[Storage] Remove AllowBlobPublicAccess and AllowCrossTenantReplication breaking change warning messages (#23683)

yifanz7 · web-flow · commit 1e88f3be9cf2 · 2023-12-19T10:06:02.000+08:00
* AllowBlobPublicAccess and AllowCrossTenantReplication default value update

* Update changelog

* Update changelog

* Update AllowPublicBlobAccess description
diff --git a/src/Storage/Storage.Management/ChangeLog.md b/src/Storage/Storage.Management/ChangeLog.md
@@ -18,6 +18,8 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* Defaults of AllowBlobPublicAccess and AllowCrossTenantReplication when creating a storage account were set to false by server changes. Please refer to https://techcommunity.microsoft.com/t5/azure-storage-blog/azure-storage-updating-some-default-security-settings-on-new/ba-p/3819554
+    - `New-AzStorageAccount`
 * Supprted filter when listing file shares with management plane cmdlet 
     - `Get-AzRmStorageShare`
 
diff --git a/src/Storage/Storage.Management/StorageAccount/NewAzureStorageAccount.cs b/src/Storage/Storage.Management/StorageAccount/NewAzureStorageAccount.cs
@@ -26,12 +26,6 @@
 
 namespace Microsoft.Azure.Commands.Management.Storage
 {
-    [GenericBreakingChangeWithVersion("Default value of AllowBlobPublicAccess and AllowCrossTenantReplication settings on storage account will be changed to False in the future release. \n" +
-        "When AllowBlobPublicAccess is False on a storage account, container ACLs cannot be configured to allow anonymous access to blobs within the storage account. \n" +
-        "When AllowCrossTenantReplication is False on a storage account, cross AAD tenant object replication is not allowed when setting up Object Replication policies. Target version is for reference only, it might be changed by service plan.",
-        "11.2.0", "6.2.0",
-        OldWay = "AllowBlobPublicAccess and AllowCrossTenantReplication are set to True by defult.", 
-        NewWay = "AllowBlobPublicAccess and AllowCrossTenantReplication are set to False by default.")]
     [Cmdlet("New", ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "StorageAccount", DefaultParameterSetName = AzureActiveDirectoryDomainServicesForFileParameterSet), OutputType(typeof(PSStorageAccount))]
     public class NewAzureStorageAccountCommand : StorageAccountBaseCmdlet
     {
@@ -481,7 +475,7 @@ public int KeyExpirationPeriodInDay
 
         [Parameter(
             Mandatory = false,
-            HelpMessage = "Allow public access to all blobs or containers in the storage account. The default interpretation is true for this property.")]
+            HelpMessage = "Allow anonymous access to all blobs or containers in the storage account. The default interpretation is false for this property.")]
         [ValidateNotNullOrEmpty]
         public bool AllowBlobPublicAccess
         {
@@ -554,7 +548,7 @@ public bool EnableNfsV3
 
         [Parameter(
             Mandatory = false,
-            HelpMessage = "Gets or sets allow or disallow cross Microsoft Entra tenant object replication. The default interpretation is true for this property.")]
+            HelpMessage = "Gets or sets allow or disallow cross Microsoft Entra tenant object replication. The default interpretation is false for this property.")]
         [ValidateNotNullOrEmpty]
         public bool AllowCrossTenantReplication
         {
diff --git a/src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs b/src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs
@@ -394,7 +394,7 @@ public bool EnableActiveDirectoryDomainServicesForFile
 
         [Parameter(
             Mandatory = false,
-            HelpMessage = "Allow or disallow public access to all blobs or containers in the storage account.")]
+            HelpMessage = "Allow or disallow anonymous access to all blobs or containers in the storage account.")]
         [ValidateNotNullOrEmpty]
         public bool AllowBlobPublicAccess
         {
diff --git a/src/Storage/Storage.Management/help/New-AzStorageAccount.md b/src/Storage/Storage.Management/help/New-AzStorageAccount.md
@@ -524,7 +524,7 @@ Accept wildcard characters: False
 ```
 
 ### -AllowBlobPublicAccess
-Allow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
+Allow anonymous access to all blobs or containers in the storage account. The default interpretation is false for this property.
 
 ```yaml
 Type: System.Boolean
@@ -539,7 +539,7 @@ Accept wildcard characters: False
 ```
 
 ### -AllowCrossTenantReplication
-Gets or sets allow or disallow cross Microsoft Entra tenant object replication. The default interpretation is true for this property.
+Gets or sets allow or disallow cross Microsoft Entra tenant object replication. The default interpretation is false for this property.
 
 ```yaml
 Type: System.Boolean
diff --git a/src/Storage/Storage.Management/help/Set-AzStorageAccount.md b/src/Storage/Storage.Management/help/Set-AzStorageAccount.md
@@ -590,7 +590,7 @@ Accept wildcard characters: False
 ```
 
 ### -AllowBlobPublicAccess
-Allow or disallow public access to all blobs or containers in the storage account.
+Allow or disallow anonymous access to all blobs or containers in the storage account.
 
 ```yaml
 Type: System.Boolean

Original file line number	Diff line number	Diff line change
`@@ -394,7 +394,7 @@ public bool EnableActiveDirectoryDomainServicesForFile`
`394`	`394`
`395`	`395`	`[Parameter(`
`396`	`396`	`Mandatory = false,`
`397`		`- HelpMessage = "Allow or disallow public access to all blobs or containers in the storage account.")]`
	`397`	`+ HelpMessage = "Allow or disallow anonymous access to all blobs or containers in the storage account.")]`
`398`	`398`	`[ValidateNotNullOrEmpty]`
`399`	`399`	`public bool AllowBlobPublicAccess`
`400`	`400`	`{`