Azure Storage Blob NFS Target
This page shows how to write Terraform for Storage Blob NFS Target and write them securely.
azurerm_hpc_cache_blob_nfs_target (Terraform)
The Blob NFS Target in Storage can be configured in Terraform with the resource name azurerm_hpc_cache_blob_nfs_target
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
The following arguments are supported:
cache_name
- (Required) The name of the HPC Cache, which the HPC Cache Blob NFS Target will be added to. Changing this forces a new HPC Cache Blob NFS Target to be created.name
- (Required) The name which should be used for this HPC Cache Blob NFS Target. Changing this forces a new HPC Cache Blob NFS Target to be created.namespace_path
- (Required) The client-facing file path of the HPC Cache Blob NFS Target.resource_group_name
- (Required) The name of the Resource Group where the HPC Cache Blob NFS Target should exist. Changing this forces a new HPC Cache Blob NFS Target to be created.storage_container_id
- (Required) The Resource Manager ID of the Storage Container used as the HPC Cache Blob NFS Target. Changing this forces a new resource to be created.
-> Note: This is the Resource Manager ID of the Storage Container, rather than the regular ID - and can be accessed on the azurerm_storage_container
Data Source/Resource as resource_manager_id
.
usage_model
- (Required) The type of usage of the HPC Cache Blob NFS Target. Possible values are:READ_HEAVY_INFREQ
,READ_HEAVY_CHECK_180
,WRITE_WORKLOAD_15
,WRITE_AROUND
,WRITE_WORKLOAD_CHECK_30
,WRITE_WORKLOAD_CHECK_60
andWRITE_WORKLOAD_CLOUDWS
.
access_policy_name
- (Optional) The name of the access policy applied to this target. Defaults todefault
.
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the HPC Cache Blob NFS Target.
Explanation in Terraform Registry
Manages a Blob NFSv3 Target within a HPC Cache.
NOTE:: By request of the service team the provider no longer automatically registering the
Microsoft.StorageCache
Resource Provider for this resource. To register it you can runaz provider register --namespace 'Microsoft.StorageCache'
.NOTE:: This resource depends on the NFSv3 enabled Storage Account, which has some prerequisites need to meet. Please checkout: https://docs.microsoft.com/en-us/azure/storage/blobs/network-file-system-protocol-support-how-to?tabs=azure-powershell.
Tips: Best Practices for The Other Azure Storage Resources
In addition to the azurerm_storage_account, Azure Storage has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_storage_account
Ensure to use HTTPS connections
It is better to use HTTPS instead of HTTP, which could be vulnerable to person-in-the-middle attacks.
azurerm_storage_account_network_rules
Ensure to allow Trusted Microsoft Services to bypass
It is better to allow Trusted Microsoft Services to bypass. They are not able to access storage account unless rules are set to allow them explicitly.
Azure Resource Manager Example
Azure Resource Manager code does not have the related resource.