Skip to content

Resource: awsDirectoryServiceRadiusSettings

Manages a directory's multi-factor authentication (MFA) using a Remote Authentication Dial In User Service (RADIUS) server.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.directoryServiceRadiusSettings.DirectoryServiceRadiusSettings(
  this,
  "example",
  {
    authenticationProtocol: "PAP",
    directoryId: "${aws_directory_service_directory.example.id}",
    displayLabel: "example",
    radiusPort: 1812,
    radiusRetries: 4,
    radiusServers: ["10.0.1.5"],
    radiusTimeout: 1,
    sharedSecret: "12345678",
  }
);

Argument Reference

The following arguments are supported:

  • authenticationProtocol - (Optional) The protocol specified for your RADIUS endpoints. Valid values: pap, chap, msChaPv1, msChaPv2.
  • directoryId - (Required) The identifier of the directory for which you want to manager RADIUS settings.
  • displayLabel - (Required) Display label.
  • radiusPort - (Required) The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the AWS Directory Service servers.
  • radiusRetries - (Required) The maximum number of times that communication with the RADIUS server is attempted. Minimum value of 0. Maximum value of 10.
  • radiusServers - (Required) An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.
  • radiusTimeout - (Required) The amount of time, in seconds, to wait for the RADIUS server to respond. Minimum value of 1. Maximum value of 50.
  • sharedSecret - (Required) Required for enabling RADIUS on the directory.
  • useSameUsername - (Optional) Not currently used.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The directory identifier.

Timeouts

awsDirectoryServiceRadiusSettings provides the following Timeouts configuration options:

  • create - (Default 30Minutes) Used for RADIUS settings creation
  • update - (Default 30Minutes) Used for RADIUS settings update

Import

RADIUS settings can be imported using the directory ID, e.g.,

$ terraform import aws_directory_service_radius_settings.example d-926724cf57