A volume is a file system container in a storage pool that stores application, database, and user data.
You can create a volume's capacity using the available capacity in the storage pool and you can define and resize the capacity without disruption to any processes.
Storage pool settings apply to the volumes contained within them automatically.
To get more information about Volume, see:
resource "google_netapp_storage_pool" "default" {
name = "test-pool"
location = "us-west2"
service_level = "PREMIUM"
capacity_gib = "2048"
network = data.google_compute_network.default.id
}
resource "google_netapp_volume" "test_volume" {
location = "us-west2"
name = "test-volume"
capacity_gib = "100"
share_name = "test-volume"
storage_pool = google_netapp_storage_pool.default.name
protocols = ["NFSV3"]
deletion_policy = "DEFAULT"
}
data "google_compute_network" "default" {
name = "test-network"
}
The following arguments are supported:
share_name
-
(Required)
Share name (SMB) or export path (NFS) of the volume. Needs to be unique per location.
storage_pool
-
(Required)
Name of the storage pool to create the volume in. Pool needs enough spare capacity to accomodate the volume.
capacity_gib
-
(Required)
Capacity of the volume (in GiB).
protocols
-
(Required)
The protocol of the volume. Allowed combinations are ['NFSV3']
, ['NFSV4']
, ['SMB']
, ['NFSV3', 'NFSV4']
, ['SMB', 'NFSV3']
and ['SMB', 'NFSV4']
.
Each value may be one of: NFSV3
, NFSV4
, SMB
.
location
-
(Required)
Name of the pool location. Usually a region name, expect for some STANDARD service level pools which require a zone name.
name
-
(Required)
The name of the volume. Needs to be unique per location.
export_policy
-
(Optional)
Export policy of the volume for NFSV3 and/or NFSV4.1 access.
Structure is documented below.
smb_settings
-
(Optional)
Settings for volumes with SMB access.
Each value may be one of: ENCRYPT_DATA
, BROWSABLE
, CHANGE_NOTIFY
, NON_BROWSABLE
, OPLOCKS
, SHOW_SNAPSHOT
, SHOW_PREVIOUS_VERSIONS
, ACCESS_BASED_ENUMERATION
, CONTINUOUSLY_AVAILABLE
.
unix_permissions
-
(Optional)
Unix permission the mount point will be created with. Default is 0770. Applicable for UNIX security style volumes only.
labels
-
(Optional)
Labels as key value pairs. Example: { "owner": "Bob", "department": "finance", "purpose": "testing" }
.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field effective_labels
for all of the labels present on the resource.
description
-
(Optional)
An optional description of this resource.
snapshot_directory
-
(Optional)
If enabled, a NFS volume will contain a read-only .snapshot directory which provides access to each of the volume's snapshots. Will enable "Previous Versions" support for SMB.
security_style
-
(Optional)
Security Style of the Volume. Use UNIX to use UNIX or NFSV4 ACLs for file permissions.
Use NTFS to use NTFS ACLs for file permissions. Can only be set for volumes which use SMB together with NFS as protocol.
Possible values are: NTFS
, UNIX
.
kerberos_enabled
-
(Optional)
Flag indicating if the volume is a kerberos volume or not, export policy rules control kerberos security modes (krb5, krb5i, krb5p).
restore_parameters
-
(Optional)
Used to create this volume from a snapshot (= cloning) or an backup.
Structure is documented below.
restricted_actions
-
(Optional)
List of actions that are restricted on this volume.
Each value may be one of: DELETE
.
snapshot_policy
-
(Optional)
Snapshot policy defines the schedule for automatic snapshot creation.
To disable automatic snapshot creation you have to remove the whole snapshot_policy block.
Structure is documented below.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
deletion_policy
- (Optional) Policy to determine if the volume should be deleted forcefully.
Volumes may have nested snapshot resources. Deleting such a volume will fail.
Setting this parameter to FORCE will delete volumes including nested snapshots.
The export_policy
block supports:
rules
-
(Required)
Export rules (up to 5) control NFS volume access.
Structure is documented below.allowed_clients
-
(Optional)
Defines the client ingress specification (allowed clients) as a comma seperated list with IPv4 CIDRs or IPv4 host addresses.
has_root_access
-
(Optional)
If enabled, the root user (UID = 0) of the specified clients doesn't get mapped to nobody (UID = 65534). This is also known as no_root_squash.
access_type
-
(Optional)
Defines the access type for clients matching the allowedClients
specification.
Possible values are: READ_ONLY
, READ_WRITE
, READ_NONE
.
nfsv3
-
(Optional)
Enable to apply the export rule to NFSV3 clients.
nfsv4
-
(Optional)
Enable to apply the export rule to NFSV4.1 clients.
kerberos5_read_only
-
(Optional)
If enabled (true) the rule defines a read only access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'authentication' kerberos security mode.
kerberos5_read_write
-
(Optional)
If enabled (true) the rule defines read and write access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'authentication' kerberos security mode. The 'kerberos5ReadOnly' value is ignored if this is enabled.
kerberos5i_read_only
-
(Optional)
If enabled (true) the rule defines a read only access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'integrity' kerberos security mode.
kerberos5i_read_write
-
(Optional)
If enabled (true) the rule defines read and write access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'integrity' kerberos security mode. The 'kerberos5iReadOnly' value is ignored if this is enabled.
kerberos5p_read_only
-
(Optional)
If enabled (true) the rule defines a read only access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'privacy' kerberos security mode.
kerberos5p_read_write
-
(Optional)
If enabled (true) the rule defines read and write access for clients matching the 'allowedClients' specification. It enables nfs clients to mount using 'privacy' kerberos security mode. The 'kerberos5pReadOnly' value is ignored if this is enabled.
The restore_parameters
block supports:
source_snapshot
-
(Optional)
Full name of the snapshot to use for creating this volume.
source_snapshot
and source_backup
cannot be used simultaneously.
Format: projects/{{project}}/locations/{{location}}/volumes/{{volume}}/snapshots/{{snapshot}}
.
source_backup
-
(Optional)
Full name of the snapshot to use for creating this volume.
source_snapshot
and source_backup
cannot be used simultaneously.
Format: projects/{{project}}/locations/{{location}}/backupVaults/{{backupVaultId}}/backups/{{backup}}
.
The snapshot_policy
block supports:
enabled
-
(Optional)
Enables automated snapshot creation according to defined schedule. Default is false.
To disable automatic snapshot creation you have to remove the whole snapshot_policy block.
hourly_schedule
-
(Optional)
Hourly schedule policy.
Structure is documented below.
daily_schedule
-
(Optional)
Daily schedule policy.
Structure is documented below.
weekly_schedule
-
(Optional)
Weekly schedule policy.
Structure is documented below.
monthly_schedule
-
(Optional)
Monthly schedule policy.
Structure is documented below.
The hourly_schedule
block supports:
snapshots_to_keep
-
(Required)
The maximum number of snapshots to keep for the hourly schedule.
minute
-
(Optional)
Set the minute of the hour to create the snapshot (0-59), defaults to the top of the hour (0).
The daily_schedule
block supports:
snapshots_to_keep
-
(Required)
The maximum number of snapshots to keep for the daily schedule.
minute
-
(Optional)
Set the minute of the hour to create the snapshot (0-59), defaults to the top of the hour (0).
hour
-
(Optional)
Set the hour to create the snapshot (0-23), defaults to midnight (0).
The weekly_schedule
block supports:
snapshots_to_keep
-
(Required)
The maximum number of snapshots to keep for the weekly schedule.
minute
-
(Optional)
Set the minute of the hour to create the snapshot (0-59), defaults to the top of the hour (0).
hour
-
(Optional)
Set the hour to create the snapshot (0-23), defaults to midnight (0).
day
-
(Optional)
Set the day or days of the week to make a snapshot. Accepts a comma separated days of the week. Defaults to 'Sunday'.
The monthly_schedule
block supports:
snapshots_to_keep
-
(Required)
The maximum number of snapshots to keep for the monthly schedule
minute
-
(Optional)
Set the minute of the hour to create the snapshot (0-59), defaults to the top of the hour (0).
hour
-
(Optional)
Set the hour to create the snapshot (0-23), defaults to midnight (0).
days_of_month
-
(Optional)
Set the day or days of the month to make a snapshot (1-31). Accepts a comma separated number of days. Defaults to '1'.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/locations/{{location}}/volumes/{{name}}
state
-
State of the volume.
state_details
-
State details of the volume.
create_time
-
Create time of the volume. A timestamp in RFC3339 UTC "Zulu" format. Examples: "2023-06-22T09:13:01.617Z".
psa_range
-
Name of the Private Service Access allocated range. Inherited from storage pool.
network
-
VPC network name with format: projects/{{project}}/global/networks/{{network}}
. Inherited from storage pool.
service_level
-
Service level of the volume. Inherited from storage pool.
used_gib
-
Used capacity of the volume (in GiB). This is computed periodically and it does not represent the realtime usage.
ldap_enabled
-
Flag indicating if the volume is NFS LDAP enabled or not. Inherited from storage pool.
active_directory
-
Reports the resource name of the Active Directory policy being used. Inherited from storage pool.
kms_config
-
Reports the CMEK policy resurce name being used for volume encryption. Inherited from storage pool.
encryption_type
-
Reports the data-at-rest encryption type of the volume. Inherited from storage pool.
has_replication
-
Indicates whether the volume is part of a volume replication relationship.
mount_options
-
Reports mount instructions for this volume.
Structure is documented below.
terraform_labels
-
The combination of labels configured directly on the resource
and default labels configured on the provider.
effective_labels
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
The mount_options
block contains:
export
-
(Output)
Export path of the volume.
export_full
-
(Output)
Full export path of the volume.
Format for NFS volumes: <export_ip>:/<shareName>
Format for SMB volumes: \\\\netbios_prefix-four_random_hex_letters.domain_name\\shareName
instructions
-
(Output)
Human-readable mount instructions.
protocol
-
(Output)
Protocol to mount with.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.Volume can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/volumes/{{name}}
{{project}}/{{location}}/{{name}}
{{location}}/{{name}}
In Terraform v1.5.0 and later, use an import
block to import Volume using one of the formats above. For example:
import {
id = "projects/{{project}}/locations/{{location}}/volumes/{{name}}"
to = google_netapp_volume.default
}
When using the terraform import
command, Volume can be imported using one of the formats above. For example:
$ terraform import google_netapp_volume.default projects/{{project}}/locations/{{location}}/volumes/{{name}}
$ terraform import google_netapp_volume.default {{project}}/{{location}}/{{name}}
$ terraform import google_netapp_volume.default {{location}}/{{name}}
This resource supports User Project Overrides.