NetApp · kcantrel · Mar 25, 2026 · Mar 25, 2026 · Mar 25, 2026 · Mar 25, 2026
@@ -61,7 +61,7 @@ Metadata:
       SvmName:
         default: "SVM Name"
       Username:
-        default: "Username"
+        default: "ONTAP Username"
       DriveLetter:
         default: "Drive Letter (Windows Only)"
       CidrIp:
@@ -115,14 +115,15 @@ Parameters:
     Description: SVM Name
   Username:
     Type: String
-    Description: Username to run under
+    Description: Username to run ONTAP APIs as.
+    Default: fsxadmin
   DriveLetter:
     Type: String
     Default: d
     Description: Drive Letter - valid for Windows only
   CidrIp:
     Type: String
-    Description: CIDR IP for SSH access to the instance
+    Description: CIDR IP for SSH or RDP access to the instance. MUST be a CIDR!
   LinuxUserDataUrl:
     Type: String
     Default: https://raw.githubusercontent.com/NetApp/FSx-ONTAP-samples-scripts/refs/heads/main/Management-Utilities/ec2-user-data-iscsi-create-and-mount/linux_userData.sh
@@ -219,4 +220,4 @@ Resources:
 Outputs:
   InstanceId:
     Description: EC2 Instance ID
-    Value: !Ref MyEC2Instance
+    Value: !Ref MyEC2Instance
@@ -5,12 +5,13 @@ These sample scripts provide a way to launch an AWS EC2 instance with `user data
 volume and LUN, mount it to the instance, while installing all the needed libraries and resources.
 
 ## Notes
-- LUN size will be set to 90% of the volume size, the remain space is needed for the the LUN managment operation.
-  This means that usuable volume size is 90% of the requestd size.
-- The process might take several minutes to be compleetd.
+- LUN size will be set to 90% of the volume size, the remaining space is needed for the LUN management operation.
+  This means that usable volume size is 90% of the requested size.
+- The process might take several minutes to be complete.
 
-## Set Up
-1. Create an AWS SecretsManager secret to hold the password of the account you plan to use to authenicate to the FSxN file system with.
+## Preperation
+
+1. Create an AWS SecretsManager secret to hold the password of the account you plan to use to authenticate to the FSxN file system with.
 The secret should be of type `other` with value set to `Plain Text` that holds just the password.
 2. Create an AWS IAM role that has EC2 as the trusted entity and has permissions to read the secret value. Here is an example policy that will do that:
     ```json
@@ -30,41 +31,55 @@ The secret should be of type `other` with value set to `Plain Text` that holds j
     ```
     Replace the "Resource" ARN with the ARN of your secret.
 
-3. Download the needed script according to the instance type you want to run (Linux or Windows).
+## Deployment Options
+
+There are two ways to deploy an EC2 instance with the needed user data script:
+1. Copy the CloudFormation template found in the repo [EC2-cloud_formation.yaml](EC2-cloud_formation.yaml) to you local machine and deploy a CloudFormation stack using it. CloudFormation will prompt you for all the required parameters.
+2. Follow the instruction below to deploy an EC2 instance from the AWS console.
+
+## AWS console deployment
+
+1. Download the needed script according to the instance type you want to run. Either [linux_userData.sh](linux_userData.sh)
+for a Linux distribution or [windows_userData.ps1](windows_userData.ps1) for Windows. The Linux script has been tested
+with `Amazon Linux 2023`, `Ubuntu 24.04`, `Red Hat Enterprise Linux 10` and `Debian 13` distributions,
+while the Windows script is designed for `Windows Server 2025 Base`.
+
+    Note that since AWS has a 16KB limit for the user data the linux_userData.sh script is made up of the variable
+    assignment noted below, and a compressed, base64 encoded version of the `linux_userData_real.sh` script. When the
+    `linux_userData.sh` script is run, it will decode and uncompress what was the `linux_userData_real.sh` script
+    and run it.
+
+    Once you have downloaded the script, open it in a text editor and set the required values as noted below.
 
     For the Linux version of the script, set the following values at the top of it:
-    - SECRET_NAME - Secret name has has the password for the `ONTAP-USER`.
-    - AWS_REGION - AWS secret manager region.
+    - SECRET_ARN - The ARN of the secret that has the password for the `ONTAP-USER`.
     - FSXN_ADMIN_IP - IP address, or hostname, of the FSxN management endpoint.
     - VOLUME_NAME - The name of the volume you want to create in your FSxN.
-    - VOLUME_SIZE - The size of the volume you want to create in GB e.g [100g]
+    - VOLUME_SIZE - The size of the volume you want to create in GB e.g [100]
     - SVM_NAME - The name of the SVM where the volume is to be created.
-    - ONTAP_USER - The ONTAP user id you wish to authenicate with.
+    - ONTAP_USER - The ONTAP user id you wish to authenticate with.
 
     For the Windows version of the script, set the following values at the top of it:
     - $secretId - secret ARN that holds the password for the `$user`.
     - $ip - IP address, or hostname, of the FSxN management endpoint.
     - $volName - The name of the volume you want to create in your FSxN. 
     - $volSize - The size of the volume you want to create in GB e.g [100]
     - $drive_letter - The drive letter to assign to the volume.
-    - $user - The ONTAP user id you wish to authenicate with.
+    - $user - The ONTAP user id you wish to authenticate with.
     - $svm_name - The name of the SVM where the volume is to be created.
 
-4. Save the script file.
+2. Save the script file.
 
-## On AWS console EC2
-
 ### For Linux installation:
 <ol>
   <li>Launch new instance
     <ol>
       <li>Fill in the server name.</li>
-      <li>Select 'Amazon Linux'.</li>
-      <li>Under Amazon Machine Image select 'Amazon Linux 2023 AMI'.</li>
+      <li>Under the Quick Start tab select the Linux distribution of your choice. The supported distributions are: `Amazon Linux 2023`, `Ubuntu 24.04`, `Red Hat Enterprise Linux 10` and `Debian 13`</li>
       <li>Fill in the other settings based on your networking and business needs.</li>
       <li>Under 'Advanced details':
         <ol>
-          <li>Set the 'IAM instance profile' to the policy you created in the steps above.</li>
+          <li>Set the 'IAM instance profile' to the policy you created in the preperation step above.</li>
           <li>At the bottom, under the 'User data' section, press 'choose file' and select the script saved above.</li>
         </ol>
       </li>
@@ -73,7 +88,7 @@ The secret should be of type `other` with value set to `Plain Text` that holds j
   <li>Launch the instance.</li>
 </ol>
 
-The installation log file can be found at: `/home/ec2-user/install.log`.
+The installation log file can be found at: `/var/log/iscsi-install.log`.
 If an error occurs while the installation is running, the script will terminate and all installations and setup will roll back.
 
 ### For Windows installation:
@@ -96,6 +111,24 @@ If an error occurs while the installation is running, the script will terminate
 </ol>
 
 The installation log file can be found at: `C:\Users\Administrator\install.log`.
-If an error occurs while the installation is running, a message will be inserted into the installation log file, it will attempt to roll back any work that it preformed, finally the script will terminate.
+If an error occurs while the installation is running, a message will be inserted into the
+installation log file, it will attempt to roll back any work that it preformed, finally the script will terminate.
+
+**Note:** It can take 10 to 15 minutes for the script to complete. Check the installation log file to confirm it is done.
+The line `Uninstall script removed` should be at the bottom of the file when the script has finished.
+
+## Author Information
+
+This repository is maintained by the contributors listed on [GitHub](https://github.com/NetApp/FSx-ONTAP-samples-scripts/graphs/contributors).
+
+## License
+
+Licensed under the Apache License, Version 2.0 (the "License").
+
+You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0).
+
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied.
+
+See the License for the specific language governing permissions and limitations under the License.
 
-**Note:** It can take 20 to 30 minutes for the script to compplete. Check the installation log file to confirm it is done. The line `Uninstall script removed` should be at the bottom of the file when the script has finished.
+© 2026 NetApp, Inc. All Rights Reserved.
@@ -0,0 +1,69 @@
+#!/bin/bash
+#
+# Since, for some reason, the maximum size of a EC2 User Data script is
+# 16KB we have to compress the real script, with some logic to uncompress
+# it on the EC2 instance when it is deployed, and then pass that as the
+# user data content.
+#
+# This script is used to create the linux_userData.sh script from the
+# linux_userData_real.sh file.
+################################################################################
+
+cat <<'EOF' > linux_userData.sh
+#!/bin/bash
+#
+# Set the ARN of the secret that should contain just the password for the ONTAP admin user set below.
+SECRET_ARN=""
+#
+# Set the FSx admin IP.
+FSXN_ADMIN_IP=""
+#
+# Set the name of the volume to be created on the FSx for ONTAP file system. Note, volume names cannot have dashes in them.
+VOLUME_NAME=""
+#
+# Set the volume size in GB. It should just be a number, without the 'GB' suffix.
+VOLUME_SIZE=
+#
+# Set the SVM name. The default is 'fsx'.
+SVM_NAME="fsx"
+#
+# Set the ONTAP admin user. The default is fsxadmin.
+ONTAP_USER="fsxadmin"
+#
+################################################################################
+# ****  You should not need to edit anything below this line ****
+################################################################################
+#
+# When called from the CloudFormation template, the parameters are passsed as
+# arguments.
+SECRET_ARN="${SECRET_ARN:=$1}"
+FSXN_ADMIN_IP="${FSXN_ADMIN_IP:=$2}"
+VOLUME_NAME="${VOLUME_NAME:=$3}"
+VOLUME_SIZE="${VOLUME_SIZE:=$4}"
+SVM_NAME="${5:-$SVM_NAME}"
+ONTAP_USER="${6:-$ONTAP_USER}"
+#
+# Since AWS only allows up to 16KB for the user data script, the rest of this script
+# will be the compressed version of the linux_userData_real.sh file, which will be
+# uncompressed and executed on the EC2 instance when it is deployed.
+cat <<EOF2 > /tmp/linux_userData.sh
+#!/bin/bash
+export SECRET_ARN="$SECRET_ARN"
+export FSXN_ADMIN_IP="$FSXN_ADMIN_IP"
+export VOLUME_NAME="$VOLUME_NAME"
+export VOLUME_SIZE="$VOLUME_SIZE"
+export SVM_NAME="$SVM_NAME"
+export ONTAP_USER="$ONTAP_USER"
+EOF2
+
+cat <<EOF3 | base64 -d | gunzip >> /tmp/linux_userData.sh
+EOF
+
+cat linux_userData_real.sh | gzip -c | base64 >> linux_userData.sh
+
+cat <<EOF4 >> linux_userData.sh
+EOF3
+
+chmod +x /tmp/linux_userData.sh
+/tmp/linux_userData.sh
+EOF4