azurerm_hpc_cache_blob_nfs_target

Manages a Blob NFSv3 Target within a HPC Cache.

Example Usage

provider "azurerm" {
  features {}
}

provider "azuread" {}

resource "azurerm_resource_group" "example" {
  name     = "example-rg"
  location = "west europe"
}

resource "azurerm_virtual_network" "example" {
  name                = "example-vnet"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
}

resource "azurerm_subnet" "example" {
  name                 = "example-subnet"
  resource_group_name  = azurerm_resource_group.example.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.2.0/24"]
  service_endpoints    = ["Microsoft.Storage"]
}

data "azuread_service_principal" "example" {
  display_name = "HPC Cache Resource Provider"
}

resource "azurerm_storage_account" "example" {
  name                      = "examplestorageaccount"
  resource_group_name       = azurerm_resource_group.example.name
  location                  = azurerm_resource_group.example.location
  account_tier              = "Standard"
  account_kind              = "StorageV2"
  account_replication_type  = "LRS"
  is_hns_enabled            = true
  nfsv3_enabled             = true
  enable_https_traffic_only = false
  network_rules {
    default_action             = "Deny"
    virtual_network_subnet_ids = [azurerm_subnet.example.id]
  }
}

# Due to https://github.com/hashicorp/terraform-provider-azurerm/issues/2977 and the fact
# that the NFSv3 enabled storage account can't allow public network access - otherwise the NFSv3 protocol will fail,
# we have to use the ARM template to deploy the storage container as a workaround.
# Once the issue above got resolved, we can instead use the azurerm_storage_container resource.
resource "azurerm_resource_group_template_deployment" "storage-containers" {
  name                = "example-deployment"
  resource_group_name = azurerm_storage_account.example.resource_group_name
  deployment_mode     = "Incremental"

  parameters_content = jsonencode({
    location = {
      value = azurerm_storage_account.example.location
    },
    storageAccountName = {
      value = azurerm_storage_account.example.name
    },
    containerName = {
      value = "example-container"
    }
  })

  template_content = <<EOF
{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "storageAccountName": {
      "type": "String"
    },
    "containerName": {
      "type": "String"
    },
    "location": {
      "type": "String"
    }
  },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2019-06-01",
      "name": "[parameters('storageAccountName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard_LRS",
        "tier": "Standard"
      },
      "kind": "StorageV2",
      "properties": {
        "accessTier": "Hot"
      },
      "resources": [
        {
          "type": "blobServices/containers",
          "apiVersion": "2019-06-01",
          "name": "[concat('default/', parameters('containerName'))]",
          "dependsOn": [
            "[parameters('storageAccountName')]"
          ]
        }
      ]
    }
  ],

  "outputs": {
    "id": {
      "type": "String",
      "value": "[resourceId('Microsoft.Storage/storageAccounts/blobServices/containers', parameters('storageAccountName'), 'default', parameters('containerName'))]"
    }
  }
}
EOF
}

resource "azurerm_role_assignment" "example_storage_account_contrib" {
  scope                = azurerm_storage_account.example.id
  role_definition_name = "Storage Account Contributor"
  principal_id         = data.azuread_service_principal.example.object_id
}

resource "azurerm_role_assignment" "example_storage_blob_data_contrib" {
  scope                = azurerm_storage_account.example.id
  role_definition_name = "Storage Blob Data Contributor"
  principal_id         = data.azuread_service_principal.example.object_id
}

resource "azurerm_hpc_cache" "example" {
  name                = "example-hpc-cache"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  cache_size_in_gb    = 3072
  subnet_id           = azurerm_subnet.example.id
  sku_name            = "Standard_2G"
}

resource "azurerm_hpc_cache_blob_nfs_target" "example" {
  name                 = "example-hpc-target"
  resource_group_name  = azurerm_resource_group.example.name
  cache_name           = azurerm_hpc_cache.example.name
  storage_container_id = jsondecode(azurerm_resource_group_template_deployment.storage-containers.output_content).id.value
  namespace_path       = "/p1"
  usage_model          = "READ_HEAVY_INFREQ"
}

Arguments Reference

The following arguments are supported:


Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

Import

HPC Cache Blob NFS Targets can be imported using the resource id, e.g.

terraform import azurerm_hpc_cache_blob_nfs_target.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.StorageCache/caches/cache1/storageTargets/target1