Properties
ad-groups
ad-groups: string[]
Title: Active Directory Groups
Description: Groups to create within the MAD instance. Only executed on Accelerator initial installation (used to speed initial installs).
ad-per-account-groups
ad-per-account-groups: string[]
Title: AD per Account Groups
Description: Create these AD groups within MAD for every Shared account in Accelerator. Only executed on Accelerator initial installation (used to speed initial installs).
ad-users
Title: Active Directory Users
Description: Users to create within the MAD instance. Only executed on Accelerator initial installation (used to speed initial installs).
adc-group
adc-group: string
Title: AWS ADC Group
Description: AWS Active Directory Connector (ADC) group to be created and assigned appropriate permissions within MAD. Only executed on Accelerator initial installation.
Optional azs
azs: string[]
Title: Azs
Description: Availability zones for the underlying MAD instances
central-resolver-rule-account
central-resolver-rule-account: string
Title: Central Resolver Rule Account
Description: Integrate DNS resolution between MAD and the endpoint VPC. Provide the account for the endpoint VPC
central-resolver-rule-vpc
central-resolver-rule-vpc: string
Title: Central Resolver Rule Vpc
Description: Name of the endpoint VPC or the VPC that implements the centralized resolvers
deploy
deploy: boolean
Title: Deploy
Description: Set to true to deploy this MAD or to false if only being defined in the Accelerator
Optional description
description: string
Title: Description
Description: Description field used in the future GUI, and allows customers to provide a purpose for this MAD.
dir-id
dir-id: number
Title: Dir Id
Description: MAD directory ID
dns-domain
dns-domain: string
Title: MAD DNS Domain Name
Description: MAD DNS Domain
image-path
image-path: string
Title: RDGW Image Path
Description: The SSM AMI ID of the image used to bootstrap the RDGW instance. This should point to the variable for the latest image ID.
log-group-name
log-group-name: string
Title: Log Group Name
Description: CWL log group name for MAD
max-rdgw-hosts
max-rdgw-hosts: number
Title: Max RDGW Hosts
Description: Maximum number of instances in the RDGW auto-scaling group
min-rdgw-hosts
min-rdgw-hosts: number
Title: Min RDGW Hosts
Description: Minimum number of instances in the RDGW auto-scaling group
netbios-domain
netbios-domain: string
Title: MAD Netbios Domain Name
Description: MAD Netbios Domain
num-rdgw-hosts
num-rdgw-hosts: number
Title: Number of RDGW Hosts
Description: Desired number of instances in the RDGW auto-scaling group
password-policies
Title: Active Directory Password Policies
Description: Password policies for MAD users. Only set on Accelerator initial installation.
Optional password-secret-name
password-secret-name: string
Title: Password Secret Name
Description: A Secret ARN containing the MAD root user password. This is only used for customers that have iupgraded from v1.0.4.
Optional rdgw-enforce-imdsv2
rdgw-enforce-imdsv2: boolean
Title: Enforce IMDSv2 on the EC instances launched for Remote Desktop Gateway
Description: If set to true, IMDSv2 will be mandatory on the instances. Default : false
rdgw-instance-role
rdgw-instance-role: string
Title: Remote Desktop Gateway instance role
Description: EC2 instance role assumed by the RDGW
rdgw-instance-type
rdgw-instance-type: string
Title: Remote Desktop Gateway EC2 instance type
Description: To manage the MAD the Accelerator deploys an EC2 instance to serve as a Remote Desktop Gateway
rdgw-max-instance-age
rdgw-max-instance-age: number
Title: RDGW Max Instance Age
Description: EC2 Auto Scaling lets you safely and securely recycle instances in at a regular cadence. The Maximum Instance Lifetime parameter helps you ensure that instances are recycled before reaching the specified lifetime in days.
region
region: string
Title: Region
Description: Region to deploy the MAD
restrict_srcips
restrict_srcips: string[]
Title: Restrict source IPs
Description: Restrict access to the MAD interface to this source IPs defined in ${RANGE-RESTRICT}
security-groups
Title: Security Groups
Description: AWS security groups to associate to the MAD EC2 instances
Optional share-to-account
share-to-account: string
Title: Share To Account
Description: Share the MAD to other accounts. This is typically left blank and the share-mad-from parameter at the OU level is leveraged
size
size: string
Title: MAD Size
Description: Standard or Enterprise. AWS Managed Microsoft AD (Standard Edition) is optimized to be a primary directory for small and midsize businesses with up to 5,000 employees. It provides you enough storage capacity to support up to 30,000* directory objects, such as users, groups, and computers. AWS Managed Microsoft AD (Enterprise Edition) is designed to support enterprise organizations with up to 500,000* directory objects
subnet
subnet: string
Title: Subnet
Description: Subnets to deploy the MAD
vpc-name
vpc-name: string
Title: MAD VPC Name
Description: Name of the VPC to deploy the MAD to
Microsoft Active Directory configuration