Merge pull request #65 from NetApp/kerensMac

Kerens mac
NetApp · Jan 29, 2024 · 01fd102 · 01fd102
2 parents 531222e + 591e29a
commit 01fd102
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 11 deletions.
diff --git a/Terraform/deploy-fsx-ontap/README.md b/Terraform/deploy-fsx-ontap/README.md
@@ -204,7 +204,7 @@ terraform apply -y
 | disk_iops_configuration | The SSD IOPS configuration for the Amazon FSx for NetApp ONTAP file system | `map(any)` | <pre>{<br>  "iops": 3000,<br>  "mode": "AUTOMATIC"<br>}</pre> | no |
 | fsx_capacity_size_gb | The storage capacity (GiB) of the FSxN file system. Valid values between 1024 and 196608 | `number` | `1024` | no |
 | fsx_deploy_type | The filesystem deployment type. Supports MULTI_AZ_1 and SINGLE_AZ_1 | `string` | `"SINGLE_AZ_1"` | no |
-| fsx_maintenance_start_time | The preferred start time (in d:HH:MM format) to perform weekly maintenance, in the UTC time zone. | `string` | `"00:00:00"` | no |
+| fsx_maintenance_start_time | The preferred start time (in d:HH:MM format) to perform weekly maintenance, in the UTC time zone. | `string` | `"1:00:00"` | no |
 | fsx_name | The deployed filesystem name | `string` | `"terraform-fsxn"` | no |
 | fsx_subnets | The IDs of the subnets fro which the FSxN filesystem will be assigned IP addresses | `map(any)` | <pre>{<br>  "primarysub": "",<br>  "secondarysub": ""<br>}</pre> | no |
 | fsx_tput_in_MBps | The throughput capacity (in MBps) for the file system. Valid values are 128, 256, 512, 1024, 2048, and 4096. | `number` | `256` | no |

diff --git a/Terraform/deploy-fsx-ontap/main.tf b/Terraform/deploy-fsx-ontap/main.tf
@@ -1,3 +1,5 @@
+// TODO add SG rule for SnapMirror
+
 # Copyright (c) NetApp, Inc.
 # SPDX-License-Identifier: Apache-2.0
 
@@ -22,15 +24,15 @@ resource "aws_security_group" "fsx_sg" {
 
 resource "aws_vpc_security_group_ingress_rule" "all_icmp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "Allow all ICMP traffic"
   cidr_ipv4         = "0.0.0.0/0"
   ip_protocol       = "icmp"
 }
 
 resource "aws_vpc_security_group_ingress_rule" "nfs_tcp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "Remote procedure call for NFS"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 111
@@ -40,7 +42,7 @@ resource "aws_vpc_security_group_ingress_rule" "nfs_tcp" {
 
 resource "aws_vpc_security_group_ingress_rule" "nfs_udp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "Remote procedure call for NFS"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 111
@@ -50,7 +52,7 @@ resource "aws_vpc_security_group_ingress_rule" "nfs_udp" {
 
 resource "aws_vpc_security_group_ingress_rule" "cifs" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "NetBIOS service session for CIFS"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 139
@@ -60,7 +62,7 @@ resource "aws_vpc_security_group_ingress_rule" "cifs" {
 
 resource "aws_vpc_security_group_ingress_rule" "snmp_tcp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "Simple network management protocol for log collection"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 161
@@ -70,7 +72,7 @@ resource "aws_vpc_security_group_ingress_rule" "snmp_tcp" {
 
 resource "aws_vpc_security_group_ingress_rule" "snmp_udp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "Simple network management protocol for log collection"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 161
@@ -80,7 +82,7 @@ resource "aws_vpc_security_group_ingress_rule" "snmp_udp" {
 
 resource "aws_vpc_security_group_ingress_rule" "smb_cifs" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "Microsoft SMB/CIFS over TCP with NetBIOS framing"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 445
@@ -90,7 +92,7 @@ resource "aws_vpc_security_group_ingress_rule" "smb_cifs" {
 
 resource "aws_vpc_security_group_ingress_rule" "nfs_mount_tcp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "NFS mount"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 635
@@ -100,7 +102,7 @@ resource "aws_vpc_security_group_ingress_rule" "nfs_mount_tcp" {
 
 resource "aws_vpc_security_group_ingress_rule" "nfs_mount_udp" {
   count             = var.create_sg ? 1 : 0
-  security_group_id = aws_security_group.fsx_sg[count.index]
+  security_group_id = aws_security_group.fsx_sg[count.index].id
   description       = "NFS mount"
   cidr_ipv4         = var.cidr_for_sg
   from_port         = 635

diff --git a/Terraform/deploy-fsx-ontap/variables.tf b/Terraform/deploy-fsx-ontap/variables.tf
@@ -52,7 +52,7 @@ variable "fsx_tput_in_MBps" {
 variable "fsx_maintenance_start_time" {
   description = "The preferred start time (in d:HH:MM format) to perform weekly maintenance, in the UTC time zone."
   type        = string
-  default     = "00:00:00"
+  default     = "1:00:00"
 }
 
 variable "kms_key_id" {