1 回答
- 最新
- 投票最多
- 评论最多
1
You can create a "DHCP option set" for your VPC containing the IPs for your Domain controllers.
Otherwise provide the IPs in the wizard while creating the FSX
If you are doing this from cloudformation you can also enter your domain controllers IPs in "DnsIps" under "SelfManagedActiveDirectoryConfiguration"
FSx1:
Type: "AWS::FSx::FileSystem"
Properties:
FileSystemType: "WINDOWS"
StorageCapacity:
Ref: StorageCapacity
SubnetIds:
- Ref: Subnet1
- Ref: Subnet2
SecurityGroupIds:
- yoursecgroup
WindowsConfiguration:
WeeklyMaintenanceStartTime:
DailyAutomaticBackupStartTime:
ThroughputCapacity:
AutomaticBackupRetentionDays: #
CopyTagsToBackups: true
DeploymentType: "MULTI_AZ_1"
PreferredSubnetId:
SelfManagedActiveDirectoryConfiguration:
DnsIps:
- #.#.#.#
- #.#.#.#
DomainName:
OrganizationalUnitDistinguishedName:
Password: !Join [ "", ["{{resolve:secretsmanager:",!Ref "SecretObject",":SecretString:password}}"]] # '{{resolve:secretsmanager:<SecretObject>:SecretString:password}}'
UserName: !Join [ "", ["{{resolve:secretsmanager:",!Ref "SecretObject",":SecretString:username}}"]] # '{{resolve:secretsmanager:<SecretObject>:SecretString:username}}'
Also, see the password and Username parameters consumed from secrets manager (you need to pass that to join nodes to your domain)
For any of those options make sure that those IPs are reachable in UDP/TCP 53 from your VPC
已回答 3 天前
相关内容
AWS 官方已更新 4 年前- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
