AWS::FSx::FileSystem SelfManagedActiveDirectoryConfiguration
The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see Using Amazon FSx for Windows with your self-managed Microsoft Active Directory or Managing FSx for ONTAP SVMs.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "DnsIps" :
[ String, ... ]
, "DomainName" :String
, "FileSystemAdministratorsGroup" :String
, "OrganizationalUnitDistinguishedName" :String
, "Password" :String
, "UserName" :String
}
YAML
DnsIps:
- String
DomainName:String
FileSystemAdministratorsGroup:String
OrganizationalUnitDistinguishedName:String
Password:String
UserName:String
Properties
DnsIps
-
A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.
Required: Conditional
Type: Array of String
Minimum:
1
Maximum:
3
Update requires: No interruption
DomainName
-
The fully qualified domain name of the self-managed AD directory, such as
corp.example.com
.Required: No
Type: String
Pattern:
^[^\u0000\u0085\u2028\u2029\r\n]{1,255}$
Minimum:
1
Maximum:
255
Update requires: No interruption
FileSystemAdministratorsGroup
-
(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.
Required: No
Type: String
Pattern:
^[^\u0000\u0085\u2028\u2029\r\n]{1,256}$
Minimum:
1
Maximum:
256
Update requires: Replacement
OrganizationalUnitDistinguishedName
-
(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is
OU=FSx,DC=yourdomain,DC=corp,DC=com
. To learn more, see RFC 2253. If none is provided, the FSx file system is created in the default location of your self-managed AD directory. Important
Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.
Required: No
Type: String
Pattern:
^[^\u0000\u0085\u2028\u2029\r\n]{1,2000}$
Minimum:
1
Maximum:
2000
Update requires: No interruption
Password
-
The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.
Required: No
Type: String
Pattern:
^.{1,256}$
Minimum:
1
Maximum:
256
Update requires: No interruption
UserName
-
The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in
OrganizationalUnitDistinguishedName
, or in the default location of your AD domain.Required: No
Type: String
Pattern:
^[^\u0000\u0085\u2028\u2029\r\n]{1,256}$
Minimum:
1
Maximum:
256
Update requires: No interruption