AWS::DirectoryService::SimpleAD - AWS CloudFormation

AWS::DirectoryService::SimpleAD

The AWS::DirectoryService::SimpleAD resource specifies an AWS Directory Service Simple Active Directory (Simple AD) in AWS so that your directory users and groups can access the AWS Management Console and AWS applications using their existing credentials. Simple AD is a Microsoft Active Directory–compatible directory. For more information, see Simple Active Directory in the AWS Directory Service Admin Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::DirectoryService::SimpleAD", "Properties" : { "CreateAlias" : Boolean, "Description" : String, "EnableSso" : Boolean, "Name" : String, "Password" : String, "ShortName" : String, "Size" : String, "VpcSettings" : VpcSettings } }

YAML

Type: AWS::DirectoryService::SimpleAD Properties: CreateAlias: Boolean Description: String EnableSso: Boolean Name: String Password: String ShortName: String Size: String VpcSettings: VpcSettings

Properties

CreateAlias

If set to true, specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as http://<alias>.awsapps.com. By default, this property is set to false.

Important

After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.

Required: No

Type: Boolean

Update requires: Replacement

Description

A description for the directory.

Required: No

Type: String

Pattern: ^([a-zA-Z0-9_])[\\a-zA-Z0-9_@#%*+=:?./!\s-]*$

Minimum: 0

Maximum: 128

Update requires: Replacement

EnableSso

Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.

Required: No

Type: Boolean

Update requires: No interruption

Name

The fully qualified name for the directory, such as corp.example.com.

Required: Yes

Type: String

Pattern: ^([a-zA-Z0-9]+[\\.-])+([a-zA-Z0-9])+$

Update requires: Replacement

Password

The password for the directory administrator. The directory creation process creates a directory administrator account with the user name Administrator and this password.

If you need to change the password for the administrator account, see the ResetUserPassword API call in the AWS Directory Service API Reference.

Required: No

Type: String

Pattern: (?=^.{8,64}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9\s])(?=.*[a-z])|(?=.*[^A-Za-z0-9\s])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9\s]))^.*

Update requires: Replacement

ShortName

The NetBIOS name of the directory, such as CORP.

Required: No

Type: String

Pattern: ^[^\\/:*?"<>|.]+[^\\/:*?"<>|]*$

Update requires: Replacement

Size

The size of the directory. For valid values, see CreateDirectory in the AWS Directory Service API Reference.

Required: Yes

Type: String

Allowed values: Small | Large

Update requires: Replacement

VpcSettings

A DirectoryVpcSettings object that contains additional information for the operation.

Required: Yes

Type: VpcSettings

Update requires: Replacement

Return values

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the resource ID.

In the following sample, the Ref function returns the ID of the myDirectory directory, such as d-1a2b3c4d5e.

{ "Ref": "myDirectory" }

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Alias

The alias for a directory. For example: d-12373a053a or alias4-mydirectory-12345abcgmzsk (if you have the CreateAlias property set to true).

DirectoryId

Property description not available.

DnsIpAddresses

The IP addresses of the DNS servers for the directory, such as [ "172.31.3.154", "172.31.63.203" ].

Examples

The following example creates a Simple AD directory, where the directory DNS name is corp.example.com:

Create a Simple AD Directory

JSON

"myDirectory" : { "Type" : "AWS::DirectoryService::SimpleAD", "Properties" : { "Name" : "corp.example.com", "Password" : { "Ref" : "SimpleADPW" }, "Size" : "Small", "VpcSettings" : { "SubnetIds" : [ { "Ref" : "subnetID1" }, { "Ref" : "subnetID2" } ], "VpcId" : { "Ref" : "vpcID" } } } }

YAML

myDirectory: Type: AWS::DirectoryService::SimpleAD Properties: Name: "corp.example.com" Password: Ref: SimpleADPW Size: "Small" VpcSettings: SubnetIds: - Ref: subnetID1 - Ref: subnetID2 VpcId: Ref: vpcID

See also