diff --git a/.changelog/37717.txt b/.changelog/37717.txt new file mode 100644 index 000000000000..7a05d4990562 --- /dev/null +++ b/.changelog/37717.txt @@ -0,0 +1,9 @@ +```release-note:enhancement +resource/aws_fsx_lustre_file_system: Add `final_backup_tags` and `skip_final_backup` arguments +``` +```release-note:enhancement +resource/aws_fsx_openzfs_file_system: Add `delete_options` and `final_backup_tags` arguments +``` +```release-note:enhancement +resource/aws_fsx_windows_file_system: Add `final_backup_tags` argument +``` \ No newline at end of file diff --git a/internal/service/fsx/lustre_file_system.go b/internal/service/fsx/lustre_file_system.go index a0621369eb12..57418b134b1d 100644 --- a/internal/service/fsx/lustre_file_system.go +++ b/internal/service/fsx/lustre_file_system.go @@ -42,7 +42,11 @@ func resourceLustreFileSystem() *schema.Resource { DeleteWithoutTimeout: resourceLustreFileSystemDelete, Importer: &schema.ResourceImporter{ - StateContext: schema.ImportStatePassthroughContext, + StateContext: func(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + d.Set("skip_final_backup", true) + + return []*schema.ResourceData{d}, nil + }, }, Timeouts: &schema.ResourceTimeout{ @@ -131,6 +135,32 @@ func resourceLustreFileSystem() *schema.Resource { validation.StringMatch(regexache.MustCompile(`^[0-9].[0-9]+$`), "must be in format x.y"), ), }, + "final_backup_tags": { + Type: schema.TypeSet, + Optional: true, + MinItems: 1, + MaxItems: 50, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + names.AttrKey: { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(1, 128), + validation.StringMatch(regexache.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`), "must be a valid tag key"), + ), + }, + names.AttrValue: { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(0, 128), + validation.StringMatch(regexache.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`), "must be a valid tag value"), + ), + }, + }, + }, + }, "import_path": { Type: schema.TypeString, Optional: true, @@ -238,6 +268,11 @@ func resourceLustreFileSystem() *schema.Resource { MaxItems: 50, Elem: &schema.Schema{Type: schema.TypeString}, }, + "skip_final_backup": { + Type: schema.TypeBool, + Optional: true, + Default: true, + }, "storage_capacity": { Type: schema.TypeInt, Optional: true, @@ -491,7 +526,12 @@ func resourceLustreFileSystemUpdate(ctx context.Context, d *schema.ResourceData, var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - if d.HasChangesExcept(names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { input := &fsx.UpdateFileSystemInput{ ClientRequestToken: aws.String(id.UniqueId()), FileSystemId: aws.String(d.Id()), @@ -557,10 +597,27 @@ func resourceLustreFileSystemDelete(ctx context.Context, d *schema.ResourceData, var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) + input := &fsx.DeleteFileSystemInput{ + ClientRequestToken: aws.String(id.UniqueId()), + FileSystemId: aws.String(d.Id()), + } + + // Final backup during delete is not supported on file systems using the Scratch deployment type + // LustreConfiguration cannot be supplied at all, even when empty, in this scenario + if v, ok := d.GetOk("deployment_type"); ok && !strings.HasPrefix(v.(string), "SCRATCH_") { + lustreConfig := &fsx.DeleteFileSystemLustreConfiguration{ + SkipFinalBackup: aws.Bool(d.Get("skip_final_backup").(bool)), + } + + if v, ok := d.GetOk("final_backup_tags"); ok { + lustreConfig.FinalBackupTags = expandFinalBackupTags(v.(*schema.Set)) + } + + input.LustreConfiguration = lustreConfig + } + log.Printf("[DEBUG] Deleting FSx for Lustre File System: %s", d.Id()) - _, err := conn.DeleteFileSystemWithContext(ctx, &fsx.DeleteFileSystemInput{ - FileSystemId: aws.String(d.Id()), - }) + _, err := conn.DeleteFileSystemWithContext(ctx, input) if tfawserr.ErrCodeEquals(err, fsx.ErrCodeFileSystemNotFound) { return diags @@ -577,6 +634,32 @@ func resourceLustreFileSystemDelete(ctx context.Context, d *schema.ResourceData, return diags } +func expandFinalBackupTags(cfg *schema.Set) []*fsx.Tag { + tags := []*fsx.Tag{} + + for _, tag := range cfg.List() { + expandedTag := expandFinalBackupTag(tag.(map[string]interface{})) + if expandedTag != nil { + tags = append(tags, expandedTag) + } + } + + return tags +} + +func expandFinalBackupTag(cfg map[string]interface{}) *fsx.Tag { + out := fsx.Tag{} + + if v, ok := cfg[names.AttrKey].(string); ok { + out.Key = aws.String(v) + } + if v, ok := cfg[names.AttrValue].(string); ok { + out.Value = aws.String(v) + } + + return &out +} + func expandLustreRootSquashConfiguration(l []interface{}) *fsx.LustreRootSquashConfiguration { if len(l) == 0 || l[0] == nil { return nil diff --git a/internal/service/fsx/lustre_file_system_test.go b/internal/service/fsx/lustre_file_system_test.go index c7d0d52b9d6c..af919d119f57 100644 --- a/internal/service/fsx/lustre_file_system_test.go +++ b/internal/service/fsx/lustre_file_system_test.go @@ -6,6 +6,7 @@ package fsx_test import ( "context" "fmt" + "os" "testing" "github.com/YakDriver/regexache" @@ -57,6 +58,7 @@ func TestAccFSxLustreFileSystem_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "network_interface_ids.#", acctest.Ct2), acctest.CheckResourceAttrAccountID(resourceName, names.AttrOwnerID), resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", acctest.Ct0), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtTrue), resource.TestCheckResourceAttr(resourceName, "storage_capacity", "1200"), resource.TestCheckResourceAttr(resourceName, names.AttrStorageType, fsx.StorageTypeSsd), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", acctest.Ct1), @@ -66,10 +68,14 @@ func TestAccFSxLustreFileSystem_basic(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -119,10 +125,14 @@ func TestAccFSxLustreFileSystem_dataCompression(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_basic(rName), @@ -142,6 +152,62 @@ func TestAccFSxLustreFileSystem_dataCompression(t *testing.T) { }) } +func TestAccFSxLustreFileSystem_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + + if os.Getenv("FSX_CREATE_FINAL_BACKUP") != "true" { + t.Skip("Environment variable FSX_CREATE_FINAL_BACKUP is not set to true") + } + + var filesystem1, filesystem2 fsx.FileSystem + resourceName := "aws_fsx_lustre_file_system.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckLustreFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccLustreFileSystemConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckLustreFileSystemExists(ctx, resourceName, &filesystem1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.#", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.key", acctest.CtKey1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.value", acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.key", acctest.CtKey2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.value", acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "false"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, + }, + { + Config: testAccLustreFileSystemConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, ""), + Check: resource.ComposeTestCheckFunc( + testAccCheckLustreFileSystemExists(ctx, resourceName, &filesystem2), + testAccCheckLustreFileSystemNotRecreated(&filesystem1, &filesystem2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.#", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.key", acctest.CtKey1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.value", acctest.CtValue1Updated), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.key", acctest.CtKey2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.value", ""), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "false"), + ), + }, + }, + }) +} + func TestAccFSxLustreFileSystem_exportPath(t *testing.T) { ctx := acctest.Context(t) var filesystem1, filesystem2 fsx.FileSystem @@ -163,10 +229,14 @@ func TestAccFSxLustreFileSystem_exportPath(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_exportPath(rName, "/prefix/"), @@ -202,10 +272,14 @@ func TestAccFSxLustreFileSystem_importPath(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_importPath(rName, "/prefix/"), @@ -240,10 +314,14 @@ func TestAccFSxLustreFileSystem_importedFileChunkSize(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_importedChunkSize(rName, 4096), @@ -277,10 +355,14 @@ func TestAccFSxLustreFileSystem_securityGroupIDs(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_securityGroupIDs2(rName), @@ -314,10 +396,14 @@ func TestAccFSxLustreFileSystem_storageCapacity(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_storageCapacity(rName, 1200), @@ -351,10 +437,14 @@ func TestAccFSxLustreFileSystem_storageCapacityUpdate(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_storageCapacityScratch2(rName, 1200), @@ -396,10 +486,14 @@ func TestAccFSxLustreFileSystem_fileSystemTypeVersion(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_typeVersion(rName, "2.12"), @@ -434,10 +528,14 @@ func TestAccFSxLustreFileSystem_tags(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_tags2(rName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, acctest.CtValue2), @@ -482,10 +580,14 @@ func TestAccFSxLustreFileSystem_weeklyMaintenanceStartTime(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_weeklyMaintenanceStartTime(rName, "2:02:02"), @@ -519,10 +621,14 @@ func TestAccFSxLustreFileSystem_automaticBackupRetentionDays(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_automaticBackupRetentionDays(rName, 0), @@ -563,10 +669,14 @@ func TestAccFSxLustreFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_dailyAutomaticBackupStartTime(rName, "02:02"), @@ -606,10 +716,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent1(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -637,10 +751,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent1_perUnitStorageThroughp ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_persistent1DeploymentType(rName, 100), @@ -680,10 +798,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent2(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -711,10 +833,14 @@ func TestAccFSxLustreFileSystem_deploymentTypePersistent2_perUnitStorageThroughp ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_persistent2DeploymentType(rName, 250), @@ -750,10 +876,14 @@ func TestAccFSxLustreFileSystem_logConfig(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_log(rName, "ERROR_ONLY"), @@ -789,10 +919,14 @@ func TestAccFSxLustreFileSystem_rootSquashConfig(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_rootSquash(rName, "355534:64534"), @@ -828,10 +962,14 @@ func TestAccFSxLustreFileSystem_fromBackup(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs, "backup_id"}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "backup_id", + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup"}, }, }, }) @@ -860,10 +998,14 @@ func TestAccFSxLustreFileSystem_kmsKeyID(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_kmsKeyID2(rName), @@ -900,10 +1042,14 @@ func TestAccFSxLustreFileSystem_deploymentTypeScratch2(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -930,10 +1076,14 @@ func TestAccFSxLustreFileSystem_storageTypeHddDriveCacheRead(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -960,10 +1110,14 @@ func TestAccFSxLustreFileSystem_storageTypeHddDriveCacheNone(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -989,10 +1143,14 @@ func TestAccFSxLustreFileSystem_copyTagsToBackups(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, }, }) @@ -1018,10 +1176,14 @@ func TestAccFSxLustreFileSystem_autoImportPolicy(t *testing.T) { ), }, { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{names.AttrSecurityGroupIDs}, + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, }, { Config: testAccLustreFileSystemConfig_autoImportPolicy(rName, "", "NEW_CHANGED"), @@ -1117,6 +1279,26 @@ resource "aws_fsx_lustre_file_system" "test" { `) } +func testAccLustreFileSystemConfig_deleteConfig(rName, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccLustreFileSystemConfig_base(rName), fmt.Sprintf(` +resource "aws_fsx_lustre_file_system" "test" { + skip_final_backup = false + storage_capacity = 1200 + subnet_ids = aws_subnet.test[*].id + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + final_backup_tags { + key = %[1]q + value = %[2]q + } + final_backup_tags { + key = %[3]q + value = %[4]q + } +} +`, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} + func testAccLustreFileSystemConfig_exportPath(rName, exportPrefix string) string { return acctest.ConfigCompose(testAccLustreFileSystemConfig_base(rName), fmt.Sprintf(` resource "aws_s3_bucket" "test" { diff --git a/internal/service/fsx/openzfs_file_system.go b/internal/service/fsx/openzfs_file_system.go index d8933eba078d..bdc30f635a63 100644 --- a/internal/service/fsx/openzfs_file_system.go +++ b/internal/service/fsx/openzfs_file_system.go @@ -86,6 +86,14 @@ func resourceOpenZFSFileSystem() *schema.Resource { validation.StringMatch(regexache.MustCompile(`^([01]\d|2[0-3]):?([0-5]\d)$`), "must be in the format HH:MM"), ), }, + "delete_options": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.StringInSlice(fsx.DeleteFileSystemOpenZFSOption_Values(), false), + }, + }, "deployment_type": { Type: schema.TypeString, Required: true, @@ -127,6 +135,32 @@ func resourceOpenZFSFileSystem() *schema.Resource { Computed: true, ForceNew: true, }, + "final_backup_tags": { + Type: schema.TypeSet, + Optional: true, + MinItems: 1, + MaxItems: 50, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + names.AttrKey: { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(1, 128), + validation.StringMatch(regexache.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`), "must be a valid tag key"), + ), + }, + names.AttrValue: { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(0, 128), + validation.StringMatch(regexache.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`), "must be a valid tag value"), + ), + }, + }, + }, + }, names.AttrKMSKeyID: { Type: schema.TypeString, Optional: true, @@ -534,7 +568,13 @@ func resourceOpenZFSFileSystemUpdate(ctx context.Context, d *schema.ResourceData var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - if d.HasChangesExcept(names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "delete_options", + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { input := &fsx.UpdateFileSystemInput{ ClientRequestToken: aws.String(id.UniqueId()), FileSystemId: aws.String(d.Id()), @@ -633,13 +673,23 @@ func resourceOpenZFSFileSystemDelete(ctx context.Context, d *schema.ResourceData var diags diag.Diagnostics conn := meta.(*conns.AWSClient).FSxConn(ctx) - log.Printf("[DEBUG] Deleting FSx for OpenZFS File System: %s", d.Id()) - _, err := conn.DeleteFileSystemWithContext(ctx, &fsx.DeleteFileSystemInput{ + input := &fsx.DeleteFileSystemInput{ FileSystemId: aws.String(d.Id()), OpenZFSConfiguration: &fsx.DeleteFileSystemOpenZFSConfiguration{ SkipFinalBackup: aws.Bool(d.Get("skip_final_backup").(bool)), }, - }) + } + + if v, ok := d.GetOk("delete_options"); ok { + input.OpenZFSConfiguration.Options = flex.ExpandStringSet(v.(*schema.Set)) + } + + if v, ok := d.GetOk("final_backup_tags"); ok { + input.OpenZFSConfiguration.FinalBackupTags = expandFinalBackupTags(v.(*schema.Set)) + } + + log.Printf("[DEBUG] Deleting FSx for OpenZFS File System: %s", d.Id()) + _, err := conn.DeleteFileSystemWithContext(ctx, input) if tfawserr.ErrCodeEquals(err, fsx.ErrCodeFileSystemNotFound) { return diags diff --git a/internal/service/fsx/openzfs_file_system_test.go b/internal/service/fsx/openzfs_file_system_test.go index 9ce1b1ab0826..5ccf41478ce4 100644 --- a/internal/service/fsx/openzfs_file_system_test.go +++ b/internal/service/fsx/openzfs_file_system_test.go @@ -6,6 +6,7 @@ package fsx_test import ( "context" "fmt" + "os" "testing" "github.com/YakDriver/regexache" @@ -50,8 +51,8 @@ func TestAccFSxOpenZFSFileSystem_basic(t *testing.T) { acctest.MatchResourceAttrRegionalARN(resourceName, names.AttrARN, "fsx", regexache.MustCompile(`file-system/fs-.+`)), resource.TestCheckResourceAttr(resourceName, "automatic_backup_retention_days", acctest.Ct0), resource.TestCheckNoResourceAttr(resourceName, "backup_id"), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", acctest.CtFalse), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", "false"), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", "false"), resource.TestCheckResourceAttr(resourceName, "daily_automatic_backup_start_time", ""), resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.OpenZFSDeploymentTypeSingleAz1), resource.TestCheckResourceAttr(resourceName, "disk_iops_configuration.#", acctest.Ct1), @@ -72,13 +73,13 @@ func TestAccFSxOpenZFSFileSystem_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.#", acctest.Ct2), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.0", "rw"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.1", "crossmnt"), - resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", "false"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.record_size_kib", "128"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.user_and_group_quotas.#", acctest.Ct2), resource.TestCheckResourceAttrSet(resourceName, "root_volume_id"), resource.TestCheckResourceAttr(resourceName, "route_table_ids.#", acctest.Ct0), resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", acctest.Ct0), - resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "true"), resource.TestCheckResourceAttr(resourceName, "storage_capacity", "64"), resource.TestCheckResourceAttr(resourceName, names.AttrStorageType, fsx.StorageTypeSsd), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", acctest.Ct1), @@ -94,6 +95,8 @@ func TestAccFSxOpenZFSFileSystem_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -128,6 +131,8 @@ func TestAccFSxOpenZFSFileSystem_diskIops(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -181,7 +186,7 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { CheckDestroy: testAccCheckOpenZFSFileSystemDestroy(ctx), Steps: []resource.TestStep{ { - Config: testAccOpenZFSFileSystemConfig_rootVolume1(rName, "NONE", acctest.CtFalse, 128), + Config: testAccOpenZFSFileSystemConfig_rootVolume1(rName, "NONE", "false", 128), Check: resource.ComposeTestCheckFunc( testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem1), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.#", acctest.Ct1), @@ -192,7 +197,7 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.#", acctest.Ct2), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.0", "sync"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.1", "rw"), - resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", "false"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.record_size_kib", "128"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.user_and_group_quotas.#", acctest.Ct3), resource.TestCheckTypeSetElemNestedAttrs(resourceName, "root_volume_configuration.0.user_and_group_quotas.*", map[string]string{ @@ -218,11 +223,13 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, { - Config: testAccOpenZFSFileSystemConfig_rootVolume2(rName, "ZSTD", acctest.CtTrue, 256, 8), + Config: testAccOpenZFSFileSystemConfig_rootVolume2(rName, "ZSTD", "true", 256, 8), Check: resource.ComposeTestCheckFunc( testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem2), testAccCheckOpenZFSFileSystemNotRecreated(&filesystem1, &filesystem2), @@ -234,7 +241,7 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.#", acctest.Ct2), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.0", "async"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.1", "rw"), - resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", acctest.CtTrue), + resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", "true"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.record_size_kib", "8"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.user_and_group_quotas.#", acctest.Ct3), resource.TestCheckTypeSetElemNestedAttrs(resourceName, "root_volume_configuration.0.user_and_group_quotas.*", map[string]string{ @@ -255,7 +262,7 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { ), }, { - Config: testAccOpenZFSFileSystemConfig_rootVolume3Client(rName, "NONE", acctest.CtFalse, 128, 1024, 512), + Config: testAccOpenZFSFileSystemConfig_rootVolume3Client(rName, "NONE", "false", 128, 1024, 512), Check: resource.ComposeTestCheckFunc( testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem3), testAccCheckOpenZFSFileSystemNotRecreated(&filesystem1, &filesystem3), @@ -273,7 +280,7 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { "options.0": "sync", "options.1": "rw", }), - resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", "false"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.record_size_kib", "512"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.user_and_group_quotas.#", "6"), resource.TestCheckTypeSetElemNestedAttrs(resourceName, "root_volume_configuration.0.user_and_group_quotas.*", map[string]string{ @@ -309,13 +316,13 @@ func TestAccFSxOpenZFSFileSystem_rootVolume(t *testing.T) { ), }, { - Config: testAccOpenZFSFileSystemConfig_rootVolume4(rName, "NONE", acctest.CtFalse, 128, 1024), + Config: testAccOpenZFSFileSystemConfig_rootVolume4(rName, "NONE", "false", 128, 1024), Check: resource.ComposeTestCheckFunc( testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem1), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.#", acctest.Ct1), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.data_compression_type", "NONE"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.#", acctest.Ct0), - resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", "false"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.record_size_kib", "128"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.user_and_group_quotas.#", "6"), resource.TestCheckTypeSetElemNestedAttrs(resourceName, "root_volume_configuration.0.user_and_group_quotas.*", map[string]string{ @@ -379,6 +386,8 @@ func TestAccFSxOpenZFSFileSystem_securityGroupIDs(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -420,6 +429,8 @@ func TestAccFSxOpenZFSFileSystem_tags(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -459,13 +470,13 @@ func TestAccFSxOpenZFSFileSystem_copyTags(t *testing.T) { CheckDestroy: testAccCheckOpenZFSFileSystemDestroy(ctx), Steps: []resource.TestStep{ { - Config: testAccOpenZFSFileSystemConfig_copyTags(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtTrue), + Config: testAccOpenZFSFileSystemConfig_copyTags(rName, acctest.CtKey1, acctest.CtValue1, "true"), Check: resource.ComposeTestCheckFunc( testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem1), resource.TestCheckResourceAttr(resourceName, acctest.CtTagsPercent, acctest.Ct1), resource.TestCheckResourceAttr(resourceName, acctest.CtTagsKey1, acctest.CtValue1), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", acctest.CtTrue), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", acctest.CtTrue), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", "true"), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", "true"), ), }, { @@ -474,17 +485,19 @@ func TestAccFSxOpenZFSFileSystem_copyTags(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, { - Config: testAccOpenZFSFileSystemConfig_copyTags(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtFalse), + Config: testAccOpenZFSFileSystemConfig_copyTags(rName, acctest.CtKey1, acctest.CtValue1, "false"), Check: resource.ComposeTestCheckFunc( testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem2), testAccCheckOpenZFSFileSystemNotRecreated(&filesystem1, &filesystem2), resource.TestCheckResourceAttr(resourceName, acctest.CtTagsKey1, acctest.CtValue1), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", acctest.CtFalse), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", "false"), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", "false"), ), }, }, @@ -516,6 +529,8 @@ func TestAccFSxOpenZFSFileSystem_throughput(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -556,6 +571,8 @@ func TestAccFSxOpenZFSFileSystem_storageType(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -588,6 +605,8 @@ func TestAccFSxOpenZFSFileSystem_weeklyMaintenanceStartTime(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -628,6 +647,8 @@ func TestAccFSxOpenZFSFileSystem_automaticBackupRetentionDays(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -675,6 +696,8 @@ func TestAccFSxOpenZFSFileSystem_kmsKeyID(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -707,6 +730,8 @@ func TestAccFSxOpenZFSFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -747,6 +772,8 @@ func TestAccFSxOpenZFSFileSystem_throughputCapacity(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -787,6 +814,8 @@ func TestAccFSxOpenZFSFileSystem_storageCapacity(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -828,6 +857,8 @@ func TestAccFSxOpenZFSFileSystem_deploymentType(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -863,8 +894,8 @@ func TestAccFSxOpenZFSFileSystem_multiAZ(t *testing.T) { acctest.MatchResourceAttrRegionalARN(resourceName, names.AttrARN, "fsx", regexache.MustCompile(`file-system/fs-.+`)), resource.TestCheckResourceAttr(resourceName, "automatic_backup_retention_days", acctest.Ct0), resource.TestCheckNoResourceAttr(resourceName, "backup_id"), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", acctest.CtFalse), - resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_backups", "false"), + resource.TestCheckResourceAttr(resourceName, "copy_tags_to_volumes", "false"), resource.TestCheckResourceAttr(resourceName, "daily_automatic_backup_start_time", ""), resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.OpenZFSDeploymentTypeMultiAz1), resource.TestCheckResourceAttr(resourceName, "disk_iops_configuration.#", acctest.Ct1), @@ -885,13 +916,13 @@ func TestAccFSxOpenZFSFileSystem_multiAZ(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.#", acctest.Ct2), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.0", "rw"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.nfs_exports.0.client_configurations.0.options.1", "crossmnt"), - resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", acctest.CtFalse), + resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.read_only", "false"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.record_size_kib", "128"), resource.TestCheckResourceAttr(resourceName, "root_volume_configuration.0.user_and_group_quotas.#", acctest.Ct2), resource.TestCheckResourceAttrSet(resourceName, "root_volume_id"), resource.TestCheckResourceAttr(resourceName, "route_table_ids.#", acctest.Ct1), resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", acctest.Ct0), - resource.TestCheckResourceAttr(resourceName, "skip_final_backup", acctest.CtTrue), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "true"), resource.TestCheckResourceAttr(resourceName, "storage_capacity", "64"), resource.TestCheckResourceAttr(resourceName, names.AttrStorageType, fsx.StorageTypeSsd), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", acctest.Ct2), @@ -909,6 +940,8 @@ func TestAccFSxOpenZFSFileSystem_multiAZ(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -942,6 +975,8 @@ func TestAccFSxOpenZFSFileSystem_routeTableIDs(t *testing.T) { ImportStateVerify: true, ImportStateVerifyIgnore: []string{ names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", "skip_final_backup", }, }, @@ -966,6 +1001,66 @@ func TestAccFSxOpenZFSFileSystem_routeTableIDs(t *testing.T) { }) } +func TestAccFSxOpenZFSFileSystem_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + + if os.Getenv("FSX_CREATE_FINAL_BACKUP") != "true" { + t.Skip("Environment variable FSX_CREATE_FINAL_BACKUP is not set to true") + } + + var filesystem fsx.FileSystem + resourceName := "aws_fsx_openzfs_file_system.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckOpenZFSFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccOpenZFSFileSystemConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "delete_options.#", acctest.Ct1), + resource.TestCheckResourceAttr(resourceName, "delete_options.0", "DELETE_CHILD_VOLUMES_AND_SNAPSHOTS"), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.#", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.key", acctest.CtKey1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.value", acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.key", acctest.CtKey2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.value", acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "false"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + names.AttrSecurityGroupIDs, + "delete_options", + "final_backup_tags", + "skip_final_backup", + }, + }, + { + Config: testAccOpenZFSFileSystemConfig_deleteConfig(rName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, ""), + Check: resource.ComposeTestCheckFunc( + testAccCheckOpenZFSFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "delete_options.#", acctest.Ct1), + resource.TestCheckResourceAttr(resourceName, "delete_options.0", "DELETE_CHILD_VOLUMES_AND_SNAPSHOTS"), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.#", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.key", acctest.CtKey1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.value", acctest.CtValue1Updated), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.key", acctest.CtKey2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.value", ""), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "false"), + ), + }, + }, + }) +} + func testAccCheckOpenZFSFileSystemExists(ctx context.Context, n string, v *fsx.FileSystem) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -1044,6 +1139,7 @@ func testAccOpenZFSFileSystemConfig_baseMultiAZ(rName string) string { func testAccOpenZFSFileSystemConfig_basic(rName string) string { return acctest.ConfigCompose(testAccOpenZFSFileSystemConfig_baseSingleAZ(rName), ` resource "aws_fsx_openzfs_file_system" "test" { + skip_final_backup = true storage_capacity = 64 subnet_ids = aws_subnet.test[*].id deployment_type = "SINGLE_AZ_1" @@ -1659,3 +1755,24 @@ resource "aws_fsx_openzfs_file_system" "test" { } `, rName, n)) } + +func testAccOpenZFSFileSystemConfig_deleteConfig(rName, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccOpenZFSFileSystemConfig_baseSingleAZ(rName), fmt.Sprintf(` +resource "aws_fsx_openzfs_file_system" "test" { + skip_final_backup = false + storage_capacity = 64 + subnet_ids = aws_subnet.test[*].id + deployment_type = "SINGLE_AZ_1" + throughput_capacity = 64 + delete_options = ["DELETE_CHILD_VOLUMES_AND_SNAPSHOTS"] + final_backup_tags { + key = %[1]q + value = %[2]q + } + final_backup_tags { + key = %[3]q + value = %[4]q + } +} +`, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} diff --git a/internal/service/fsx/windows_file_system.go b/internal/service/fsx/windows_file_system.go index 0376e35ecf5d..5c8e9ddc82d5 100644 --- a/internal/service/fsx/windows_file_system.go +++ b/internal/service/fsx/windows_file_system.go @@ -165,6 +165,32 @@ func resourceWindowsFileSystem() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "final_backup_tags": { + Type: schema.TypeSet, + Optional: true, + MinItems: 1, + MaxItems: 50, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + names.AttrKey: { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(1, 128), + validation.StringMatch(regexache.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`), "must be a valid tag key"), + ), + }, + names.AttrValue: { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(0, 128), + validation.StringMatch(regexache.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`), "must be a valid tag value"), + ), + }, + }, + }, + }, names.AttrKMSKeyID: { Type: schema.TypeString, Optional: true, @@ -541,7 +567,13 @@ func resourceWindowsFileSystemUpdate(ctx context.Context, d *schema.ResourceData } } - if d.HasChangesExcept("aliases", names.AttrTags, names.AttrTagsAll) { + if d.HasChangesExcept( + "aliases", + "final_backup_tags", + "skip_final_backup", + names.AttrTags, + names.AttrTagsAll, + ) { input := &fsx.UpdateFileSystemInput{ ClientRequestToken: aws.String(id.UniqueId()), FileSystemId: aws.String(d.Id()), @@ -611,6 +643,10 @@ func resourceWindowsFileSystemDelete(ctx context.Context, d *schema.ResourceData }, } + if v, ok := d.GetOk("final_backup_tags"); ok { + input.WindowsConfiguration.FinalBackupTags = expandFinalBackupTags(v.(*schema.Set)) + } + log.Printf("[DEBUG] Deleting FSx for Windows File Server File System: %s", d.Id()) _, err := conn.DeleteFileSystemWithContext(ctx, input) diff --git a/internal/service/fsx/windows_file_system_test.go b/internal/service/fsx/windows_file_system_test.go index a52400729179..d1105dc194af 100644 --- a/internal/service/fsx/windows_file_system_test.go +++ b/internal/service/fsx/windows_file_system_test.go @@ -6,6 +6,7 @@ package fsx_test import ( "context" "fmt" + "os" "testing" "github.com/YakDriver/regexache" @@ -71,6 +72,7 @@ func TestAccFSxWindowsFileSystem_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -147,6 +149,7 @@ func TestAccFSxWindowsFileSystem_singleAz2(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -181,6 +184,7 @@ func TestAccFSxWindowsFileSystem_storageTypeHdd(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -231,6 +235,7 @@ func TestAccFSxWindowsFileSystem_multiAz(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -265,6 +270,7 @@ func TestAccFSxWindowsFileSystem_aliases(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -317,6 +323,7 @@ func TestAccFSxWindowsFileSystem_automaticBackupRetentionDays(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -366,6 +373,7 @@ func TestAccFSxWindowsFileSystem_copyTagsToBackups(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -407,6 +415,7 @@ func TestAccFSxWindowsFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -423,6 +432,62 @@ func TestAccFSxWindowsFileSystem_dailyAutomaticBackupStartTime(t *testing.T) { }) } +func TestAccFSxWindowsFileSystem_deleteConfig(t *testing.T) { + ctx := acctest.Context(t) + + if os.Getenv("FSX_CREATE_FINAL_BACKUP") != "true" { + t.Skip("Environment variable FSX_CREATE_FINAL_BACKUP is not set to true") + } + + var filesystem fsx.FileSystem + resourceName := "aws_fsx_windows_file_system.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + domainName := acctest.RandomDomainName() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckPartitionHasService(t, fsx.EndpointsID) }, + ErrorCheck: acctest.ErrorCheck(t, names.FSxServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckWindowsFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccWindowsFileSystemConfig_deleteConfig(rName, domainName, acctest.CtKey1, acctest.CtValue1, acctest.CtKey2, acctest.CtValue2), + Check: resource.ComposeTestCheckFunc( + testAccCheckWindowsFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.#", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.key", acctest.CtKey1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.value", acctest.CtValue1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.key", acctest.CtKey2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.value", acctest.CtValue2), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "false"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "final_backup_tags", + names.AttrSecurityGroupIDs, + "skip_final_backup", + }, + }, + { + Config: testAccWindowsFileSystemConfig_deleteConfig(rName, domainName, acctest.CtKey1, acctest.CtValue1Updated, acctest.CtKey2, ""), + Check: resource.ComposeTestCheckFunc( + testAccCheckWindowsFileSystemExists(ctx, resourceName, &filesystem), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.#", acctest.Ct2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.key", acctest.CtKey1), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.0.value", acctest.CtValue1Updated), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.key", acctest.CtKey2), + resource.TestCheckResourceAttr(resourceName, "final_backup_tags.1.value", ""), + resource.TestCheckResourceAttr(resourceName, "skip_final_backup", "false"), + ), + }, + }, + }) +} + func TestAccFSxWindowsFileSystem_kmsKeyID(t *testing.T) { ctx := acctest.Context(t) var filesystem1, filesystem2 fsx.FileSystem @@ -450,6 +515,7 @@ func TestAccFSxWindowsFileSystem_kmsKeyID(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -491,6 +557,7 @@ func TestAccFSxWindowsFileSystem_securityGroupIDs(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -532,8 +599,9 @@ func TestAccFSxWindowsFileSystem_selfManagedActiveDirectory(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ - names.AttrSecurityGroupIDs, + "final_backup_tags", "self_managed_active_directory", + names.AttrSecurityGroupIDs, "skip_final_backup", }, }, @@ -567,6 +635,7 @@ func TestAccFSxWindowsFileSystem_storageCapacity(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -609,9 +678,10 @@ func TestAccFSxWindowsFileSystem_fromBackup(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "backup_id", + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", - "backup_id", }, }, }, @@ -644,6 +714,7 @@ func TestAccFSxWindowsFileSystem_tags(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -696,6 +767,7 @@ func TestAccFSxWindowsFileSystem_throughputCapacity(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -737,6 +809,7 @@ func TestAccFSxWindowsFileSystem_weeklyMaintenanceStartTime(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -781,6 +854,7 @@ func TestAccFSxWindowsFileSystem_audit(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -835,6 +909,7 @@ func TestAccFSxWindowsFileSystem_diskIops(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "final_backup_tags", names.AttrSecurityGroupIDs, "skip_final_backup", }, @@ -1035,6 +1110,26 @@ resource "aws_fsx_windows_file_system" "test" { `, rName, dailyAutomaticBackupStartTime)) } +func testAccWindowsFileSystemConfig_deleteConfig(rName, domain, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2 string) string { + return acctest.ConfigCompose(testAccWindowsFileSystemConfig_base(rName, domain), fmt.Sprintf(` +resource "aws_fsx_windows_file_system" "test" { + active_directory_id = aws_directory_service_directory.test.id + skip_final_backup = false + storage_capacity = 32 + subnet_ids = [aws_subnet.test[0].id] + throughput_capacity = 8 + final_backup_tags { + key = %[1]q + value = %[2]q + } + final_backup_tags { + key = %[3]q + value = %[4]q + } +} +`, finalTagKey1, finalTagValue1, finalTagKey2, finalTagValue2)) +} + func testAccWindowsFileSystemConfig_kmsKeyID1(rName, domain string) string { return acctest.ConfigCompose(testAccWindowsFileSystemConfig_base(rName, domain), fmt.Sprintf(` resource "aws_kms_key" "test1" { diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index 420781b0d833..f925a5273d94 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -24,37 +24,57 @@ resource "aws_fsx_lustre_file_system" "example" { ## Argument Reference -This resource supports the following arguments: +The following arguments are required: -* `storage_capacity` - (Optional) The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup. * `subnet_ids` - (Required) A list of IDs for the subnets that the file system will be accessible from. File systems currently support only one subnet. The file server is also launched in that subnet's Availability Zone. + +The following arguments are optional: + +* `auto_import_policy` - (Optional) How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types. +* `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. * `backup_id` - (Optional) The ID of the source backup to create the filesystem from. +* `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false. +* `daily_automatic_backup_start_time` - (Optional) A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set. +* `drive_cache_type` - (Optional) - The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`. +* `data_compression_type` - (Optional) Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`. +* `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`. * `export_path` - (Optional) S3 URI (with optional prefix) where the root of your Amazon FSx file system is exported. Can only be specified with `import_path` argument and the path must use the same Amazon S3 bucket as specified in `import_path`. Set equal to `import_path` to overwrite files on export. Defaults to `s3://{IMPORT BUCKET}/FSxLustre{CREATION TIMESTAMP}`. Only supported on `PERSISTENT_1` deployment types. -* `import_path` - (Optional) S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types. +* `file_system_type_version` - (Optional) Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types. +* `final_backup_tags` - (Optional) List of tags to apply to the file system's final backup. Maximum of 50 items. See [`final_backup_tags` Block](#final_backup_tags-block) for details. + + **Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set. * `imported_file_chunk_size` - (Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. Can only be specified with `import_path` argument. Defaults to `1024`. Minimum of `1` and maximum of `512000`. Only supported on `PERSISTENT_1` deployment types. -* `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. -* `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. -* `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. -* `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`, `PERSISTENT_2`. +* `import_path` - (Optional) S3 URI (with optional prefix) that you're using as the data repository for your FSx for Lustre file system. For example, `s3://example-bucket/optional-prefix/`. Only supported on `PERSISTENT_1` deployment types. * `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest, applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Defaults to an AWS managed KMS Key. +* `log_configuration` - (Optional) The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. See [`log_configuration` Block](#log_configuration-block) for details. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Valid values for `PERSISTENT_1` deployment_type and `SSD` storage_type are 50, 100, 200. Valid values for `PERSISTENT_1` deployment_type and `HDD` storage_type are 12, 40. Valid values for `PERSISTENT_2` deployment_type and ` SSD` storage_type are 125, 250, 500, 1000. -* `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. +* `root_squash_configuration` - (Optional) The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. See [`root_squash_configuration` Block](#root_squash_configuration-block) for details. +* `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. +* `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `true`. + + **Note:** If the filesystem uses a Scratch deployment type, final backup during delete will always be skipped and this argument will not be used even when set. +* `storage_capacity` - (Optional) The storage capacity (GiB) of the file system. Minimum of `1200`. See more details at [Allowed values for Fsx storage capacity](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystem.html#FSx-CreateFileSystem-request-StorageCapacity). Update is allowed only for `SCRATCH_2`, `PERSISTENT_1` and `PERSISTENT_2` deployment types, See more details at [Fsx Storage Capacity Update](https://docs.aws.amazon.com/fsx/latest/APIReference/API_UpdateFileSystem.html#FSx-UpdateFileSystem-request-StorageCapacity). Required when not creating filesystem for a backup. * `storage_type` - (Optional) - The filesystem storage type. Either `SSD` or `HDD`, defaults to `SSD`. `HDD` is only supported on `PERSISTENT_1` deployment types. -* `drive_cache_type` - (Optional) - The type of drive cache used by `PERSISTENT_1` filesystems that are provisioned with `HDD` storage_type. Required for `HDD` storage_type, set to either `READ` or `NONE`. -* `daily_automatic_backup_start_time` - (Optional) A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. only valid for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. Requires `automatic_backup_retention_days` to be set. -* `auto_import_policy` - (Optional) How Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. see [Auto Import Data Repo](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) for more details. Only supported on `PERSISTENT_1` deployment types. -* `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the file system should be copied to backups. Applicable for `PERSISTENT_1` and `PERSISTENT_2` deployment_type. The default value is false. -* `data_compression_type` - (Optional) Sets the data compression configuration for the file system. Valid values are `LZ4` and `NONE`. Default value is `NONE`. Unsetting this value reverts the compression type back to `NONE`. -* `file_system_type_version` - (Optional) Sets the Lustre version for the file system that you're creating. Valid values are 2.10 for `SCRATCH_1`, `SCRATCH_2` and `PERSISTENT_1` deployment types. Valid values for 2.12 include all deployment types. -* `log_configuration` - (Optional) The Lustre logging configuration used when creating an Amazon FSx for Lustre file system. When logging is enabled, Lustre logs error and warning events for data repositories associated with your file system to Amazon CloudWatch Logs. -* `root_squash_configuration` - (Optional) The Lustre root squash configuration used when creating an Amazon FSx for Lustre file system. When enabled, root squash restricts root-level access from clients that try to access your file system as a root user. +* `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. +* `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. + +### `final_backup_tags` Block + +The `final_backup_tags` configuration block supports the following arguments: + +* `key` - (Required) The name of the tag. +* `value` - (Required) The value assigned to the corresponding tag key. To create a key-only tag, use an empty string as the value. -### log_configuration +### `log_configuration` Block + +The `log_configuration` configuration block supports the following arguments: * `destination` - (Optional) The Amazon Resource Name (ARN) that specifies the destination of the logs. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. If you do not provide a destination, Amazon FSx will create and use a log stream in the CloudWatch Logs `/aws/fsx/lustre` log group. * `level` - (Optional) Sets which data repository events are logged by Amazon FSx. Valid values are `WARN_ONLY`, `FAILURE_ONLY`, `ERROR_ONLY`, `WARN_ERROR` and `DISABLED`. Default value is `DISABLED`. -### root_squash_configuration +### `root_squash_configuration` Block + +The `root_squash_configuration` configuration block supports the following arguments: * `no_squash_nids` - (Optional) When root squash is enabled, you can optionally specify an array of NIDs of clients for which root squash does not apply. A client NID is a Lustre Network Identifier used to uniquely identify a client. You can specify the NID as either a single address or a range of addresses: 1. A single address is described in standard Lustre NID format by specifying the client’s IP address followed by the Lustre network ID (for example, 10.0.1.6@tcp). 2. An address range is described using a dash to separate the range (for example, 10.0.[2-10].[1-255]@tcp). * `root_squash` - (Optional) You enable root squash by setting a user ID (UID) and group ID (GID) for the file system in the format UID:GID (for example, 365534:65534). The UID and GID values can range from 0 to 4294967294. @@ -66,8 +86,8 @@ This resource exports the following attributes in addition to the arguments abov * `arn` - Amazon Resource Name of the file system. * `dns_name` - DNS name for the file system, e.g., `fs-12345678.fsx.us-west-2.amazonaws.com` * `id` - Identifier of the file system, e.g., `fs-12345678` -* `network_interface_ids` - Set of Elastic Network Interface identifiers from which the file system is accessible. As explained in the [documentation](https://docs.aws.amazon.com/fsx/latest/LustreGuide/mounting-on-premises.html), the first network interface returned is the primary network interface. * `mount_name` - The value to be used when mounting the filesystem. +* `network_interface_ids` - Set of Elastic Network Interface identifiers from which the file system is accessible. As explained in the [documentation](https://docs.aws.amazon.com/fsx/latest/LustreGuide/mounting-on-premises.html), the first network interface returned is the primary network interface. * `owner_id` - AWS account identifier that created the file system. * `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). * `vpc_id` - Identifier of the Virtual Private Cloud for the file system. diff --git a/website/docs/r/fsx_openzfs_file_system.html.markdown b/website/docs/r/fsx_openzfs_file_system.html.markdown index ca14db229fe9..b5030240c6e4 100644 --- a/website/docs/r/fsx_openzfs_file_system.html.markdown +++ b/website/docs/r/fsx_openzfs_file_system.html.markdown @@ -24,22 +24,27 @@ resource "aws_fsx_openzfs_file_system" "test" { ## Argument Reference -This resource supports the following arguments: +The following arguments are required: -* `deployment_type` - (Required) - The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`. +* `deployment_type` - (Required) The filesystem deployment type. Valid values: `SINGLE_AZ_1`, `SINGLE_AZ_2` and `MULTI_AZ_1`. * `storage_capacity` - (Required) The storage capacity (GiB) of the file system. Valid values between `64` and `524288`. * `subnet_ids` - (Required) A list of IDs for the subnets that the file system will be accessible from. * `throughput_capacity` - (Required) Throughput (MB/s) of the file system. Valid values depend on `deployment_type`. Must be one of `64`, `128`, `256`, `512`, `1024`, `2048`, `3072`, `4096` for `SINGLE_AZ_1`. Must be one of `160`, `320`, `640`, `1280`, `2560`, `3840`, `5120`, `7680`, `10240` for `SINGLE_AZ_2`. + +The following arguments are optional: + * `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. * `backup_id` - (Optional) The ID of the source backup to create the filesystem from. * `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. * `copy_tags_to_volumes` - (Optional) A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false. * `daily_automatic_backup_start_time` - (Optional) A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. For example, 05:00 specifies 5 AM daily. Requires `automatic_backup_retention_days` to be set. -* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See [Disk Iops Configuration](#disk-iops-configuration) below. +* `delete_options` - (Optional) List of delete options, which at present supports only one value that specifies whether to delete all child volumes and snapshots when the file system is deleted. Valid values: `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS`. +* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for OpenZFS file system. See [`disk_iops_configuration` Block](#disk_iops_configuration-block) for details. * `endpoint_ip_address_range` - (Optional) (Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. +* `final_backup_tags` - (Optional) List of tags to apply to the file system's final backup. Maximum of 50 items. See [`final_backup_tags` Block](#final_backup_tags-block) for details. * `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key. * `preferred_subnet_id` - (Optional) (Multi-AZ only) Required when `deployment_type` is set to `MULTI_AZ_1`. This specifies the subnet in which you want the preferred file server to be located. -* `root_volume_configuration` - (Optional) The configuration for the root volume of the file system. All other volumes are children or the root volume. See [Root Volume Configuration](#root-volume-configuration) below. +* `root_volume_configuration` - (Optional) The configuration for the root volume of the file system. All other volumes are children or the root volume. See [`root_volume_configuration` Block](#root_volume_configuration-block) for details. * `route_table_ids` - (Optional) (Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table. * `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. * `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`. @@ -47,34 +52,51 @@ This resource supports the following arguments: * `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. -### Disk Iops Configuration +### `disk_iops_configuration` Block + +The `disk_iops_configuration` configuration block supports the following arguments: + +* `iops` - (Optional) The total number of SSD IOPS provisioned for the file system. +* `mode` - (Optional) Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. + +### `final_backup_tags` Block + +The `final_backup_tags` configuration block supports the following arguments: -* `iops` - (Optional) - The total number of SSD IOPS provisioned for the file system. -* `mode` - (Optional) - Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. +* `key` - (Required) The name of the tag. +* `value` - (Required) The value assigned to the corresponding tag key. To create a key-only tag, use an empty string as the value. -### Root Volume Configuration +### `root_volume_configuration` Block -* `copy_tags_to_snapshots` - (Optional) - A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false. -* `data_compression_type` - (Optional) - Method used to compress the data on the volume. Valid values are `LZ4`, `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume. -* `nfs_exports` - (Optional) - NFS export configuration for the root volume. Exactly 1 item. See [NFS Exports](#nfs-exports) Below. -* `read_only` - (Optional) - specifies whether the volume is read-only. Default is false. -* `record_size_kib` - (Optional) - Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB. -* `user_and_group_quotas` - (Optional) - Specify how much storage users or groups can use on the volume. Maximum of 100 items. See [User and Group Quotas](#user-and-group-quotas) Below. +The `root_volume_configuration` configuration block supports the following arguments: -### NFS Exports +* `copy_tags_to_snapshots` - (Optional) A boolean flag indicating whether tags for the file system should be copied to snapshots. The default value is false. +* `data_compression_type` - (Optional) Method used to compress the data on the volume. Valid values are `LZ4`, `NONE` or `ZSTD`. Child volumes that don't specify compression option will inherit from parent volume. This option on file system applies to the root volume. +* `nfs_exports` - (Optional) NFS export configuration for the root volume. Exactly 1 item. See [`nfs_exports` Block](#nfs_exports-block) for details. +* `read_only` - (Optional) specifies whether the volume is read-only. Default is false. +* `record_size_kib` - (Optional) Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are `4`, `8`, `16`, `32`, `64`, `128`, `256`, `512`, or `1024` KiB. The default is `128` KiB. +* `user_and_group_quotas` - (Optional) Specify how much storage users or groups can use on the volume. Maximum of 100 items. See [`user_and_group_quotas` Block](#user_and_group_quotas-block) for details. -* `client_configurations` - (Required) - A list of configuration objects that contain the client and options for mounting the OpenZFS file system. Maximum of 25 items. See [Client Configurations](#client configurations) Below. +### `nfs_exports` Block -### Client Configurations +The `nfs_exports` configuration block supports the following arguments: -* `clients` - (Required) - A value that specifies who can mount the file system. You can provide a wildcard character (*), an IP address (0.0.0.0), or a CIDR address (192.0.2.0/24. By default, Amazon FSx uses the wildcard character when specifying the client. -* `options` - (Required) - The options to use when mounting the file system. Maximum of 20 items. See the [Linix NFS exports man page](https://linux.die.net/man/5/exports) for more information. `crossmount` and `sync` are used by default. +* `client_configurations` - (Required) A list of configuration objects that contain the client and options for mounting the OpenZFS file system. Maximum of 25 items. See [`client_configurations` Block](#client_configurations-block) for details. -### User and Group Quotas +### `client_configurations` Block -* `id` - (Required) - The ID of the user or group. Valid values between `0` and `2147483647` -* `storage_capacity_quota_gib` - (Required) - The amount of storage that the user or group can use in gibibytes (GiB). Valid values between `0` and `2147483647` -* `type` - (Required) - A value that specifies whether the quota applies to a user or group. Valid values are `USER` or `GROUP`. +The `client_configurations` configuration block supports the following arguments: + +* `clients` - (Required) A value that specifies who can mount the file system. You can provide a wildcard character (*), an IP address (0.0.0.0), or a CIDR address (192.0.2.0/24. By default, Amazon FSx uses the wildcard character when specifying the client. +* `options` - (Required) The options to use when mounting the file system. Maximum of 20 items. See the [Linix NFS exports man page](https://linux.die.net/man/5/exports) for more information. `crossmount` and `sync` are used by default. + +### `user_and_group_quotas` Block + +The `user_and_group_quotas` configuration block supports the following arguments: + +* `id` - (Required) The ID of the user or group. Valid values between `0` and `2147483647` +* `storage_capacity_quota_gib` - (Required) The amount of storage that the user or group can use in gibibytes (GiB). Valid values between `0` and `2147483647` +* `type` - (Required) A value that specifies whether the quota applies to a user or group. Valid values are `USER` or `GROUP`. ## Attribute Reference @@ -85,8 +107,8 @@ This resource exports the following attributes in addition to the arguments abov * `endpoint_ip_address` - IP address of the endpoint that is used to access data or to manage the file system. * `id` - Identifier of the file system, e.g., `fs-12345678` * `network_interface_ids` - Set of Elastic Network Interface identifiers from which the file system is accessible The first network interface returned is the primary network interface. -* `root_volume_id` - Identifier of the root volume, e.g., `fsvol-12345678` * `owner_id` - AWS account identifier that created the file system. +* `root_volume_id` - Identifier of the root volume, e.g., `fsvol-12345678` * `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). * `vpc_id` - Identifier of the Virtual Private Cloud for the file system. diff --git a/website/docs/r/fsx_windows_file_system.html.markdown b/website/docs/r/fsx_windows_file_system.html.markdown index d8ad576f02d5..96cf67c2f5d2 100644 --- a/website/docs/r/fsx_windows_file_system.html.markdown +++ b/website/docs/r/fsx_windows_file_system.html.markdown @@ -59,29 +59,47 @@ The following arguments are optional: * `active_directory_id` - (Optional) The ID for an existing Microsoft Active Directory instance that the file system should join when it's created. Cannot be specified with `self_managed_active_directory`. * `aliases` - (Optional) An array DNS alias names that you want to associate with the Amazon FSx file system. For more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) -* `audit_log_configuration` - (Optional) The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See [Audit Log Configuration](#audit-log-configuration) below. +* `audit_log_configuration` - (Optional) The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system. See [`audit_log_configuration` Block](#audit_log_configuration-block) for details. * `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Minimum of `0` and maximum of `90`. Defaults to `7`. Set to `0` to disable. * `backup_id` - (Optional) The ID of the source backup to create the filesystem from. * `copy_tags_to_backups` - (Optional) A boolean flag indicating whether tags on the file system should be copied to backups. Defaults to `false`. * `daily_automatic_backup_start_time` - (Optional) The preferred time (in `HH:MM` format) to take daily automatic backups, in the UTC time zone. * `deployment_type` - (Optional) Specifies the file system deployment type, valid values are `MULTI_AZ_1`, `SINGLE_AZ_1` and `SINGLE_AZ_2`. Default value is `SINGLE_AZ_1`. -* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See [Disk Iops Configuration](#disk-iops-configuration) below. +* `disk_iops_configuration` - (Optional) The SSD IOPS configuration for the Amazon FSx for Windows File Server file system. See [`disk_iops_configuration` Block](#disk_iops_configuration-block) for details. +* `final_backup_tags` - (Optional) List of tags to apply to the file system's final backup. Maximum of 50 items. See [`final_backup_tags` Block](#final_backup_tags-block) for details. * `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key. * `preferred_subnet_id` - (Optional) Specifies the subnet in which you want the preferred file server to be located. Required for when deployment type is `MULTI_AZ_1`. * `security_group_ids` - (Optional) A list of IDs for the security groups that apply to the specified network interfaces created for file system access. These security groups will apply to all network interfaces. -* `self_managed_active_directory` - (Optional) Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See [Self-Managed Active Directory](#self-managed-active-directory) below. +* `self_managed_active_directory` - (Optional) Configuration block that Amazon FSx uses to join the Windows File Server instance to your self-managed (including on-premises) Microsoft Active Directory (AD) directory. Cannot be specified with `active_directory_id`. See [`self_managed_active_directory` Block](#self_managed_active_directory-block) for details. * `skip_final_backup` - (Optional) When enabled, will skip the default final backup taken when the file system is deleted. This configuration must be applied separately before attempting to delete the resource to have the desired behavior. Defaults to `false`. * `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. * `storage_capacity` - (Optional) Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536. If the storage type is set to `HDD` the minimum value is 2000. Required when not creating filesystem for a backup. * `storage_type` - (Optional) Specifies the storage type, Valid values are `SSD` and `HDD`. `HDD` is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types. Default value is `SSD`. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. -### Disk Iops Configuration +### `audit_log_configuration` Block -* `iops` - (Optional) - The total number of SSD IOPS provisioned for the file system. -* `mode` - (Optional) - Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. +The `audit_log_configuration` configuration block supports the following arguments: -### Self-Managed Active Directory +* `audit_log_destination` - (Optional) The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN. Can be specified when `file_access_audit_log_level` and `file_share_access_audit_log_level` are not set to `DISABLED`. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehouse delivery stream must begin with the `aws-fsx` prefix. If you do not provide a destination in `audit_log_destionation`, Amazon FSx will create and use a log stream in the CloudWatch Logs /aws/fsx/windows log group. +* `file_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file and folder accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. +* `file_share_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file share accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. + +### `disk_iops_configuration` Block + +The `disk_iops_configuration` configuration block supports the following arguments: + +* `iops` - (Optional) The total number of SSD IOPS provisioned for the file system. +* `mode` - (Optional) Specifies whether the number of IOPS for the file system is using the system. Valid values are `AUTOMATIC` and `USER_PROVISIONED`. Default value is `AUTOMATIC`. + +### `final_backup_tags` Block + +The `final_backup_tags` configuration block supports the following arguments: + +* `key` - (Required) The name of the tag. +* `value` - (Required) The value assigned to the corresponding tag key. To create a key-only tag, use an empty string as the value. + +### `self_managed_active_directory` Block The `self_managed_active_directory` configuration block supports the following arguments: @@ -92,12 +110,6 @@ The `self_managed_active_directory` configuration block supports the following a * `file_system_administrators_group` - (Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, and setting audit controls (audit ACLs) on files and folders. The group that you specify must already exist in your domain. Defaults to `Domain Admins`. * `organizational_unit_distinguished_name` - (Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory that the Windows File Server instance will join. For example, `OU=FSx,DC=yourdomain,DC=corp,DC=com`. Only accepts OU as the direct parent of the file system. If none is provided, the FSx file system is created in the default location of your self-managed AD directory. To learn more, see [RFC 2253](https://tools.ietf.org/html/rfc2253). -### Audit Log Configuration - -* `audit_log_destination` - (Optional) The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN. Can be specified when `file_access_audit_log_level` and `file_share_access_audit_log_level` are not set to `DISABLED`. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehouse delivery stream must begin with the `aws-fsx` prefix. If you do not provide a destination in `audit_log_destionation`, Amazon FSx will create and use a log stream in the CloudWatch Logs /aws/fsx/windows log group. -* `file_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file and folder accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. -* `file_share_access_audit_log_level` - (Optional) Sets which attempt type is logged by Amazon FSx for file share accesses. Valid values are `SUCCESS_ONLY`, `FAILURE_ONLY`, `SUCCESS_AND_FAILURE`, and `DISABLED`. Default value is `DISABLED`. - ## Attribute Reference This resource exports the following attributes in addition to the arguments above: