beta
Home
What's New
FAQ
No Items in Stack
Browse
beta
Home
No Items in Stack
Browse

Security Control

Config Rules
CloudWatch Alarms & Rules
Service Control Policies
Security Groups & NACLs
IAM Policies
S3 Bucket Policies

Domain

VPC Security
S3 Security
EC2 Security
IAM Security
DynamoDB
RDS Security
Logging & Monitoring
Amazon GuardDuty
Amazon Inspector
KMS
Billing and Cost

Configuration Packages

CIS AWS Benchmark
Enable Logging Services
Deploy Amazon VPC
Monitoring & Compliance
Common SCPs Package
Automatic Remediation

Solutions, Guides & Tools

Security Solutions
Security Tools
Close
Security Groups & NACLs

Microsoft Active Directory Security Group.



OverviewConfigure & DeploySources & DocumentationRelated Items

Overview

A security group that allows domain controller services on Microsoft Active Directory servers.

Configuration Templates

Items
1
Size
2.3 KB
Missing Parameters
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  SecurityGroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: >-
        A security group that allows domain controller services on Microsoft
        Active Directory servers.
      VpcId: ''
      SecurityGroupEgress:
        - FromPort: -1
          ToPort: -1
          IpProtocol: '-1'
          Description: ''
          CidrIp: 0.0.0.0/0
      SecurityGroupIngress:
        - FromPort: 9389
          ToPort: 9389
          IpProtocol: tcp
          Description: "Active Directory Web Services (ADWS) / Active Directory Management Gateway Service\t"
          CidrIp: ''
        - FromPort: 3269
          ToPort: 3269
          IpProtocol: tcp
          Description: Global Catalog
          CidrIp: ''
        - FromPort: 3268
          ToPort: 3268
          IpProtocol: tcp
          Description: Global Catalog
          CidrIp: ''
        - FromPort: -1
          ToPort: -1
          IpProtocol: icmp
          Description: ICMP
          CidrIp: ''
        - FromPort: 389
          ToPort: 389
          IpProtocol: tcp
          Description: LDAP Server
          CidrIp: ''
        - FromPort: 389
          ToPort: 389
          IpProtocol: udp
          Description: LDAP Server
          CidrIp: ''
        - FromPort: 636
          ToPort: 636
          IpProtocol: tcp
          Description: LDAP Server (SSL)
          CidrIp: ''
        - FromPort: 445
          ToPort: 445
          IpProtocol: tcp
          Description: SMB
          CidrIp: ''
        - FromPort: 135
          ToPort: 135
          IpProtocol: tcp
          Description: RPC
          CidrIp: ''
        - FromPort: 1024
          ToPort: 5000
          IpProtocol: tcp
          Description: RPC randomly allocated tcp high ports
          CidrIp: ''
        - FromPort: 49152
          ToPort: 65535
          IpProtocol: tcp
          Description: RPC randomly allocated tcp high ports
          CidrIp: ''
        - FromPort: 500
          ToPort: 500
          IpProtocol: udp
          Description: IPSec ISAKMP
          CidrIp: ''
        - FromPort: 4500
          ToPort: 4500
          IpProtocol: udp
          Description: NAT-T
          CidrIp: ''
      GroupName: allow-ms-ad-traffic
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Cf Template
 
* Required field

Sources and Documentation

Configuration Source: Native Feature

Additional Documentation:

 

Deploy Amazon VPC
A configuration package to deploy an Amazon VPC with predefined presets to select: Subnet Tiers (Public and Private), Availability Zones, and Internet Connectivity. Configuration includes Subnets, Routing Tables, Internet Gateway, Nat Gateways, and Security Groups
Configuration Package