Azure Storage Blob NFS Target

This page shows how to write Terraform for Storage Blob NFS Target and write them securely.

azurerm_hpc_cache_blob_nfs_target (Terraform)

The Blob NFS Target in Storage can be configured in Terraform with the resource name azurerm_hpc_cache_blob_nfs_target. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The following arguments are supported:

  • cache_name - (Required) The name of the HPC Cache, which the HPC Cache Blob NFS Target will be added to. Changing this forces a new HPC Cache Blob NFS Target to be created.

  • name - (Required) The name which should be used for this HPC Cache Blob NFS Target. Changing this forces a new HPC Cache Blob NFS Target to be created.

  • namespace_path - (Required) The client-facing file path of the HPC Cache Blob NFS Target.

  • resource_group_name - (Required) The name of the Resource Group where the HPC Cache Blob NFS Target should exist. Changing this forces a new HPC Cache Blob NFS Target to be created.

  • storage_container_id - (Required) The Resource Manager ID of the Storage Container used as the HPC Cache Blob NFS Target. Changing this forces a new resource to be created.

-> Note: This is the Resource Manager ID of the Storage Container, rather than the regular ID - and can be accessed on the azurerm_storage_container Data Source/Resource as resource_manager_id.

  • usage_model - (Required) The type of usage of the HPC Cache Blob NFS Target. Possible values are: READ_HEAVY_INFREQ, READ_HEAVY_CHECK_180, WRITE_WORKLOAD_15, WRITE_AROUND, WRITE_WORKLOAD_CHECK_30, WRITE_WORKLOAD_CHECK_60 and WRITE_WORKLOAD_CLOUDWS.

  • access_policy_name - (Optional) The name of the access policy applied to this target. Defaults to default.

In addition to the Arguments listed above - the following Attributes are exported:

  • id - The ID of the HPC Cache Blob NFS Target.

Explanation in Terraform Registry

Manages a Blob NFSv3 Target within a HPC Cache.

NOTE:: By request of the service team the provider no longer automatically registering the Microsoft.StorageCache Resource Provider for this resource. To register it you can run az provider register --namespace 'Microsoft.StorageCache'.

NOTE:: This resource depends on the NFSv3 enabled Storage Account, which has some prerequisites need to meet. Please checkout: https://docs.microsoft.com/en-us/azure/storage/blobs/network-file-system-protocol-support-how-to?tabs=azure-powershell.

Tips: Best Practices for The Other Azure Storage Resources

In addition to the azurerm_storage_account, Azure Storage has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

azurerm_storage_account

Ensure to use HTTPS connections

It is better to use HTTPS instead of HTTP, which could be vulnerable to person-in-the-middle attacks.

risk-label

azurerm_storage_account_network_rules

Ensure to allow Trusted Microsoft Services to bypass

It is better to allow Trusted Microsoft Services to bypass. They are not able to access storage account unless rules are set to allow them explicitly.

Review your Azure Storage settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Azure Resource Manager Example

Azure Resource Manager code does not have the related resource.

Frequently asked questions

What is Azure Storage Blob NFS Target?

Azure Storage Blob NFS Target is a resource for Storage of Microsoft Azure. Settings can be wrote in Terraform.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.