diff --git a/cloudmanager/cvo_aws.go b/cloudmanager/cvo_aws.go index 7c7991b..24e05ac 100644 --- a/cloudmanager/cvo_aws.go +++ b/cloudmanager/cvo_aws.go @@ -78,7 +78,8 @@ type vsaMetadata struct { // awsEncryptionParameters the input for requesting a CVO type awsEncryptionParameters struct { - KmsKeyID string `structs:"kmsKeyId,omitempty"` + KmsKeyID string `structs:"kmsKeyId,omitempty"` + KmsKeyArn string `structs:"kmsKeyArn,omitempty"` } // deleteCVODetails the users input for deleting a cvo diff --git a/cloudmanager/cvo_azure.go b/cloudmanager/cvo_azure.go index 24454d7..e062904 100644 --- a/cloudmanager/cvo_azure.go +++ b/cloudmanager/cvo_azure.go @@ -14,30 +14,31 @@ var AzureLicenseTypes = []string{"azure-cot-standard-paygo", "azure-cot-premium- // createCVOAzureDetails the users input for creating a CVO type createCVOAzureDetails struct { - Name string `structs:"name"` - DataEncryptionType string `structs:"dataEncryptionType"` - WorkspaceID string `structs:"tenantId,omitempty"` - Region string `structs:"region"` - SubscriptionID string `structs:"subscriptionId"` - VnetID string `structs:"vnetId,omitempty"` - SvmPassword string `structs:"svmPassword"` - VsaMetadata vsaMetadata `structs:"vsaMetadata"` - DiskSize diskSize `structs:"diskSize"` - StorageType string `structs:"storageType"` - SubnetID string `structs:"subnetId"` - Cidr string `structs:"cidr"` - CapacityTier string `structs:"capacityTier,omitempty"` - TierLevel string `structs:"tierLevel,omitempty"` - NssAccount string `structs:"nssAccount,omitempty"` - WritingSpeedState string `structs:"writingSpeedState,omitempty"` - OptimizedNetworkUtilization bool `structs:"optimizedNetworkUtilization"` - SecurityGroupID string `structs:"securityGroupId,omitempty"` - CloudProviderAccount string `structs:"cloudProviderAccount,omitempty"` - BackupVolumesToCbs bool `structs:"backupVolumesToCbs"` - EnableCompliance bool `structs:"enableCompliance"` - EnableMonitoring bool `structs:"enableMonitoring"` - AllowDeployInExistingRg bool `structs:"allowDeployInExistingRg,omitempty"` - AzureTags []userTags `structs:"azureTags,omitempty"` + Name string `structs:"name"` + DataEncryptionType string `structs:"dataEncryptionType"` + WorkspaceID string `structs:"tenantId,omitempty"` + Region string `structs:"region"` + SubscriptionID string `structs:"subscriptionId"` + VnetID string `structs:"vnetId,omitempty"` + SvmPassword string `structs:"svmPassword"` + VsaMetadata vsaMetadata `structs:"vsaMetadata"` + DiskSize diskSize `structs:"diskSize"` + StorageType string `structs:"storageType"` + SubnetID string `structs:"subnetId"` + Cidr string `structs:"cidr"` + CapacityTier string `structs:"capacityTier,omitempty"` + TierLevel string `structs:"tierLevel,omitempty"` + AzureEncryptionParameters azureEncryptionParameters `structs:"azureEncryptionParameters,omitempty"` + NssAccount string `structs:"nssAccount,omitempty"` + WritingSpeedState string `structs:"writingSpeedState,omitempty"` + OptimizedNetworkUtilization bool `structs:"optimizedNetworkUtilization"` + SecurityGroupID string `structs:"securityGroupId,omitempty"` + CloudProviderAccount string `structs:"cloudProviderAccount,omitempty"` + BackupVolumesToCbs bool `structs:"backupVolumesToCbs"` + EnableCompliance bool `structs:"enableCompliance"` + EnableMonitoring bool `structs:"enableMonitoring"` + AllowDeployInExistingRg bool `structs:"allowDeployInExistingRg,omitempty"` + AzureTags []userTags `structs:"azureTags,omitempty"` IsHA bool ResourceGroup string `structs:"resourceGroup,omitempty"` VnetResourceGroup string @@ -46,10 +47,15 @@ type createCVOAzureDetails struct { HAParams haParamsAzure `structs:"haParams,omitempty"` } +type azureEncryptionParameters struct { + Key string `structs:"key,omitempty"` +} + // haParamsAzure the input for requesting a CVO type haParamsAzure struct { PlatformSerialNumberNode1 string `structs:"platformSerialNumberNode1,omitempty"` PlatformSerialNumberNode2 string `structs:"platformSerialNumberNode2,omitempty"` + EnableHTTPS bool `structs:"enableHttps"` } // cvoListAzure the users input for getting cvo @@ -324,7 +330,7 @@ func validateCVOAzureParams(cvoDetails createCVOAzureDetails) error { } if cvoDetails.IsHA == false && (cvoDetails.HAParams.PlatformSerialNumberNode1 != "" || cvoDetails.HAParams.PlatformSerialNumberNode2 != "") { - return fmt.Errorf("both platform_serial_number_node1 and platform_serial_number_node2 parameters are required when having ha type as true and license_type as azure-ha-cot-premium-byol") + return fmt.Errorf("both platform_serial_number_node1 and platform_serial_number_node2 parameters are not required when having ha type as false") } if cvoDetails.VsaMetadata.LicenseType == "azure-cot-premium-byol" { diff --git a/cloudmanager/resource_netapp_cloudmanager_connector_azure.go b/cloudmanager/resource_netapp_cloudmanager_connector_azure.go index 7f10fda..52c5235 100644 --- a/cloudmanager/resource_netapp_cloudmanager_connector_azure.go +++ b/cloudmanager/resource_netapp_cloudmanager_connector_azure.go @@ -64,7 +64,7 @@ func resourceOCCMAzure() *schema.Resource { Type: schema.TypeString, Optional: true, ForceNew: true, - Default: "Standard_D2s_v3", + Default: "Standard_DS3_v2", }, "network_security_group_name": { Type: schema.TypeString, diff --git a/cloudmanager/resource_netapp_cloudmanager_cvo_aws.go b/cloudmanager/resource_netapp_cloudmanager_cvo_aws.go index 421795e..16d4b92 100644 --- a/cloudmanager/resource_netapp_cloudmanager_cvo_aws.go +++ b/cloudmanager/resource_netapp_cloudmanager_cvo_aws.go @@ -62,6 +62,16 @@ func resourceCVOAWS() *schema.Resource { Default: "TB", ValidateFunc: validation.StringInSlice([]string{"GB", "TB"}, false), }, + "aws_encryption_kms_key_id": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + }, + "aws_encryption_kms_key_arn": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + }, "ontap_version": { Type: schema.TypeString, Optional: true, @@ -326,6 +336,17 @@ func resourceCVOAWSCreate(d *schema.ResourceData, meta interface{}) error { cvoDetails.VsaMetadata.LicenseType = d.Get("license_type").(string) cvoDetails.VsaMetadata.InstanceType = d.Get("instance_type").(string) + if cvoDetails.DataEncryptionType == "AWS" { + // Only one of KMS key id or KMS arn should be specified + if c, ok := d.GetOk("aws_encryption_kms_key_id"); ok { + cvoDetails.AwsEncryptionParameters.KmsKeyID = c.(string) + } + + if c, ok := d.GetOk("aws_encryption_kms_key_arn"); ok { + cvoDetails.AwsEncryptionParameters.KmsKeyArn = c.(string) + } + } + if c, ok := d.GetOk("vpc_id"); ok { cvoDetails.VpcID = c.(string) } diff --git a/cloudmanager/resource_netapp_cloudmanager_cvo_azure.go b/cloudmanager/resource_netapp_cloudmanager_cvo_azure.go index 3a2a744..121a66e 100644 --- a/cloudmanager/resource_netapp_cloudmanager_cvo_azure.go +++ b/cloudmanager/resource_netapp_cloudmanager_cvo_azure.go @@ -68,6 +68,11 @@ func resourceCVOAzure() *schema.Resource { Default: "TB", ValidateFunc: validation.StringInSlice([]string{"GB", "TB"}, false), }, + "azure_encryption_parameters": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + }, "ontap_version": { Type: schema.TypeString, Optional: true, @@ -215,6 +220,12 @@ func resourceCVOAzure() *schema.Resource { Optional: true, ForceNew: true, }, + "ha_enable_https": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Default: false, + }, "client_id": { Type: schema.TypeString, Required: true, @@ -260,6 +271,11 @@ func resourceCVOAzureCreate(d *schema.ResourceData, meta interface{}) error { cvoDetails.VsaMetadata.LicenseType = d.Get("license_type").(string) cvoDetails.VsaMetadata.InstanceType = d.Get("instance_type").(string) + if cvoDetails.DataEncryptionType == "AZURE" { + if c, ok := d.GetOk("azure_encryption_parameters"); ok { + cvoDetails.AzureEncryptionParameters.Key = c.(string) + } + } if c, ok := d.GetOk("cidr"); ok { cvoDetails.Cidr = c.(string) } @@ -295,16 +311,18 @@ func resourceCVOAzureCreate(d *schema.ResourceData, meta interface{}) error { cvoDetails.SerialNumber = c.(string) } - if c, ok := d.GetOk("platform_serial_number_node1"); ok { - cvoDetails.HAParams.PlatformSerialNumberNode1 = c.(string) - } + cvoDetails.IsHA = d.Get("is_ha").(bool) + if cvoDetails.IsHA == true { + if c, ok := d.GetOk("platform_serial_number_node1"); ok { + cvoDetails.HAParams.PlatformSerialNumberNode1 = c.(string) + } - if c, ok := d.GetOk("platform_serial_number_node2"); ok { - cvoDetails.HAParams.PlatformSerialNumberNode2 = c.(string) + if c, ok := d.GetOk("platform_serial_number_node2"); ok { + cvoDetails.HAParams.PlatformSerialNumberNode2 = c.(string) + } + cvoDetails.HAParams.EnableHTTPS = d.Get("ha_enable_https").(bool) } - cvoDetails.IsHA = d.Get("is_ha").(bool) - err := validateCVOAzureParams(cvoDetails) if err != nil { log.Print("Error validating parameters") diff --git a/cloudmanager/resource_netapp_cloudmanager_cvo_gcp.go b/cloudmanager/resource_netapp_cloudmanager_cvo_gcp.go index eb69e14..be61d8a 100644 --- a/cloudmanager/resource_netapp_cloudmanager_cvo_gcp.go +++ b/cloudmanager/resource_netapp_cloudmanager_cvo_gcp.go @@ -58,7 +58,7 @@ func resourceCVOGCP() *schema.Resource { Optional: true, ForceNew: true, Default: "pd-ssd", - ValidateFunc: validation.StringInSlice([]string{"pd-standard", "pd-ssd"}, false), + ValidateFunc: validation.StringInSlice([]string{"pd-balanced", "pd-standard", "pd-ssd"}, false), }, "gcp_volume_size": { Type: schema.TypeInt, diff --git a/cloudmanager/resource_netapp_cloudmanager_volume.go b/cloudmanager/resource_netapp_cloudmanager_volume.go index b9023af..6a7c61c 100644 --- a/cloudmanager/resource_netapp_cloudmanager_volume.go +++ b/cloudmanager/resource_netapp_cloudmanager_volume.go @@ -580,9 +580,10 @@ func resourceCVOVolumeUpdate(d *schema.ResourceData, meta interface{}) error { } if d.HasChange("permission") || d.HasChange("users") { volume.ShareInfoUpdate.ShareName = d.Get("share_name").(string) + volume.ShareInfoUpdate.AccessControlList = make([]accessControlList, 1) volume.ShareInfoUpdate.AccessControlList[0].Permission = d.Get("permission").(string) - users := make([]string, 0, d.Get("Users").(*schema.Set).Len()) - for _, x := range d.Get("Users").(*schema.Set).List() { + users := make([]string, 0, d.Get("users").(*schema.Set).Len()) + for _, x := range d.Get("users").(*schema.Set).List() { users = append(users, x.(string)) } volume.ShareInfoUpdate.AccessControlList[0].Users = users diff --git a/website/docs/d/volume.html.markdown b/website/docs/d/volume.html.markdown index 1a274e4..d80316b 100644 --- a/website/docs/d/volume.html.markdown +++ b/website/docs/d/volume.html.markdown @@ -41,7 +41,7 @@ The following attributes are exported in addition to the arguments listed above: * `svm_name` - The name of the SVM. * `size` - The volume size, supported with decimal numbers. * `size_unit` - ['Byte' or 'KB' or 'MB' or 'GB' or 'TB']. -* `provider_volume_type` - The underlying cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-ssd','pd-standard'] +* `provider_volume_type` - The underlying cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-balanced', 'pd-ssd','pd-standard'] * `enable_thin_provisioning` - Enable thin provisioning. The default is 'true'. * `enable_compression` - Enable compression. The default is 'true'. * `enable_deduplication` - Enable deduplication. The default is 'true'. diff --git a/website/docs/r/aggregate.html.markdown b/website/docs/r/aggregate.html.markdown index ab0db5b..a1bb538 100644 --- a/website/docs/r/aggregate.html.markdown +++ b/website/docs/r/aggregate.html.markdown @@ -38,7 +38,7 @@ The following arguments are supported: * `disk_size_size` - (Optional) The required size of the disks. For GB, the unit can be: [100 or 500]. For TB, the unit can be: [1,2,4,8,16]. The default is '1' * `disk_size_unit` - (Optional) The disk size unit ['GB' or 'TB']. The default is 'TB' * `home_node` - (Optional) The home node that the new aggregate should belong to. The default is the first node. -* `provider_volume_type` - (Optional) The cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-ssd','pd-standard'] +* `provider_volume_type` - (Optional) The cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-balanced', 'pd-ssd','pd-standard'] * `capacity_tier` - (Optional) The aggregate's capacity tier for tiering cold data to object storage: ['S3', 'Blob', 'cloudStorage']. The default values for each cloud provider are as follows: Amazon => 'S3', Azure => 'Blob', GCP => 'cloudStorage'. If NONE, the capacity tier won't be set on aggregate creation. * `iops` - (Optional) Provisioned IOPS. Needed only when 'providerVolumeType' is 'io1' or 'gp3' * `throughput` - (Optional) Required only when 'providerVolumeType' is 'gp3'. diff --git a/website/docs/r/connector_azure.html.markdown b/website/docs/r/connector_azure.html.markdown index 9534218..51771c1 100644 --- a/website/docs/r/connector_azure.html.markdown +++ b/website/docs/r/connector_azure.html.markdown @@ -57,7 +57,7 @@ The following arguments are supported: * `admin_password` - (Required) The password for the Connector. * `vnet_resource_group` - (Optional) The resource group in Azure associated with the virtual network. If not provided, it’s assumed that the VNet is within the previously specified resource group. * `network_security_resource_group` - (Optional) The resource group in Azure associated with the security group. If not provided, it’s assumed that the security group is within the previously specified resource group. -* `virtual_machine_size` - (Optional) The virtual machine type. (for example, Standard_D2s_v3). At least 4 CPU and 16 GB of memory are required. +* `virtual_machine_size` - (Optional) The virtual machine type. (for example, Standard_DS3_v2). At least 4 CPU and 16 GB of memory are required. * `proxy_url` - (Optional) The proxy URL, if using a proxy to connect to the internet. * `proxy_user_name` - (Optional) The proxy user name, if using a proxy to connect to the internet. * `proxy_password` - (Optional) The proxy password, if using a proxy to connect to the internet. diff --git a/website/docs/r/cvo_aws.html.markdown b/website/docs/r/cvo_aws.html.markdown index 497c77b..e77f72b 100644 --- a/website/docs/r/cvo_aws.html.markdown +++ b/website/docs/r/cvo_aws.html.markdown @@ -85,6 +85,8 @@ The following arguments are supported: * `vpc_id` - (Optional) The VPC ID where the working environment will be created. If this argument isn't provided, the VPC will be calculated by using the provided subnet ID. * `workspace_id` - (Optional) The ID of the Cloud Manager workspace where you want to deploy Cloud Volumes ONTAP. If not provided, Cloud Manager uses the first workspace. You can find the ID from the Workspace tab on [https://cloudmanager.netapp.com](https://cloudmanager.netapp.com). * `data_encryption_type` - (Optional) The type of encryption to use for the working environment: ['AWS', 'NONE']. The default is 'AWS'. +* `aws_encryption_kms_key_id` - (Optional) AWS encryption parameters. It is required if using aws encryption. Only one of KMS key id or KMS arn should be specified +* `aws_encryption_kms_key_arn` - (Optional) AWS encryption parameters. It is requried if using aws encryption. Only one of KMS key id or KMS arn should be specified * `ebs_volume_size` - (Optional) EBS volume size for the first data aggregate. For GB, the unit can be: [100 or 500]. For TB, the unit can be: [1,2,4,8,16]. The default is '1' . * `ebs_volume_size_unit` - (Optional) ['GB' or 'TB']. The default is 'TB'. * `ebs_volume_type` - (Optional) The EBS volume type for the first data aggregate ['gp3', 'gp2','io1','st1','sc1']. The default is 'gp2'. diff --git a/website/docs/r/cvo_azure.html.markdown b/website/docs/r/cvo_azure.html.markdown index 1fad874..d06ddd1 100644 --- a/website/docs/r/cvo_azure.html.markdown +++ b/website/docs/r/cvo_azure.html.markdown @@ -87,6 +87,7 @@ The following arguments are supported: * `vnet_resource_group` - (Required) The resource group in Azure associated to the virtual network. * `workspace_id` - (Optional) The ID of the Cloud Manager workspace where you want to deploy Cloud Volumes ONTAP. If not provided, Cloud Manager uses the first workspace. You can find the ID from the Workspace tab on [https://cloudmanager.netapp.com](https://cloudmanager.netapp.com). * `data_encryption_type` - (Optional) The type of encryption to use for the working environment: ['AZURE', 'NONE']. The default is 'AZURE'. +* `azure_encryption_parameters` - (Optional) AZURE encryption parameters. It is required if using AZURE encryption. * `storage_type` - (Optional) The type of storage for the first data aggregate: ['Premium_LRS', 'Standard_LRS', 'StandardSSD_LRS']. The default is 'Premium_LRS' * `svm_password` - (Required) The admin password for Cloud Volumes ONTAP. * `client_id` - (Required) The client ID of the Cloud Manager Connector. You can find the ID from a previous create Connector action as shown in the example, or from the Connector tab on [https://cloudmanager.netapp.com](https://cloudmanager.netapp.com). @@ -112,7 +113,7 @@ The following arguments are supported: * `is_ha` - (Optional) Indicate whether the working environment is an HA pair or not [true, false]. The default is false. * `platform_serial_number_node1` - (Optional) For HA BYOL, the serial number for the first node. * `platform_serial_number_node2` - (Optional) For HA BYOL, the serial number for the second node. - +* `ha_enable_https` - (Optional) For HA, enable the HTTPS connection from CVO to storage accounts. This can impact write performance. The default is false. The `azure_tag` block supports: * `tag_key` - (Required) The key of the tag. diff --git a/website/docs/r/cvo_gcp.html.markdown b/website/docs/r/cvo_gcp.html.markdown index c53de90..ee0ee96 100644 --- a/website/docs/r/cvo_gcp.html.markdown +++ b/website/docs/r/cvo_gcp.html.markdown @@ -44,7 +44,7 @@ The following arguments are supported: * `workspace_id` - (Optional) The ID of the Cloud Manager workspace where you want to deploy Cloud Volumes ONTAP. If not provided, Cloud Manager uses the first workspace. You can find the ID from the Workspace tab on [https://cloudmanager.netapp.com](https://cloudmanager.netapp.com). * `data_encryption_type` - (Optional) The type of data encryption to use for the working environment: ['GCP', 'NONE']. The default is 'GCP'. * `gcp_encryption_parameters` - (Optional) Required if using gcp encryption with custom key. Key format is 'projects/default-project/locations/global/keyRings/test/cryptoKeys/key1'. -* `gcp_volume_type` - (Optional) The type of the storage for the first data aggregate: ['pd-standard', 'pd-ssd']. The default is 'pd-ssd' +* `gcp_volume_type` - (Optional) The type of the storage for the first data aggregate: ['pd-balanced', 'pd-standard', 'pd-ssd']. The default is 'pd-ssd' * `subnet_id` - (Optional) The name of the subnet for Cloud Volumes ONTAP. The default is: 'default'. * `network_project_id` - (Optional) The project id in GCP associated with the Subnet. If not provided, it’s assumed that the Subnet is within the previously specified project id. * `vpc_id` - (Optional) The name of the VPC. diff --git a/website/docs/r/cvo_volume.html.markdown b/website/docs/r/cvo_volume.html.markdown index 87d8dba..6fc3cf3 100644 --- a/website/docs/r/cvo_volume.html.markdown +++ b/website/docs/r/cvo_volume.html.markdown @@ -81,7 +81,7 @@ The following arguments are supported: * `svm_name` - (Optional) The name of the SVM. The default SVM name is used, if a name isn't provided. * `size` - (Required) The volume size, supported with decimal numbers. * `size_unit` - (Required) ['Byte' or 'KB' or 'MB' or 'GB' or 'TB']. -* `provider_volume_type` - (Required) The underlying cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-ssd','pd-standard'] +* `provider_volume_type` - (Required) The underlying cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-balanced', 'pd-ssd','pd-standard'] * `client_id` - (Required) The client ID of the Cloud Manager Connector. You can find the ID from a previous create Connector action as shown in the example, or from the Connector tab on [https://cloudmanager.netapp.com](https://cloudmanager.netapp.com). * `enable_thin_provisioning` - (Optional) Enable thin provisioning. The default is 'true'. * `enable_compression` - (Optional) Enable compression. The default is 'true'. diff --git a/website/docs/r/snapmirror.html.markdown b/website/docs/r/snapmirror.html.markdown index 09d830f..89e21c1 100644 --- a/website/docs/r/snapmirror.html.markdown +++ b/website/docs/r/snapmirror.html.markdown @@ -49,7 +49,7 @@ The following arguments are supported: * `schedule` - (Optional) Schedule name. The default is '1hour'. * `max_transfer_rate` - (Required) Maximum transfer rate limit (KB/s). Use 0 for no limit, otherwise use number between 1024 and 2,147,482,624. The default is 100000. * `destination_aggregate_name` - (Optional) The aggregate in which the volume will be created. If not provided, Cloud Manager chooses the best aggregate for you. -* `provider_volume_type` - (Optional) The underlying cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-ssd','pd-standard'] +* `provider_volume_type` - (Optional) The underlying cloud provider volume type. For AWS: ['gp3', 'gp2', 'io1', 'st1', 'sc1']. For Azure: ['Premium_LRS','Standard_LRS','StandardSSD_LRS']. For GCP: ['pd-balanced', 'pd-ssd','pd-standard'] * `capacity_tier` - (Optional) The volume's capacity tier for tiering cold data to object storage: ['S3', 'Blob', 'cloudStorage']. The default values for each cloud provider are as follows: Amazon => 'S3', Azure => 'Blob', GCP => 'cloudStorage'. If none, the capacity tier won't be set on volume creation. ## Attributes Reference