AWS::DirectoryService::SimpleAD - Amazon CloudFormation
SyntaxPropertiesReturn valuesExamplesSee also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::DirectoryService::SimpleAD

The AWS::DirectoryService::SimpleAD resource specifies an Amazon Directory Service Simple Active Directory (Simple AD) in Amazon so that your directory users and groups can access the Amazon Web Services Management Console and Amazon applications using their existing credentials. Simple AD is a Microsoft Active Directory–compatible directory. For more information, see Simple Active Directory in the Amazon Directory Service Admin Guide.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::DirectoryService::SimpleAD",
  "Properties" : {
      "CreateAlias" : Boolean,
      "Description" : String,
      "EnableSso" : Boolean,
      "Name" : String,
      "Password" : String,
      "ShortName" : String,
      "Size" : String,
      "VpcSettings" : VpcSettings
    }
}

YAML

Type: AWS::DirectoryService::SimpleAD
Properties: 
  CreateAlias: Boolean
  Description: String
  EnableSso: Boolean
  Name: String
  Password: String
  ShortName: String
  Size: String
  VpcSettings: 
    VpcSettings

Properties

CreateAlias

If set to true, specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as http://<alias>.awsapps.com. By default, this property is set to false.

Important

After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.

Required: No

Type: Boolean

Update requires: Replacement

Description

A description for the directory.

Required: No

Type: String

Minimum: 0

Maximum: 128

Pattern: ^([a-zA-Z0-9_])[\\a-zA-Z0-9_@#%*+=:?./!\s-]*$

Update requires: Replacement

EnableSso

Whether to enable single sign-on for a directory. If you don't specify a value, Amazon CloudFormation disables single sign-on by default.

Required: No

Type: Boolean

Update requires: No interruption

Name

The fully qualified name for the directory, such as corp.example.com.

Required: Yes

Type: String

Pattern: ^([a-zA-Z0-9]+[\\.-])+([a-zA-Z0-9])+$

Update requires: Replacement

Password

The password for the directory administrator. The directory creation process creates a directory administrator account with the user name Administrator and this password.

If you need to change the password for the administrator account, see the ResetUserPassword API call in the Amazon Directory Service API Reference.

Required: No

Type: String

Pattern: (?=^.{8,64}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9\s])(?=.*[a-z])|(?=.*[^A-Za-z0-9\s])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9\s]))^.*

Update requires: Replacement

ShortName

The NetBIOS name of the directory, such as CORP.

Required: No

Type: String

Pattern: ^[^\\/:*?"<>|.]+[^\\/:*?"<>|]*$

Update requires: Replacement

Size

The size of the directory. For valid values, see CreateDirectory in the Amazon Directory Service API Reference.

Required: Yes

Type: String

Allowed values: Large | Small

Update requires: Replacement

VpcSettings

A DirectoryVpcSettings object that contains additional information for the operation.

Required: Yes

Type: VpcSettings

Update requires: Replacement

Return values

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the resource ID.

In the following sample, the Ref function returns the ID of the myDirectory directory, such as d-1a2b3c4d5e.

{ "Ref": "myDirectory" }

For more information about using the Reffunction, see Ref.

Fn::GetAtt

The Fn::GetAttintrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAttintrinsic function, see Fn::GetAtt.

Alias

The alias for a directory. For example: d-12373a053a or alias4-mydirectory-12345abcgmzsk (if you have the CreateAlias property set to true).

DirectoryId

Property description not available.

DnsIpAddresses

The IP addresses of the DNS servers for the directory, such as [ "172.31.3.154", "172.31.63.203" ].

Examples

The following example creates a Simple AD directory, where the directory DNS name is corp.example.com:

Create a Simple AD Directory

JSON

"myDirectory" : {
  "Type" : "AWS::DirectoryService::SimpleAD",
  "Properties" : {
    "Name" : "corp.example.com",
    "Password" : { "Ref" : "SimpleADPW" },
    "Size" : "Small",
    "VpcSettings" : { 
      "SubnetIds" : [ { "Ref" : "subnetID1" }, { "Ref" : "subnetID2" } ],
      "VpcId" : { "Ref" : "vpcID" }
    }
  }
}

YAML

myDirectory: 
  Type: AWS::DirectoryService::SimpleAD
  Properties: 
    Name: "corp.example.com"
    Password: 
      Ref: SimpleADPW
    Size: "Small"
    VpcSettings: 
      SubnetIds: 
        - Ref: subnetID1
        - Ref: subnetID2
      VpcId: 
        Ref: vpcID

See also