foobar).
• You are targeting the appropriate branch. If you're not certain which one this is, it should be develop.
• Your branch is up-to-date with the target branch (it probably was when you started, but it may have changed since then).

🚦 Depends on

⤴️ Summary

Removes support for the Internet service tag for data provider's IP address. This is not currently supported properly by Azure. Specifically, an NFS_v3 storage account cannot be set up using the IP with its default action being to ALLOW all traffic.

It seems that this can be set after the initial set-up. The following warning is displayed in the portal:

Network access to the storage account seems to work as expected, despite the warning, but it still appears that setting up an account with this setting is blocked at the API level.

🌂 Related issues

Closes #2300

🔬 Tests

Tested locally. Fresh deployment successful, IP addresses on storage accounts correctly set.

[github-actions]

Coverage report

Click to see where and how coverage changed

File	Statements	Missing	Coverage	Coverage (new stmts)	Lines missing
data_safe_haven/config
config_sections.py
data_safe_haven/infrastructure/components/composite
nfsv3_storage_account.py					54
data_safe_haven/infrastructure/programs/sre
data.py					114
Project Total

This report was generated by python-coverage-comment-action

[JimMadge]

Does the template text and docs need updating to reflect this?

[craddm]

Does the template text and docs need updating to reflect this?

Neither the template nor the docs actually mention this being an option

[JimMadge]

Looks good. Just a couple of comments which I don't think should block merging.

Could you say more about the testing you did? I think what we want to ensure is that,

1. Deployment works
2. The allowed IP addresses are populated correctly