description: Accepts a directory sharing request that was sent from the directory owner account.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Adds a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": [
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:DescribeSecurityGroups"
]
}
}
description: Adds or overwrites one or more tags for the specified Amazon Directory Services directory.
access level: Tagging
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": [
"ec2:CreateTags"
]
},
"": {
"resource_type": "",
"required": false,
"condition_keys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependent_actions": []
}
}
description: Authorizes an application for your AWS Directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Cancels an in-progress schema extension to a Microsoft AD directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Verifies that the alias is available for use.
access level: Read
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [],
"dependent_actions": []
}
}
description: Creates an AD Connector to connect to an on-premises directory.
access level: Write
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependent_actions": [
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
]
}
}
description: Creates an alias for a directory and assigns the alias to the directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Creates a computer account in the specified directory, and joins the computer to the directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Creates a conditional forwarder associated with your AWS directory.
access level: Permissions management
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Creates a Simple AD directory.
access level: Permissions management
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependent_actions": [
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
]
}
}
description: Creates a IdentityPool Directory in the AWS cloud.
access level: Tagging
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependent_actions": []
}
}
description: Creates a subscription to forward real time Directory Service domain controller security logs to the specified CloudWatch log group in your AWS account.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Creates a Microsoft AD in the AWS cloud.
access level: Permissions management
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependent_actions": [
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs"
]
}
}
description: Creates a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Initiates the creation of the AWS side of a trust relationship between a Microsoft AD in the AWS cloud and an external domain.
access level: Permissions management
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Deletes a conditional forwarder that has been set up for your AWS directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Deletes an AWS Directory Service directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": [
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DescribeNetworkInterfaces",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress"
]
}
}
description: Deletes the specified log subscription.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Deletes a directory snapshot.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Deletes an existing trust relationship between your Microsoft AD in the AWS cloud and an external domain.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Deletes from the system the certificate that was registered for a secured LDAP connection.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Removes the specified directory as a publisher to the specified SNS topic.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Displays information about the certificate registered for a secured LDAP connection.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains information about the conditional forwarders for this account.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains information about the directories that belong to this account.
access level: List
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [],
"dependent_actions": []
}
}
description: Provides information about any domain controllers in your directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains information about which SNS topics receive status messages from the specified directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Describes the status of LDAP security for the specified directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Returns the shared directories in your account.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains information about the directory snapshots that belong to this account.
access level: Read
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains information about the trust relationships for this account.
access level: Read
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [],
"dependent_actions": []
}
}
description: Deactivates LDAP secure calls for the specified directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Disables single-sign on for a directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Activates the switch for the specific directory to always use LDAP secure calls.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Enables single-sign on for a directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description:
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains directory limit information for the current region.
access level: Read
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains the manual snapshot limits for a directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Obtains the aws applications authorized for a directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: For the specified directory, lists all the certificates registered for a secured LDAP connection.
access level: List
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Lists the address blocks that you have added to a directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Lists the active log subscriptions for the AWS account.
access level: Read
resource types
{
"": {
"resource_type": "",
"required": false,
"condition_keys": [],
"dependent_actions": []
}
}
description: Lists all schema extensions applied to a Microsoft AD Directory.
access level: List
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Lists all tags on an Amazon Directory Services directory.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Registers a certificate for secured LDAP connection.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Associates a directory with an SNS topic.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": [
"sns:GetTopicAttributes"
]
}
}
description: Rejects a directory sharing request that was sent from the directory owner account.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Removes IP address blocks from a directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Removes tags from an Amazon Directory Services directory.
access level: Tagging
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": [
"ec2:DeleteTags"
]
},
"": {
"resource_type": "",
"required": false,
"condition_keys": [
"aws:RequestTag/${TagKey}",
"aws:TagKeys"
],
"dependent_actions": []
}
}
description: Resets the password for any user in your AWS Managed Microsoft AD or Simple AD directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Restores a directory using an existing directory snapshot.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Shares a specified directory in your AWS account (directory owner) with another AWS account (directory consumer). With this operation you can use your directory from any AWS account and from any Amazon VPC within an AWS Region.
access level: Permissions management
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Applies a schema extension to a Microsoft AD directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Unauthorizes an application from your AWS Directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Stops the directory sharing between the directory owner and consumer accounts.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Updates a conditional forwarder that has been set up for your AWS directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Adds or removes domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Updates the trust that has been set up between your AWS Managed Microsoft AD directory and an on-premises Active Directory.
access level: Write
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}
description: Verifies a trust relationship between your Microsoft AD in the AWS cloud and an external domain.
access level: Read
resource types
{
"directory": {
"resource_type": "directory",
"required": true,
"condition_keys": [],
"dependent_actions": []
}
}