AWS Tools for Windows PowerShell
Command Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Synopsis

Calls the Amazon MQ CreateBroker API operation.

Syntax

New-MQBroker
-BrokerName <String>
-Logs_Audit <Boolean>
-AuthenticationStrategy <AuthenticationStrategy>
-AutoMinorVersionUpgrade <Boolean>
-Configuration <ConfigurationId>
-CreatorRequestId <String>
-DataReplicationMode <DataReplicationMode>
-DataReplicationPrimaryBrokerArn <String>
-DeploymentMode <DeploymentMode>
-EngineType <EngineType>
-EngineVersion <String>
-Logs_General <Boolean>
-HostInstanceType <String>
-LdapServerMetadata_Host <String[]>
-EncryptionOptions_KmsKeyId <String>
-MaintenanceWindowStartTime <WeeklyStartTime>
-PubliclyAccessible <Boolean>
-LdapServerMetadata_RoleBase <String>
-LdapServerMetadata_RoleName <String>
-LdapServerMetadata_RoleSearchMatching <String>
-LdapServerMetadata_RoleSearchSubtree <Boolean>
-SecurityGroup <String[]>
-LdapServerMetadata_ServiceAccountPassword <String>
-LdapServerMetadata_ServiceAccountUsername <String>
-StorageType <BrokerStorageType>
-SubnetId <String[]>
-Tag <Hashtable>
-EncryptionOptions_UseAwsOwnedKey <Boolean>
-LdapServerMetadata_UserBase <String>
-LdapServerMetadata_UserRoleName <String>
-User <User[]>
-LdapServerMetadata_UserSearchMatching <String>
-LdapServerMetadata_UserSearchSubtree <Boolean>
-Select <String>
-PassThru <SwitchParameter>
-Force <SwitchParameter>
-ClientConfig <AmazonMQConfig>

Description

Creates a broker. Note: This API is asynchronous. To create a broker, you must either use the AmazonMQFullAccess IAM policy or include the following EC2 permissions in your IAM policy.
  • ec2:CreateNetworkInterface This permission is required to allow Amazon MQ to create an elastic network interface (ENI) on behalf of your account.
  • ec2:CreateNetworkInterfacePermission This permission is required to attach the ENI to the broker instance.
  • ec2:DeleteNetworkInterface
  • ec2:DeleteNetworkInterfacePermission
  • ec2:DetachNetworkInterface
  • ec2:DescribeInternetGateways
  • ec2:DescribeNetworkInterfaces
  • ec2:DescribeNetworkInterfacePermissions
  • ec2:DescribeRouteTables
  • ec2:DescribeSecurityGroups
  • ec2:DescribeSubnets
  • ec2:DescribeVpcs
For more information, see Create an IAM User and Get Your Amazon Web Services Credentials and Never Modify or Delete the Amazon MQ Elastic Network Interface in the Amazon MQ Developer Guide.

Parameters

-AuthenticationStrategy <AuthenticationStrategy>
Optional. The authentication strategy used to secure the broker. The default is SIMPLE.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-AutoMinorVersionUpgrade <Boolean>
Enables automatic upgrades to new minor versions for brokers, as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window of the broker or after a manual broker reboot. Set to true by default, if no value is specified.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
-BrokerName <String>
Required. The broker's name. This value must be unique in your Amazon Web Services account, 1-50 characters long, must contain only letters, numbers, dashes, and underscores, and must not contain white spaces, brackets, wildcard characters, or special characters.Do not add personally identifiable information (PII) or other confidential or sensitive information in broker names. Broker names are accessible to other Amazon Web Services services, including CloudWatch Logs. Broker names are not intended to be used for private or sensitive data.
Required?True
Position?1
Accept pipeline input?True (ByValue, ByPropertyName)
-ClientConfig <AmazonMQConfig>
Amazon.PowerShell.Cmdlets.MQ.AmazonMQClientCmdlet.ClientConfig
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-Configuration <ConfigurationId>
A list of information about the configuration.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-CreatorRequestId <String>
The unique ID that the requester receives for the created broker. Amazon MQ passes your ID with the API action.We recommend using a Universally Unique Identifier (UUID) for the creatorRequestId. You may omit the creatorRequestId if your application doesn't require idempotency.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-DataReplicationMode <DataReplicationMode>
Defines whether this broker is a part of a data replication pair.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-DataReplicationPrimaryBrokerArn <String>
The Amazon Resource Name (ARN) of the primary broker that is used to replicate data from in a data replication pair, and is applied to the replica broker. Must be set when dataReplicationMode is set to CRDR.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-DeploymentMode <DeploymentMode>
Required. The broker's deployment mode.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
-EncryptionOptions_KmsKeyId <String>
The customer master key (CMK) to use for the A KMS (KMS). This key is used to encrypt your data at rest. If not provided, Amazon MQ will use a default CMK to encrypt your data.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-EncryptionOptions_UseAwsOwnedKey <Boolean>
Enables the use of an Amazon Web Services owned CMK using KMS (KMS). Set to true by default, if no value is provided, for example, for RabbitMQ brokers.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-EngineType <EngineType>
Required. The type of broker engine. Currently, Amazon MQ supports ACTIVEMQ and RABBITMQ.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
-EngineVersion <String>
Required. The broker engine's version. For a list of supported engine versions, see Supported engines.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
-Force <SwitchParameter>
This parameter overrides confirmation prompts to force the cmdlet to continue its operation. This parameter should always be used with caution.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-HostInstanceType <String>
Required. The broker's instance type.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_Host <String[]>
Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesLdapServerMetadata_Hosts
-LdapServerMetadata_RoleBase <String>
The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_RoleName <String>
Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_RoleSearchMatching <String>
The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_RoleSearchSubtree <Boolean>
The directory search scope for the role. If set to true, scope is to search the entire subtree.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_ServiceAccountPassword <String>
Service account password. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_ServiceAccountUsername <String>
Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_UserBase <String>
Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_UserRoleName <String>
Specifies the name of the LDAP attribute for the user group membership.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_UserSearchMatching <String>
The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-LdapServerMetadata_UserSearchSubtree <Boolean>
The directory search scope for the user. If set to true, scope is to search the entire subtree.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-Logs_Audit <Boolean>
Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-Logs_General <Boolean>
Enables general logging.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-MaintenanceWindowStartTime <WeeklyStartTime>
The parameters that determine the WeeklyStartTime.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-PassThru <SwitchParameter>
Changes the cmdlet behavior to return the value passed to the BrokerName parameter. The -PassThru parameter is deprecated, use -Select '^BrokerName' instead. This parameter will be removed in a future version.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-PubliclyAccessible <Boolean>
Enables connections from applications outside of the VPC that hosts the broker's subnets. Set to false by default, if no value is provided.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
-SecurityGroup <String[]>
The list of rules (1 minimum, 125 maximum) that authorize connections to brokers.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesSecurityGroups
-Select <String>
Use the -Select parameter to control the cmdlet output. The default value is '*'. Specifying -Select '*' will result in the cmdlet returning the whole service response (Amazon.MQ.Model.CreateBrokerResponse). Specifying the name of a property of type Amazon.MQ.Model.CreateBrokerResponse will result in that property being returned. Specifying -Select '^ParameterName' will result in the cmdlet returning the selected cmdlet parameter value.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-StorageType <BrokerStorageType>
The broker's storage type.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-SubnetId <String[]>
The list of groups that define which subnets and IP ranges the broker can use from different Availability Zones. If you specify more than one subnet, the subnets must be in different Availability Zones. Amazon MQ will not be able to create VPC endpoints for your broker with multiple subnets in the same Availability Zone. A SINGLE_INSTANCE deployment requires one subnet (for example, the default subnet). An ACTIVE_STANDBY_MULTI_AZ Amazon MQ for ActiveMQ deployment requires two subnets. A CLUSTER_MULTI_AZ Amazon MQ for RabbitMQ deployment has no subnet requirements when deployed with public accessibility. Deployment without public accessibility requires at least one subnet.If you specify subnets in a shared VPC for a RabbitMQ broker, the associated VPC to which the specified subnets belong must be owned by your Amazon Web Services account. Amazon MQ will not be able to create VPC endpoints in VPCs that are not owned by your Amazon Web Services account.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesSubnetIds
-Tag <Hashtable>
Create tags when creating the broker.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesTags
-User <User[]>
The list of broker users (persons or applications) who can access queues and topics. For Amazon MQ for RabbitMQ brokers, one and only one administrative user is accepted and created when a broker is first provisioned. All subsequent broker users are created by making RabbitMQ API calls directly to brokers or via the RabbitMQ web console.
Required?True
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesUsers

Common Credential and Region Parameters

-AccessKey <String>
The AWS access key for the user account. This can be a temporary access key if the corresponding session token is supplied to the -SessionToken parameter.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesAK
-Credential <AWSCredentials>
An AWSCredentials object instance containing access and secret key information, and optionally a token for session-based credentials.
Required?False
Position?Named
Accept pipeline input?True (ByValue, ByPropertyName)
-EndpointUrl <String>
The endpoint to make the call against.Note: This parameter is primarily for internal AWS use and is not required/should not be specified for normal usage. The cmdlets normally determine which endpoint to call based on the region specified to the -Region parameter or set as default in the shell (via Set-DefaultAWSRegion). Only specify this parameter if you must direct the call to a specific custom endpoint.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-NetworkCredential <PSCredential>
Used with SAML-based authentication when ProfileName references a SAML role profile. Contains the network credentials to be supplied during authentication with the configured identity provider's endpoint. This parameter is not required if the user's default network identity can or should be used during authentication.
Required?False
Position?Named
Accept pipeline input?True (ByValue, ByPropertyName)
-ProfileLocation <String>
Used to specify the name and location of the ini-format credential file (shared with the AWS CLI and other AWS SDKs)If this optional parameter is omitted this cmdlet will search the encrypted credential file used by the AWS SDK for .NET and AWS Toolkit for Visual Studio first. If the profile is not found then the cmdlet will search in the ini-format credential file at the default location: (user's home directory)\.aws\credentials.If this parameter is specified then this cmdlet will only search the ini-format credential file at the location given.As the current folder can vary in a shell or during script execution it is advised that you use specify a fully qualified path instead of a relative path.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesAWSProfilesLocation, ProfilesLocation
-ProfileName <String>
The user-defined name of an AWS credentials or SAML-based role profile containing credential information. The profile is expected to be found in the secure credential file shared with the AWS SDK for .NET and AWS Toolkit for Visual Studio. You can also specify the name of a profile stored in the .ini-format credential file used with the AWS CLI and other AWS SDKs.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesStoredCredentials, AWSProfileName
-Region <Object>
The system name of an AWS region or an AWSRegion instance. This governs the endpoint that will be used when calling service operations. Note that the AWS resources referenced in a call are usually region-specific.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesRegionToCall
-SecretKey <String>
The AWS secret key for the user account. This can be a temporary secret key if the corresponding session token is supplied to the -SessionToken parameter.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesSK, SecretAccessKey
-SessionToken <String>
The session token if the access and secret keys are temporary session-based credentials.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
AliasesST

Outputs

Amazon.MQ.Model.CreateBrokerResponse
This cmdlet returns an Amazon.MQ.Model.CreateBrokerResponse object containing multiple properties. The object can also be referenced from properties attached to the cmdlet entry in the $AWSHistory stack.
Developer Guide
AWS Tools for PowerShell User Guide

Supported Version

AWS Tools for PowerShell: 2.x.y.z