Resource: awsStoragegatewaySmbFileShare
Manages an AWS Storage Gateway SMB File Share.
Example Usage
Active Directory Authentication
\~> NOTE: The gateway must have already joined the Active Directory domain prior to SMB file share creationE.g., via "SMB Settings" in the AWS Storage Gateway console or smbActiveDirectorySettings
in the awsStoragegatewayGateway
resource.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.storagegatewaySmbFileShare.StoragegatewaySmbFileShare(this, "example", {
authentication: "ActiveDirectory",
gatewayArn: "${aws_storagegateway_gateway.example.arn}",
locationArn: "${aws_s3_bucket.example.arn}",
roleArn: "${aws_iam_role.example.arn}",
});
Guest Authentication
\~> NOTE: The gateway must have already had the SMB guest password set prior to SMB file share creationE.g., via "SMB Settings" in the AWS Storage Gateway console or smbGuestPassword
in the awsStoragegatewayGateway
resource.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.storagegatewaySmbFileShare.StoragegatewaySmbFileShare(this, "example", {
authentication: "GuestAccess",
gatewayArn: "${aws_storagegateway_gateway.example.arn}",
locationArn: "${aws_s3_bucket.example.arn}",
roleArn: "${aws_iam_role.example.arn}",
});
Argument Reference
The following arguments are supported:
gatewayArn
- (Required) Amazon Resource Name (ARN) of the file gateway.locationArn
- (Required) The ARN of the backed storage used for storing file data.vpcEndpointDnsName
- (Optional) The DNS name of the VPC endpoint for S3 private link.bucketRegion
- (Optional) The region of the S3 buck used by the file share. Required when specifying avpcEndpointDnsName
.roleArn
- (Required) The ARN of the AWS Identity and Access Management (IAM) role that a file gateway assumes when it accesses the underlying storage.adminUserList
- (Optional) A list of users in the Active Directory that have admin access to the file share. Only valid ifauthentication
is set toactiveDirectory
.authentication
- (Optional) The authentication method that users use to access the file share. Defaults toactiveDirectory
. Valid values:activeDirectory
,guestAccess
.auditDestinationArn
- (Optional) The Amazon Resource Name (ARN) of the CloudWatch Log Group used for the audit logs.defaultStorageClass
- (Optional) The default storage class for objects put into an Amazon S3 bucket by the file gateway. Defaults toS3_STANDARD
.fileShareName
- (Optional) The name of the file share. Must be set if an S3 prefix name is set inlocationArn
.guessMimeTypeEnabled
- (Optional) Boolean value that enables guessing of the MIME type for uploaded objects based on file extensions. Defaults totrue
.invalidUserList
- (Optional) A list of users in the Active Directory that are not allowed to access the file share. Only valid ifauthentication
is set toactiveDirectory
.kmsEncrypted
- (Optional) Boolean value iftrue
to use Amazon S3 server side encryption with your own AWS KMS key, orfalse
to use a key managed by Amazon S3. Defaults tofalse
.kmsKeyArn
- (Optional) Amazon Resource Name (ARN) for KMS key used for Amazon S3 server side encryption. This value can only be set whenkmsEncrypted
is true.objectAcl
- (Optional) Access Control List permission for S3 objects. Defaults toprivate
.oplocksEnabled
- (Optional) Boolean to indicate Opportunistic lock (oplock) status. Defaults totrue
.cacheAttributes
- (Optional) Refresh cache information. see Cache Attributes for more details.readOnly
- (Optional) Boolean to indicate write status of file share. File share does not accept writes iftrue
. Defaults tofalse
.requesterPays
- (Optional) Boolean who pays the cost of the request and the data download from the Amazon S3 bucket. Set this value totrue
if you want the requester to pay instead of the bucket owner. Defaults tofalse
.smbAclEnabled
- (Optional) Set this value totrue
to enable ACL (access control list) on the SMB fileshare. Set it tofalse
to map file and directory permissions to the POSIX permissions. This setting applies only toactiveDirectory
authentication type.caseSensitivity
- (Optional) The case of an object name in an Amazon S3 bucket. ForclientSpecified
, the client determines the case sensitivity. ForcaseSensitive
, the gateway determines the case sensitivity. The default value isclientSpecified
.validUserList
- (Optional) A list of users in the Active Directory that are allowed to access the file share. If you need to specify an Active directory group, add '@' before the name of the group. It will be set on Allowed group in AWS console. Only valid ifauthentication
is set toactiveDirectory
.accessBasedEnumeration
- (Optional) The files and folders on this share will only be visible to users with read access. Default value isfalse
.notificationPolicy
- (Optional) The notification policy of the file share. For more information see the AWS Documentation. Default value is{}
.tags
- (Optional) Key-value map of resource tags. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
cacheAttributes
cacheStaleTimeoutInSeconds
- (Optional) Refreshes a file share's cache by using Time To Live (TTL). TTL is the length of time since the last refresh after which access to the directory would cause the file gateway to first refresh that directory's contents from the Amazon S3 bucket. Valid Values: 300 to 2,592,000 seconds (5 minutes to 30 days)
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- Amazon Resource Name (ARN) of the SMB File Share.arn
- Amazon Resource Name (ARN) of the SMB File Share.fileshareId
- ID of the SMB File Share.path
- File share path used by the NFS client to identify the mount point.tagsAll
- A map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.
Timeouts
create
- (Default10M
)update
- (Default10M
)delete
- (Default15M
)
Import
awsStoragegatewaySmbFileShare
can be imported by using the SMB File Share Amazon Resource Name (ARN), e.g.,