AWS::FSx::StorageVirtualMachine - Amazon CloudFormation
Creates a storage virtual machine (SVM) for an Amazon FSx for ONTAP file system.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "Type" : "AWS::FSx::StorageVirtualMachine", "Properties" : { "ActiveDirectoryConfiguration" : ActiveDirectoryConfiguration, "FileSystemId" : String, "Name" : String, "RootVolumeSecurityStyle" : String, "SvmAdminPassword" : String, "Tags" : [ Tag, ... ] } }


Type: AWS::FSx::StorageVirtualMachine Properties: ActiveDirectoryConfiguration: ActiveDirectoryConfiguration FileSystemId: String Name: String RootVolumeSecurityStyle: String SvmAdminPassword: String Tags: - Tag



Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.

Required: No

Type: ActiveDirectoryConfiguration

Update requires: No interruption


Specifies the FSx for ONTAP file system on which to create the SVM.

Required: Yes

Type: String

Update requires: Replacement


The name of the SVM.

Required: Yes

Type: String

Pattern: ^[^\u0000\u0085\u2028\u2029\r\n]{1,47}$

Minimum: 1

Maximum: 47

Update requires: Replacement


The security style of the root volume of the SVM. Specify one of the following values:

  • UNIX if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.

  • NTFS if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.

  • MIXED This is an advanced setting. For more information, see Volume security style in the Amazon FSx for NetApp ONTAP User Guide.

Required: No

Type: String

Allowed values: UNIX | NTFS | MIXED

Update requires: Replacement


Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's fsxadmin user to manage the SVM. For more information, see Managing SVMs using the NetApp ONTAP CLI in the FSx for ONTAP User Guide.

Required: No

Type: String

Update requires: No interruption


A list of Tag values, with a maximum of 50 elements.

Required: No

Type: Array of Tag

Update requires: No interruption

Return values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource ID, such as svm-01234567890123456. For example:

{"Ref": "svm_logical_id"} returns


For more information about using the Ref function, see Ref.


The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.


Returns the storage virtual machine's Amazon Resource Name (ARN).

Example: arn:aws:fsx:us-east-2:111111111111:storage-virtual-machine/fs-0123456789abcdef1/svm-01234567890123456


Returns the storgage virtual machine's system generated ID.

Example: svm-0123456789abcedf1


Returns the storage virtual machine's system generated unique identifier (UUID).

Example: abcd0123-cd45-ef67-11aa-1111aaaa23bc


Create an Amazon FSx for NetApp ONTAP Storage Virtual Machine

The following examples create an Amazon FSx for NetApp ONTAP storage virtual machine (SVN) that's joined to a self-managed Active Directory domain.


{ "OntapStorageVirtualMachineWithAllConfigs": { "Type": "AWS::FSx::StorageVirtualMachine", "Properties": { "ActiveDirectoryConfiguration": { "NetBiosName": "svm1", "SelfManagedActiveDirectoryConfiguration": { "DnsIps": [ "" ], "DomainName": "CFN-CUSTOMER-AD.SIMBA.LOCAL", "FileSystemAdministratorsGroup": "Domain Admins", "OrganizationalUnitDistinguishedName": "OU=cfn-customer-ad,DC=cfn-customer-ad,DC=simba,DC=local", "Password": { "Fn::Join": [ ":", [ "{{resolve:secretsmanager", { "Fn::ImportValue": "CustomerADCredentialName" }, "SecretString}}" ] ] }, "UserName": "Admin" } }, "FileSystemId": { "Ref": "OntapMultiAzFileSystemWithAllConfigs" }, "Name": "svm1", "RootVolumeSecurityStyle": "UNIX", "SvmAdminPassword": { "Password": { "Fn::Join": [ ":", [ "{{resolve:secretsmanager", { "Fn::ImportValue": "CustomerADCredentialName" }, "SecretString}}" ] ] } }, "Tags": [ { "Key": "Name", "Value": "OntapSvm" } ] } } }


OntapStorageVirtualMachineWithAllConfigs: Type: "AWS::FSx::StorageVirtualMachine" Properties: ActiveDirectoryConfiguration: NetBiosName: "svm1" SelfManagedActiveDirectoryConfiguration: DnsIps: [""] DomainName: "CFN-CUSTOMER-AD.SIMBA.LOCAL" FileSystemAdministratorsGroup: "Domain Admins" OrganizationalUnitDistinguishedName: "OU=cfn-customer-ad,DC=cfn-customer-ad,DC=simba,DC=local" Password: !Join - ':' - - '{{resolve:secretsmanager' - !ImportValue CustomerADCredentialName - 'SecretString}}' UserName: "Admin" FileSystemId: !Ref OntapMultiAzFileSystemWithAllConfigs Name: "svm1" RootVolumeSecurityStyle: "UNIX" SvmAdminPassword: Password: !Join - ':' - - '{{resolve:secretsmanager' - !ImportValue CustomerADCredentialName - 'SecretString}}' Tags: - Key: "Name" Value: "OntapSvm"