- Create a new CloudFormation template file. We'll start by populating it with Parameters that correspond to all the requirements that we previously mentioned:
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
FullyQualifiedName:
Description: The fully qualified name for the directory
(e.g. megacorp.com)
Type: String
AllowedPattern: '^([a-zA-Z0-9]+[\.-])+([a-zA-Z0-9])+$'
Password:
Description: The password for the directory Administrator
Type: String
NoEcho: true
- Then, we add parameters for the VPC, subnets, and directory size:
VpcId:
Description: The ID of the VPC to deploy to
Type: AWS::EC2::VPC::Id
SubnetIds:
Description: Subnets where the directory will be deployed to
(pick at least 2)
Type: List<AWS::EC2::Subnet::Id>
DirectorySize:
Description: The size of the directory to deploy
Type: String
AllowedValues:
- Small
- Large
- Next, we define our Resources. Even though two Simple AD domain controllers are being deployed, we only need to create one resource here:
Resources:
ExampleDirectory:
Type: AWS::DirectoryService::SimpleAD
Properties:
Name: !Ref FullyQualifiedName
Password: !Ref Password
Size: !Ref DirectorySize
VpcSettings:
SubnetIds:
- !Select [ 0, Ref: SubnetIds ]
- !Select [ 1, Ref: SubnetIds ]
VpcId: !Ref VpcId
- You can now go ahead and run this template in the CloudFormation web console, or via the CLI, like this:
aws cloudformation create-stack
--stack-name example-directory
--template-body file://08-active-directory-as-a-service.yaml
--parameters
ParameterKey=FullyQualifiedName,ParameterValue=<fqdn>
ParameterKey=Password,ParameterValue=<password>
ParameterKey=VpcId,ParameterValue=<vpd-id>
"ParameterKey=SubnetIds,ParameterValue='<subnet-1>,<subnet-2>'"
ParameterKey=DirectorySize,ParameterValue=<Small/Large>