Some minor updates.

Author: kcantrel

Terraform/deploy-fsx-ontap/module/README.md

@@ -133,9 +133,9 @@ module "fsxontap" {
         primarysub   = "<YOUR-PRIMARY-SUBNET>"
         secondarysub = "<YOUR-SECONDAY-SUBNET>"
     }
-    create_sg = <true / false> // true to create Security Group for the Fs / false otherwise
+    create_sg = true // true to create Security Group for the Fs / false otherwise
     cidr_for_sg = "<YOUR-CIDR-BLOCK>"
-    fsx_admin_password = "<YOUR_PASSWORD>"
+    fsx_secret_name = "<YOUR_SECRET>" // The name of a secret in AWS Secrets Manager that contains the FSxN admin password.
     tags = {
         Terraform   = "true"
         Environment = "dev"
@@ -147,7 +147,7 @@ module "fsxontap" {
 > To Override default values assigned to other variables in this module, add them to this source block as well. The above source block includes the minimum requirements only.
 
 > [!NOTE]
-> The default deployment type is: MULTI_AZ_1. For SINGLE AZ deployment, override the `fsx_deploy_type` variable in the module block, and make sure to only provide one subnet as `primarysub`
+> The default deployment type is: MULTI_AZ_1. For SINGLE AZ deployment, set the `fsx_deploy_type` variable to SINGLE_AZ_1 in the module block.
 
 Please read the vriables descriptions in `variables.tf` file for more information regarding the variables passed to the module block.
 
@@ -166,31 +166,29 @@ terraform {
 }
 
 provider "aws" {
-    shared_config_files      = ["$HOME/.aws/conf"]
-    shared_credentials_files = ["$HOME/.aws/credentials"]
     region = "us-west-2"
 }
 
 
 module "fsxontap" {
     source = "github.com/Netapp/FSx-ONTAP-samples-scripts/Terraform/deploy-fsx-ontap/module"
 
+    name = "fsxontap"
+
     vpc_id = "vpc-111111111"
     fsx_subnets = {
         "primarysub" = "subnet-11111111"
         "secondarysub" = "subnet-2222222"
     }
     create_sg = true
     cidr_for_sg = "10.0.0.0/8"
-    fsx_admin_password = "yourpassword"
+    fsx_secret_name = "fsx_secret"
     route_table_ids = ["rtb-111111"]
     tags = {
         Terraform   = "true"
         Environment = "dev"
     }
 }
-
-
 ```
 
 ### Install the module
@@ -240,7 +238,7 @@ Ensure that the proposed changes match what you expected before you apply the ch
 
 Once confirmed, run the `terraform apply` command followed by `yes` to execute the Terrafom code and apply the changes proposed in the `plan` step:
 ```shell
-terraform apply -y
+terraform apply
 ```
 
 <!-- BEGIN_TF_DOCS -->

Terraform/deploy-fsx-ontap/module/main.tf

@@ -28,7 +28,7 @@ resource "aws_fsx_ontap_file_system" "terraform-fsxn" {
   daily_automatic_backup_start_time = var.daily_backup_start_time
   fsx_admin_password                = data.aws_secretsmanager_secret_version.fsx_password.secret_string
   route_table_ids                   = (var.fsx_deploy_type == "MULTI_AZ_1" ? var.route_table_ids : null)
-  tags                              = var.tags
+  tags                              = merge(var.tags, {Name = var.fsx_name })
   dynamic "disk_iops_configuration" {
     for_each = length(var.disk_iops_configuration) > 0 ? [var.disk_iops_configuration] : []
 
@@ -57,7 +57,6 @@ resource "aws_fsx_ontap_storage_virtual_machine" "mysvm" {
 
   // OPTIONAL PARAMETERS
   root_volume_security_style = var.root_vol_sec_style
-  # active_directory_configuration {}
 }
 
 resource "aws_fsx_ontap_volume" "myvol" {
@@ -74,12 +73,10 @@ resource "aws_fsx_ontap_volume" "myvol" {
     name           = var.vol_info["tier_policy_name"]
     cooling_period = var.vol_info["cooling_period"]
   }
-  bypass_snaplock_enterprise_retention = var.vol_info["bypass_sl_retention"]
-  copy_tags_to_backups                 = var.vol_info["copy_tags_to_backups"]
-  security_style                       = var.vol_info["sec_style"]
-  skip_final_backup                    = var.vol_info["skip_final_backup"]
-  # snaplock_configuration {}
-  # snapshot_policy {}
+  copy_tags_to_backups       = var.vol_info["copy_tags_to_backups"]
+  security_style             = var.vol_info["sec_style"]
+  skip_final_backup          = var.vol_info["skip_final_backup"]
+  snapshot_policy            = var.vol_info["snapshot_policy"]
 }
 #
 # The next two data blocks retrieve the secret from Secrets Manager.

Terraform/deploy-fsx-ontap/module/variables.tf

@@ -1,23 +1,23 @@
-/*
- * If you want to set the nam eof your FSxN file system, you must set a "Name"
- * tag equal to the desired name. Feel free to add additional tags as needed.
- */
 variable "tags" {
-  description = "Tags to be applied to the resources"
+  description = "Tags to be applied to the FSxN file system."
   type        = map(any)
-  default = {
-     "Name" = "terraform-fsxn"
-  }
+  default = {}
+}
+
+variable "fsx_name" {
+  description = "The name to assigne to the FSxN file system."
+  type        = string
+  default     = "fsx1"
 }
 
 variable "create_sg" {
-  description = "Determines whether the SG should be deployed as part of this execution or not"
+  description = "Determines whether the SG should be deployed as part of this deployment or not."
   type        = bool
   default     = true
 }
 
 variable "security_group_id" {
-  description = "If you are not creating the SG, provide the ID of the SG to be used"
+  description = "If you are not creating the security group, provide the ID of the security group to be used."
   type        = string
   default     = ""
 }
@@ -41,20 +41,16 @@ variable "source_security_group_id" {
 }
 
 variable "vpc_id" {
-  description = "The ID of the VPC in which the FSxN fikesystem should be deployed"
+  description = "The ID of the VPC in where the security group will be created."
   type        = string
   default     = ""
-  validation  {
-    condition = var.vpc_id != ""
-    error_message = "You must provide the ID of the VPC in which the FSxN file system should be deployed."
-  }
 }
 
 variable "fsx_subnets" {
   description = "The subnets from where the file system will be accessible from. For MULTI_AZ_1 deployment type, provide both primvary and secondary subnets. For SINGLE_AZ_1 deployment type, only the primary subnet is used."
   type        = map(string)
   default = {
-       "primarysub" = "subnet-111111111"
+       "primarysub"   = "subnet-111111111"
        "secondarysub" = "subnet-222222222"
   }
 }
@@ -105,6 +101,10 @@ variable "backup_retention_days" {
   description = "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days."
   type        = number
   default     = 0
+  validation {
+    condition = var.backup_retention_days >= 0 && var.backup_retention_days <= 90
+    error_message = "Invalid backup retention days. Valid values are between 0 and 90."
+  }
 }
 
 variable "daily_backup_start_time" {
@@ -120,7 +120,7 @@ variable "disk_iops_configuration" {
 }
 
 variable "fsx_secret_name" {
-  description = "The name of the secure where the FSxN passwood is stored"
+  description = "The name of the secure where the FSxN passwood is stored."
   type        = string
   default     = ""
   validation {
@@ -136,7 +136,7 @@ variable "route_table_ids" {
 }
 
 variable "svm_name" {
-  description = "The name of the Storage Virtual Machine"
+  description = "The name of the Storage Virtual Machine, (a.k.a. vserver)."
   type        = string
   default     = "first_svm"
 }
@@ -151,17 +151,17 @@ variable "vol_info" {
   description = "Details for the volume creation"
   type = map(any)
   default = {
-   "vol_name"              = "vol1"
-   "junction_path"         = "/vol1"
-	 "size_mg"               = 1024
-	 "efficiency"            = true
-	 "tier_policy_name"      = "AUTO"
-	 "cooling_period"        = 31
+    "vol_name"              = "vol1"
+    "junction_path"         = "/vol1"
+    "size_mg"               = 1024
+    "efficiency"            = true
+    "tier_policy_name"      = "AUTO"
+    "cooling_period"        = 31
     "vol_type"             = "RW"
-    "bypass_sl_retention"  = false
     "copy_tags_to_backups" = false
     "sec_style"            = "UNIX"
     "skip_final_backup"    = false
+    "snapshot_policy"      = "default"
   }
 }
 

Terraform/deploy-fsx-ontap/standalone-module/variables.tf

@@ -81,7 +81,7 @@ variable "vol_info" {
 }
 
 variable "vpc_id" {
-   description = "The ID of the VPC in which the FSxN fikesystem should be deployed"
+   description = "The ID of the VPC in which the security group will be created."
    type        = string
    default     = "vpc-11111111"
 }