Make NFS backup through DLM opt-in

2i2c-org · Nov 26, 2024 · 73e21ee · 73e21ee
1 parent 99fa60d
commit 73e21ee
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 1 deletion.
diff --git a/terraform/aws/data-lifecycle-manager.tf b/terraform/aws/data-lifecycle-manager.tf
@@ -2,6 +2,7 @@
 # Data Lifecycle Manager (DLM) is used to automate backup of EBS volumes.
 
 resource "aws_iam_role" "dlm_lifecycle_role" {
+  count = var.enable_nfs_backup ? 1 : 0
   name = "dlm-lifecycle-role"
 
   assume_role_policy = jsonencode({
@@ -20,6 +21,7 @@ resource "aws_iam_role" "dlm_lifecycle_role" {
 
 # Attach required policy to the IAM role
 resource "aws_iam_role_policy" "dlm_lifecycle" {
+  count = var.enable_nfs_backup ? 1 : 0
   name = "dlm-lifecycle-policy"
   role = aws_iam_role.dlm_lifecycle_role.id
 
@@ -51,6 +53,7 @@ resource "aws_iam_role_policy" "dlm_lifecycle" {
 
 # Create the DLM lifecycle policy for NFS home directories backup
 resource "aws_dlm_lifecycle_policy" "nfs_backup" {
+  count = var.enable_nfs_backup ? 1 : 0
   description        = "DLM lifecycle policy for NFS home directories backup"
   execution_role_arn = aws_iam_role.dlm_lifecycle_role.arn
   state              = "ENABLED"

diff --git a/terraform/aws/ebs-volumes.tf b/terraform/aws/ebs-volumes.tf
@@ -8,7 +8,7 @@ resource "aws_ebs_volume" "nfs_home_dirs" {
 
   tags = merge(each.value.tags, {
     Name      = each.value.name_suffix == null ? "hub-nfs-home-dirs" : "hub-nfs-home-dirs-${each.value.name_suffix}"
-    NFSBackup = "true" # Tag to identify volumes to backup by Data Lifecycle Manager (DLM)
+    NFSBackup = var.enable_nfs_backup ? "true" : "false"  # Tag to identify volumes to backup by Data Lifecycle Manager (DLM)
   })
 
   lifecycle {

diff --git a/terraform/aws/projects/nasa-veda.tfvars b/terraform/aws/projects/nasa-veda.tfvars
@@ -226,4 +226,6 @@ ebs_volumes = {
   }
 }
 
+enable_nfs_backup = true
+
 original_single_efs_tags = { "2i2c:hub-name" : "prod" }
diff --git a/terraform/aws/variables.tf b/terraform/aws/variables.tf
@@ -308,3 +308,11 @@ variable "ebs_volumes" {
   server to store home directories for users.
   EOT
 }
+
+variable "enable_nfs_backup" {
+  type        = bool
+  default     = false
+  description = <<-EOT
+  Enable backup of NFS home directories using Data Lifecycle Manager (DLM).
+  EOT
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -226,4 +226,6 @@ ebs_volumes = { @@
       }
     }
+    enable_nfs_backup = true
     original_single_efs_tags = { "2i2c:hub-name" : "prod" }