AWS::DataSync::LocationSMB
The AWS::DataSync::LocationSMB resource specifies a Server Message Block
(SMB) location that AWS DataSync can use as a transfer source or destination.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::DataSync::LocationSMB", "Properties" : { "AgentArns" :[ String, ... ], "AuthenticationType" :String, "DnsIpAddresses" :[ String, ... ], "Domain" :String, "KerberosKeytab" :String, "KerberosKrb5Conf" :String, "KerberosPrincipal" :String, "MountOptions" :MountOptions, "Password" :String, "ServerHostname" :String, "Subdirectory" :String, "Tags" :[ Tag, ... ], "User" :String} }
YAML
Type: AWS::DataSync::LocationSMB Properties: AgentArns:- StringAuthenticationType:StringDnsIpAddresses:- StringDomain:StringKerberosKeytab:StringKerberosKrb5Conf:StringKerberosPrincipal:StringMountOptions:MountOptionsPassword:StringServerHostname:StringSubdirectory:StringTags:- TagUser:String
Properties
AgentArns-
Specifies the DataSync agent (or agents) that can connect to your SMB file server. You specify an agent by using its Amazon Resource Name (ARN).
Required: Yes
Type: Array of String
Minimum:
1Maximum:
128 | 4Update requires: No interruption
AuthenticationType-
Specifies the authentication protocol that DataSync uses to connect to your SMB file server. DataSync supports
NTLM(default) andKERBEROSauthentication.For more information, see Providing DataSync access to SMB file servers.
Required: No
Type: String
Allowed values:
NTLM | KERBEROSUpdate requires: No interruption
DnsIpAddresses-
Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if
AuthenticationTypeis set toKERBEROS.If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.
Required: No
Type: Array of String
Minimum:
7Maximum:
15 | 2Update requires: No interruption
Domain-
Specifies the Windows domain name that your SMB file server belongs to. This parameter applies only if
AuthenticationTypeis set toNTLM.If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.
Required: No
Type: String
Pattern:
^([A-Za-z0-9]+[A-Za-z0-9-.]*)*[A-Za-z0-9-]*[A-Za-z0-9]$Maximum:
253Update requires: No interruption
KerberosKeytab-
Specifies your Kerberos key table (keytab) file, which includes mappings between your Kerberos principal and encryption keys.
The file must be base64 encoded.
To avoid task execution errors, make sure that the Kerberos principal that you use to create the keytab file matches exactly what you specify for
KerberosPrincipal.Required: No
Type: String
Maximum:
87384Update requires: No interruption
KerberosKrb5Conf-
Specifies a Kerberos configuration file (
krb5.conf) that defines your Kerberos realm configuration.The file must be base64 encoded.
Required: No
Type: String
Maximum:
174764Update requires: No interruption
KerberosPrincipal-
Specifies a Kerberos prinicpal, which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.
A Kerberos principal might look like
HOST/kerberosuser@MYDOMAIN.ORG.Principal names are case sensitive. Your DataSync task execution will fail if the principal that you specify for this parameter doesn’t exactly match the principal that you use to create the keytab file.
Required: No
Type: String
Pattern:
^.+$Minimum:
1Maximum:
256Update requires: No interruption
MountOptions-
Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.
Required: No
Type: MountOptions
Update requires: No interruption
Password-
Specifies the password of the user who can mount your SMB file server and has permission to access the files and folders involved in your transfer. This parameter applies only if
AuthenticationTypeis set toNTLM.Required: No
Type: String
Pattern:
^.{0,104}$Maximum:
104Update requires: No interruption
ServerHostname-
Specifies the domain name or IP address of the SMB file server that your DataSync agent will mount.
Remember the following when configuring this parameter:
-
You can't specify an IP version 6 (IPv6) address.
-
If you're using Kerberos authentication, you must specify a domain name.
Required: No
Type: String
Pattern:
^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$Maximum:
255Update requires: No interruption
-
Subdirectory-
Specifies the name of the share exported by your SMB file server where DataSync will read or write data. You can include a subdirectory in the share path (for example,
/path/to/subdirectory). Make sure that other SMB clients in your network can also mount this path.To copy all data in the subdirectory, DataSync must be able to mount the SMB share and access all of its data. For more information, see Providing DataSync access to SMB file servers.
Required: No
Type: String
Pattern:
^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$Maximum:
4096Update requires: No interruption
-
Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.
Required: No
Type: Array of Tag
Maximum:
50Update requires: No interruption
User-
Specifies the user that can mount and access the files, folders, and file metadata in your SMB file server. This parameter applies only if
AuthenticationTypeis set toNTLM.For information about choosing a user with the right level of access for your transfer, see Providing DataSync access to SMB file servers.
Required: No
Type: String
Pattern:
^[^\x5B\x5D\\/:;|=,+*?]{1,104}$Maximum:
104Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref returns the location resource Amazon Resource Name (ARN). For
example:
arn:aws:datasync:us-east-2:111222333444:location/loc-07db7abfc326c50s3
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute
of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see
Fn::GetAtt.
LocationArn-
The Amazon Resource Name (ARN) of the specified SMB location.
LocationUri-
The URI of the specified SMB location.
Examples
Creating an SMB location
The following example specifies an SMB location for DataSync. In this
example, the SMB location uses the domain EXAMPLE with SMB version 3.
The server hostname is MyServer@example.com, and the SMB location is in
the /share subdirectory. This example also specifies the user ID
user-1 for NTLM authentication.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "Creates an SMB location for DataSync", "Resources": { "LocationSMB": { "Type": "AWS::DataSync::LocationSMB", "Properties": { "AgentArns": [ "arn:aws:datasync:us-east-2:111222333444:agent/agent-0b0addbeef44b3nfs,", "arn:aws:datasync:us-east-2:111222333444:agent/agent-2345noo35nnee1123ovo3" ], "Domain": "EXAMPLE", "AuthenticationType": "NTLM", "MountOptions": { "Version": "SMB3" }, "Password": "Password", "ServerHostname": "MyServer.example.com", "Subdirectory": "/share", "User": "user-1" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Description: Creates an SMB location for DataSync Resources: LocationSMB: Type: AWS::DataSync::LocationSMB Properties: AgentArns: - arn:aws:datasync:us-east-2:111222333444:agent/agent-0b0addbeef44b3nfs, - arn:aws:datasync:us-east-2:111222333444:agent/agent-2345noo35nnee1123ovo3 Domain: EXAMPLE AuthenticationType: NTLM MountOptions: Version: SMB3 Password: Password ServerHostname: MyServer.example.com Subdirectory: /share User: user-1
