Package-level declarations
Types
Directory Service is a web service that makes it easy for you to setup and run directories in the Amazon Web Services cloud, or connect your Amazon Web Services resources with an existing self-managed Microsoft Active Directory. This guide provides detailed information about Directory Service operations, data types, parameters, and errors. For information about Directory Services features, see Directory Service and the Directory Service Administration Guide.
Functions
Accepts a directory sharing request that was sent from the directory owner account.
If the DNS server for your self-managed domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services. AddIpRoutes adds this address block. You can also use AddIpRoutes to facilitate routing traffic that uses public IP ranges from your Microsoft AD on Amazon Web Services to a peer VPC.
Adds two domain controllers in the specified Region for the specified directory.
Adds or overwrites one or more tags for the specified directory. Each directory can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique to each resource.
Cancels an in-progress schema extension to a Microsoft AD directory. Once a schema extension has started replicating to all domain controllers, the task can no longer be canceled. A schema extension can be canceled during any of the following states; Initializing, CreatingSnapshot, and UpdatingSchema.
Creates an AD Connector to connect to a self-managed directory.
Creates an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as http://<alias>.awsapps.com.
Creates an Active Directory computer object in the specified directory.
Creates a conditional forwarder associated with your Amazon Web Services directory. Conditional forwarders are required in order to set up a trust relationship with another domain. The conditional forwarder points to the trusted domain.
Creates a Simple AD directory. For more information, see Simple Active Directory in the Directory Service Admin Guide.
Creates a subscription to forward real-time Directory Service domain controller security logs to the specified Amazon CloudWatch log group in your Amazon Web Services account.
Creates a Microsoft AD directory in the Amazon Web Services Cloud. For more information, see Managed Microsoft AD in the Directory Service Admin Guide.
Creates a snapshot of a Simple AD or Microsoft AD directory in the Amazon Web Services cloud.
Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.
Deletes a conditional forwarder that has been set up for your Amazon Web Services directory.
Deletes an Directory Service directory.
Deletes the specified log subscription.
Deletes a directory snapshot.
Deletes an existing trust relationship between your Managed Microsoft AD directory and an external domain.
Deletes from the system the certificate that was registered for secure LDAP or client certificate authentication.
Removes the specified directory as a publisher to the specified Amazon SNS topic.
Displays information about the certificate registered for secure LDAP or client certificate authentication.
Retrieves information about the type of client authentication for the specified directory, if the type is specified. If no type is specified, information about all client authentication types that are supported for the specified directory is retrieved. Currently, only SmartCard is supported.
Obtains information about the conditional forwarders for this account.
Obtains information about the directories that belong to this account.
Provides information about any domain controllers in your directory.
Obtains information about which Amazon SNS topics receive status messages from the specified directory.
Describes the status of LDAP security for the specified directory.
Provides information about the Regions that are configured for multi-Region replication.
Retrieves information about the configurable settings for the specified directory.
Returns the shared directories in your account.
Obtains information about the directory snapshots that belong to this account.
Obtains information about the trust relationships for this account.
Describes the updates of a directory for a particular update type.
Disables alternative client authentication methods for the specified directory.
Deactivates LDAP secure calls for the specified directory.
Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.
Disables single-sign on for a directory.
Enables alternative client authentication methods for the specified directory.
Activates the switch for the specific directory to always use LDAP secure calls.
Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.
Enables single sign-on for a directory. Single sign-on allows users in your directory to access certain Amazon Web Services services from a computer joined to the directory without having to enter their credentials separately.
Obtains directory limit information for the current Region.
Obtains the manual snapshot limits for a directory.
For the specified directory, lists all the certificates registered for a secure LDAP or client certificate authentication.
Lists the address blocks that you have added to a directory.
Lists the active log subscriptions for the Amazon Web Services account.
Lists all schema extensions applied to a Microsoft AD Directory.
Lists all tags on a directory.
Registers a certificate for a secure LDAP or client certificate authentication.
Associates a directory with an Amazon SNS topic. This establishes the directory as a publisher to the specified Amazon SNS topic. You can then receive email or text (SMS) messages when the status of your directory changes. You get notified if your directory goes from an Active status to an Impaired or Inoperable status. You also receive a notification when the directory returns to an Active status.
Rejects a directory sharing request that was sent from the directory owner account.
Removes IP address blocks from a directory.
Stops all replication and removes the domain controllers from the specified Region. You cannot remove the primary Region with this operation. Instead, use the DeleteDirectory API.
Removes tags from a directory.
Resets the password for any user in your Managed Microsoft AD or Simple AD directory.
Restores a directory using an existing directory snapshot.
Shares a specified directory (DirectoryId) in your Amazon Web Services account (directory owner) with another Amazon Web Services account (directory consumer). With this operation you can use your directory from any Amazon Web Services account and from any Amazon VPC within an Amazon Web Services Region.
Applies a schema extension to a Microsoft AD directory.
Stops the directory sharing between the directory owner and consumer accounts.
Updates a conditional forwarder that has been set up for your Amazon Web Services directory.
Updates the directory for a particular update type.
Adds or removes domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request.
Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector or Microsoft AD directory.
Updates the configurable settings for the specified directory.
Updates the trust that has been set up between your Managed Microsoft AD directory and an self-managed Active Directory.
Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships.
Create a copy of the client with one or more configuration values overridden. This method allows the caller to perform scoped config overrides for one or more client operations.