AWS::FSx::FileSystem
The AWS::FSx::FileSystem resource is an Amazon FSx resource type
that specifies an Amazon FSx file system. You can create any of the following
supported file system types:
-
Amazon FSx for Lustre
-
Amazon FSx for NetApp ONTAP
-
FSx for OpenZFS
-
Amazon FSx for Windows File Server
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::FSx::FileSystem", "Properties" : { "BackupId" :String, "FileSystemType" :String, "FileSystemTypeVersion" :String, "KmsKeyId" :String, "LustreConfiguration" :LustreConfiguration, "OntapConfiguration" :OntapConfiguration, "OpenZFSConfiguration" :OpenZFSConfiguration, "SecurityGroupIds" :[ String, ... ], "StorageCapacity" :Integer, "StorageType" :String, "SubnetIds" :[ String, ... ], "Tags" :[ Tag, ... ], "WindowsConfiguration" :WindowsConfiguration} }
YAML
Type: AWS::FSx::FileSystem Properties: BackupId:StringFileSystemType:StringFileSystemTypeVersion:StringKmsKeyId:StringLustreConfiguration:LustreConfigurationOntapConfiguration:OntapConfigurationOpenZFSConfiguration:OpenZFSConfigurationSecurityGroupIds:- StringStorageCapacity:IntegerStorageType:StringSubnetIds:- StringTags:- TagWindowsConfiguration:WindowsConfiguration
Properties
BackupId-
The ID of the file system backup that you are using to create a file system. For more information, see CreateFileSystemFromBackup.
Required: No
Type: String
Update requires: Replacement
FileSystemType-
The type of Amazon FSx file system, which can be
LUSTRE,WINDOWS,ONTAP, orOPENZFS.Required: Yes
Type: String
Update requires: Replacement
FileSystemTypeVersion-
(Optional) For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are
2.10,2.12, and2.15:-
2.10 is supported by the Scratch and Persistent_1 Lustre deployment types.
-
2.12 and 2.15 are supported by all Lustre deployment types.
2.12or2.15is required when setting FSx for LustreDeploymentTypetoPERSISTENT_2.
Default value =
2.10, except whenDeploymentTypeis set toPERSISTENT_2, then the default is2.12.Note
If you set
FileSystemTypeVersionto2.10for aPERSISTENT_2Lustre deployment type, theCreateFileSystemoperation fails.Required: No
Type: String
Pattern:
^[0-9](.[0-9]*)*$Minimum:
1Maximum:
20Update requires: Replacement
-
KmsKeyId-
The ID of the AWS Key Management Service (AWS KMS) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:
-
Amazon FSx for Lustre
PERSISTENT_1andPERSISTENT_2deployment types only.SCRATCH_1andSCRATCH_2types are encrypted using the Amazon FSx service AWS KMS key for your account. -
Amazon FSx for NetApp ONTAP
-
Amazon FSx for OpenZFS
-
Amazon FSx for Windows File Server
Required: No
Type: String
Update requires: Replacement
-
LustreConfiguration-
The Lustre configuration for the file system being created.
Note
The following parameters are not supported when creating Lustre file systems with a data repository association.
-
AutoImportPolicy -
ExportPath -
ImportedChunkSize -
ImportPath
Required: Conditional
Type: LustreConfiguration
Update requires: No interruption
-
OntapConfiguration-
The ONTAP configuration properties of the FSx for ONTAP file system that you are creating.
Required: No
Type: OntapConfiguration
Update requires: No interruption
OpenZFSConfiguration-
The Amazon FSx for OpenZFS configuration properties for the file system that you are creating.
Required: No
Type: OpenZFSConfiguration
Update requires: No interruption
SecurityGroupIds-
A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.
Important
You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.
Required: No
Type: Array of String
Maximum:
50Update requires: Replacement
StorageCapacity-
Sets the storage capacity of the file system that you're creating.
StorageCapacityis required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.FSx for Lustre file systems - The amount of storage capacity that you can configure depends on the value that you set for
StorageTypeand the LustreDeploymentType, as follows:-
For
SCRATCH_2,PERSISTENT_2andPERSISTENT_1deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB. -
For
PERSISTENT_1HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems. -
For
SCRATCH_1deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.
FSx for ONTAP file systems - The amount of storage capacity that you can configure is from 1024 GiB up to 196,608 GiB (192 TiB).
FSx for OpenZFS file systems - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.
FSx for Windows File Server file systems - The amount of storage capacity that you can configure depends on the value that you set for
StorageTypeas follows:-
For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).
-
For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).
Required: Conditional
Type: Integer
Minimum:
0Maximum:
2147483647Update requires: No interruption
-
StorageType-
Sets the storage type for the file system that you're creating. Valid values are
SSDandHDD.-
Set to
SSDto use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types. -
Set to
HDDto use hard disk drive storage. HDD is supported onSINGLE_AZ_2andMULTI_AZ_1Windows file system deployment types, and onPERSISTENT_1Lustre file system deployment types.
Default value is
SSD. For more information, see Storage type options in the FSx for Windows File Server User Guide and Multiple storage options in the FSx for Lustre User Guide.Required: No
Type: String
Allowed values:
SSD | HDDUpdate requires: No interruption
-
SubnetIds-
Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP
MULTI_AZ_1deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using theWindowsConfiguration > PreferredSubnetIDorOntapConfiguration > PreferredSubnetIDproperties. For more information about Multi-AZ file system configuration, see Availability and durability: Single-AZ and Multi-AZ file systems in the Amazon FSx for Windows User Guide and Availability and durability in the Amazon FSx for ONTAP User Guide.For Windows
SINGLE_AZ_1andSINGLE_AZ_2and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.Required: Yes
Type: Array of String
Maximum:
50Update requires: Replacement
-
The tags to associate with the file system. For more information, see Tagging your Amazon FSx resources in the Amazon FSx for Lustre User Guide.
Required: No
Type: Array of Tag
Minimum:
1Maximum:
50Update requires: No interruption
WindowsConfiguration-
The configuration object for the Microsoft Windows file system you are creating.
This value is required if
FileSystemTypeis set toWINDOWS.Required: Conditional
Type: WindowsConfiguration
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the file system resource ID. For example:
{"Ref":"file_system_logical_id"}
Returns fs-0123456789abcdef6.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
DNSName-
Returns the FSx for Windows file system's DNSName.
Example:
amznfsxp1honlek.corp.example.com LustreMountName-
Returns the Lustre file system's
LustreMountName.Example for
SCRATCH_1deployment types: This value is alwaysfsx.Example for
SCRATCH_2andPERSISTENTdeployment types:2p3fhbmv ResourceARN-
Returns the Amazon Resource Name (ARN) for the Amazon FSx file system.
Example:
arn:aws:fsx:us-east-2:111122223333:file-system/fs-0123abcd56789ef0a RootVolumeId-
Returns the root volume ID of the FSx for OpenZFS file system.
Example:
fsvol-0123456789abcdefa
Examples
- Create an Amazon FSx for Lustre File System
- Create an Amazon FSx for Windows File Server File System in a Self-managed Active Directory
- Create an Amazon FSx for Windows File Server File System in an Amazon Managed Active Directory
- Create an Amazon FSx for Windows File Server File System with file access audit event logging enabled
- Create an Amazon FSx for NetApp ONTAP File System
Create an Amazon FSx for Lustre File System
The following examples create a 1.2 TiB persistent Amazon FSx for Lustre file
system, with a PerUnitStorageThroughput of 200 MB/s/TiB.
JSON
{ "Resources": { "BasicS3LinkedLustreFileSystem": { "Type": "AWS::FSx::FileSystem", "Properties": { "FileSystemType": "LUSTRE", "FileSystemTypeVersion": "2.12", "StorageCapacity": 1200, "SubnetIds": [ { "Fn::ImportValue": "MySubnet01" } ], "SecurityGroupIds": [ { "Fn::ImportValue": "LustreIngressSecurityGroupId" } ], "Tags": [ { "Key": "Name", "Value": "CFNs3linkedLustre" } ], "LustreConfiguration": { "AutoImportPolicy" : "NEW", "CopyTagsToBackups" : true, "DeploymentType": "PERSISTENT_1", "PerUnitStorageThroughput": 200, "DataCompressionType": "LZ4", "ImportPath": { "Fn::Join": [ "", [ "s3://", { "Fn::ImportValue": "LustreCFNS3ImportBucketName" } ] ] }, "ExportPath": { "Fn::Join": [ "", [ "s3://", { "Fn::ImportValue": "LustreCFNS3ExportPath" } ] ] }, "WeeklyMaintenanceStartTime": "2:20:30" } } } }, "Outputs": { "FileSystemId": { "Value": { "Ref": "BasicS3LinkedLustreFileSystem" } } } }
YAML
Resources: BasicS3LinkedLustreFileSystem: Type: AWS::FSx::FileSystem Properties: FileSystemType: "LUSTRE" FileSystemTypeVersion: "2.12" StorageCapacity: 1200 SubnetIds: [!ImportValue MySubnet01] SecurityGroupIds: [!ImportValue LustreIngressSecurityGroupId] Tags: - Key: "Name" Value: "CFNs3linkedLustre" LustreConfiguration: AutoImportPolicy: "NEW" CopyTagsToBackups: true DeploymentType: "PERSISTENT_1" PerUnitStorageThroughput: 200 DataCompressionType: "LZ4" ImportPath: !Join ["", ["s3://", !ImportValue LustreCFNS3ImportBucketName]] ExportPath: !Join ["", ["s3://", !ImportValue LustreCFNS3ExportPath]] WeeklyMaintenanceStartTime: "2:20:30" Outputs: FileSystemId: Value: !Ref BasicS3LinkedLustreFileSystem
Create an Amazon FSx for Windows File Server File System in a Self-managed Active Directory
The following examples create a Multi-AZ Amazon FSx for Windows File Server file system joined to a self-managed active directory.
JSON
{ "Resources": { "WindowsSelfManagedADFileSystemWithAllConfigs": { "Type": "AWS::FSx::FileSystem", "Properties": { "FileSystemType": "WINDOWS", "StorageCapacity": 32, "StorageType": "SSD", "SubnetIds": [ { "Fn::ImportValue": "MySubnet01" }, { "Fn::ImportValue": "MySubnet02" } ], "SecurityGroupIds": [ { "Fn::ImportValue": "WindowsIngressSecurityGroupId" } ], "Tags": [ { "Key": "Name", "Value": "windows" } ], "WindowsConfiguration": { "ThroughputCapacity": 8, "Aliases": [ "financials.corp.example.com" ], "WeeklyMaintenanceStartTime": "4:16:30", "DailyAutomaticBackupStartTime": "01:00", "AutomaticBackupRetentionDays": 30, "CopyTagsToBackups": false, "DeploymentType": "MULTI_AZ_1", "PreferredSubnetId": { "Fn::ImportValue": "MySubnet01" }, "SelfManagedActiveDirectoryConfiguration": { "DnsIps": [ { "Fn::Select": [ 0, { "Fn::Split": [ ",", { "Fn::ImportValue": "MySelfManagedADDnsIpAddresses" } ] } ] } ], "DomainName": { "Fn::ImportValue": "SelfManagedADDomainName" }, "FileSystemAdministratorsGroup": "MyDomainAdminGroup", "OrganizationalUnitDistinguishedName": "OU=FileSystems,DC=corp,DC=example,DC=com", "UserName": "Admin", "Password": { "Fn::Join": [ ":", [ "{{resolve:secretsmanager", { "Fn::ImportValue": "MySelfManagedADCredentialName" }, "SecretString}}" ] ] } } } } } }, "Outputs": { "FileSystemId": { "Value": { "Ref": "WindowsSelfManagedADFileSystemWithAllConfigs" } } } }
YAML
Resources: WindowsSelfManagedADFileSystemWithAllConfigs: Type: 'AWS::FSx::FileSystem' Properties: FileSystemType: WINDOWS StorageCapacity: 32 StorageType: SSD SubnetIds: - !ImportValue MySubnet01 - !ImportValue MySubnet02 SecurityGroupIds: - !ImportValue WindowsIngressSecurityGroupId Tags: - Key: Name Value: windows WindowsConfiguration: ThroughputCapacity: 8 Aliases: - financials.corp.example.com WeeklyMaintenanceStartTime: '4:16:30' DailyAutomaticBackupStartTime: '01:00' AutomaticBackupRetentionDays: 30 CopyTagsToBackups: false DeploymentType: MULTI_AZ_1 PreferredSubnetId: !ImportValue MySubnet01 SelfManagedActiveDirectoryConfiguration: DnsIps: - !Select - 0 - !Split - ',' - !ImportValue MySelfManagedADDnsIpAddresses DomainName: 'Fn::ImportValue': SelfManagedADDomainName FileSystemAdministratorsGroup: MyDomainAdminGroup OrganizationalUnitDistinguishedName: 'OU=FileSystems,DC=corp,DC=example,DC=com' UserName: Admin Password: !Join - ':' - - '{{resolve:secretsmanager' - !ImportValue MySelfManagedADCredentialName - 'SecretString}}' Outputs: FileSystemId: Value: !Ref WindowsSelfManagedADFileSystemWithAllConfigs
Create an Amazon FSx for Windows File Server File System in an Amazon Managed Active Directory
The following examples create a Multi-AZ Amazon FSx for Windows File Server file system using HDD storage that is joined to an AWS Managed Active Directory.
JSON
{ "Resources": { "WindowsMadFileSystemWithAllConfigs": { "Type": "AWS::FSx::FileSystem", "Properties": { "FileSystemType": "WINDOWS", "StorageCapacity": 2000, "StorageType": "HDD", "SubnetIds": [ { "Fn::ImportValue": "CfnFsxMadSubnet01" }, { "Fn::ImportValue": "CfnFsxMadSubnet02" } ], "SecurityGroupIds": [ { "Fn::ImportValue": "WindowsIngressSecurityGroupId" } ], "Tags": [ { "Key": "Name", "Value": "windows" } ], "WindowsConfiguration": { "ActiveDirectoryId": { "Fn::ImportValue": "CfnFsxMadDirectoryServiceId" }, "ThroughputCapacity": 8, "Aliases": [ "financials.corp.example.com" ], "WeeklyMaintenanceStartTime": "4:16:30", "DailyAutomaticBackupStartTime": "01:00", "AutomaticBackupRetentionDays": 90, "CopyTagsToBackups": false, "DeploymentType": "MULTI_AZ_1", "PreferredSubnetId": { "Fn::ImportValue": "CfnFsxMadSubnet01" } } } } }, "Outputs": { "FileSystemId": { "Value": { "Ref": "WindowsMadFileSystemWithAllConfigs" } } } }
YAML
Resources: WindowsMadFileSystemWithAllConfigs: Type: 'AWS::FSx::FileSystem' Properties: FileSystemType: WINDOWS StorageCapacity: 2000 StorageType: SSD SubnetIds: - !ImportValue CfnFsxMadSubnet01 - !ImportValue CfnFsxMadSubnet02 SecurityGroupIds: - !ImportValue WindowsIngressSecurityGroupId Tags: - Key: Name Value: windows WindowsConfiguration: ActiveDirectoryId: !ImportValue CfnFsxMadDirectoryServiceId ThroughputCapacity: 8 Aliases: - financials.corp.example.com WeeklyMaintenanceStartTime: '4:16:30' DailyAutomaticBackupStartTime: '01:00' AutomaticBackupRetentionDays: 90 DeploymentType: MULTI_AZ_1 PreferredSubnetId: !ImportValue CfnFsxMadSubnet01 CopyTagsToBackups: false Outputs: FileSystemId: Value: !Ref WindowsMadFileSystemWithAllConfigs
Create an Amazon FSx for Windows File Server File System with file access audit event logging enabled
The following examples create a Multi-AZ Amazon FSx for Windows File Server file system with file access auditing enabled. Audit event logs are emitted when end users make successful or failed attempts to access files, folders, and file shares on the file system.
JSON
{ "Resources": { "WindowsMadFileSystemWithAllConfigs": { "Type": "Dev::FSx::FileSystem", "Properties": { "FileSystemType": "WINDOWS", "StorageCapacity": 100, "SubnetIds": [ { "Fn::ImportValue": "CfnFsxMadSubnet01" }, { "Fn::ImportValue": "CfnFsxMadSubnet02" } ], "SecurityGroupIds": [ { "Fn::ImportValue": "CfnWindowsIngressSecurityGroupId" } ], "Tags": [ { "Key": "Name", "Value": "windows" } ], "WindowsConfiguration": { "ActiveDirectoryId": { "Fn::ImportValue": "CfnFsxMadDirectoryServiceId" }, "ThroughputCapacity": 32, "DeploymentType": "MULTI_AZ_1", "PreferredSubnetId": { "Fn::ImportValue": "CfnFsxMadSubnet01" } "AuditLogConfiguration": { "FileAccessAuditLogLevel": "SUCCESS_AND_FAILURE", "FileShareAccessAuditLogLevel": "SUCCESS_AND_FAILURE", "AuditLogDestination": { "Fn::Select": [ 0, { "Fn::Split": [ ":*", { "Fn::ImportValue": "CfnWindowsFileAccessAuditingLogGroupArn" } ] } ] } } } } } }, "Outputs": { "FileSystemId": { "Value": { "Ref": "WindowsMadFileSystemWithAllConfigs" } } } }
YAML
Resources: WindowsMadFileSystemWithAllConfigs: Type: "AWS::FSx::FileSystem" Properties: FileSystemType: "WINDOWS" StorageCapacity: 100 SubnetIds: - !ImportValue CfnFsxMadSubnet01 - !ImportValue CfnFsxMadSubnet02 SecurityGroupIds: - !ImportValue WindowsIngressSecurityGroupId Tags: - Key: Name Value: windows WindowsConfiguration: ActiveDirectoryId: !ImportValue CfnFsxMadDirectoryServiceId ThroughputCapacity: 32 DeploymentType: MULTI_AZ_1 PreferredSubnetId: !ImportValue CfnFsxMadSubnet01 AuditLogConfiguration: FileAccessAuditLogLevel: "SUCCESS_AND_FAILURE" FileShareAccessAuditLogLevel: "SUCCESS_AND_FAILURE" AuditLogDestination: !Select - 0 - !Split - ':*' - 'Fn::ImportValue': WindowsFileAccessAuditingLogGroupArn Outputs: FileSystemId: Value: !Ref WindowsMadFileSystemWithAllConfigs
Create an Amazon FSx for NetApp ONTAP File System
The following examples create a 1 TiB Amazon FSx for NetApp ONTAP file system.
JSON
{ "OntapMultiAzFileSystemWithAllConfigs": { "Type": "AWS::FSx::FileSystem", "Condition": "OntapMazEnabled", "Properties": { "FileSystemType": "ONTAP", "StorageCapacity": 1024, "StorageType": "SSD", "SubnetIds": [ "subnet-1234567890abcdef0", "subnet-abcdef01234567890" ], "SecurityGroupIds": [ "sg-021345abcdef6789" ], "OntapConfiguration": { "AutomaticBackupRetentionDays": 3, "DailyAutomaticBackupStartTime": "07:00", "DeploymentType": "MULTI_AZ_1", "DiskIopsConfiguration": { "Iops": 10000, "Mode": "USER_PROVISIONED" }, "PreferredSubnetId": "subnet-abcdef01234567890", "RouteTableIds": [ "rtb-abcdef01234567890" ], "ThroughputCapacity": 512, "WeeklyMaintenanceStartTime": "4:16:30" }, "Tags": [ { "Key": "Name", "Value": "OntapFileSystem_MAZ" } ] } } }
YAML
OntapMultiAzFileSystemWithAllConfigs: Type: "AWS::FSx::FileSystem" Condition: OntapMazEnabled Properties: FileSystemType: "ONTAP" StorageCapacity: 1024 StorageType: SSD SubnetIds: ["subnet-1234567890abcdef0", "subnet-abcdef01234567890"] SecurityGroupIds: ["sg-068ec2a396aa7c2c8"] OntapConfiguration: AutomaticBackupRetentionDays: 3 DailyAutomaticBackupStartTime: "07:00" DeploymentType: "MULTI_AZ_1" DiskIopsConfiguration: Iops: 10000 Mode: "USER_PROVISIONED" PreferredSubnetId: "subnet-abcdef01234567890" RouteTableIds: ["rtb-abcdef01234567890"] ThroughputCapacity: 512 WeeklyMaintenanceStartTime: "4:16:30" Tags: - Key: "Name" Value: "OntapFileSystem_MAZ"
