Guided Walkthroughs
Step-by-step configuration wizards for your environment
Dedicated Security Account
AWS Backup Strategy
VPC Connectivity Setup
Automated Patching
All Guides
A security group that allows domain controller services on Microsoft Active Directory servers.
The template creates the security group into an existing VPC, and requires the following details:
See Related Items section for configuration templates to create a new VPC.
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
SecurityGroup:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupDescription: "A security group that allows domain controller services on Microsoft Active Directory servers."
VpcId: ""
SecurityGroupEgress:
- FromPort: -1
ToPort: -1
IpProtocol: "-1"
Description: ""
CidrIp: "0.0.0.0/0"
SecurityGroupIngress:
- FromPort: 9389
ToPort: 9389
IpProtocol: "tcp"
Description: "Active Directory Web Services (ADWS) / Active Directory Management Gateway Service"
CidrIp: ""
- FromPort: 3269
ToPort: 3269
IpProtocol: "tcp"
Description: "Global Catalog"
CidrIp: ""
- FromPort: 3268
ToPort: 3268
IpProtocol: "tcp"
Description: "Global Catalog"
CidrIp: ""
- FromPort: -1
ToPort: -1
IpProtocol: "icmp"
Description: "ICMP"
CidrIp: ""
- FromPort: 389
ToPort: 389
IpProtocol: "tcp"
Description: "LDAP Server"
CidrIp: ""
- FromPort: 389
ToPort: 389
IpProtocol: "udp"
Description: "LDAP Server"
CidrIp: ""
- FromPort: 636
ToPort: 636
IpProtocol: "tcp"
Description: "LDAP Server (SSL)"
CidrIp: ""
- FromPort: 445
ToPort: 445
IpProtocol: "tcp"
Description: "SMB"
CidrIp: ""
- FromPort: 135
ToPort: 135
IpProtocol: "tcp"
Description: "RPC"
CidrIp: ""
- FromPort: 1024
ToPort: 5000
IpProtocol: "tcp"
Description: "RPC randomly allocated tcp high ports"
CidrIp: ""
- FromPort: 49152
ToPort: 65535
IpProtocol: "tcp"
Description: "RPC randomly allocated tcp high ports"
CidrIp: ""
- FromPort: 500
ToPort: 500
IpProtocol: "udp"
Description: "IPSec ISAKMP"
CidrIp: ""
- FromPort: 4500
ToPort: 4500
IpProtocol: "udp"
Description: "NAT-T"
CidrIp: ""
GroupName: "allow-ms-ad-traffic"
Parameters: {}
Metadata: {}
Conditions: {}