Step by Step guide to configure Amazon FSx for Windows File Server

What is Amazon FSx for Windows File Server

FSx for Windows File Server is a fully managed file storage built on Windows Server which can be used as the profile store for your VDI solution, as an official file service option for your documents and applications.

Pre-requisites for deploying FSx share

• In order to deploy Amazon FSx for Windows file server you need to fulfill the below pre-requisites.
• Self-managed or AWS managed Microsoft AD
• Credentials to add the FSx file share to domain
• If self-managed, then network communication to allow the DNS, AD ports.

Step by step deployment guide

• In the AWS portal, search for “Amazon FSx”

-In the FSx landing page, click on “Create File System”

• Select the file system type as “Amazon FSx for Windows File Server” and Click Next

• In the File system details, • Provide name for your file system • Deployment type :- Select whether you need a Multi AZ file system or a single AZ file system. • Storage type:- Select whether you need SSD or HDD • Storage capacity:- provide the storage capacity. The minimum capacity for SSD is 32GB and HDD is 2000GB (at the time of writing this article) • Throughput capacity:- specify the throughput capacity if you need to give additional IOPS to your file server

• In the network and security tab select the VPC, Security group and subnet where the File server need to reside. Make sure the security group has relevant ports opened if you are using a self-managed AD .

• In the Windows authentication section, select whether to use AWS managed Microsoft AD or self-managed Microsoft AD. If Self-managed AD, provide the domain name, DNS IP and valid credentials which has permissions to add the FSx storage to domain. While providing the username, doesn’t include the domain prefix with the name.

• We can also specify the OU where the file server need to get created and placed. The other option is to configure the delegated file system administrators’ group. By default, domain admins will be added as the admins.

• In the encryption section, select the KMS key which is used to encrypt the file system

• We can configure auditing to capture the successful and failed login and access logs. This can be saved in either cloud watch or in Kinesis Data Firehouse.

-We can provide customer DNS alias names to access the file server from the Access section

• Optionally we can configure daily, weekly backup and the weekly maintenance window for your file server. If we haven’t specified any preference, amazon will take the best optimal hours to perform the patching.

• Optionally we can configure tags from the tags section.

• Once done, click next to review and Click on “create file system” to create the file server

• The amazon FSx file system will get created if there are no errors like unable to access domain controller, unable to add the storage account to domain etc.

• After successful creation of the FSx share, a computer object will get created in active directory