Manages a Data Lake Gen2 File System within an Azure Storage Account.
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_storage_account" "example" {
name = "examplestorageacc"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
account_kind = "StorageV2"
is_hns_enabled = "true"
}
resource "azurerm_storage_data_lake_gen2_filesystem" "example" {
name = "example"
storage_account_id = azurerm_storage_account.example.id
properties = {
hello = "aGVsbG8="
}
}
The following arguments are supported:
name
- (Required) The name of the Data Lake Gen2 File System which should be created within the Storage Account. Must be unique within the storage account the queue is located. Changing this forces a new resource to be created.
storage_account_id
- (Required) Specifies the ID of the Storage Account in which the Data Lake Gen2 File System should exist. Changing this forces a new resource to be created.
default_encryption_scope
- (Optional) The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
properties
- (Optional) A mapping of Key to Base64-Encoded Values which should be assigned to this Data Lake Gen2 File System.
ace
- (Optional) One or more ace
blocks as defined below to specify the entries for the ACL for the path.
owner
- (Optional) Specifies the Object ID of the Azure Active Directory User to make the owning user of the root path (i.e. /
). Possible values also include $superuser
.
group
- (Optional) Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. /
). Possible values also include $superuser
.
An ace
block supports the following:
scope
- (Optional) Specifies whether the ACE represents an access
entry or a default
entry. Default value is access
.
type
- (Required) Specifies the type of entry. Can be user
, group
, mask
or other
.
id
- (Optional) Specifies the Object ID of the Azure Active Directory User or Group that the entry relates to. Only valid for user
or group
entries.
permissions
- (Required) Specifies the permissions for the entry in rwx
form. For example, rwx
gives full permissions but r--
only gives read permissions.
More details on ACLs can be found here: https://docs.microsoft.com/azure/storage/blobs/data-lake-storage-access-control#access-control-lists-on-files-and-directories
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the Data Lake Gen2 File System.The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Data Lake Gen2 File System.update
- (Defaults to 30 minutes) Used when updating the Data Lake Gen2 File System.read
- (Defaults to 5 minutes) Used when retrieving the Data Lake Gen2 File System.delete
- (Defaults to 30 minutes) Used when deleting the Data Lake Gen2 File System.Data Lake Gen2 File System's can be imported using the resource id
, e.g.
terraform import azurerm_storage_data_lake_gen2_filesystem.queue1 https://account1.dfs.core.windows.net/fileSystem1