How do I use EC2 Systems Manager to join an instance to my AWS Directory Service domain?

时间:2021-10-26 20:37:23

1. Create new role "EC2RoleforSSM" in AWS IAM

 AWS->IAM->Roles->Create role->Select EC2, EC2 Role for Simple Systems Manager->AmazonEC2RoleforSSM->Role Name "EC2RoleforSSM"->Create Role

2. Create a new document "join_domain_doc" in AWS System Manager Shared Resources

 AWS->EC2->System Manager Shared Resources->Documents->Create Document name "join_domain_doc"

{
    "schemaVersion": "1.0",
    "description": "Join an instance to a domain",
    "runtimeConfig": {
       "aws:domainJoin": {
           "properties": {
              "directoryId": "d-8267xxxxxx",
              "directoryName": "ad.domain.com",
              "dnsIpAddresses": [
                 "10.200.221.118",
                 "10.200.223.119"
              ]
           }
       }
    }
}

 

3. Create a new Windows EC2 instance and Attach role "EC2RoleforSSM"

 AWS->EC2->Launch Instance->Select Windows 2016 base AMI->Instance Type->Storage->Network->SG->Launch

 AWS->EC2->Select new EC2->Action->Attach role "EC2RoleforSSM"

4. Run a Command to the new Windows EC2 instance in AWS System Manager Services 

 AWS->System Manager Services->Run a Command->Owned By me document->Select "join_domain_doc"->Select Instances->Run

 

Refer:

https://amazonaws-china.com/cn/premiumsupport/knowledge-center/ec2-systems-manager-dx-domain/

https://docs.aws.amazon.com/directoryservice/latest/admin-guide/prereq_connector.html#connect_verification

https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up.html

标签:

相关文章