AWS::DataSync::Agent
The AWS::DataSync::Agent
resource specifies an Amazon DataSync
agent to be deployed and activated on your host. The activation process associates your
agent with your account. In the activation process, you specify information such as the
Amazon Web Services Region that you want to activate the agent in. You activate the
agent in the Amazon Web Services Region where your target locations (in Amazon S3, Amazon
EFS, or Amazon FSx for Windows File Server) reside. Your tasks are created in this Amazon Web Services Region.
You can activate the agent in a virtual private cloud (VPC) or provide the agent access to a VPC endpoint so that you can run tasks without sending them over the public internet.
You can specify an agent to be used for more than one location. If a task uses multiple agents, all of them must have a status of AVAILABLE for the task to run. If you use multiple agents for a source location, the status of all the agents must be AVAILABLE for the task to run.
For more information, see Activating an Agent in the Amazon DataSync User Guide.
Agents are automatically updated by Amazon on a regular basis, using a mechanism that ensures minimal interruption to your tasks.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::DataSync::Agent", "Properties" : { "ActivationKey" :
String
, "AgentName" :String
, "SecurityGroupArns" :[ String, ... ]
, "SubnetArns" :[ String, ... ]
, "Tags" :[ Tag, ... ]
, "VpcEndpointId" :String
} }
YAML
Type: AWS::DataSync::Agent Properties: ActivationKey:
String
AgentName:String
SecurityGroupArns:- String
SubnetArns:- String
Tags:- Tag
VpcEndpointId:String
Properties
ActivationKey
-
Your agent activation key. You can get the activation key either by sending an HTTP GET request with redirects that enable you to get the agent IP address (port 80). Alternatively, you can get it from the DataSync console.
The redirect URL returned in the response provides you the activation key for your agent in the query string parameter
activationKey
. It might also include other activation-related parameters; however, these are merely defaults. The arguments you pass to this API call determine the actual configuration of your agent.For more information, see Creating and activating an agent in the Amazon DataSync User Guide.
Required: No
Type: String
Maximum:
29
Pattern:
[A-Z0-9]{5}(-[A-Z0-9]{5}){4}
Update requires: Replacement
AgentName
-
The name you configured for your agent. This value is a text reference that is used to identify the agent in the console.
Required: No
Type: String
Minimum:
1
Maximum:
256
Pattern:
^[a-zA-Z0-9\s+=._:@/-]+$
Update requires: No interruption
SecurityGroupArns
-
The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See SecurityGroupArns.
Pattern:
^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/.*$
Required: No
Type: List of String
Maximum:
1
Update requires: Replacement
SubnetArns
-
The Amazon Resource Names (ARNs) of the subnets in which DataSync will create elastic network interfaces for each data transfer task. The agent that runs a task must be private. When you start a task that is associated with an agent created in a VPC, or one that has access to an IP address in a VPC, then the task is also private. In this case, DataSync creates four network interfaces for each task in your subnet. For a data transfer to work, the agent must be able to route to all these four network interfaces.
Required: No
Type: List of String
Maximum:
1
Update requires: Replacement
Tags
-
The key-value pair that represents the tag that you want to associate with the agent. The value can be an empty string. This value helps you manage, filter, and search for your agents.
Note Valid characters for key and value are letters, spaces, and numbers representable in UTF-8 format, and the following special characters: + - = . _ : / @.
Required: No
Type: List of Tag
Maximum:
50
Update requires: No interruption
VpcEndpointId
-
The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by Amazon PrivateLink. If you don't have an Amazon PrivateLink VPC endpoint, see Amazon PrivateLink and VPC endpoints in the Amazon VPC User Guide.
For more information about activating your agent in a private network based on a VPC, see Using Amazon DataSync in a Virtual Private Cloud in the Amazon DataSync User Guide.
A VPC endpoint ID looks like this:
vpce-01234d5aff67890e1
.Required: No
Type: String
Pattern:
^vpce-[0-9a-f]{17}$
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the agent Amazon Resource Name (ARN). For
example:
arn:aws:datasync:us-east-2:111222333444:agent/agent-0b0addbeef44baca3
For more information about using the Ref
function, see Ref.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute
of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see
Fn::GetAtt.
AgentArn
-
The Amazon Resource Name (ARN) of the agent. Use the
ListAgents
operation to return a list of agents for your account and Amazon Web Services Region. EndpointType
-
The type of endpoint that your agent is connected to. If the endpoint is a VPC endpoint, the agent is not accessible over the public internet.
Examples
DataSync Agent
The following example specifies a DataSync agent named MyAgent
. The
agent activation key is included in the template.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "Specifies a DataSync agent", "Resources": { "Agent": { "Type": "AWS::DataSync::Agent", "Properties": { "ActivationKey": "AAAAA-7AAAA-GG7MC-3I9R3-27COD", "AgentName": "MyAgent" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Description: Specifies a DataSync agent Resources: Agent: Type: AWS::DataSync::Agent Properties: ActivationKey: AAAAA-7AAAA-GG7MC-3I9R3-27COD AgentName: MyAgent