This collection of AWS CloudFormation resource types allows management of ONTAP entities to be controlled using AWS CloudFormation. As for now the collection of resources is under private preview and can be activated using a key. To acquire a key, please email NetApp
End-user documentation including:
- Examples
- supported GitHub resource types:
| Resource | Description | Documentation |
|---|---|---|
| NetApp::FSxN::CifsShare | This resource type manages CIFS shares | /NetApp-FSxN-CifsShare |
| NetApp::FSxN::ClusterPeer | This resource type manages a cluster peer | /NetApp-FSxN-ClusterPeer |
| NetApp::FSxN::ExportPolicy | This resource type manages an export policy | /NetApp-FSxN-ExportPolicy |
| NetApp::FSxN::IGroup | This resource type manages an igroup | /NetApp-FSxN-IGroup |
| NetApp::FSxN::SnapMirror | This resource type manages a SnapMirror relationship | /NetApp-FSxN-SnapMirror |
| NetApp::FSxN::Snapshot | This resource type manages a volume snapshot | /NetApp-FSxN-Snapshot |
| NetApp::FSxN::SnapshotPolicy | This resource type manages a snapshot policy | /NetApp-FSxN-SnapshotPolicy |
| NetApp::FSxN::SvmPeer | This resource type manages an SVM peer | /NetApp-FSxN-SvmPeer |
| NetApp::FSxN::Volume | This resource type manages a volume | /NetApp-FSxN-Volume |
- Resource import and drifting not supported.
- AWS Account
- AWS CLI
- Preview Key
- FSxN Credentials Stored In AWS Secret Manager
- Execution Role
- Resource Activation
- Deploy a Link
A Link is an entity (Lambda) that act as a proxy between the CloudFormation service and the FSx for ONTAP file systems. The Link must be deployed in a VPC that has connectivity to the management endpoint of the FSx for ONTAP file systems. A single Link can be used for all FSx for ONTAP file systems if there is connectivity for all resources.
As for now the collection of resources is under private preview and can be activated using a key. To acquire a key, please email NetApp
FSx for ONTAP file systems credentials are required for the link communication. Credentials required to stored in AWS Secret Manger Service in the following formats:
Username:PasswordPassword(assumingfsxadmindefault user)
After you have your credentials stored create your AWS stack and use the secret ARN and secret Key input for SecretArn and SecretKey input parameters.
AWS Resource types requires Activation Execution IAM Role. The following Execution Role YAML can be deployed in a stack and used for the entire collection of resources.
---
AWSTemplateFormatVersion: "2010-09-09"
Description: >
This CloudFormation template creates a role assumed by CloudFormation
during CRUDL operations to mutate resources on behalf of the customer.
Resources:
ExecutionRole:
Type: AWS::IAM::Role
Properties:
MaxSessionDuration: 8400
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: resources.cloudformation.amazonaws.com
Action: sts:AssumeRole
Path: "/"
Policies:
- PolicyName: ResourceTypePolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- "fsx:DescribeFileSystems"
- "lambda:InvokeFunction"
- "secretsmanager:GetSecretValue"
Resource: "*"
Outputs:
ExecutionRoleArn:
Value:
Fn::GetAtt: ExecutionRole.Arn- Specific Resource Role with a strict condition in the assume policy can be found on each resource docs named under
resource-role.yaml
-
Sign in to the AWS Management Console with your account and navigate to CloudFormation.
-
Select "Public extensions" from the left-hand pane and filter by Extension type by Module and Publisher by "Third Party".
-
Use the search bar to filter by the "NetApp" prefix.
-
Select the Link module to view more information about its schema and click Activate.
-
On the Extension details page, specify:
- Extension name
- Automatic updates for minor version releases
- After you have your Link module configured, create your AWS stack and use the ARN as input for the
LinkArninput parameter.
-
Sign in to the AWS Management Console with your account and navigate to CloudFormation.
-
Select "Public extensions" from the left-hand pane and filter Publisher by "Third Party".
-
Use the search bar to filter by the "NetApp" prefix.
Note: All official Netapp resources begin with NetApp::FSxN and specify that they are Published by NetApp.
-
Select the desired resource name to view more information about its schema and click Activate.
-
On the Extension details page, specify:
- Extension name
- Execution role ARN
- Automatic updates for minor version releases
- Configuration (PreviewKey)
- In your terminal, specify the configuration data for the registered NetApp CloudFormation resource type, in the given account and region by using the SetTypeConfiguration operation:
For example:
aws cloudformation set-type-configuration \
--region us-west-2 --type RESOURCE \
--type-name NetApp::FSxN::CifsShare \
--configuration-alias default \
--configuration "{\"PreviewKey\":\"YOURPREVIEWKEY\"}"- After you have your resource configured, create your AWS stack that includes any of the activated ONTAP resources.
For more information about available commands and workflows, see the official AWS documentation.
The NetApp ONTAP CloudFormation resources are available on the CloudFormation Public Registry in the following regions:
| Code | Name |
|---|---|
| us-east-1 | US East (N. Virginia) |
| us-east-2 | US East (Ohio) |
| us-west-1 | US West (N. California) |
| us-west-2 | US West (Oregon) |
| af-south-1 | Africa (Cape Town) |
| ap-east -1 | Asia Pacific (Hong Kong) |
| ap-south-1 | Asia Pacific (Mumbai) |
| ap-south-2 | Asia Pacific (Hyderabad) |
| ap-northeast-1 | Asia Pacific (Tokyo) |
| ap-northeast-2 | Asia Pacific (Seoul) |
| ap-northeast-3 | Asia Pacific (Osaka) |
| ap-southeast-1 | Asia Pacific (Singapore) |
| ap-southeast-2 | Asia Pacific (Sydney) |
| ap-southeast-3 | Asia Pacific (Jakarta) |
| ap-southeast-4 | Asia Pacific (Melbourne) |
| ap-southeast-5 | Asia Pacific (Malaysia) |
| ca-central-1 | Canada (Central) |
| ca-west-1 | Canada West (Calgary) |
| eu-central-1 | Europe (Frankfurt) |
| eu-central-2 | Europe (Zurich) |
| eu-west-1 | Europe (Ireland) |
| eu-west-2 | Europe (London) |
| eu-west-3 | Europe (Paris) |
| eu-north-1 | Europe (Stockholm) |
| eu-south-1 | Europe (Milan) |
| eu-south-2 | Europe (Spain) |
| il-central-1 | Israel (Tel Aviv) |
| me-south-1 | Middle East (Bahrain) |
| me-central-1 | Middle East (UAE) |
| sa-east-1 | South America (São Paulo) |
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Shows how to create an IGroup
Resources:
IGroup:
Type: NetApp::FSxN::IGroup
Properties:
FsxAdminPasswordSource:
Secret:
SecretArn: !Ref SecretArn
SecretKey: !Ref SecretKey
FileSystemId: !Ref FSXIdSource
LinkArn: !Ref LinkArn
Name: igroupdemo
Initiators:
- Name: iqn.2022-10.com.storage:server
SVM:
Name: !Ref SVMName
OsType: linux
DeletionPolicy: Delete---
AWSTemplateFormatVersion: '2010-09-09'
Description: Shows how to create a volume
Resources:
Volume:
Type: NetApp::FSxN::Volume
Properties:
FsxAdminPasswordSource:
Secret:
SecretArn: !Ref SecretArn
SecretKey: !Ref SecretKey
FileSystemId: !Ref FSXIdSource
LinkArn: !Ref LinkArn
Name: !Ref VolumeName
SVM:
Name: !Ref SVMName
Size: 2147483648000
Aggregates:
- aggr1
DeletionPolicy: Delete---
AWSTemplateFormatVersion: '2010-09-09'
Description: Shows how to create a lun.
Resources:
Lun:
Type: NetApp::FSxN::Lun
Properties:
FsxAdminPasswordSource:
Secret:
SecretArn: !Ref SecretArn
SecretKey: !Ref SecretKey
FileSystemId: !Ref FSXIdSource
LinkArn: !Ref LinkArn
SVM:
Name: !Ref SVMName
OsType: aix
Name: !Sub '/vol/${VolumeName}/${LunName}'
Size: 4096
IGroups:
- igrouptest
DependsOn:
- Volume
- IGroup
DeletionPolicy: Delete