Looking for some help on importing FSxN ONTAP existing resources. I have everything identical to existing infrastructure at AWS, however while importing the resource to Terraform, It keeps on notifying to destroy and recreate resources.
The area where it says "forces replacement", was verified multiple times but I am out of idea what is wrong or terraform is looking differently.
Any help would be great.
# module.fsxn05.aws_fsx_ontap_file_system.FsxnFs must be replaced
-/+ resource "aws_fsx_ontap_file_system" "FsxnFs" {
~ arn = "arn:aws:fsx:us-west-2:XXXXXXXXXX:file-system/fs-XXXXXXXXXX" -> (known after apply)
+ dns_name = (known after apply)
+ endpoint_ip_address_range = (known after apply)
~ endpoints = [
- {
- intercluster = [
- {
- dns_name = "intercluster.fs-XXXXXXXXXX.fsx.us-west-2.amazonaws.com"
- ip_addresses = [
- "XX.XX.XX.XX",
- "XX.XX.XX.XX",
]
},
]
- management = [
- {
- dns_name = "management.fs-XXXXXXXXXX.fsx.us-west-2.amazonaws.com"
- ip_addresses = [
- "XX.XX.XX.XX",
]
},
]
},
] -> (known after apply)
+ fsx_admin_password = (sensitive value)
~ id = "fs-XXXXXXXXXX" -> (known after apply)
~ network_interface_ids = [
- "eni-XXXXXXXXXX",
- "eni-XXXXXXXXXX",
] -> (known after apply)
~ owner_id = "XXXXXXXXXX" -> (known after apply)
+ security_group_ids = [ # forces replacement
+ "sg-XXXXXXXXXX",
]
~ vpc_id = "vpc-XXXXXXXXXX" -> (known after apply)
~ weekly_maintenance_start_time = "1:06:30" -> "6:07:00"
# (8 unchanged attributes hidden)
- disk_iops_configuration {
- iops = 15372 -> null
- mode = "AUTOMATIC" -> null
}
}
# module.fsxn05.aws_fsx_ontap_storage_virtual_machine.FsxnSvm[0] must be replaced
-/+ resource "aws_fsx_ontap_storage_virtual_machine" "FsxnSvm" {
~ arn = "arn:aws:fsx:us-west-2:XXXXXXXXXX:storage-virtual-machine/fs-XXXXXXXXXX/svm-XXXXXXXXXX" -> (known after apply)
~ endpoints = [
- {
- iscsi = [
- {
- dns_name = "iscsi.svm-XXXXXXXXXX.fs-XXXXXXXXXX.fsx.us-west-2.amazonaws.com"
- ip_addresses = [
- "XX.XX.XX.XX",
- "XX.XX.XX.XX",
]
},
]
- management = [
- {
- dns_name = "svm-XXXXXXXXXX.fs-XXXXXXXXXX.fsx.us-west-2.amazonaws.com"
- ip_addresses = [
- "XX.XX.XX.XX",
]
},
]
- nfs = [
- {
- dns_name = "svm-XXXXXXXXXX.fs-XXXXXXXXXX.fsx.us-west-2.amazonaws.com"
- ip_addresses = [
- "XX.XX.XX.XX",
]
},
]
- smb = [
- {
- dns_name = "<SVM-INSTANCE01.EXAMPLE.COM>"
- ip_addresses = [
- "XX.XX.XX.XX",
]
},
]
},
] -> (known after apply)
~ file_system_id = "fs-XXXXXXXXXX" -> (known after apply)
~ id = "svm-XXXXXXXXXX" -> (known after apply)
name = "<SVM-INSTANCE01>"
+ root_volume_security_style = "UNIX" # forces replacement
~ subtype = "DEFAULT" -> (known after apply)
+ svm_admin_password = (sensitive value)
~ uuid = "XXXXXXXXXX-2cbb-11ee-a56a-XXXXXXXXXX" -> (known after apply)
}
Please find my code below:
resource "aws_fsx_ontap_file_system" "FsxnFs" {
subnet_ids = var.private_subnet_ids
preferred_subnet_id = var.private_subnet_ids[0]
security_group_ids = [data.aws_security_group.sg_fsxn.id]
deployment_type = var.deployment_type
storage_type = "SSD"
storage_capacity = var.storage_capacity
throughput_capacity = var.throughput_capacity
kms_key_id = var.encryption_key
fsx_admin_password = data.aws_ssm_parameter.fsx_admin.value
weekly_maintenance_start_time = "6:07:00"
lifecycle {
ignore_changes = [
storage_capacity
]
}
tags = merge(
local.common_tags, local.project_tags,
{
"Name" : "ONTAP-${upper(var.filesystem_name)}-${upper(var.env)}-${var.region}"
}
)
}
resource "aws_fsx_ontap_storage_virtual_machine" "FsxnSvm" {
file_system_id = aws_fsx_ontap_file_system.FsxnFs.id
count = length(var.svm_names)
name = var.svm_names[count.index]
root_volume_security_style = "UNIX"
svm_admin_password = data.aws_ssm_parameter.svm_admin.value
active_directory_configuration {
netbios_name = var.svm_names[count.index]
self_managed_active_directory_configuration {
dns_ips = [
local.dns_primary,
local.dns_secondary
]
domain_name = upper("${local.dc_name}.example.com")
organizational_unit_distinguished_name = "OU=AWSServers,OU=Servers,DC=${local.dc_name},DC=example,DC=com"
username = "<SVC_UID>"
password = data.aws_ssm_parameter.core_awsfsx_svc.value
}
}
depends_on = [
aws_fsx_ontap_file_system.FsxnFs
]
tags = merge(
local.common_tags, local.project_tags,
{
"Name" = var.svm_names[count.index]
}
)
}
I found there is bug in AWS API that is not exporting some field like Security Group, File System Type, etc. I resolved it by downloading the state file and adding those section carefully. This may not be a proper resolution, but resolve your purposes at this moment.