Secure Erase
Redfish iDRAC Secure Erase Terraform module
Terraform module which runs ISE (Instant Scramble Erase) on physical disks managed by a Dell iDRAC.
This module is a wrapper around https://github.com/dell/iDRAC-Redfish-Scripting/blob/master/Redfish%20Python/SecureEraseDevicesREDFISH.py
On create, the module fetches this script and uses it to check if the devices support ISE and fails if not.
On destroy, it uses this script to run ISE on all the disks.
The script, in turn, uses HTTPS Redfish API of the iDRAC.
~> Note: Atleast one of controller_names, controller_ids and pdisk_fqdds is required.
~> Note: pdisk_fqdds cannot be specified along with controller_names or controller_ids but controller_names and controller_ids can be specified together.
Prerequisites
| Name | Version |
|---|---|
| iDRAC | >= 9.0 |
| Firmware | >= 5.0, <= 7.0 |
| Git | |
| Python | >= 3.6 |
Usage
See examples directory for working examples to reference:
module "secure_erase" {
source = "./"
hostname = "my-server-1.myawesomecompany.org"
username = "admin"
password = "passw0rd"
ssl_verify = false
# exactly 1 among pdisk_fqdds, controller_ids and controller_names must be set
pdisk_fqdds = [
"Disk.Bay.1:Enclosure.Internal.0-1:RAID.Integrated.1-1",
"Disk.Bay.0:Enclosure.Internal.0-1:RAID.Integrated.1-1",
"Disk.Bay.2:Enclosure.Internal.0-1:RAID.Integrated.1-1"
]
# controller_ids = ["RAID.Mezzanine.1-1"]
# controller_names = ["PERC H730P Mini"]
}
Examples
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.5 |
| local | >= 2.4.1 |
| random | >= 3.6.0 |
| redfish | >= 1.2.0 |
Providers
| Name | Version |
|---|---|
| random | >= 3.6.0 |
| redfish | >= 1.2.0 |
| terraform | n/a |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| random_id.dir | resource |
| terraform_data.git_repo | resource |
| terraform_data.sec_erase | resource |
| redfish_storage.storage | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| controller_ids | List of storage controller IDs to run secure erase on. Conflicts with pdisk_fqdds. |
list(string) |
null |
no |
| controller_names | List of storage controller names to run secure erase on. Conflicts with pdisk_fqdds. |
list(string) |
null |
no |
| hostname | Hostname or IP of the iDRAC. | string |
n/a | yes |
| password | Password of the iDRAC. | string |
n/a | yes |
| pdisk_fqdds | List of disk FQDDs to run secure erase on. Must be specified if controller_names and controller_ids are not specified. Conflicts with controller_names and controller_ids. |
list(string) |
null |
no |
| python3_path | Path to python3 executable. | string |
"/usr/bin/python3" |
no |
| ssl_verify | Whether to verify SSL certificate, default is true. | bool |
true |
no |
| username | Username of the iDRAC. | string |
n/a | yes |
| working_directory | Working directory for this module. The module will manage a temporary directory here, so this directory should have write permissions. Defaults to the root module directory. | string |
null |
no |
Outputs
| Name | Description |
|---|---|
| physical_disk_fqdds | List of physical disk FQDDs on which secure erase would be run. |
| temp_dir | Temporary directory used by this module. |