Class: Aws::FSx::Types::SelfManagedActiveDirectoryConfiguration

Inherits:

Struct

• Object
• Struct
• Aws::FSx::Types::SelfManagedActiveDirectoryConfiguration

Includes:

Structure

Defined in:

lib/aws-sdk-fsx/types.rb

Overview

The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [ Using Amazon FSx for Windows with your self-managed Microsoft Active Directory] or [Managing FSx for ONTAP SVMs].

[1]: docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html [2]: docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[:password]

Instance Attribute Summary

• #dns_ips ⇒ Array<String>

  A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.

• #domain_join_service_account_secret ⇒ String

  The Amazon Resource Name (ARN) of the Amazon Web Services Secrets Manager secret containing the self-managed Active Directory domain join service account credentials.

• #domain_name ⇒ String

  The fully qualified domain name of the self-managed AD directory, such as ‘corp.example.com`.

• #file_system_administrators_group ⇒ String

  (Optional) The name of the domain group whose members are granted administrative privileges for the file system.

• #organizational_unit_distinguished_name ⇒ String

  (Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory.

• #password ⇒ String

  The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.

• #user_name ⇒ String

  The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.

Instance Attribute Details

#dns_ips ⇒ Array<String>

A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end

#domain_join_service_account_secret ⇒ String

The Amazon Resource Name (ARN) of the Amazon Web Services Secrets Manager secret containing the self-managed Active Directory domain join service account credentials. When provided, Amazon FSx uses the credentials stored in this secret to join the file system to your self-managed Active Directory domain.

The secret must contain two key-value pairs:

• ‘CUSTOMER_MANAGED_ACTIVE_DIRECTORY_USERNAME` - The username for the service account

• ‘CUSTOMER_MANAGED_ACTIVE_DIRECTORY_PASSWORD` - The password for the service account

For more information, see [ Using Amazon FSx for Windows with your self-managed Microsoft Active Directory] or [ Using Amazon FSx for ONTAP with your self-managed Microsoft Active Directory].

[1]: docs.aws.amazon.com/fsx/latest/WindowsGuide/self-manage-prereqs.html [2]: docs.aws.amazon.com/fsx/latest/ONTAPGuide/self-manage-prereqs.html

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end

#domain_name ⇒ String

The fully qualified domain name of the self-managed AD directory, such as ‘corp.example.com`.

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end

#file_system_administrators_group ⇒ String

(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don’t provide one, your AD domain’s Domain Admins group is used.

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end

#organizational_unit_distinguished_name ⇒ String

(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is ‘OU=FSx,DC=yourdomain,DC=corp,DC=com`. To learn more, see [RFC 2253]. If none is provided, the FSx file system is created in the default location of your self-managed AD directory.

Only Organizational Unit (OU) objects can be the direct parent of the file system that you’re creating.

[1]: tools.ietf.org/html/rfc2253

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end

#password ⇒ String

The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end

#user_name ⇒ String

The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in ‘OrganizationalUnitDistinguishedName`, or in the default location of your AD domain.

# File 'lib/aws-sdk-fsx/types.rb', line 8872

class SelfManagedActiveDirectoryConfiguration < Struct.new(
  :domain_name,
  :organizational_unit_distinguished_name,
  :file_system_administrators_group,
  :user_name,
  :password,
  :dns_ips,
  :domain_join_service_account_secret)
  SENSITIVE = [:password]
  include Aws::Structure
end