diff --git a/.changelog/37717.txt b/.changelog/37717.txt new file mode 100644 index 00000000000..86f71cf2404 --- /dev/null +++ b/.changelog/37717.txt @@ -0,0 +1,12 @@ +```release-note:enhancement +resource/aws_fsx_lustre_file_system: Add `final_backup_tags` and `skip_final_backup` arguments +``` +```release-note:enhancement +resource/aws_fsx_openzfs_file_system: Add `delete_options` and `final_backup_tags` arguments +``` +```release-note:enhancement +resource/aws_fsx_windows_file_system: Add `final_backup_tags` argument +``` +```release-note:enhancement +resource/aws_fsx_ontap_volume: Add `final_backup_tags` argument +``` \ No newline at end of file diff --git a/internal/service/fsx/lustre_file_system.go b/internal/service/fsx/lustre_file_system.go index 5bbdc0112cf..f530e9cff50 100644 --- a/internal/service/fsx/lustre_file_system.go +++ b/internal/service/fsx/lustre_file_system.go @@ -42,7 +42,11 @@ func resourceLustreFileSystem() *schema.Resource { DeleteWithoutTimeout: resourceLustreFileSystemDelete, Importer: &schema.ResourceImporter{ - StateContext: schema.ImportStatePassthroughContext, + StateContext: func(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + d.Set("skip_final_backup", true) + + return []*schema.ResourceData{d}, nil + }, }, Timeouts: &schema.ResourceTimeout{ @@ -131,6 +135,7 @@ func resourceLustreFileSystem() *schema.Resource { validation.StringMatch(regexache.MustCompile(`^[0-9].[0-9]+$`), "must be in format x.y"), ), }, + "final_backup_tags": tftags.TagsSchema(), "import_path": { Type: schema.TypeString, Optional: true, @@ -260,6 +265,11 @@ func resourceLustreFileSystem() *schema.Resource { MaxItems: 50, Elem: &schema.Schema{Type: schema.TypeString}, }, + "skip_final_backup": { + Type: schema.TypeBool, + Optional: true, + Default: true, + }, "storage_capacity": { Type: schema.TypeInt, Optional: true, @@ -567,7 +577,12 @@ func resourceLustreFileSystemUpdate(ctx context.Context, d *schema.ResourceData, var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - if d.HasChangesExcept(names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { input := &fsx.UpdateFileSystemInput{ ClientRequestToken: aws.String(id.UniqueId()), FileSystemId: aws.String(d.Id()), @@ -637,10 +652,27 @@ func resourceLustreFileSystemDelete(ctx context.Context, d *schema.ResourceData, var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) + input := &fsx.DeleteFileSystemInput{ + ClientRequestToken: aws.String(id.UniqueId()), + FileSystemId: aws.String(d.Id()), + } + + // Final backup during delete is not supported on file systems using the Scratch deployment type + // LustreConfiguration cannot be supplied at all, even when empty, in this scenario + if v, ok := d.GetOk("deployment_type"); ok && !strings.HasPrefix(v.(string), "SCRATCH_") { + lustreConfig := &fsx.DeleteFileSystemLustreConfiguration{ + SkipFinalBackup: aws.Bool(d.Get("skip_final_backup").(bool)), + } + + if v, ok := d.GetOk("final_backup_tags"); ok && len(v.(map[string]interface{})) > 0 { + lustreConfig.FinalBackupTags = Tags(tftags.New(ctx, v)) + } + + input.LustreConfiguration = lustreConfig + } + log.Printf("[DEBUG] Deleting FSx for Lustre File System: %s", d.Id()) - _, err := conn.DeleteFileSystemWithContext(ctx, &fsx.DeleteFileSystemInput{ - FileSystemId: aws.String(d.Id()), - }) + _, err := conn.DeleteFileSystemWithContext(ctx, input) if tfawserr.ErrCodeEquals(err, fsx.ErrCodeFileSystemNotFound) { return diags diff --git a/internal/service/fsx/lustre_file_system_test.go b/internal/service/fsx/lustre_file_system_test.go index d7af5edc7f1..89f1ec2f64f 100644 --- a/internal/service/fsx/lustre_file_system_test.go +++ b/internal/service/fsx/lustre_file_system_test.go @@ -58,6 +58,7 @@ func TestAccFSxLustreFileSystem_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "network_interface_ids.#", acctest.Ct2), acctest.CheckResourceAttrAccountID(resourceName, names.AttrOwnerID), resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", acctest.Ct0), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtTrue), resource.TestCheckResourceAttr(resourceName, "storage_capacity", "1200"), resource.TestCheckResourceAttr(resourceName, names.AttrStorageType, fsx.StorageTypeSsd), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", acctest.Ct1), @@ -67,10 +68,14 @@ func TestAccFSxLustreFileSystem_basic(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -120,10 +125,14 @@ func TestAccFSxLustreFileSystem_dataCompression(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_basic(rName), @@ -143,6 +152,44 @@ func TestAccFSxLustreFileSystem_dataCompression(t *testing.T) { }) } +func TestAccFSxLustreFileSystem_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + var filesystem fsx.FileSystem + resourceName := "aws_fsx_lustre_file_system.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + acctest.SkipIfEnvVarNotSet(t, "AWS_FSX_CREATE_FINAL_BACKUP") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckLustreFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccLustreFileSystemConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckLustreFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.%", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey1, acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey2, acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, + }, + }, + }) +} + func TestAccFSxLustreFileSystem_exportPath(t *testing.T) { ctx := acctest.Context(t) var filesystem1, filesystem2 fsx.FileSystem @@ -164,10 +211,14 @@ func TestAccFSxLustreFileSystem_exportPath(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_exportPath(rName, "/prefix/"), @@ -203,10 +254,14 @@ func TestAccFSxLustreFileSystem_importPath(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_importPath(rName, "/prefix/"), @@ -241,10 +296,14 @@ func TestAccFSxLustreFileSystem_importedFileChunkSize(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_importedChunkSize(rName, 4096), @@ -278,10 +337,14 @@ func TestAccFSxLustreFileSystem_securityGroupIDs(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_securityGroupIDs2(rName), @@ -315,10 +378,14 @@ func TestAccFSxLustreFileSystem_storageCapacity(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_storageCapacity(rName, 1200), @@ -352,10 +419,14 @@ func TestAccFSxLustreFileSystem_storageCapacityUpdate(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_storageCapacityScratch2(rName, 1200), @@ -397,10 +468,14 @@ func TestAccFSxLustreFileSystem_fileSystemTypeVersion(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_typeVersion(rName, "2.12"), @@ -435,10 +510,14 @@ func TestAccFSxLustreFileSystem_tags(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_tags2(rName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, acctest.CtValue2), @@ -483,10 +562,14 @@ func TestAccFSxLustreFileSystem_weeklyMaintenanceStartTime(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_weeklyMaintenanceStartTime(rName, "2:02:02"), @@ -520,10 +603,14 @@ func TestAccFSxLustreFileSystem_automaticBackupRetentionDays(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_automaticBackupRetentionDays(rName, 0), @@ -564,10 +651,14 @@ func TestAccFSxLustreFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_dailyAutomaticBackupStartTime(rName, "02:02"), @@ -607,10 +698,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent1(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -638,10 +733,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent1_perUnitStorageThroughp ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_persistent1DeploymentType(rName, 100), @@ -681,10 +780,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent2(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -712,10 +815,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent2_perUnitStorageThroughp ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_persistent2DeploymentType(rName, 250), @@ -751,10 +858,14 @@ func TestAccFSxLustreFileSystem_logConfig(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_log(rName, "ERROR_ONLY"), @@ -914,10 +1025,14 @@ func TestAccFSxLustreFileSystem_rootSquashConfig(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_rootSquash(rName, "355534:64534"), @@ -953,10 +1068,14 @@ func TestAccFSxLustreFileSystem_fromBackup(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs, "backup_id"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "backup_id", + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup"}, }, }, }) @@ -985,10 +1104,14 @@ func TestAccFSxLustreFileSystem_kmsKeyID(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_kmsKeyID2(rName), @@ -1025,10 +1148,14 @@ func TestAccFSxLustreFileSystem_deploymentTypeScratch2(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -1055,10 +1182,14 @@ func TestAccFSxLustreFileSystem_storageTypeHddDriveCacheRead(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -1085,10 +1216,14 @@ func TestAccFSxLustreFileSystem_storageTypeHddDriveCacheNone(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -1114,10 +1249,14 @@ func TestAccFSxLustreFileSystem_copyTagsToBackups(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -1143,10 +1282,14 @@ func TestAccFSxLustreFileSystem_autoImportPolicy(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_autoImportPolicy(rName, "", "NEW_CHANGED"), @@ -1242,6 +1385,23 @@ resource "aws_fsx_lustre_file_system" "test" { `) } +func testAccLustreFileSystemConfig_deleteConfig(rName, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccLustreFileSystemConfig_base(rName), fmt.Sprintf(` +resource "aws_fsx_lustre_file_system" "test" { + skip_final_backup = false + storage_capacity = 1200 + subnet_ids = aws_subnet.test[*].id + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + + final_backup_tags = { + %[1]q = %[2]q + %[3]q = %[4]q + } +} +`, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} + func testAccLustreFileSystemConfig_exportPath(rName, exportPrefix string) string { return acctest.ConfigCompose(testAccLustreFileSystemConfig_base(rName), fmt.Sprintf(` resource "aws_s3_bucket" "test" { diff --git a/internal/service/fsx/ontap_volume.go b/internal/service/fsx/ontap_volume.go index 87c83aafe0b..dda4d21d64c 100644 --- a/internal/service/fsx/ontap_volume.go +++ b/internal/service/fsx/ontap_volume.go @@ -105,6 +105,7 @@ func resourceONTAPVolume() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "final_backup_tags": tftags.TagsSchema(), "flexcache_endpoint_type": { Type: schema.TypeString, Computed: true, @@ -486,7 +487,12 @@ func resourceONTAPVolumeUpdate(ctx context.Context, d *schema.ResourceData, meta var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - if d.HasChangesExcept(names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { ontapConfig := &fsx.UpdateOntapVolumeConfiguration{} if d.HasChange("copy_tags_to_backups") { @@ -560,14 +566,20 @@ func resourceONTAPVolumeDelete(ctx context.Context, d *schema.ResourceData, meta var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - log.Printf("[DEBUG] Deleting FSx for NetApp ONTAP Volume: %s", d.Id()) - _, err := conn.DeleteVolumeWithContext(ctx, &fsx.DeleteVolumeInput{ + input := &fsx.DeleteVolumeInput{ OntapConfiguration: &fsx.DeleteVolumeOntapConfiguration{ BypassSnaplockEnterpriseRetention: aws.Bool(d.Get("bypass_snaplock_enterprise_retention").(bool)), SkipFinalBackup: aws.Bool(d.Get("skip_final_backup").(bool)), }, VolumeId: aws.String(d.Id()), - }) + } + + if v, ok := d.GetOk("final_backup_tags"); ok && len(v.(map[string]interface{})) > 0 { + input.OntapConfiguration.FinalBackupTags = Tags(tftags.New(ctx, v)) + } + + log.Printf("[DEBUG] Deleting FSx for NetApp ONTAP Volume: %s", d.Id()) + _, err := conn.DeleteVolumeWithContext(ctx, input) if tfawserr.ErrCodeEquals(err, fsx.ErrCodeVolumeNotFound) { return diags diff --git a/internal/service/fsx/ontap_volume_test.go b/internal/service/fsx/ontap_volume_test.go index 03cea8e47f6..e434a09d040 100644 --- a/internal/service/fsx/ontap_volume_test.go +++ b/internal/service/fsx/ontap_volume_test.go @@ -46,7 +46,7 @@ func TestAccFSxONTAPVolume_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, names.AttrName, rName), resource.TestCheckResourceAttr(resourceName, "security_style", ""), resource.TestCheckResourceAttr(resourceName, "size_in_megabytes", "1024"), - resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtTrue), resource.TestCheckResourceAttr(resourceName, "snaplock_configuration.#", acctest.Ct0), resource.TestCheckResourceAttr(resourceName, "snapshot_policy", "default"), resource.TestCheckResourceAttr(resourceName, "storage_efficiency_enabled", acctest.CtTrue), @@ -61,6 +61,10 @@ func TestAccFSxONTAPVolume_basic(t *testing.T) { ResourceName: resourceName, ImportState: true, ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + "skip_final_backup", + }, }, }, }) @@ -114,10 +118,14 @@ func TestAccFSxONTAPVolume_aggregateConfiguration(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_aggregateConstituents(rName, ConstituentsPerAggregate, ConstituentsPerAggregate*204800), @@ -156,10 +164,14 @@ func TestAccFSxONTAPVolume_copyTagsToBackups(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_copyTagsToBackups(rName, false), @@ -196,10 +208,14 @@ func TestAccFSxONTAPVolume_junctionPath(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_junctionPath(rName, jPath2), @@ -235,10 +251,14 @@ func TestAccFSxONTAPVolume_name(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_basic(rName2), @@ -272,10 +292,14 @@ func TestAccFSxONTAPVolume_ontapVolumeType(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, }, }) @@ -302,10 +326,14 @@ func TestAccFSxONTAPVolume_securityStyle(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_securityStyle(rName, "NTFS"), @@ -354,10 +382,14 @@ func TestAccFSxONTAPVolume_size(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_size(rName, size2), @@ -428,10 +460,14 @@ func TestAccFSxONTAPVolume_snaplock(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, /* See https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume. @@ -491,10 +527,14 @@ func TestAccFSxONTAPVolume_snapshotPolicy(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_snapshotPolicy(rName, policy2), @@ -530,10 +570,14 @@ func TestAccFSxONTAPVolume_storageEfficiency(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_storageEfficiency(rName, false), @@ -569,10 +613,14 @@ func TestAccFSxONTAPVolume_tags(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_tags2(rName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, acctest.CtValue2), @@ -618,10 +666,14 @@ func TestAccFSxONTAPVolume_tieringPolicy(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_tieringPolicy(rName, "SNAPSHOT_ONLY", 10), @@ -678,10 +730,14 @@ func TestAccFSxONTAPVolume_volumeStyle(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"bypass_snaplock_enterprise_retention", "skip_final_backup"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, }, { Config: testAccONTAPVolumeConfig_ontapStyle(rName, style2), @@ -694,6 +750,44 @@ func TestAccFSxONTAPVolume_volumeStyle(t *testing.T) { }) } +func TestAccFSxONTAPVolume_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + var volume fsx.Volume + resourceName := "aws_fsx_ontap_volume.test" + rName := fmt.Sprintf("tf_acc_test_%d", sdkacctest.RandInt()) + + acctest.SkipIfEnvVarNotSet(t, "AWS_FSX_CREATE_FINAL_BACKUP") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckONTAPVolumeDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccONTAPVolumeConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckONTAPVolumeExists(ctx, resourceName, &volume), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.%", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey1, acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey2, acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "bypass_snaplock_enterprise_retention", + "final_backup_tags", + "skip_final_backup", + }, + }, + }, + }) +} + func testAccCheckONTAPVolumeExists(ctx context.Context, n string, v *fsx.Volume) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -809,6 +903,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id } @@ -821,6 +916,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 16 * 102400 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id volume_style = "FLEXGROUP" @@ -839,6 +935,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = %[3]d + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id volume_style = "FLEXGROUP" @@ -858,6 +955,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id copy_tags_to_backups = %[2]t @@ -870,6 +968,7 @@ func testAccONTAPVolumeConfig_junctionPath(rName, junctionPath string) string { resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = %[2]q + skip_final_backup = true size_in_megabytes = 1024 storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -896,6 +995,7 @@ resource "aws_fsx_ontap_volume" "test" { junction_path = "/%[1]s" size_in_megabytes = 1024 security_style = %[2]q + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id } @@ -908,6 +1008,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = %[2]d + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id } @@ -920,6 +1021,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_bytes = %[2]d + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id volume_style = "FLEXGROUP" @@ -933,6 +1035,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -952,6 +1055,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/snaplock_audit_log" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -996,6 +1100,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true snapshot_policy = %[2]q storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -1009,6 +1114,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = %[2]t storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id } @@ -1021,6 +1127,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -1038,6 +1145,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -1054,6 +1162,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -1070,6 +1179,7 @@ resource "aws_fsx_ontap_volume" "test" { name = %[1]q junction_path = "/%[1]s" size_in_megabytes = 1024 + skip_final_backup = true storage_efficiency_enabled = true storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id @@ -1094,3 +1204,21 @@ resource "aws_fsx_ontap_volume" "test" { } `, rName, style)) } + +func testAccONTAPVolumeConfig_deleteConfig(rName, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccONTAPVolumeConfig_base(rName), fmt.Sprintf(` +resource "aws_fsx_ontap_volume" "test" { + name = %[1]q + junction_path = "/%[1]s" + size_in_megabytes = 1024 + skip_final_backup = false + storage_efficiency_enabled = true + storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.test.id + + final_backup_tags = { + %[2]q = %[3]q + %[4]q = %[5]q + } +} +`, rName, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} diff --git a/internal/service/fsx/openzfs_file_system.go b/internal/service/fsx/openzfs_file_system.go index d8933eba078..cd83f1fdf3b 100644 --- a/internal/service/fsx/openzfs_file_system.go +++ b/internal/service/fsx/openzfs_file_system.go @@ -86,6 +86,14 @@ func resourceOpenZFSFileSystem() *schema.Resource { validation.StringMatch(regexache.MustCompile(`^([01]\d|2[0-3]):?([0-5]\d)$`), "must be in the format HH:MM"), ), }, + "delete_options": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.StringInSlice(fsx.DeleteFileSystemOpenZFSOption_Values(), false), + }, + }, "deployment_type": { Type: schema.TypeString, Required: true, @@ -127,6 +135,7 @@ func resourceOpenZFSFileSystem() *schema.Resource { Computed: true, ForceNew: true, }, + "final_backup_tags": tftags.TagsSchema(), names.AttrKMSKeyID: { Type: schema.TypeString, Optional: true, @@ -534,7 +543,13 @@ func resourceOpenZFSFileSystemUpdate(ctx context.Context, d *schema.ResourceData var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - if d.HasChangesExcept(names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "delete_options", + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { input := &fsx.UpdateFileSystemInput{ ClientRequestToken: aws.String(id.UniqueId()), FileSystemId: aws.String(d.Id()), @@ -633,13 +648,23 @@ func resourceOpenZFSFileSystemDelete(ctx context.Context, d *schema.ResourceData var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - log.Printf("[DEBUG] Deleting FSx for OpenZFS File System: %s", d.Id()) - _, err := conn.DeleteFileSystemWithContext(ctx, &fsx.DeleteFileSystemInput{ + input := &fsx.DeleteFileSystemInput{ FileSystemId: aws.String(d.Id()), OpenZFSConfiguration: &fsx.DeleteFileSystemOpenZFSConfiguration{ SkipFinalBackup: aws.Bool(d.Get("skip_final_backup").(bool)), }, - }) + } + + if v, ok := d.GetOk("delete_options"); ok { + input.OpenZFSConfiguration.Options = flex.ExpandStringSet(v.(*schema.Set)) + } + + if v, ok := d.GetOk("final_backup_tags"); ok && len(v.(map[string]interface{})) > 0 { + input.OpenZFSConfiguration.FinalBackupTags = Tags(tftags.New(ctx, v)) + } + + log.Printf("[DEBUG] Deleting FSx for OpenZFS File System: %s", d.Id()) + _, err := conn.DeleteFileSystemWithContext(ctx, input) if tfawserr.ErrCodeEquals(err, fsx.ErrCodeFileSystemNotFound) { return diags diff --git a/internal/service/fsx/openzfs_file_system_test.go b/internal/service/fsx/openzfs_file_system_test.go index 9ce1b1ab082..5d230f8eb03 100644 --- a/internal/service/fsx/openzfs_file_system_test.go +++ b/internal/service/fsx/openzfs_file_system_test.go @@ -78,7 +78,7 @@ func TestAccFSxOpenZFSFileSystem_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "root_volume_id"), resource.TestCheckResourceAttr(resourceName, "route_table_ids.#", acctest.Ct0), resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", acctest.Ct0), - resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtTrue), resource.TestCheckResourceAttr(resourceName, "storage_capacity", "64"), resource.TestCheckResourceAttr(resourceName, names.AttrStorageType, fsx.StorageTypeSsd), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", acctest.Ct1), @@ -94,6 +94,8 @@ func TestAccFSxOpenZFSFileSystem_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -128,6 +130,8 @@ func TestAccFSxOpenZFSFileSystem_diskIops(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -218,6 +222,8 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -379,6 +385,8 @@ func TestAccFSxOpenZFSFileSystem_securityGroupIDs(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -420,6 +428,8 @@ func TestAccFSxOpenZFSFileSystem_tags(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -474,6 +484,8 @@ func TestAccFSxOpenZFSFileSystem_copyTags(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -516,6 +528,8 @@ func TestAccFSxOpenZFSFileSystem_throughput(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -556,6 +570,8 @@ func TestAccFSxOpenZFSFileSystem_storageType(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -588,6 +604,8 @@ func TestAccFSxOpenZFSFileSystem_weeklyMaintenanceStartTime(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -628,6 +646,8 @@ func TestAccFSxOpenZFSFileSystem_automaticBackupRetentionDays(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -675,6 +695,8 @@ func TestAccFSxOpenZFSFileSystem_kmsKeyID(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -707,6 +729,8 @@ func TestAccFSxOpenZFSFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -747,6 +771,8 @@ func TestAccFSxOpenZFSFileSystem_throughputCapacity(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -787,6 +813,8 @@ func TestAccFSxOpenZFSFileSystem_storageCapacity(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -828,6 +856,8 @@ func TestAccFSxOpenZFSFileSystem_deploymentType(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -909,6 +939,8 @@ func TestAccFSxOpenZFSFileSystem_multiAZ(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -942,6 +974,8 @@ func TestAccFSxOpenZFSFileSystem_routeTableIDs(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -966,6 +1000,47 @@ func TestAccFSxOpenZFSFileSystem_routeTableIDs(t *testing.T) { }) } +func TestAccFSxOpenZFSFileSystem_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + var filesystem fsx.FileSystem + resourceName := "aws_fsx_openzfs_file_system.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + acctest.SkipIfEnvVarNotSet(t, "AWS_FSX_CREATE_FINAL_BACKUP") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckOpenZFSFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccOpenZFSFileSystemConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "delete_options.#", acctest.Ct1), + resource.TestCheckResourceAttr(resourceName, "delete_options.0", "DELETE_CHILD_VOLUMES_AND_SNAPSHOTS"), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.%", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey1, acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey2, acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", + "skip_final_backup", + }, + }, + }, + }) +} + func testAccCheckOpenZFSFileSystemExists(ctx context.Context, n string, v *fsx.FileSystem) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -1044,6 +1119,7 @@ func testAccOpenZFSFileSystemConfig_baseMultiAZ(rName string) string { func testAccOpenZFSFileSystemConfig_basic(rName string) string { return acctest.ConfigCompose(testAccOpenZFSFileSystemConfig_baseSingleAZ(rName), ` resource "aws_fsx_openzfs_file_system" "test" { + skip_final_backup = true storage_capacity = 64 subnet_ids = aws_subnet.test[*].id deployment_type = "SINGLE_AZ_1" @@ -1659,3 +1735,21 @@ resource "aws_fsx_openzfs_file_system" "test" { } `, rName, n)) } + +func testAccOpenZFSFileSystemConfig_deleteConfig(rName, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccOpenZFSFileSystemConfig_baseSingleAZ(rName), fmt.Sprintf(` +resource "aws_fsx_openzfs_file_system" "test" { + skip_final_backup = false + storage_capacity = 64 + subnet_ids = aws_subnet.test[*].id + deployment_type = "SINGLE_AZ_1" + throughput_capacity = 64 + delete_options = ["DELETE_CHILD_VOLUMES_AND_SNAPSHOTS"] + + final_backup_tags = { + %[1]q = %[2]q + %[3]q = %[4]q + } +} +`, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} diff --git a/internal/service/fsx/windows_file_system.go b/internal/service/fsx/windows_file_system.go index 0376e35ecf5..943f31801ab 100644 --- a/internal/service/fsx/windows_file_system.go +++ b/internal/service/fsx/windows_file_system.go @@ -165,6 +165,7 @@ func resourceWindowsFileSystem() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "final_backup_tags": tftags.TagsSchema(), names.AttrKMSKeyID: { Type: schema.TypeString, Optional: true, @@ -541,7 +542,13 @@ func resourceWindowsFileSystemUpdate(ctx context.Context, d *schema.ResourceData } } - if d.HasChangesExcept("aliases", names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "aliases", + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { input := &fsx.UpdateFileSystemInput{ ClientRequestToken: aws.String(id.UniqueId()), FileSystemId: aws.String(d.Id()), @@ -611,6 +618,10 @@ func resourceWindowsFileSystemDelete(ctx context.Context, d *schema.ResourceData }, } + if v, ok := d.GetOk("final_backup_tags"); ok && len(v.(map[string]interface{})) > 0 { + input.WindowsConfiguration.FinalBackupTags = Tags(tftags.New(ctx, v)) + } + log.Printf("[DEBUG] Deleting FSx for Windows File Server File System: %s", d.Id()) _, err := conn.DeleteFileSystemWithContext(ctx, input) diff --git a/internal/service/fsx/windows_file_system_test.go b/internal/service/fsx/windows_file_system_test.go index a5240072917..489f687c18b 100644 --- a/internal/service/fsx/windows_file_system_test.go +++ b/internal/service/fsx/windows_file_system_test.go @@ -71,6 +71,7 @@ func TestAccFSxWindowsFileSystem_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -147,6 +148,7 @@ func TestAccFSxWindowsFileSystem_singleAz2(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -181,6 +183,7 @@ func TestAccFSxWindowsFileSystem_storageTypeHdd(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -231,6 +234,7 @@ func TestAccFSxWindowsFileSystem_multiAz(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -265,6 +269,7 @@ func TestAccFSxWindowsFileSystem_aliases(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -317,6 +322,7 @@ func TestAccFSxWindowsFileSystem_automaticBackupRetentionDays(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -366,6 +372,7 @@ func TestAccFSxWindowsFileSystem_copyTagsToBackups(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -407,6 +414,7 @@ func TestAccFSxWindowsFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -423,6 +431,45 @@ func TestAccFSxWindowsFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { }) } +func TestAccFSxWindowsFileSystem_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + var filesystem fsx.FileSystem + resourceName := "aws_fsx_windows_file_system.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + domainName := acctest.RandomDomainName() + + acctest.SkipIfEnvVarNotSet(t, "AWS_FSX_CREATE_FINAL_BACKUP") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckWindowsFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccWindowsFileSystemConfig_deleteConfig(rName, domainName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckWindowsFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.%", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey1, acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags."+acctest.CtKey2, acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, + }, + }, + }) +} + func TestAccFSxWindowsFileSystem_kmsKeyID(t *testing.T) { ctx := acctest.Context(t) var filesystem1, filesystem2 fsx.FileSystem @@ -450,6 +497,7 @@ func TestAccFSxWindowsFileSystem_kmsKeyID(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -491,6 +539,7 @@ func TestAccFSxWindowsFileSystem_securityGroupIDs(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -532,8 +581,9 @@ func TestAccFSxWindowsFileSystem_selfManagedActiveDirectory(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ - names.AttrSecurityGroupIDs, + "final_backup_tags", "self_managed_active_directory", + names.AttrSecurityGroupIDs, "skip_final_backup", }, }, @@ -567,6 +617,7 @@ func TestAccFSxWindowsFileSystem_storageCapacity(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -609,9 +660,10 @@ func TestAccFSxWindowsFileSystem_fromBackup(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "backup_id", + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", - "backup_id", }, }, }, @@ -644,6 +696,7 @@ func TestAccFSxWindowsFileSystem_tags(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -696,6 +749,7 @@ func TestAccFSxWindowsFileSystem_throughputCapacity(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -737,6 +791,7 @@ func TestAccFSxWindowsFileSystem_weeklyMaintenanceStartTime(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -781,6 +836,7 @@ func TestAccFSxWindowsFileSystem_audit(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -835,6 +891,7 @@ func TestAccFSxWindowsFileSystem_diskIops(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -1035,6 +1092,23 @@ resource "aws_fsx_windows_file_system" "test" { `, rName, dailyAutomaticBackupStartTime)) } +func testAccWindowsFileSystemConfig_deleteConfig(rName, domain, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccWindowsFileSystemConfig_base(rName, domain), fmt.Sprintf(` +resource "aws_fsx_windows_file_system" "test" { + active_directory_id = aws_directory_service_directory.test.id + skip_final_backup = false + storage_capacity = 32 + subnet_ids = [aws_subnet.test[0].id] + throughput_capacity = 8 + + final_backup_tags = { + %[1]q = %[2]q + %[3]q = %[4]q + } +} +`, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} + func testAccWindowsFileSystemConfig_kmsKeyID1(rName, domain string) string { return acctest.ConfigCompose(testAccWindowsFileSystemConfig_base(rName, domain), fmt.Sprintf(` resource "aws_kms_key" "test1" { diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index ea89e8d6905..3338f5da358 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -24,45 +24,60 @@ resource "aws_fsx_lustre_file_system" "example" { ## Argument Reference -This resource supports the following arguments: +The following arguments are required: -* `storage_capacity` - (Optional) The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup. * `subnet_ids` - (Required) A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone. + +The following arguments are optional: + +* `auto_import_policy` - (Optional) How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types. +* `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. * `backup_id` - (Optional) The ID of the source backup to create the filesystem from. +* `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false. +* `daily_automatic_backup_start_time` - (Optional) A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set. +* `drive_cache_type` - (Optional) - The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`. +* `data_compression_type` - (Optional) Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`. +* `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`. * `export_path` - (Optional) S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`. Only supported on `PERSISTENT_1` deployment types. -* `import_path` - (Optional) S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types. +* `file_system_type_version` - (Optional) Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types. +* `final_backup_tags` - (Optional) A map of tags to apply to the file system's final backup. + + **Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set. * `imported_file_chunk_size` - (Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`. Only supported on `PERSISTENT_1` deployment types. -* `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. -* `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. -* `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. -* `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`. +* `import_path` - (Optional) S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types. * `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest, applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Defaults to an AWS managed KMS Key. +* `log_configuration` - (Optional) The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. See [`log_configuration` Block](#log_configuration-block) for details. +* `metadata_configuration` - (Optional) The Lustre metadata configuration used when creating an Amazon FSx for Lustre file system. This can be used to specify a user provisioned metadata scale. This is only supported when `deployment_type` is set to `PERSISTENT_2`. See [`metadata_configuration` Block](#metadata_configuration-block) for details. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Valid values for `PERSISTENT_1` deployment_type and `SSD` storage_type are 50, 100, 200. Valid values for `PERSISTENT_1` deployment_type and `HDD` storage_type are 12, 40. Valid values for `PERSISTENT_2` deployment_type and ` SSD` storage_type are 125, 250, 500, 1000. -* `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. +* `root_squash_configuration` - (Optional) The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. See [`root_squash_configuration` Block](#root_squash_configuration-block) for details. +* `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. +* `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `true`. + + **Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set. +* `storage_capacity` - (Optional) The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup. * `storage_type` - (Optional) - The filesystem storage type. Either `SSD` or `HDD`, defaults to `SSD`. `HDD` is only supported on `PERSISTENT_1` deployment types. -* `drive_cache_type` - (Optional) - The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`. -* `daily_automatic_backup_start_time` - (Optional) A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set. -* `auto_import_policy` - (Optional) How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types. -* `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false. -* `data_compression_type` - (Optional) Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`. -* `file_system_type_version` - (Optional) Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types. -* `log_configuration` - (Optional) The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. -* `metadata_configuration` - (Optional) The Lustre metadata configuration used when creating an Amazon FSx for Lustre file system. This can be used to specify a user provisioned metadata scale. This is only supported when `deployment_type` is set to `PERSISTENT_2`. See Metadata Configuration below. -* `root_squash_configuration` - (Optional) The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. +* `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. +* `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. + +### `log_configuration` Block -### log_configuration +The `log_configuration` configuration block supports the following arguments: * `destination` - (Optional) The Amazon Resource Name (ARN) that specifies the destination of the logs. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. If you do not provide a destination, Amazon FSx will create and use a log stream in the CloudWatch Logs `/aws/fsx/lustre` log group. * `level` - (Optional) Sets which data repository events are logged by Amazon FSx. Valid values are `WARN_ONLY`, `FAILURE_ONLY`, `ERROR_ONLY`, `WARN_ERROR` and `DISABLED`. Default value is `DISABLED`. -### metadata_configuration +### `metadata_configuration` Block + +The `metadata_configuration` configuration block supports the following arguments: -* `mode` - (Optional) Mode for the metadata configuration of the file system. Valid values are `AUTOMATIC`, and `USER_PROVISIONED`. * `iops` - (Optional) Amount of IOPS provisioned for metadata. This parameter should only be used when the mode is set to `USER_PROVISIONED`. Valid Values are `1500`,`3000`,`6000` and `12000` through `192000` in increments of `12000`. +* `mode` - (Optional) Mode for the metadata configuration of the file system. Valid values are `AUTOMATIC`, and `USER_PROVISIONED`. !> **WARNING:** Updating the value of `iops` from a higher to a lower value will force a recreation of the resource. Any data on the file system will be lost when recreating. -### root_squash_configuration +### `root_squash_configuration` Block + +The `root_squash_configuration` configuration block supports the following arguments: * `no_squash_nids` - (Optional) When root squash is enabled, you can optionally specify an array of NIDs of clients for which root squash does not apply. A client NID is a Lustre Network Identifier used to uniquely identify a client. You can specify the NID as either a single address or a range of addresses: 1. A single address is described in standard Lustre NID format by specifying the client’s IP address followed by the Lustre network ID (for example, 10.0.1.6@tcp). 2. An address range is described using a dash to separate the range (for example, 10.0.[2-10].[1-255]@tcp). * `root_squash` - (Optional) You enable root squash by setting a user ID (UID) and group ID (GID) for the file system in the format UID:GID (for example, 365534:65534). The UID and GID values can range from 0 to 4294967294. @@ -74,8 +89,8 @@ This resource exports the following attributes in addition to the arguments abov * `arn` - Amazon Resource Name of the file system. * `dns_name` - DNS name for the file system, e.g., `fs-12345678.fsx.us-west-2.amazonaws.com` * `id` - Identifier of the file system, e.g., `fs-12345678` -* `network_interface_ids` - Set of Elastic Network Interface identifiers from which the file system is accessible. As explained in the [documentation](https://docs.aws.amazon.com/fsx/latest/LustreGuide/mounting-on-premises.html), the first network interface returned is the primary network interface. * `mount_name` - The value to be used when mounting the filesystem. +* `network_interface_ids` - Set of Elastic Network Interface identifiers from which the file system is accessible. As explained in the [documentation](https://docs.aws.amazon.com/fsx/latest/LustreGuide/mounting-on-premises.html), the first network interface returned is the primary network interface. * `owner_id` - AWS account identifier that created the file system. * `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). * `vpc_id` - Identifier of the Virtual Private Cloud for the file system. diff --git a/website/docs/r/fsx_ontap_volume.html.markdown b/website/docs/r/fsx_ontap_volume.html.markdown index c5fd3f87ebf..e6c1a0d7865 100644 --- a/website/docs/r/fsx_ontap_volume.html.markdown +++ b/website/docs/r/fsx_ontap_volume.html.markdown @@ -46,57 +46,87 @@ resource "aws_fsx_ontap_volume" "test" { ## Argument Reference -This resource supports the following arguments: +The following arguments are required: * `name` - (Required) The name of the Volume. You can use a maximum of 203 alphanumeric characters, plus the underscore (_) special character. -* `aggregate_configuration` - (Optional) The Aggregate configuration only applies to `FLEXGROUP` volumes. See [Aggreate Configuration](#aggregate-configuration) below. +* `storage_virtual_machine_id` - (Required) Specifies the storage virtual machine in which to create the volume. + +The following arguments are optional: + +* `aggregate_configuration` - (Optional) The Aggregate configuration only applies to `FLEXGROUP` volumes. See [`aggregate_configuration` Block] for details. * `bypass_snaplock_enterprise_retention` - (Optional) Setting this to `true` allows a SnapLock administrator to delete an FSx for ONTAP SnapLock Enterprise volume with unexpired write once, read many (WORM) files. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`. * `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to `false`. +* `final_backup_tags` - (Optional) A map of tags to apply to the volume's final backup. * `junction_path` - (Optional) Specifies the location in the storage virtual machine's namespace where the volume is mounted. The junction_path must have a leading forward slash, such as `/vol3` * `ontap_volume_type` - (Optional) Specifies the type of volume, valid values are `RW`, `DP`. Default value is `RW`. These can be set by the ONTAP CLI or API. This setting is used as part of migration and replication [Migrating to Amazon FSx for NetApp ONTAP](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/migrating-fsx-ontap.html) * `security_style` - (Optional) Specifies the volume security style, Valid values are `UNIX`, `NTFS`, and `MIXED`. * `size_in_bytes` - (Optional) Specifies the size of the volume, in megabytes (MB), that you are creating. Can be used for any size but required for volumes over 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent. * `size_in_megabytes` - (Optional) Specifies the size of the volume, in megabytes (MB), that you are creating. Supported when creating volumes under 2 PB. Either size_in_bytes or size_in_megabytes must be specified. Minimum size for `FLEXGROUP` volumes are 100GiB per constituent. * `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the volume is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`. -* `snaplock_configuration` - (Optional) The SnapLock configuration for an FSx for ONTAP volume. See [SnapLock Configuration](#snaplock-configuration) below. +* `snaplock_configuration` - (Optional) The SnapLock configuration for an FSx for ONTAP volume. See [`snaplock_configuration` Block](#snaplock_configuration-block) for details. * `snapshot_policy` - (Optional) Specifies the snapshot policy for the volume. See [snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx ONTAP User Guide * `storage_efficiency_enabled` - (Optional) Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume. -* `storage_virtual_machine_id` - (Required) Specifies the storage virtual machine in which to create the volume. * `tags` - (Optional) A map of tags to assign to the volume. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. -* `tiering_policy` - (Optional) The data tiering policy for an FSx for ONTAP volume. See [Tiering Policy](#tiering-policy) below. +* `tiering_policy` - (Optional) The data tiering policy for an FSx for ONTAP volume. See [`tiering_policy` Block](#tiering_policy-block) for details. * `volume_style` - (Optional) Specifies the styles of volume, valid values are `FLEXVOL`, `FLEXGROUP`. Default value is `FLEXVOL`. FLEXGROUPS have a larger minimum and maximum size. See Volume Styles for more details. [Volume Styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-styles.html) -### Aggregate Configuration +### `aggregate_configuration` Block + +The `aggregate_configuration` configuration block supports the following arguments: * `aggregates` - (Optional) Used to specify the names of the aggregates on which the volume will be created. Each aggregate needs to be in the format aggrX where X is the number of the aggregate. * `constituents_per_aggregate` - (Optional) Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. the default value is `8`. -### SnapLock Configuration +### `snaplock_configuration` Block + +The `snaplock_configuration` configuration block supports the following arguments: +* `snaplock_type` - (Required) Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. Valid values: `COMPLIANCE`, `ENTERPRISE`. * `audit_log_volume` - (Optional) Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false`. -* `autocommit_period` - (Optional) The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume. See [Autocommit Period](#autocommit-period) below. +* `autocommit_period` - (Optional) The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume. See [`autocommit_period` Block](#autocommit_period-block) for details. * `privileged_delete` - (Optional) Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Valid values: `DISABLED`, `ENABLED`, `PERMANENTLY_DISABLED`. The default value is `DISABLED`. -* `retention_period` - (Optional) The retention period of an FSx for ONTAP SnapLock volume. See [SnapLock Retention Period](#snaplock-retention-period) below. -* `snaplock_type` - (Required) Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. Valid values: `COMPLIANCE`, `ENTERPRISE`. +* `retention_period` - (Optional) The retention period of an FSx for ONTAP SnapLock volume. See [`retention_period` Block](#retention_period-block) for details. * `volume_append_mode_enabled` - (Optional) Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. The default value is `false`. -### Autocommit Period +### `autocommit_period` Block + +The `autocommit_period` configuration block supports the following arguments: * `type` - (Required) The type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. Valid values: `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `NONE`. * `value` - (Optional) The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. -### SnapLock Retention Period +### `retention_period` Block + +The `retention_period` configuration block supports the following arguments: + +* `default_retention` - (Required) The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period. See [`default_retention` Block](#default_retention-block) for details. +* `maximum_retention` - (Required) The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See [`maximum_retention` Block](#maximum_retention-block) for details. +* `minimum_retention` - (Required) The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See [`minimum_retention` Block](#minimum_retention-block) for details. + +### `default_retention` Block + +The `default_retention` configuration block supports the following arguments: + +* `type` - (Required) The type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE`, the files are retained forever. If you set it to `UNSPECIFIED`, the files are retained until you set an explicit retention period. Valid values: `SECONDS`, `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `INFINITE`, `UNSPECIFIED`. +* `value` - (Optional) The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. + +### `maximum_retention` Block -* `default_retention` - (Required) The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period. See [Retention Period](#retention-period) below. -* `maximum_retention` - (Required) The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See [Retention Period](#retention-period) below. -* `minimum_retention` - (Required) The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See [Retention Period](#retention-period) below. +The `maximum_retention` configuration block supports the following arguments: -### Retention Period +* `type` - (Required) The type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE`, the files are retained forever. If you set it to `UNSPECIFIED`, the files are retained until you set an explicit retention period. Valid values: `SECONDS`, `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `INFINITE`, `UNSPECIFIED`. +* `value` - (Optional) The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. + +### `minimum_retention` Block + +The `minimum_retention` configuration block supports the following arguments: * `type` - (Required) The type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE`, the files are retained forever. If you set it to `UNSPECIFIED`, the files are retained until you set an explicit retention period. Valid values: `SECONDS`, `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `INFINITE`, `UNSPECIFIED`. * `value` - (Optional) The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. -### Tiering Policy +### `tiering_policy` Block + +The `tiering_policy` configuration block supports the following arguments: * `name` - (Required) Specifies the tiering policy for the ONTAP volume for moving data to the capacity pool storage. Valid values are `SNAPSHOT_ONLY`, `AUTO`, `ALL`, `NONE`. Default value is `SNAPSHOT_ONLY`. * `cooling_period` - (Optional) Specifies the number of days that user data in a volume must remain inactive before it is considered "cold" and moved to the capacity pool. Used with `AUTO` and `SNAPSHOT_ONLY` tiering policies only. Valid values are whole numbers between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY`. diff --git a/website/docs/r/fsx_openzfs_file_system.html.markdown b/website/docs/r/fsx_openzfs_file_system.html.markdown index ca14db229fe..35a528a69f3 100644 --- a/website/docs/r/fsx_openzfs_file_system.html.markdown +++ b/website/docs/r/fsx_openzfs_file_system.html.markdown @@ -24,22 +24,27 @@ resource "aws_fsx_openzfs_file_system" "test" { ## Argument Reference -This resource supports the following arguments: +The following arguments are required: -* `deployment_type` - (Required) - The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`. +* `deployment_type` - (Required) The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`. * `storage_capacity` - (Required) The storage capacity (GiB) of the file system. Valid values between `64` and `524288`. * `subnet_ids` - (Required) A list of IDs for the subnets that the file system will be accessible from. * `throughput_capacity` - (Required) Throughput (MB/s) of the file system. Valid values depend on `deployment_type`. Must be one of `64`, `128`, `256`, `512`, `1024`, `2048`, `3072`, `4096` for `SINGLE_AZ_1`. Must be one of `160`, `320`, `640`, `1280`, `2560`, `3840`, `5120`, `7680`, `10240` for `SINGLE_AZ_2`. + +The following arguments are optional: + * `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. * `backup_id` - (Optional) The ID of the source backup to create the filesystem from. * `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. * `copy_tags_to_volumes` - (Optional) A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false. * `daily_automatic_backup_start_time` - (Optional) A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set. -* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See [Disk Iops Configuration](#disk-iops-configuration) below. +* `delete_options` - (Optional) List of delete options, which at present supports only one value that specifies whether to delete all child volumes and snapshots when the file system is deleted. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`. +* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See [`disk_iops_configuration` Block](#disk_iops_configuration-block) for details. * `endpoint_ip_address_range` - (Optional) (Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. +* `final_backup_tags` - (Optional) A map of tags to apply to the file system's final backup. * `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key. * `preferred_subnet_id` - (Optional) (Multi-AZ only) Required when `deployment_type` is set to `MULTI_AZ_1`. This specifies the subnet in which you want the preferred file server to be located. -* `root_volume_configuration` - (Optional) The configuration for the root volume of the file system. All other volumes are children or the root volume. See [Root Volume Configuration](#root-volume-configuration) below. +* `root_volume_configuration` - (Optional) The configuration for the root volume of the file system. All other volumes are children or the root volume. See [`root_volume_configuration` Block](#root_volume_configuration-block) for details. * `route_table_ids` - (Optional) (Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table. * `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. * `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`. @@ -47,34 +52,44 @@ This resource supports the following arguments: * `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. -### Disk Iops Configuration +### `disk_iops_configuration` Block + +The `disk_iops_configuration` configuration block supports the following arguments: + +* `iops` - (Optional) The total number of SSD IOPS provisioned for the file system. +* `mode` - (Optional) Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. + +### `root_volume_configuration` Block -* `iops` - (Optional) - The total number of SSD IOPS provisioned for the file system. -* `mode` - (Optional) - Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. +The `root_volume_configuration` configuration block supports the following arguments: -### Root Volume Configuration +* `copy_tags_to_snapshots` - (Optional) A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false. +* `data_compression_type` - (Optional) Method used to compress the data on the volume. Valid values are `LZ4`, `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume. +* `nfs_exports` - (Optional) NFS export configuration for the root volume. Exactly 1 item. See [`nfs_exports` Block](#nfs_exports-block) for details. +* `read_only` - (Optional) specifies whether the volume is read-only. Default is false. +* `record_size_kib` - (Optional) Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB. +* `user_and_group_quotas` - (Optional) Specify how much storage users or groups can use on the volume. Maximum of 100 items. See [`user_and_group_quotas` Block](#user_and_group_quotas-block) for details. -* `copy_tags_to_snapshots` - (Optional) - A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false. -* `data_compression_type` - (Optional) - Method used to compress the data on the volume. Valid values are `LZ4`, `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume. -* `nfs_exports` - (Optional) - NFS export configuration for the root volume. Exactly 1 item. See [NFS Exports](#nfs-exports) Below. -* `read_only` - (Optional) - specifies whether the volume is read-only. Default is false. -* `record_size_kib` - (Optional) - Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB. -* `user_and_group_quotas` - (Optional) - Specify how much storage users or groups can use on the volume. Maximum of 100 items. See [User and Group Quotas](#user-and-group-quotas) Below. +### `nfs_exports` Block -### NFS Exports +The `nfs_exports` configuration block supports the following arguments: -* `client_configurations` - (Required) - A list of configuration objects that contain the client and options for mounting the OpenZFS file system. Maximum of 25 items. See [Client Configurations](#client configurations) Below. +* `client_configurations` - (Required) A list of configuration objects that contain the client and options for mounting the OpenZFS file system. Maximum of 25 items. See [`client_configurations` Block](#client_configurations-block) for details. -### Client Configurations +### `client_configurations` Block -* `clients` - (Required) - A value that specifies who can mount the file system. You can provide a wildcard character (*), an IP address (0.0.0.0), or a CIDR address (192.0.2.0/24. By default, Amazon FSx uses the wildcard character when specifying the client. -* `options` - (Required) - The options to use when mounting the file system. Maximum of 20 items. See the [Linix NFS exports man page](https://linux.die.net/man/5/exports) for more information. `crossmount` and `sync` are used by default. +The `client_configurations` configuration block supports the following arguments: -### User and Group Quotas +* `clients` - (Required) A value that specifies who can mount the file system. You can provide a wildcard character (*), an IP address (0.0.0.0), or a CIDR address (192.0.2.0/24. By default, Amazon FSx uses the wildcard character when specifying the client. +* `options` - (Required) The options to use when mounting the file system. Maximum of 20 items. See the [Linix NFS exports man page](https://linux.die.net/man/5/exports) for more information. `crossmount` and `sync` are used by default. -* `id` - (Required) - The ID of the user or group. Valid values between `0` and `2147483647` -* `storage_capacity_quota_gib` - (Required) - The amount of storage that the user or group can use in gibibytes (GiB). Valid values between `0` and `2147483647` -* `type` - (Required) - A value that specifies whether the quota applies to a user or group. Valid values are `USER` or `GROUP`. +### `user_and_group_quotas` Block + +The `user_and_group_quotas` configuration block supports the following arguments: + +* `id` - (Required) The ID of the user or group. Valid values between `0` and `2147483647` +* `storage_capacity_quota_gib` - (Required) The amount of storage that the user or group can use in gibibytes (GiB). Valid values between `0` and `2147483647` +* `type` - (Required) A value that specifies whether the quota applies to a user or group. Valid values are `USER` or `GROUP`. ## Attribute Reference @@ -85,8 +100,8 @@ This resource exports the following attributes in addition to the arguments abov * `endpoint_ip_address` - IP address of the endpoint that is used to access data or to manage the file system. * `id` - Identifier of the file system, e.g., `fs-12345678` * `network_interface_ids` - Set of Elastic Network Interface identifiers from which the file system is accessible The first network interface returned is the primary network interface. -* `root_volume_id` - Identifier of the root volume, e.g., `fsvol-12345678` * `owner_id` - AWS account identifier that created the file system. +* `root_volume_id` - Identifier of the root volume, e.g., `fsvol-12345678` * `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). * `vpc_id` - Identifier of the Virtual Private Cloud for the file system. diff --git a/website/docs/r/fsx_windows_file_system.html.markdown b/website/docs/r/fsx_windows_file_system.html.markdown index d8ad576f02d..69a4ac941b3 100644 --- a/website/docs/r/fsx_windows_file_system.html.markdown +++ b/website/docs/r/fsx_windows_file_system.html.markdown @@ -59,29 +59,40 @@ The following arguments are optional: * `active_directory_id` - (Optional) The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`. * `aliases` - (Optional) An array DNS alias names that you want to associate with the Amazon FSx file system. For more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) -* `audit_log_configuration` - (Optional) The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See [Audit Log Configuration](#audit-log-configuration) below. +* `audit_log_configuration` - (Optional) The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See [`audit_log_configuration` Block](#audit_log_configuration-block) for details. * `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Minimum of `0` and maximum of `90`. Defaults to `7`. Set to `0` to disable. * `backup_id` - (Optional) The ID of the source backup to create the filesystem from. * `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`. * `daily_automatic_backup_start_time` - (Optional) The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone. * `deployment_type` - (Optional) Specifies the file system deployment type, valid values are `MULTI_AZ_1`, `SINGLE_AZ_1` and `SINGLE_AZ_2`. Default value is `SINGLE_AZ_1`. -* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See [Disk Iops Configuration](#disk-iops-configuration) below. +* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See [`disk_iops_configuration` Block](#disk_iops_configuration-block) for details. +* `final_backup_tags` - (Optional) A map of tags to apply to the file system's final backup. * `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key. * `preferred_subnet_id` - (Optional) Specifies the subnet in which you want the preferred file server to be located. Required for when deployment type is `MULTI_AZ_1`. * `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. -* `self_managed_active_directory` - (Optional) Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See [Self-Managed Active Directory](#self-managed-active-directory) below. +* `self_managed_active_directory` - (Optional) Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See [`self_managed_active_directory` Block](#self_managed_active_directory-block) for details. * `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`. * `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. * `storage_capacity` - (Optional) Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536. If the storage type is set to `HDD` the minimum value is 2000. Required when not creating filesystem for a backup. * `storage_type` - (Optional) Specifies the storage type, Valid values are `SSD` and `HDD`. `HDD` is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types. Default value is `SSD`. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. -### Disk Iops Configuration +### `audit_log_configuration` Block -* `iops` - (Optional) - The total number of SSD IOPS provisioned for the file system. -* `mode` - (Optional) - Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. +The `audit_log_configuration` configuration block supports the following arguments: -### Self-Managed Active Directory +* `audit_log_destination` - (Optional) The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN. Can be specified when `file_access_audit_log_level` and `file_share_access_audit_log_level` are not set to `DISABLED`. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehouse delivery stream must begin with the `aws-fsx` prefix. If you do not provide a destination in `audit_log_destionation`, Amazon FSx will create and use a log stream in the CloudWatch Logs /aws/fsx/windows log group. +* `file_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file and folder accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. +* `file_share_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file share accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. + +### `disk_iops_configuration` Block + +The `disk_iops_configuration` configuration block supports the following arguments: + +* `iops` - (Optional) The total number of SSD IOPS provisioned for the file system. +* `mode` - (Optional) Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. + +### `self_managed_active_directory` Block The `self_managed_active_directory` configuration block supports the following arguments: @@ -92,12 +103,6 @@ The `self_managed_active_directory` configuration block supports the following a * `file_system_administrators_group` - (Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, and setting audit controls (audit ACLs) on files and folders. The group that you specify must already exist in your domain. Defaults to `Domain Admins`. * `organizational_unit_distinguished_name` - (Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory that the Windows File Server instance will join. For example, `OU=FSx,DC=yourdomain,DC=corp,DC=com`. Only accepts OU as the direct parent of the file system. If none is provided, the FSx file system is created in the default location of your self-managed AD directory. To learn more, see [RFC 2253](https://tools.ietf.org/html/rfc2253). -### Audit Log Configuration - -* `audit_log_destination` - (Optional) The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN. Can be specified when `file_access_audit_log_level` and `file_share_access_audit_log_level` are not set to `DISABLED`. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehouse delivery stream must begin with the `aws-fsx` prefix. If you do not provide a destination in `audit_log_destionation`, Amazon FSx will create and use a log stream in the CloudWatch Logs /aws/fsx/windows log group. -* `file_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file and folder accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. -* `file_share_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file share accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. - ## Attribute Reference This resource exports the following attributes in addition to the arguments above: