I have a single AZ aws windows Fsx created with 3 months of data. it was created using terraform. Can I convert the existing single-az to multi-az without any downtime ?
Any risk involved or DNS changes of Fsx endpoints? Any important points to consider before changing it?
I didn't find any aws KB in this scenario
Please see this link: Automate the Upgrade of an Amazon FSx for Windows File Server to a Multi-AZ deployment
The above blog post can assist in understanding the migration workflow and it provides a cloud formation template that automates a lot of the steps involved.
This part of the public documentation provides some details about each migration step: https://docs.aws.amazon.com/fsx/latest/WindowsGuide/migrate-to-fsx.html
But I shall elaborate here as well:
Risks
DNS Alias cut over
There might be slight downtime (few minutes or seconds depending on the TTL of DNS record) when you cut over the DNS alias
Permissions
NTFS or share permissions could be lost if not cloned over to the multi az correctly. (Use robocopy or AWS DataSync)
Configurations
Encryption config if changed from default, would need to be recreated on multi-az along with Volume Shadow Copy and Data de-duplication schedule.
If security audit logs are enabled on single-az, it will need to be re setup on multi-az and pointed to a new CloudWatch log group (the automation in the blog post above takes care of this step as well.)
I trust you will find the above information helpful, please write back if you have any questions.