Amazon FSx for Windows File Server
Windows User Guide

Step 1: Create Your File System

To create your Amazon FSx file system, you must create your Amazon Elastic Compute Cloud (Amazon EC2) instance and the AWS Directory Service directory. If you don't have that set up already, see Walkthrough 1: Prerequisites for Getting Started.

To create your first file system

  1. Open the Amazon FSx console at

  2. From the console dashboard, choose Create file system to start the file system creation wizard.

  3. Provide a name for your file system. You can use a maximum of 256 Unicode letters, white space, and numbers, plus the special characters + - = . _ : /

  4. Provide the storage capacity for your file system, in GiB. This value can be any whole number in the range of 300 to 65,536.

  5. Choose your throughput capacity. The Recommended throughput capacity is based off of your chosen storage capacity. You can change this level to more MB/s as needed at creation by manually choosing a throughput capacity from the box.

  6. Choose the Amazon VPC that you want to associate with your file system. For the purposes of this getting started exercise, choose the same Amazon VPC that you chose for your AWS Directory Service directory and your Amazon EC2 instance.

  7. Choose any value for Availability Zones and Subnet.

  8. For VPC security groups, the default security group for your default Amazon VPC is already added to your file system in the console. If you're not using the default security group, make sure that you add the following rules to the security group you're using for this getting started exercise:

    1. Inbound and outbound rules to allow the following ports:

      • TCP/UDP 445 (SMB)

      • TCP 135 (RPC)

      • TCP/UDP 1024-65535 (Ephemeral ports for RPC)

      From and to IP addresses or security group IDs associated with the following source and destination resources:

      • Client compute instances from which you want to access the file system.

      • Other file servers that you expect this file system to participate with in DFS Replication groups.

    2. Outbound rules to allow all traffic to the security group ID associated with the AWS Managed Microsoft AD directory to which you're joining your file system.


    In some cases, you might have modified the rules of your AWS Managed Microsoft AD's security group from the default settings. If so, make sure that this security group has the required inbound rules to allow traffic from your Amazon FSx file system. To learn more about the required inbound rules, see AWS Managed Microsoft AD Prerequisites in the AWS Directory Service Administration Guide.

  9. For Windows authentication, choose AWS Managed Microsoft Active Directory and enter the fully qualified domain name for your AWS Directory Service directory from the list.

  10. Keep Encryption set to off.

  11. Choose Next.

  12. Review the file system configuration on the Create file system page, and choose Create file system.

  13. After the file system has been created, choose the file system ID in the File Systems dashboard, choose Attach, and note the fully qualified domain name for your file system. You need it in a later step.