Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

I want to create a folder in the shared top directory of FSx.

0

I want to create a folder in the shared top directory of FSx. Flow Powershell commands using ssm's AWS-RunPowerShellScript. However, the executing user is ssm-user. This user is not an active directory user and access is denied. The New-Item command does not set credentials. Is it possible to create a folder in the FSx shared top directory by running the powershell command from ssm?

Argomenti
Sicurezza, identità e conformitàGestione e amministrazioneArchiviazione
Tag
AWS Directory ServiceGestore dei sistemi AWSFile server Amazon FSx per WindowsStrumenti AWS per Windows PowerShell
Lingua
English
AWS-User-0207697
posta 2 anni fa614 visualizzazioni
1 Risposta
1

A similar question was asked here and has two different approaches on how to solve issues like this.

  • Fetching AD User credentials from Secrets Manager
  • Granting the AD Computer object permission to execute the command

See the answer section for more details.
https://repost.aws/questions/QU0nNAbP6mTNiszw8JqzX1rQ/about-the-user-who-executes-ssm

profile pictureAWS
JoeD_AWS
con risposta 2 anni fa
  • AWS-User-0207697
    2 anni fa

    Thank you for your response. The New-Item command does not allow optional credentials. Therefore, I would like to give permissions to the computer object. But I don't know how to do that. If you know how to do that, please let me know. Thank you so much.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente