Resource: awsDirectoryServiceRegion
Manages a replicated Region and directory for Multi-Region replication. Multi-Region replication is only supported for the Enterprise Edition of AWS Managed Microsoft AD.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.provider.AwsProvider(this, "aws", {
region: "us-west-2",
});
const awsSecondary = new aws.provider.AwsProvider(this, "aws_1", {
alias: "secondary",
region: "us-east-2",
});
const awsVpcExample = new aws.vpc.Vpc(this, "example", {
cidrBlock: "10.0.0.0/16",
tags: {
Name: "Primary",
},
});
const awsVpcExampleSecondary = new aws.vpc.Vpc(this, "example-secondary", {
cidrBlock: "10.1.0.0/16",
provider: `\${${awsSecondary.fqn}}`,
tags: {
Name: "Secondary",
},
});
const dataAwsAvailabilityZonesAvailable =
new aws.dataAwsAvailabilityZones.DataAwsAvailabilityZones(this, "available", {
filter: [
{
name: "opt-in-status",
values: ["opt-in-not-required"],
},
],
state: "available",
});
const dataAwsAvailabilityZonesAvailableSecondary =
new aws.dataAwsAvailabilityZones.DataAwsAvailabilityZones(
this,
"available-secondary",
{
filter: [
{
name: "opt-in-status",
values: ["opt-in-not-required"],
},
],
provider: `\${${awsSecondary.fqn}}`,
state: "available",
}
);
const dataAwsRegionExample = new aws.dataAwsRegion.DataAwsRegion(
this,
"example_6",
{
provider: `\${${awsSecondary.fqn}}`,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsRegionExample.overrideLogicalId("example");
const awsSubnetExample = new aws.subnet.Subnet(this, "example_7", {
availabilityZone: `\${${dataAwsAvailabilityZonesAvailable.names.fqn}[count.index]}`,
cidrBlock: `\${cidrsubnet(${awsVpcExample.cidrBlock}, 8, count.index)}`,
tags: {
Name: "Primary",
},
vpcId: awsVpcExample.id,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSubnetExample.overrideLogicalId("example");
/*In most cases loops should be handled in the programming language context and
not inside of the Terraform context. If you are looping over something external, e.g. a variable or a file input
you should consider using a for loop. If you are looping over something only known to Terraform, e.g. a result of a data source
you need to keep this like it is.*/
awsSubnetExample.addOverride("count", 2);
const awsSubnetExampleSecondary = new aws.subnet.Subnet(
this,
"example-secondary_8",
{
availabilityZone: `\${${dataAwsAvailabilityZonesAvailableSecondary.names.fqn}[count.index]}`,
cidrBlock: `\${cidrsubnet(${awsVpcExampleSecondary.cidrBlock}, 8, count.index)}`,
provider: `\${${awsSecondary.fqn}}`,
tags: {
Name: "Secondary",
},
vpcId: awsVpcExampleSecondary.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSubnetExampleSecondary.overrideLogicalId("example-secondary");
/*In most cases loops should be handled in the programming language context and
not inside of the Terraform context. If you are looping over something external, e.g. a variable or a file input
you should consider using a for loop. If you are looping over something only known to Terraform, e.g. a result of a data source
you need to keep this like it is.*/
awsSubnetExampleSecondary.addOverride("count", 2);
const awsDirectoryServiceDirectoryExample =
new aws.directoryServiceDirectory.DirectoryServiceDirectory(
this,
"example_9",
{
name: "example.com",
password: "SuperSecretPassw0rd",
type: "MicrosoftAD",
vpcSettings: {
subnetIds: `\${${awsSubnetExample.fqn}[*].id}`,
vpcId: awsVpcExample.id,
},
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsDirectoryServiceDirectoryExample.overrideLogicalId("example");
const awsDirectoryServiceRegionExample =
new aws.directoryServiceRegion.DirectoryServiceRegion(this, "example_10", {
directoryId: awsDirectoryServiceDirectoryExample.id,
regionName: dataAwsRegionExample.name,
tags: {
Name: "Secondary",
},
vpcSettings: {
subnetIds: `\${${awsSubnetExampleSecondary.fqn}[*].id}`,
vpcId: awsVpcExampleSecondary.id,
},
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsDirectoryServiceRegionExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
desiredNumberOfDomainControllers- (Optional) The number of domain controllers desired in the replicated directory. Minimum value of2.directoryId- (Required) The identifier of the directory to which you want to add Region replication.regionName- (Required) The name of the Region where you want to add domain controllers for replication.tags- (Optional) Map of tags to assign to this resource. If configured with a providerdefaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.vpcSettings- (Required) VPC information in the replicated Region. Detailed below.
vpcSettings
subnetIds- (Required) The identifiers of the subnets for the directory servers.vpcId- (Optional) The identifier of the VPC in which to create the directory.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
tagsAll- A map of tags assigned to the resource, including those inherited from the providerdefaultTagsconfiguration block.
Timeouts
awsDirectoryServiceRegion provides the following Timeouts configuration options:
create- (Default180Minutes) Used for Region additionupdate- (Default90Minutes) Used for replicated directory updatedelete- (Default90Minutes) Used for Region removal
Import
Replicated Regions can be imported using directory ID,Region name e.g.,