baiji v0.6.0 Baiji.DirectoryService

AWS Directory Service

AWS Directory Service is a web service that makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory. This guide provides detailed information about AWS Directory Service operations, data types, parameters, and errors. For information about AWS Directory Services features, see AWS Directory Service and the AWS Directory Service Administration Guide.

AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .Net, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to AWS Directory Service and other AWS services. For more information about the AWS SDKs, including how to download and install them, see [Tools for Amazon Web Services](http://aws.amazon.com/tools/).

Link to this section Summary

Functions

Returns a map containing the input/output shapes for this endpoint

Outputs values common to all actions

If the DNS server for your on-premises domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services. AddIpRoutes adds this address block. You can also use AddIpRoutes to facilitate routing traffic that uses public IP ranges from your Microsoft AD on AWS to a peer VPC

Adds or overwrites one or more tags for the specified directory. Each directory can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique to each resource

Cancels an in-progress schema extension to a Microsoft AD directory. Once a schema extension has started replicating to all domain controllers, the task can no longer be canceled. A schema extension can be canceled during any of the following states; Initializing, CreatingSnapshot, and UpdatingSchema

Creates an AD Connector to connect to an on-premises directory

Creates an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as http://<alias>.awsapps.com

Creates a computer account in the specified directory, and joins the computer to the directory

Creates a conditional forwarder associated with your AWS directory. Conditional forwarders are required in order to set up a trust relationship with another domain. The conditional forwarder points to the trusted domain

Creates a Simple AD directory

Creates a Microsoft AD in the AWS cloud

Creates a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud

AWS Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Microsoft AD in the AWS cloud, and your existing on-premises Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials

Deletes a conditional forwarder that has been set up for your AWS directory

Deletes an AWS Directory Service directory

Deletes a directory snapshot

Deletes an existing trust relationship between your Microsoft AD in the AWS cloud and an external domain

Removes the specified directory as a publisher to the specified SNS topic

Obtains information about the conditional forwarders for this account

Obtains information about the directories that belong to this account

Provides information about any domain controllers in your directory

Obtains information about which SNS topics receive status messages from the specified directory

Obtains information about the directory snapshots that belong to this account

Obtains information about the trust relationships for this account

Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory

Disables single-sign on for a directory

Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory

Enables single sign-on for a directory

Obtains directory limit information for the current region

Obtains the manual snapshot limits for a directory

Lists the address blocks that you have added to a directory

Lists all schema extensions applied to a Microsoft AD Directory

Associates a directory with an SNS topic. This establishes the directory as a publisher to the specified SNS topic. You can then receive email or text (SMS) messages when the status of your directory changes. You get notified if your directory goes from an Active status to an Impaired or Inoperable status. You also receive a notification when the directory returns to an Active status

Removes IP address blocks from a directory

Restores a directory using an existing directory snapshot

Applies a schema extension to a Microsoft AD directory

Updates a conditional forwarder that has been set up for your AWS directory

Adds or removes domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request

Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector directory

AWS Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships

Link to this section Functions

Returns a map containing the input/output shapes for this endpoint

Outputs values common to all actions

Link to this function add_ip_routes(input \\ %{}, options \\ [])

If the DNS server for your on-premises domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services. AddIpRoutes adds this address block. You can also use AddIpRoutes to facilitate routing traffic that uses public IP ranges from your Microsoft AD on AWS to a peer VPC.

Before you call AddIpRoutes, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the AddIpRoutes operation, see AWS Directory Service API Permissions: Actions, Resources, and Conditions Reference.

Link to this function add_tags_to_resource(input \\ %{}, options \\ [])

Adds or overwrites one or more tags for the specified directory. Each directory can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique to each resource.

Link to this function cancel_schema_extension(input \\ %{}, options \\ [])

Cancels an in-progress schema extension to a Microsoft AD directory. Once a schema extension has started replicating to all domain controllers, the task can no longer be canceled. A schema extension can be canceled during any of the following states; Initializing, CreatingSnapshot, and UpdatingSchema.

Link to this function connect_directory(input \\ %{}, options \\ [])

Creates an AD Connector to connect to an on-premises directory.

Before you call ConnectDirectory, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the ConnectDirectory operation, see AWS Directory Service API Permissions: Actions, Resources, and Conditions Reference.

Link to this function create_alias(input \\ %{}, options \\ [])

Creates an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as http://<alias>.awsapps.com.

After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.
Link to this function create_computer(input \\ %{}, options \\ [])

Creates a computer account in the specified directory, and joins the computer to the directory.

Link to this function create_conditional_forwarder(input \\ %{}, options \\ [])

Creates a conditional forwarder associated with your AWS directory. Conditional forwarders are required in order to set up a trust relationship with another domain. The conditional forwarder points to the trusted domain.

Link to this function create_directory(input \\ %{}, options \\ [])

Creates a Simple AD directory.

Before you call CreateDirectory, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the CreateDirectory operation, see AWS Directory Service API Permissions: Actions, Resources, and Conditions Reference.

Link to this function create_microsoft_a_d(input \\ %{}, options \\ [])

Creates a Microsoft AD in the AWS cloud.

Before you call CreateMicrosoftAD, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the CreateMicrosoftAD operation, see AWS Directory Service API Permissions: Actions, Resources, and Conditions Reference.

Link to this function create_snapshot(input \\ %{}, options \\ [])

Creates a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud.

You cannot take snapshots of AD Connector directories.
Link to this function create_trust(input \\ %{}, options \\ [])

AWS Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Microsoft AD in the AWS cloud, and your existing on-premises Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.

This action initiates the creation of the AWS side of a trust relationship between a Microsoft AD in the AWS cloud and an external domain.

Link to this function delete_conditional_forwarder(input \\ %{}, options \\ [])

Deletes a conditional forwarder that has been set up for your AWS directory.

Link to this function delete_directory(input \\ %{}, options \\ [])

Deletes an AWS Directory Service directory.

Before you call DeleteDirectory, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the DeleteDirectory operation, see AWS Directory Service API Permissions: Actions, Resources, and Conditions Reference.

Link to this function delete_snapshot(input \\ %{}, options \\ [])

Deletes a directory snapshot.

Link to this function delete_trust(input \\ %{}, options \\ [])

Deletes an existing trust relationship between your Microsoft AD in the AWS cloud and an external domain.

Link to this function deregister_event_topic(input \\ %{}, options \\ [])

Removes the specified directory as a publisher to the specified SNS topic.

Link to this function describe_conditional_forwarders(input \\ %{}, options \\ [])

Obtains information about the conditional forwarders for this account.

If no input parameters are provided for RemoteDomainNames, this request describes all conditional forwarders for the specified directory ID.

Link to this function describe_directories(input \\ %{}, options \\ [])

Obtains information about the directories that belong to this account.

You can retrieve information about specific directories by passing the directory identifiers in the DirectoryIds parameter. Otherwise, all directories that belong to the current account are returned.

This operation supports pagination with the use of the NextToken request and response parameters. If more results are available, the DescribeDirectoriesResult.NextToken member contains a token that you pass in the next call to DescribeDirectories to retrieve the next set of items.

You can also specify a maximum number of return results with the Limit parameter.

Link to this function describe_domain_controllers(input \\ %{}, options \\ [])

Provides information about any domain controllers in your directory.

Link to this function describe_event_topics(input \\ %{}, options \\ [])

Obtains information about which SNS topics receive status messages from the specified directory.

If no input parameters are provided, such as DirectoryId or TopicName, this request describes all of the associations in the account.

Link to this function describe_snapshots(input \\ %{}, options \\ [])

Obtains information about the directory snapshots that belong to this account.

This operation supports pagination with the use of the NextToken request and response parameters. If more results are available, the DescribeSnapshots.NextToken member contains a token that you pass in the next call to DescribeSnapshots to retrieve the next set of items.

You can also specify a maximum number of return results with the Limit parameter.

Link to this function describe_trusts(input \\ %{}, options \\ [])

Obtains information about the trust relationships for this account.

If no input parameters are provided, such as DirectoryId or TrustIds, this request describes all the trust relationships belonging to the account.

Link to this function disable_radius(input \\ %{}, options \\ [])

Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory.

Link to this function disable_sso(input \\ %{}, options \\ [])

Disables single-sign on for a directory.

Link to this function enable_radius(input \\ %{}, options \\ [])

Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory.

Link to this function enable_sso(input \\ %{}, options \\ [])

Enables single sign-on for a directory.

Link to this function get_directory_limits(input \\ %{}, options \\ [])

Obtains directory limit information for the current region.

Link to this function get_snapshot_limits(input \\ %{}, options \\ [])

Obtains the manual snapshot limits for a directory.

Link to this function list_ip_routes(input \\ %{}, options \\ [])

Lists the address blocks that you have added to a directory.

Link to this function list_schema_extensions(input \\ %{}, options \\ [])

Lists all schema extensions applied to a Microsoft AD Directory.

Link to this function list_tags_for_resource(input \\ %{}, options \\ [])

Lists all tags on a directory.

Link to this function register_event_topic(input \\ %{}, options \\ [])

Associates a directory with an SNS topic. This establishes the directory as a publisher to the specified SNS topic. You can then receive email or text (SMS) messages when the status of your directory changes. You get notified if your directory goes from an Active status to an Impaired or Inoperable status. You also receive a notification when the directory returns to an Active status.

Link to this function remove_ip_routes(input \\ %{}, options \\ [])

Removes IP address blocks from a directory.

Link to this function remove_tags_from_resource(input \\ %{}, options \\ [])

Removes tags from a directory.

Link to this function restore_from_snapshot(input \\ %{}, options \\ [])

Restores a directory using an existing directory snapshot.

When you restore a directory from a snapshot, any changes made to the directory after the snapshot date are overwritten.

This action returns as soon as the restore operation is initiated. You can monitor the progress of the restore operation by calling the DescribeDirectories operation with the directory identifier. When the DirectoryDescription.Stage value changes to Active, the restore operation is complete.

Link to this function start_schema_extension(input \\ %{}, options \\ [])

Applies a schema extension to a Microsoft AD directory.

Link to this function update_conditional_forwarder(input \\ %{}, options \\ [])

Updates a conditional forwarder that has been set up for your AWS directory.

Link to this function update_number_of_domain_controllers(input \\ %{}, options \\ [])

Adds or removes domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request.

Link to this function update_radius(input \\ %{}, options \\ [])

Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector directory.

Link to this function verify_trust(input \\ %{}, options \\ [])

AWS Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships.

This action verifies a trust relationship between your Microsoft AD in the AWS cloud and an external domain.