AWS::DataSync::LocationSMB - AWS CloudFormation (original) (raw)
The AWS::DataSync::LocationSMB resource specifies a Server Message Block (SMB) location that AWS DataSync can use as a transfer source or destination.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{
"Type" : "AWS::DataSync::LocationSMB",
"Properties" : {
"AgentArns" : [ String, ... ],
"AuthenticationType" : String,
"DnsIpAddresses" : [ String, ... ],
"Domain" : String,
"KerberosKeytab" : String,
"KerberosKrb5Conf" : String,
"KerberosPrincipal" : String,
"MountOptions" : MountOptions,
"Password" : String,
"ServerHostname" : String,
"Subdirectory" : String,
"Tags" : [ Tag, ... ],
"User" : String
}
}
YAML
Type: AWS::DataSync::LocationSMB
Properties:
AgentArns:
- String
AuthenticationType: String
DnsIpAddresses:
- String
Domain: String
KerberosKeytab: String
KerberosKrb5Conf: String
KerberosPrincipal: String
MountOptions:
MountOptions
Password: String
ServerHostname: String
Subdirectory: String
Tags:
- Tag
User: String
Properties
AgentArns
Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).
Required: Yes
Type: Array of String
Minimum: 1
Maximum: 128 | 4
Update requires: No interruption
AuthenticationType
Specifies the authentication protocol that DataSync uses to connect to your SMB file server. DataSync supports NTLM (default) and KERBEROS authentication.
For more information, see Providing DataSync access to SMB file servers.
Required: No
Type: String
Allowed values: NTLM | KERBEROS
Update requires: No interruption
DnsIpAddresses
Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set toKERBEROS.
If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.
Required: No
Type: Array of String
Minimum: 7
Maximum: 15 | 2
Update requires: No interruption
Domain
Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to NTLM.
If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.
Required: No
Type: String
Pattern: ^([A-Za-z0-9]+[A-Za-z0-9-.]*)*[A-Za-z0-9-]*[A-Za-z0-9]$
Maximum: 253
Update requires: No interruption
KerberosKeytab
Specifies your Kerberos key table (keytab) file, which includes mappings between your Kerberos principal and encryption keys.
The file must be base64 encoded.
To avoid task execution errors, make sure that the Kerberos principal that you use to create the keytab file matches exactly what you specify for KerberosPrincipal.
Required: No
Type: String
Maximum: 87384
Update requires: No interruption
KerberosKrb5Conf
Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration.
The file must be base64 encoded.
Required: No
Type: String
Maximum: 174764
Update requires: No interruption
KerberosPrincipal
Specifies a Kerberos prinicpal, which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.
A Kerberos principal might look like HOST/kerberosuser@MYDOMAIN.ORG.
Principal names are case sensitive. Your DataSync task execution will fail if the principal that you specify for this parameter doesn’t exactly match the principal that you use to create the keytab file.
Required: No
Type: String
Pattern: ^.+$
Minimum: 1
Maximum: 256
Update requires: No interruption
MountOptions
Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.
Required: No
Type: MountOptions
Update requires: No interruption
Password
Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only ifAuthenticationType is set to NTLM.
Required: No
Type: String
Pattern: ^.{0,104}$
Maximum: 104
Update requires: No interruption
ServerHostname
Specifies the domain name or IP address of the SMB file server that your DataSync agent connects to.
Remember the following when configuring this parameter:
- You can't specify an IP version 6 (IPv6) address.
- If you're using Kerberos authentication, you must specify a domain name.
Required: No
Type: String
Pattern: ^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$
Maximum: 255
Update requires: No interruption
Subdirectory
Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example,/path/to/subdirectory). Make sure that other SMB clients in your network can also mount this path.
To copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see Providing DataSync access to SMB file servers.
Required: No
Type: String
Pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$
Maximum: 4096
Update requires: No interruption
Tags
Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.
Required: No
Type: Array of Tag
Maximum: 50
Update requires: No interruption
User
Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if AuthenticationType is set toNTLM.
For information about choosing a user with the right level of access for your transfer, see Providing DataSync access to SMB file servers.
Required: No
Type: String
Pattern: ^[^\x5B\x5D\\/:;|=,+*?]{1,104}$
Maximum: 104
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the location resource Amazon Resource Name (ARN). For example:
arn:aws:datasync:us-east-2:111222333444:location/loc-07db7abfc326c50s3
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, seeFn::GetAtt.
LocationArn
The Amazon Resource Name (ARN) of the specified SMB location.
LocationUri
The URI of the specified SMB location.
Examples
Creating an SMB location
The following example specifies an SMB location for DataSync. In this example, the SMB location uses the domain EXAMPLE with SMB version 3. The server hostname is MyServer@example.com, and the SMB location is in the /share subdirectory. This example also specifies the user IDuser-1 for NTLM authentication.
JSON
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Creates an SMB location for DataSync",
"Resources": {
"LocationSMB": {
"Type": "AWS::DataSync::LocationSMB",
"Properties": {
"AgentArns": [
"arn:aws:datasync:us-east-2:111222333444:agent/agent-0b0addbeef44b3nfs,",
"arn:aws:datasync:us-east-2:111222333444:agent/agent-2345noo35nnee1123ovo3"
],
"Domain": "EXAMPLE",
"AuthenticationType": "NTLM",
"MountOptions": {
"Version": "SMB3"
},
"Password": "Password",
"ServerHostname": "MyServer.example.com",
"Subdirectory": "/share",
"User": "user-1"
}
}
}
}YAML
AWSTemplateFormatVersion: 2010-09-09
Description: Creates an SMB location for DataSync
Resources:
LocationSMB:
Type: AWS::DataSync::LocationSMB
Properties:
AgentArns:
- arn:aws:datasync:us-east-2:111222333444:agent/agent-0b0addbeef44b3nfs,
- arn:aws:datasync:us-east-2:111222333444:agent/agent-2345noo35nnee1123ovo3
Domain: EXAMPLE
AuthenticationType: NTLM
MountOptions:
Version: SMB3
Password: Password
ServerHostname: MyServer.example.com
Subdirectory: /share
User: user-1