powerscale_accesszone (Resource)

This resource is used to manage the Access Zone entity of PowerScale Array. We can Create, Update and Delete the Access Zone using this resource. We can also import an existing Access Zone from PowerScale array. PowerScale access zones allow you to isolate data and control who can access data in each zone.

Example Usage

/*
Copyright (c) 2023-2024 Dell Inc., or its subsidiaries. All Rights Reserved.

Licensed under the Mozilla Public License Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://mozilla.org/MPL/2.0/


Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

# Available actions: Create, Update (name, path, custom_auth_providers), Delete and Import
# After `terraform apply` of this example file it will create a new access zone with the name set in `name` attribute on the PowerScale

# PowerScale access zones allow you to isolate data and control who can access data in each zone.
resource "powerscale_accesszone" "zone" {

  # Required name of the new access zone
  name = "testAccessZoneSample"

  # Required Groupnet identifier to be assoicated with this access zone
  # Note can not be changed after the access zone is created
  groupnet = "groupnet0"

  # Required Specifies the access zone base directory path
  path = "/ifs"

  # Optional pecifies the list of authentication providers available on this access zone
  # A provider name should be of the form '[provider-type:]provider-name', the provider-type defaults to 'lsa-local-provider'.
  custom_auth_providers = [
    "localProviderName",
    "lsa-local-provider:testAccessZoneSample",
    "lsa-local-provider:localProviderName",
    "lsa-file-provider:fileProviderName",
    "lsa-activedirectory-provider:adsProviderName",
    "lsa-ldap-provider:testProvider",
  ]
}

# After the execution of above resource block, accesszone would have been created on the PowerScale array. For more information, Please check the terraform state file.

Schema

Required

  • groupnet (String) Groupnet identifier
  • name (String) Specifies the access zone name. (Update Supported)
  • path (String) Specifies the access zone base directory path. (Update Supported)

Optional

  • custom_auth_providers (List of String) An optional parameter which adds new auth_providers to the access zone. A provider name should be of the form ‘[provider-type:]provider-name’, the provider-type defaults to ’lsa-local-provider’. (Update Supported)

Read-Only

  • alternate_system_provider (String) Specifies an alternate system provider.
  • auth_providers (List of String) Specifies the list of authentication providers available on this access zone.
  • cache_entry_expiry (Number) Specifies amount of time in seconds to cache a user/group.
  • create_path (Boolean) Determines if a path is created when a path does not exist.
  • home_directory_umask (Number) Specifies the permissions set on automatically created user home directories.
  • id (String) Specifies the system-assigned ID for the access zone. This value is returned when an access zone is created through the POST method
  • ifs_restricted (Attributes List) Specifies a list of users and groups that have read and write access to /ifs. (see below for nested schema)
  • map_untrusted (String) Maps untrusted domains to this NetBIOS domain during authentication.
  • negative_cache_entry_expiry (Number) Specifies number of seconds the negative cache entry is valid.
  • netbios_name (String) Specifies the NetBIOS name.
  • skeleton_directory (String) Specifies the skeleton directory that is used for user home directories.
  • system (Boolean) True if the access zone is built-in.
  • system_provider (String) Specifies the system provider for the access zone.
  • user_mapping_rules (List of String) Specifies the current ID mapping rules.
  • zone_id (Number) Specifies the access zone ID on the system.

Nested Schema for ifs_restricted

Read-Only:

  • id (String) Specifies the serialized form of a persona, which can be ‘UID:0’, ‘USER:name’, ‘GID:0’, ‘GROUP:wheel’, or ‘SID:S-1-1’.
  • name (String) Specifies the persona name, which must be combined with a type.
  • type (String) Specifies the type of persona, which must be combined with a name.

Import

Import is supported using the following syntax:

# Copyright (c) 2023-2024 Dell Inc., or its subsidiaries. All Rights Reserved.

# Licensed under the Mozilla Public License Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

#     http://mozilla.org/MPL/2.0/


# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# The command is
# terraform import powerscale_accesszone.zone <id>
# Example:
terraform import powerscale_accesszone.zone access_zone
# after running this command, populate the name field and other required parameters in the config file to start managing this resource.
# Note: running "terraform show" after importing shows the current config/state of the resource. You can copy/paste that config to make it easier to manage the resource.