RajendraVenkata
commented
3 years ago Hi Jack,
any update on the fix please? Rajendra
Open RajendraVenkata opened 3 years ago
RajendraVenkata
commented
3 years ago Hi Jack,
any update on the fix please? Rajendra
ljluestc
commented
5 days ago
resource "azurerm_netapp_account" "netapp_files" {
name = "anf-account1"
location = data.azurerm_resource_group.resource_group.location
resource_group_name = data.azurerm_resource_group.resource_group.name
active_directory {
username = data.azurerm_key_vault_secret.domain_user_name.value
password = data.azurerm_key_vault_secret.domain_secret.value
smb_server_name = "${var.landscape}acc"
dns_servers = ["xx.xx.xxx.xxx", "xx.xx.xxx.xxx"]
domain = "yyy.yyyyy.yyy"
organizational_unit = "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz"
}
lifecycle {
prevent_destroy = true
ignore_changes = [
active_directory
]
}
tags = local.tags_new
}
resource "azurerm_netapp_account" "netapp_files1" {
name = "anf-account2"
location = data.azurerm_resource_group.resource_group.location
resource_group_name = data.azurerm_resource_group.resource_group.name
lifecycle {
prevent_destroy = true
ignore_changes = [
active_directory
]
}
tags = local.tags_new
}
resource "azurerm_netapp_volume" "volume1" {
name = "volume1"
resource_group_name = data.azurerm_resource_group.resource_group.name
location = azurerm_netapp_account.netapp_files.location
account_name = azurerm_netapp_account.netapp_files.name
pool_name = azurerm_netapp_pool.netapp_pool.name
capacity_in_gb = 100
usage_threshold = 80
smb {
enabled = true
active_directory {
# Ensure this matches the AD settings if required
username = data.azurerm_key_vault_secret.domain_user_name.value
password = data.azurerm_key_vault_secret.domain_secret.value
domain = "yyy.yyyyy.yyy"
}
}
tags = local.tags_new
}
resource "azurerm_netapp_volume" "volume2" {
name = "volume2"
resource_group_name = data.azurerm_resource_group.resource_group.name
location = azurerm_netapp_account.netapp_files1.location
account_name = azurerm_netapp_account.netapp_files1.name
pool_name = azurerm_netapp_pool.netapp_pool.name
capacity_in_gb = 200
usage_threshold = 80
smb {
enabled = true
# No AD connection here if it should not be used
}
tags = local.tags_new
}
Hi Team,
Firstly while creating multiple NetApp accounts azurerm_netapp_account resource allows to specify active_directory information for a single netapp account, which is logical as netapp only supports a single AD connection.
Subsequent accounts will automatically get the AD connection details pre populated.
resource "azurerm_netapp_account" "netapp_files" { name = "anf account1" location = data.azurerm_resource_group.resource_group.location resource_group_name = data.azurerm_resource_group.resource_group.name
active_directory { username = data.azurerm_key_vault_secret.domain_user_name.value password = data.azurerm_key_vault_secret.domain_secret.value smb_server_name = "${var.landscape}acc" dns_servers = ["xx.xx.xxx.xxx", "xx.xx.xxx.xxx"] domain = "yyy.yyyyy.yyy" organizational_unit = "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz" }
lifecycle { prevent_destroy = true ignore_changes = [ active_directory ] } tags = local.tags_new
}
resource "azurerm_netapp_account" "netapp_files1" { name = "anf account2" location = data.azurerm_resource_group.resource_group.location resource_group_name = data.azurerm_resource_group.resource_group.name
lifecycle { prevent_destroy = true ignore_changes = [ active_directory ] } tags = local.tags_new
} However which creating volumes on the new account we get an error
Error: Error waiting for creation of NetApp Account "netapp_files1" (Resource Group "yyyyy"): Code="BadRequest" Message="Unable to delete Active Directory information while SMB/Kerberos/LDAP enabled volume still exists." Details=[{"code":"ADInfoDeleteAdInUse","message":"Unable to delete Active Directory information while SMB/Kerberos/LDAP enabled volume still exists."}] with azurerm_netapp_account.netapp_files on main.tf line xxx, in resource "azurerm_netapp_account" "netapp_files1":
Terraform Version
Terraform 1.0.1