From c0a332aad495466c044249509b3daf051b58dd30 Mon Sep 17 00:00:00 2001 From: Keith Cantrell Date: Mon, 6 Apr 2026 17:10:50 -0500 Subject: [PATCH 1/6] Added CIFS Share examples. --- .../Ansible/Volume_Management/README.md | 16 ++- .../Volume_Management/create_volume.yaml | 1 + .../create_volume_and_share.yaml | 118 ++++++++++++++++ .../delete_volume_and_share.yaml | 118 ++++++++++++++++ .../Terraform/Miscellaneous/README.md | 22 +++ .../Miscellaneous/create_cifs_share.tf | 133 ++++++++++++++++++ 6 files changed, 401 insertions(+), 7 deletions(-) create mode 100644 Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml create mode 100644 Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml create mode 100644 Infrastructure_as_Code/Terraform/Miscellaneous/README.md create mode 100644 Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/README.md b/Infrastructure_as_Code/Ansible/Volume_Management/README.md index db16a99..3e2754c 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/README.md +++ b/Infrastructure_as_Code/Ansible/Volume_Management/README.md @@ -7,10 +7,12 @@ node to have network connectivity to the FSx for ONTAP file system. For more inf Workload Factory Link, please refer to the [NetApp Workload Factory documentation](https://docs.netapp.com/us-en/workload-fsx-ontap/links-overview.html). The list of playbooks included in this folder is as follows: -- create\_volume.yaml -- delete\_volume.yaml - create\_snapshot.yaml - delete\_snapshot.yaml +- create\_volume.yaml +- delete\_volume.yaml +- create\_volume\_and\_share.yaml +- delete\_volume\_and\_share.yaml ## Requirements - Ansible 2.9 or later. Installation instructions can be found [here](https://docs.ansible.com/ansible/latest/installation_guide/index.html) @@ -28,11 +30,11 @@ Each playbook requires various variables to be set in order to run. | volume\_name| All | Yes | None | The name of the volume you want to act on.| | lambda\_function\_name| All | No | None | The name of the Workload Factory Link Lambda function to use when issuing API calls to the FSx for ONTAP file system.| | aws\_region | All | No | None | The AWS region where the Lambda function resides.| -| volume\_size| create\_volume | Yes | None | The size, in MiBs, of the volume to create.| -| security\_style | create\_volume | No | UNIX | The security style to use when creating the volume. Valid options are UNIX or NTFS.| -| aggr | create\_volume | No | aggr1 | The name of the aggregate to create the volume on.| -| volume\_type | create\_volume | No | RW | The type of volume to create. Valid options are RW and DP.| -| junction\_path | create\_volume | No | `/` | The junction path to use when creating the volume.| +| volume\_size| create\_volume\* | Yes | None | The size, in MiBs, of the volume to create.| +| security\_style | create\_volume\* | No | UNIX | The security style to use when creating the volume. Valid options are UNIX or NTFS.| +| aggr | create\_volume\* | No | aggr1 | The name of the aggregate to create the volume on.| +| volume\_type | create\_volume\* | No | RW | The type of volume to create. Valid options are RW and DP.| +| junction\_path | create\_volume\* | No | `/` | The junction path to use when creating the volume.| | snapshot\_name | create\_snapshot | Yes | None | The name of the snapshot to create.| A convenient way to set all the required variable is to put them into a file named `variables.yaml`. diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml index 451139a..79b11b5 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml +++ b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml @@ -83,6 +83,7 @@ vserver: "{{ vserver }}" aggregate_name: "{{ aggr }}" junction_path: "{{ junction_path }}" + volume_security_style: "{{ security_style }}" use_lambda: "{{ use_lambda }}" lambda_config: aws_profile: "{{ aws_profile }}" diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml new file mode 100644 index 0000000..050c4e9 --- /dev/null +++ b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml @@ -0,0 +1,118 @@ +# Title: create_volume_and_share.yaml + +--- +- name: Playbook to create a volume and a CIFS share that points to it on an FSx for ONTAP file system. + hosts: localhost + collections: + - netapp.ontap + - amazon.aws + gather_facts: false + vars_files: + - variables.yaml + vars: + use_lambda: false + + tasks: + - name: Ensure required variables are set. + fail: + msg: "Required variable {{item}} has not been provided." + when: vars[item] is undefined + loop: + - volume_name + - volume_size + - vserver + - secret_name + # + # Give default values to optional variables if they are not defined + - name: Set security_style to ntfs if not provide. + set_fact: + security_style: "ntfs" + when: security_style is not defined + + - name: Set aggr to 'aggr1' if not provided. + set_fact: + aggr: "aggr1" + when: aggr is not defined + + - name: Set volume_type to "rw" if not provided. + set_fact: + volume_type: "rw" + when: volume_type is not defined + + - name: Set use_lambda to true if lambda_function_name is provided. + set_fact: + use_lambda: true + when: lambda_function_name is defined + + - name: Set aws_provide to "default" if not provided. + set_fact: + aws_profile: "default" + when: aws_profile is not defined + + - name: Set junction_path to "/" if not provided. + set_fact: + junction_path: "/{{ volume_name }}" + when: junction_path is not defined + + - name: Set share_name to "" if not provided. + set_fact: + share_name: "{{ volume_name }}" + when: share_name is not defined + + - name: Ensure that aws_region has been provided if use_lambda is true. + fail: + msg: "aws_region must be defined when use_lambda is true." + when: use_lambda and aws_region is not defined + + - name: Set aws_region to "" if not set at this point. + set_fact: + aws_region: "" + when: aws_region is not defined + + - name: Set lambda_function_name to "" if not set at this point. + set_fact: + lambda_function_name: "" + when: lambda_function_name is not defined + + - name: Get username and password from AWS secret. + set_fact: + username: "{{ lookup('amazon.aws.aws_secret', '{{ secret_name }}.username', nested=true) }}" + password: "{{ lookup('amazon.aws.aws_secret', '{{ secret_name }}.password', nested=true) }}" + no_log: true + + - name: Create the volume + netapp.ontap.na_ontap_volume: + state: present + name: "{{ volume_name }}" + size: "{{ volume_size }}" + vserver: "{{ vserver }}" + aggregate_name: "{{ aggr }}" + junction_path: "{{ junction_path }}" + volume_security_style: "{{ security_style }}" + use_lambda: "{{ use_lambda }}" + lambda_config: + aws_profile: "{{ aws_profile }}" + aws_region: "{{ aws_region }}" + function_name: "{{ lambda_function_name }}" + type: "{{ volume_type }}" + size_unit: "mb" + hostname: "{{ fsxn_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: false + + - name: Create CIFS Share + netapp.ontap.na_ontap_cifs: + state: present + name: "{{ share_name }}" + path: "{{ junction_path }}" + vserver: "{{ vserver }}" + use_lambda: "{{ use_lambda }}" + lambda_config: + aws_profile: "{{ aws_profile }}" + aws_region: "{{ aws_region }}" + function_name: "{{ lambda_function_name }}" + hostname: "{{ fsxn_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: false diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml new file mode 100644 index 0000000..d6bd100 --- /dev/null +++ b/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml @@ -0,0 +1,118 @@ +# Title: create_volume_and_share.yaml + +--- +- name: Playbook to create a volume and a CIFS share that points to it on an FSx for ONTAP file system. + hosts: localhost + collections: + - netapp.ontap + - amazon.aws + gather_facts: false + vars_files: + - variables.yaml + vars: + use_lambda: false + + tasks: + - name: Ensure required variables are set. + fail: + msg: "Required variable {{item}} has not been provided." + when: vars[item] is undefined + loop: + - volume_name + - volume_size + - vserver + - secret_name + # + # Give default values to optional variables if they are not defined + - name: Set security_style to ntfs if not provide. + set_fact: + security_style: "ntfs" + when: security_style is not defined + + - name: Set aggr to 'aggr1' if not provided. + set_fact: + aggr: "aggr1" + when: aggr is not defined + + - name: Set volume_type to "rw" if not provided. + set_fact: + volume_type: "rw" + when: volume_type is not defined + + - name: Set use_lambda to true if lambda_function_name is provided. + set_fact: + use_lambda: true + when: lambda_function_name is defined + + - name: Set aws_provide to "default" if not provided. + set_fact: + aws_profile: "default" + when: aws_profile is not defined + + - name: Set junction_path to "/" if not provided. + set_fact: + junction_path: "/{{ volume_name }}" + when: junction_path is not defined + + - name: Set share_name to "" if not provided. + set_fact: + share_name: "{{ volume_name }}" + when: share_name is not defined + + - name: Ensure that aws_region has been provided if use_lambda is true. + fail: + msg: "aws_region must be defined when use_lambda is true." + when: use_lambda and aws_region is not defined + + - name: Set aws_region to "" if not set at this point. + set_fact: + aws_region: "" + when: aws_region is not defined + + - name: Set lambda_function_name to "" if not set at this point. + set_fact: + lambda_function_name: "" + when: lambda_function_name is not defined + + - name: Get username and password from AWS secret. + set_fact: + username: "{{ lookup('amazon.aws.aws_secret', '{{ secret_name }}.username', nested=true) }}" + password: "{{ lookup('amazon.aws.aws_secret', '{{ secret_name }}.password', nested=true) }}" + no_log: true + + - name: Create the volume + netapp.ontap.na_ontap_volume: + state: absent + name: "{{ volume_name }}" + size: "{{ volume_size }}" + vserver: "{{ vserver }}" + aggregate_name: "{{ aggr }}" + junction_path: "{{ junction_path }}" + volume_security_style: "{{ security_style }}" + use_lambda: "{{ use_lambda }}" + lambda_config: + aws_profile: "{{ aws_profile }}" + aws_region: "{{ aws_region }}" + function_name: "{{ lambda_function_name }}" + type: "{{ volume_type }}" + size_unit: "mb" + hostname: "{{ fsxn_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: false + + - name: Create CIFS Share + netapp.ontap.na_ontap_cifs: + state: absent + name: "{{ share_name }}" + path: "{{ junction_path }}" + vserver: "{{ vserver }}" + use_lambda: "{{ use_lambda }}" + lambda_config: + aws_profile: "{{ aws_profile }}" + aws_region: "{{ aws_region }}" + function_name: "{{ lambda_function_name }}" + hostname: "{{ fsxn_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: false diff --git a/Infrastructure_as_Code/Terraform/Miscellaneous/README.md b/Infrastructure_as_Code/Terraform/Miscellaneous/README.md new file mode 100644 index 0000000..044064a --- /dev/null +++ b/Infrastructure_as_Code/Terraform/Miscellaneous/README.md @@ -0,0 +1,22 @@ +# Miscellaneous Terraform Examples +This subfolder contains various examples of how you can use Terraform to manage an FSx for ONTAP file system. + +| Example | Description | +| --- | --- | +| [Create_CIFS Share](create_cifs_share.tf) | This sample shows how to create a volume and a CIFS share that points to it on an FSx for ONTAP file system. | + +## Author Information + +This repository is maintained by the contributors listed on [GitHub](https://github.com/NetApp/FSx-ONTAP-samples-scripts/graphs/contributors). + +## License + +Licensed under the Apache License, Version 2.0 (the "License"). + +You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0). + +Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied. + +See the License for the specific language governing permissions and limitations under the License. + +© 2024 NetApp, Inc. All Rights Reserved. diff --git a/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf b/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf new file mode 100644 index 0000000..15b9880 --- /dev/null +++ b/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf @@ -0,0 +1,133 @@ +################################################################################ +# This Terraform configuration file creates an FSx for NetApp ONTAP volume +# using the AWS provider and then uses the NetApp ONTAP provider to create +# an CIFS share to the volume. +# +# The NetApp ONTAP provider can use either a Workload Factory link or a +# direct connection to the FSxN file system depending on which +# 'cx_provider_name' is used in the netapp-ontap_cifs_share resource. +# +# It is dependent on the variables defined below. The values can be set by +# adjusting the default value in the variable block or by providing +# the values in terraform.tfvars file. +# +################################################################################ + +variable "region" { + description = "The AWS region where you want the resources deployed." + type = string +} + +variable "volumeSize" { + description = "The size of the volume in MiBs." + type = number +} + +variable "volumeName" { + description = "The name of the volume." + type = string +} + +variable "svmId" { + description = "The SVM ID." + type = string +} + +variable "secretId" { + description = "The secret ID." + type = string +} + +variable "fsEndpoint" { + description = "The FSx management endpoint. Hostname or IP." + type = string +} + +variable "linkLambdaName" { + description = "The name of the Workload Factory Lambda function" + type = string + default = "" +} +# +# Define the required providers. +terraform { + required_providers { + netapp-ontap = { + source = "NetApp/netapp-ontap" + version = "~> 2.1" + } + + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} +# +# Define the aws region to work in. +provider "aws" { + region = var.region +} +# +# Define how to communicate with the FSxN file system. +provider "netapp-ontap" { + connection_profiles = [ + { + name = "direct" + validate_certs = false + hostname = var.fsEndpoint + username = jsondecode(ephemeral.aws_secretsmanager_secret_version.fsxn_secret.secret_string)["username"] + password = jsondecode(ephemeral.aws_secretsmanager_secret_version.fsxn_secret.secret_string)["password"] + }, + { + name = "aws" + hostname = var.fsEndpoint + username = jsondecode(ephemeral.aws_secretsmanager_secret_version.fsxn_secret.secret_string)["username"] + password = jsondecode(ephemeral.aws_secretsmanager_secret_version.fsxn_secret.secret_string)["password"] + aws_lambda = { + function_name = var.linkLambdaName + region = var.region + shared_config_profile = "default" + } + } + ] +} +# +# Define the aws volume. +resource "aws_fsx_ontap_volume" "aws_volume" { + name = var.volumeName + junction_path = "/${var.volumeName}" + size_in_megabytes = var.volumeSize + storage_efficiency_enabled = true + storage_virtual_machine_id = var.svmId + ontap_volume_type = "RW" +} +# +# This data source is used to get the SVM name. +data "aws_fsx_ontap_storage_virtual_machine" "svm" { + id = var.svmId +} +# +# This ephemeral resources is used to get the fsxn password. +ephemeral "aws_secretsmanager_secret_version" "fsxn_secret" { + secret_id = var.secretId +} +# +# Create the cifs share. +resource "netapp-ontap_cifs_share" "cifs_share" { +# cx_profile_name = "direct" + cx_profile_name = "aws" + name = var.volumeName + path = "/${var.volumeName}" + svm_name = data.aws_fsx_ontap_storage_virtual_machine.svm.name + acls = [ + { + "permission": "full_control", + "user_or_group": "Everyone", + "type": "windows" + } + ] + depends_on = [ + aws_fsx_ontap_volume.aws_volume + ] +} From 0a67e67f72d3bebb55c4a8b22882d5be2b0bdf1e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 6 Apr 2026 22:21:51 +0000 Subject: [PATCH 2/6] terraform-docs: automated action --- .../Terraform/deploy-fsx-ontap/module/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/module/README.md b/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/module/README.md index e0869de..0af8dd8 100644 --- a/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/module/README.md +++ b/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/module/README.md @@ -242,7 +242,7 @@ terraform apply | svm_name | name of the Storage Virtual Machine, (a.k.a. vserver). | `string` | `"fsx"` | no | | tags | A map defining tags to be applied to the FSxN file system. The format is '{Name1 = value, Name2 = value}'. | `map(any)` | `null` | no | | throughput_in_MBps | The throughput capacity (in MBps) for the file system. Valid values are 128, 256, 512, 1024, 2048, and 4096 for Gen 1, and 384, 768, 1536, 3072 and 6144 for Gen 2. | `string` | `"128"` | no | -| vol_info | Details for the initial volume creation. | 
object({
    vol_name              = optional(string, "vol1")
    junction_path         = optional(string, "/vol1")
    size_mg               = optional(number,  2048000)
    efficiency            = optional(bool,    true)
    tier_policy_name      = optional(string, "AUTO")
    cooling_period        = optional(string,  31)
    vol_type              = optional(string, "RW")
    copy_tags_to_backups  = optional(bool,    false)
    sec_style             = optional(string, "UNIX")
    skip_final_backup     = optional(bool,    false)
    snapshot_policy       = optional(string, "default")
  })
| `{}` | no | +| vol_info | Details for the initial volume creation. | 
object({
    vol_name              = optional(string, "vol1")
    junction_path         = optional(string, "/vol1")
    size_mg               = optional(number,  2048000)
    efficiency            = optional(bool,    true)
    tier_policy_name      = optional(string, "AUTO")
    cooling_period        = optional(string,  31)
    vol_type              = optional(string, "RW")
    copy_tags_to_backups  = optional(bool,    false)
    sec_style             = optional(string, "UNIX")
    skip_final_backup     = optional(bool,    false)
    snapshot_policy       = optional(string, "default")
  })
| `{}` | no | | vpc_id | The VPC ID where the security group will be created. | `string` | `""` | no | ### Outputs @@ -273,7 +273,6 @@ You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http:/ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied. See the License for the specific language governing permissions and limitations under the License. - © 2024 NetApp, Inc. All Rights Reserved. From 662f11909fd9b019c7fe3c201f05bcd12de28b72 Mon Sep 17 00:00:00 2001 From: Keith Cantrell Date: Mon, 6 Apr 2026 17:37:41 -0500 Subject: [PATCH 3/6] Added CIFS Share examples. --- Infrastructure_as_Code/README.md | 11 ++++++----- Infrastructure_as_Code/Terraform/README.md | 3 ++- README.md | 15 ++++++++------- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/Infrastructure_as_Code/README.md b/Infrastructure_as_Code/README.md index 1dbf9ce..943dbb3 100644 --- a/Infrastructure_as_Code/README.md +++ b/Infrastructure_as_Code/README.md @@ -7,14 +7,15 @@ This folder contains code samples and automation scripts for FSx for NetApp ONTA * [SnapMirror report](Ansible/snapmirror_report) * [Volume Management](Ansible/Volume_Management) * [CloudFormation](CloudFormation) - * [NetApp-FSxN-Custom-Resources-Samples](CloudFormation/NetApp-FSxN-Custom-Resources-Samples) + * [Deploy-fsx-ontap](CloudFormation/deploy-fsx-ontap) * [Export FSx for ONTAP Configuration to CloudFormation](CloudFormation/Export-FSxN-CloudFormation) - * [deploy-fsx-ontap](CloudFormation/deploy-fsx-ontap) + * [NetApp-FSxN-Custom-Resources-Samples](CloudFormation/NetApp-FSxN-Custom-Resources-Samples) * [Terraform](Terraform) + * [Deployment of FSx ONTAP with VPN for File Share Access](Terraform/deploy-fsx-ontap-fileshare-access) + * [Deployment of SQL Server on EC2 with FSx ONTAP](Terraform/deploy-fsx-ontap-sqlserver) * [FSx ONTAP deployment using Terraform](Terraform/deploy-fsx-ontap) * [FSx ONTAP Replication](Terraform/fsxn-replicate) - * [Deployment of SQL Server on EC2 with FSx ONTAP](Terraform/deploy-fsx-ontap-sqlserver) - * [Deployment of FSx ONTAP with VPN for File Share Access](Terraform/deploy-fsx-ontap-fileshare-access) + * [Miscellaneous FSx ONTAP operations using Terraform](Terraform/Miscellaneous) ## Author Information @@ -31,4 +32,4 @@ is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any ki See the License for the specific language governing permissions and limitations under the License. -© 2024 NetApp, Inc. All Rights Reserved. +© 2026 NetApp, Inc. All Rights Reserved. diff --git a/Infrastructure_as_Code/Terraform/README.md b/Infrastructure_as_Code/Terraform/README.md index bcc46e6..f5af5f8 100644 --- a/Infrastructure_as_Code/Terraform/README.md +++ b/Infrastructure_as_Code/Terraform/README.md @@ -5,8 +5,9 @@ This subfolder contains various examples of how you can use Terraform to deploy | --- | --- | | [Deploy FSx ONTAP File Share](deploy-fsx-ontap-fileshare-access) | This sample shows how to deploy an FSx for ONTAP file system and access it from a remote system using OpenVPN. | | [Deploy FSx ONTAP SQL Server](deploy-fsx-ontap-sqlserver) | This sample shows how to deploy on FSx for ONTAP file system and use it as a shared storage for a SQL Server. | -| [Deploy FSx ONTAP](deploy-fsx-ontap) | This sample shows how to deploy an FSx for ONTAP file system using Terraform. | +| [FSx ONTAP deployment using Terraform](deploy-fsx-ontap) | This sample shows how to use Terraform to deploy an FSx for ONTAP file system. | | [FSx ONTAP Replicate](fsxn-replicate)| This sample shows how to use Terraform to replicate an FSx for ONTAP file system for disaster recovery purposes. | +| [Miscellaneous](miscellaneous) | This folder contains various Terraform samples.| ## Author Information diff --git a/README.md b/README.md index 67432ad..dd96d11 100644 --- a/README.md +++ b/README.md @@ -22,14 +22,15 @@ Have a great idea? We'd love to hear it! Please email us at [ng-fsxn-github-samp * [SnapMirror report](/Infrastructure_as_Code/Ansible/snapmirror_report) * [Volume Management](/Infrastructure_as_Code/Ansible/Volume_Management) * [CloudFormation](/Infrastructure_as_Code/CloudFormation) - * [NetApp-FSxN-Custom-Resources-Samples](/Infrastructure_as_Code/CloudFormation/NetApp-FSxN-Custom-Resources-Samples) + * [Deploy-fsx-ontap](/Infrastructure_as_Code/CloudFormation/deploy-fsx-ontap) * [Export FSx for ONTAP Configuration to CloudFormation](/Infrastructure_as_Code/CloudFormation/Export-FSxN-CloudFormation) - * [deploy-fsx-ontap](/Infrastructure_as_Code/CloudFormation/deploy-fsx-ontap) + * [NetApp-FSxN-Custom-Resources-Samples](/Infrastructure_as_Code/CloudFormation/NetApp-FSxN-Custom-Resources-Samples) * [Terraform](/Infrastructure_as_Code/Terraform) + * [Deployment of FSx ONTAP with VPN for File Share Access](/Infrastructure_as_Code/Terraform/deploy-fsx-ontap-fileshare-access) + * [Deployment of SQL Server on EC2 with FSx ONTAP](/Infrastructure_as_Code/Terraform/deploy-fsx-ontap-sqlserver) * [FSx ONTAP deployment using Terraform](/Infrastructure_as_Code/Terraform/deploy-fsx-ontap) * [FSx ONTAP Replication](/Infrastructure_as_Code/Terraform/fsxn-replicate) - * [Deployment of SQL Server on EC2 with FSx ONTAP](/Infrastructure_as_Code/Terraform/deploy-fsx-ontap-sqlserver) - * [Deployment of FSx ONTAP with VPN for File Share Access](/Infrastructure_as_Code/Terraform/deploy-fsx-ontap-fileshare-access) + * [Miscellaneous FSx ONTAP resources using Terraform](/Infrastructure_as_Code/Terraform/Miscellaneous) * [EKS](/EKS) * [Backup-EKS-Applications-with-Trident-Protect](/EKS/Backup-EKS-Applications-with-Trident-Protect) * [EKS applications non-stdout logs collection into ELK](/EKS/EKS-logs-to-ELK) @@ -39,17 +40,17 @@ Have a great idea? We'd love to hear it! Please email us at [ng-fsxn-github-samp * [Auto Create SnapMirror Relationships](/Management-Utilities/auto_create_sm_relationships) * [Auto Set FSxN Auto Grow](/Management-Utilities/auto_set_fsxn_auto_grow) * [AWS CLI management scripts for FSx ONTAP](/Management-Utilities/fsx-ontap-aws-cli-scripts) - * [Rotate AWS Secrets Manager Secret](/Management-Utilities/fsxn-rotate-secret) * [FSx ONTAP iscsi volume creation automation for Windows](/Management-Utilities/iscsi-vol-create-and-mount) + * [Rotate AWS Secrets Manager Secret](/Management-Utilities/fsxn-rotate-secret) * [Warm Performance Tier](/Management-Utilities/warm_performance_tier) * [Workload Factory API Samples](/Management-Utilities/Workload-Factory-API-Samples) * [Monitoring](/Monitoring) + * [Automatically Add CloudWatch Alarms for FSx Resources](/Monitoring/auto-add-cw-alarms) * [CloudWatch Dashboard for FSx for ONTAP](/Monitoring/CloudWatch-FSx) * [Export LUN metrics from an FSx ONTAP to Amazon CloudWatch](/Monitoring/LUN-monitoring) - * [Automatically Add CloudWatch Alarms for FSx Resources](/Monitoring/auto-add-cw-alarms) * [Ingest NAS audit logs into CloudWatch](/Monitoring/ingest_nas_audit_logs_into_cloudwatch) - * [Monitor ONTAP metrics from FSx ONTAP using python Lambda function](/Monitoring/monitor-ontap-services) * [Monitor FSx for ONTAP with Harvest on EKS](/Monitoring/monitor_fsxn_with_harvest_on_eks) + * [Monitor ONTAP metrics from FSx ONTAP using python Lambda function](/Monitoring/monitor-ontap-services) ## Author Information From c8f9d4cd62e502edaff9d3619cba9d9779467b79 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 6 Apr 2026 22:39:18 +0000 Subject: [PATCH 4/6] terraform-docs: automated action --- .../Terraform/deploy-fsx-ontap/standalone-module/README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/standalone-module/README.md b/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/standalone-module/README.md index 26f7102..e5f4749 100644 --- a/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/standalone-module/README.md +++ b/Infrastructure_as_Code/Terraform/deploy-fsx-ontap/standalone-module/README.md @@ -202,7 +202,7 @@ terraform apply | fsx_deploy_type | The file system deployment type. Supported values are 'MULTI_AZ_1', 'SINGLE_AZ_1', 'MULTI_AZ_2', and 'SINGLE_AZ_2'. MULTI_AZ_1 and SINGLE_AZ_1 are Gen 1. MULTI_AZ_2 and SINGLE_AZ_2 are Gen 2. | `string` | `"MULTI_AZ_1"` | no | | fsx_name | The name to assign to the FSxN file system. | `string` | `"terraform-fsxn"` | no | | fsx_region | The AWS region where the FSxN file system to be deployed. | `string` | `"us-west-2"` | no | -| fsx_subnets | The primary subnet ID, and secondary subnet ID if you are deploying in a Multi AZ environment, file system will be accessible from. For MULTI_AZ deployment types both subnets are required. For SINGLE_AZ deployment type, only the primary subnet is used. | `map(any)` | 
{
  "primarysub": "subnet-22222222",
  "secondarysub": "subnet-33333333"
}
| no | +| fsx_subnets | The primary subnet ID, and secondary subnet ID if you are deploying in a Multi AZ environment, file system will be accessible from. For MULTI_AZ deployment types both subnets are required. For SINGLE_AZ deployment type, only the primary subnet is used. | `map(any)` | 
{
  "primarysub": "subnet-22222222",
  "secondarysub": "subnet-33333333"
}
| no | | fsx_tput_in_MBps | The throughput capacity (in MBps) for the file system. Valid values are 128, 256, 512, 1024, 2048, and 4096 for Gen 1, and 384, 768, 1536, 3072 and 6144 for Gen 2. | `string` | `"128"` | no | | ha_pairs | The number of HA pairs in the file system. Valid values are from 1 through 12. Only single AZ Gen 2 deployment type supports more than 1 HA pair. | `number` | `1` | no | | kms_key_id | ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key. | `string` | `null` | no | @@ -216,7 +216,7 @@ terraform apply | source_sg_id | The ID of the security group to allow access to the FSxN file system. Set to an empty string if you want to use the cidr_for_sg as the source. | `string` | `""` | no | | svm_name | The name of the Storage Virtual Machine | `string` | `"fsx"` | no | | tags | Tags to be applied to the FSxN file system. The format is '{Name1 = value, Name2 = value}' where value should be enclosed in double quotes. | `map(any)` | `{}` | no | -| vol_info | Details for the volume creation | `map(any)` | 
{
  "cooling_period": 31,
  "copy_tags_to_backups": false,
  "efficiency": true,
  "junction_path": "/vol1",
  "sec_style": "UNIX",
  "size_mg": 2048000,
  "skip_final_backup": true,
  "snapshot_policy": "default",
  "tier_policy_name": "AUTO",
  "vol_name": "vol1"
}
| no | +| vol_info | Details for the volume creation | `map(any)` | 
{
  "cooling_period": 31,
  "copy_tags_to_backups": false,
  "efficiency": true,
  "junction_path": "/vol1",
  "sec_style": "UNIX",
  "size_mg": 2048000,
  "skip_final_backup": true,
  "snapshot_policy": "default",
  "tier_policy_name": "AUTO",
  "vol_name": "vol1"
}
| no | | vpc_id | The VPC ID where the security group will be created. | `string` | `""` | no | ### Outputs @@ -245,7 +245,6 @@ You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http:/ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied. See the License for the specific language governing permissions and limitations under the License. - © 2024 NetApp, Inc. All Rights Reserved. From a843ae6120a0b880229bc06d27aa3f84f2cad1a7 Mon Sep 17 00:00:00 2001 From: Keith Cantrell Date: Mon, 6 Apr 2026 18:46:09 -0500 Subject: [PATCH 5/6] Added CIFS Share examples. --- .../Volume_Management/create_volume.yaml | 1 + .../create_volume_and_share.yaml | 1 + .../delete_volume_and_share.yaml | 27 ++++++++----------- .../Miscellaneous/create_cifs_share.tf | 6 ++--- 4 files changed, 16 insertions(+), 19 deletions(-) diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml index 79b11b5..043e9c6 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml +++ b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml @@ -22,6 +22,7 @@ - volume_size - vserver - secret_name + - fsxn_hostname # # Give default values to optional variables if they are not defined - name: Set security_style to unix if not provide. diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml index 050c4e9..38c090f 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml +++ b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml @@ -22,6 +22,7 @@ - volume_size - vserver - secret_name + - fsxn_hostname # # Give default values to optional variables if they are not defined - name: Set security_style to ntfs if not provide. diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml index d6bd100..afee118 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml +++ b/Infrastructure_as_Code/Ansible/Volume_Management/delete_volume_and_share.yaml @@ -1,7 +1,7 @@ -# Title: create_volume_and_share.yaml +# Title: delete_volume_and_share.yaml --- -- name: Playbook to create a volume and a CIFS share that points to it on an FSx for ONTAP file system. +- name: Playbook to delete a volume and a CIFS share that points to it on an FSx for ONTAP file system. hosts: localhost collections: - netapp.ontap @@ -19,9 +19,9 @@ when: vars[item] is undefined loop: - volume_name - - volume_size - vserver - secret_name + - fsxn_hostname # # Give default values to optional variables if they are not defined - name: Set security_style to ntfs if not provide. @@ -80,33 +80,28 @@ password: "{{ lookup('amazon.aws.aws_secret', '{{ secret_name }}.password', nested=true) }}" no_log: true - - name: Create the volume - netapp.ontap.na_ontap_volume: + - name: Delete CIFS Share + netapp.ontap.na_ontap_cifs: state: absent - name: "{{ volume_name }}" - size: "{{ volume_size }}" + name: "{{ share_name }}" + path: "{{ junction_path }}" vserver: "{{ vserver }}" - aggregate_name: "{{ aggr }}" - junction_path: "{{ junction_path }}" - volume_security_style: "{{ security_style }}" use_lambda: "{{ use_lambda }}" lambda_config: aws_profile: "{{ aws_profile }}" aws_region: "{{ aws_region }}" function_name: "{{ lambda_function_name }}" - type: "{{ volume_type }}" - size_unit: "mb" hostname: "{{ fsxn_hostname }}" username: "{{ username }}" password: "{{ password }}" validate_certs: false - - name: Create CIFS Share - netapp.ontap.na_ontap_cifs: + - name: Delete the volume + netapp.ontap.na_ontap_volume: state: absent - name: "{{ share_name }}" - path: "{{ junction_path }}" + name: "{{ volume_name }}" vserver: "{{ vserver }}" + aggregate_name: "{{ aggr }}" use_lambda: "{{ use_lambda }}" lambda_config: aws_profile: "{{ aws_profile }}" diff --git a/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf b/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf index 15b9880..f76fa62 100644 --- a/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf +++ b/Infrastructure_as_Code/Terraform/Miscellaneous/create_cifs_share.tf @@ -122,9 +122,9 @@ resource "netapp-ontap_cifs_share" "cifs_share" { svm_name = data.aws_fsx_ontap_storage_virtual_machine.svm.name acls = [ { - "permission": "full_control", - "user_or_group": "Everyone", - "type": "windows" + permission = "full_control" + user_or_group = "Everyone" + type = "windows" } ] depends_on = [ From dabc7888211e4a5596488a8014a2cb6ab2be4f84 Mon Sep 17 00:00:00 2001 From: Keith Cantrell Date: Mon, 6 Apr 2026 18:53:49 -0500 Subject: [PATCH 6/6] Added CIFS Share examples. --- .../Ansible/Volume_Management/create_volume.yaml | 4 ++-- .../Ansible/Volume_Management/create_volume_and_share.yaml | 4 ++-- Infrastructure_as_Code/Terraform/Miscellaneous/README.md | 2 +- Infrastructure_as_Code/Terraform/README.md | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml index 043e9c6..dc787a0 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml +++ b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume.yaml @@ -25,7 +25,7 @@ - fsxn_hostname # # Give default values to optional variables if they are not defined - - name: Set security_style to unix if not provide. + - name: Set security_style to unix if not provided. set_fact: security_style: "unix" when: security_style is not defined @@ -45,7 +45,7 @@ use_lambda: true when: lambda_function_name is defined - - name: Set aws_provide to "default" if not provided. + - name: Set aws_profile to "default" if not provided. set_fact: aws_profile: "default" when: aws_profile is not defined diff --git a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml index 38c090f..6d4ff13 100644 --- a/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml +++ b/Infrastructure_as_Code/Ansible/Volume_Management/create_volume_and_share.yaml @@ -25,7 +25,7 @@ - fsxn_hostname # # Give default values to optional variables if they are not defined - - name: Set security_style to ntfs if not provide. + - name: Set security_style to ntfs if not provided. set_fact: security_style: "ntfs" when: security_style is not defined @@ -45,7 +45,7 @@ use_lambda: true when: lambda_function_name is defined - - name: Set aws_provide to "default" if not provided. + - name: Set aws_profile to "default" if not provided. set_fact: aws_profile: "default" when: aws_profile is not defined diff --git a/Infrastructure_as_Code/Terraform/Miscellaneous/README.md b/Infrastructure_as_Code/Terraform/Miscellaneous/README.md index 044064a..13d9448 100644 --- a/Infrastructure_as_Code/Terraform/Miscellaneous/README.md +++ b/Infrastructure_as_Code/Terraform/Miscellaneous/README.md @@ -3,7 +3,7 @@ This subfolder contains various examples of how you can use Terraform to manage | Example | Description | | --- | --- | -| [Create_CIFS Share](create_cifs_share.tf) | This sample shows how to create a volume and a CIFS share that points to it on an FSx for ONTAP file system. | +| [Create CIFS Share](create_cifs_share.tf) | This sample shows how to create a volume and a CIFS share that points to it on an FSx for ONTAP file system. | ## Author Information diff --git a/Infrastructure_as_Code/Terraform/README.md b/Infrastructure_as_Code/Terraform/README.md index f5af5f8..f5f75d0 100644 --- a/Infrastructure_as_Code/Terraform/README.md +++ b/Infrastructure_as_Code/Terraform/README.md @@ -7,7 +7,7 @@ This subfolder contains various examples of how you can use Terraform to deploy | [Deploy FSx ONTAP SQL Server](deploy-fsx-ontap-sqlserver) | This sample shows how to deploy on FSx for ONTAP file system and use it as a shared storage for a SQL Server. | | [FSx ONTAP deployment using Terraform](deploy-fsx-ontap) | This sample shows how to use Terraform to deploy an FSx for ONTAP file system. | | [FSx ONTAP Replicate](fsxn-replicate)| This sample shows how to use Terraform to replicate an FSx for ONTAP file system for disaster recovery purposes. | -| [Miscellaneous](miscellaneous) | This folder contains various Terraform samples.| +| [Miscellaneous](Miscellaneous) | This folder contains various Terraform samples.| ## Author Information