Module Smaws_Client_DirectoryService

Directory Service client library built on EIO.

Types

type nonrec verify_trust_result = {
  1. trust_id : string option;
    (*

    The unique Trust ID of the trust relationship that was verified.

    *)
}

Result of a VerifyTrust request.

type nonrec verify_trust_request = {
  1. trust_id : string;
    (*

    The unique Trust ID of the trust relationship to verify.

    *)
}

Initiates the verification of an existing trust relationship between an Managed Microsoft AD directory and an external domain.

type nonrec unsupported_operation_exception = {
  1. request_id : string option;
  2. message : string option;
}

The operation is not supported.

type nonrec service_exception = {
  1. request_id : string option;
  2. message : string option;
}

An exception has occurred in Directory Service.

type nonrec invalid_parameter_exception = {
  1. request_id : string option;
  2. message : string option;
}

One or more parameters are not valid.

type nonrec entity_does_not_exist_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified entity could not be found.

type nonrec client_exception = {
  1. request_id : string option;
  2. message : string option;
}

A client exception has occurred.

type nonrec user_does_not_exist_exception = {
  1. request_id : string option;
  2. message : string option;
}

The user provided a username that does not exist in your directory.

type nonrec os_version =
  1. | VERSION_2019
  2. | VERSION_2012
type nonrec os_update_settings = {
  1. os_version : os_version option;
    (*

    OS version that the directory needs to be updated to.

    *)
}

OS version that the directory needs to be updated to.

type nonrec update_value = {
  1. os_update_settings : os_update_settings option;
    (*

    The OS update related settings.

    *)
}

The value for a given type of UpdateSettings.

type nonrec update_type =
  1. | OS
type nonrec update_trust_result = {
  1. trust_id : string option;
    (*

    Identifier of the trust relationship.

    *)
  2. request_id : string option;
}
type nonrec selective_auth =
  1. | DISABLED
  2. | ENABLED
type nonrec update_trust_request = {
  1. selective_auth : selective_auth option;
    (*

    Updates selective authentication for the trust.

    *)
  2. trust_id : string;
    (*

    Identifier of the trust relationship.

    *)
}
type nonrec update_status =
  1. | UPDATE_FAILED
  2. | UPDATING
  3. | UPDATED
type nonrec update_settings_result = {
  1. directory_id : string option;
    (*

    The identifier of the directory.

    *)
}
type nonrec setting = {
  1. value : string;
    (*

    The value of the directory setting for which to retrieve information. For example, for TLS_1_0, the valid values are: Enable and Disable.

    *)
  2. name : string;
    (*

    The name of the directory setting. For example:

    TLS_1_0

    *)
}

Contains information about the configurable settings for a directory.

type nonrec update_settings_request = {
  1. settings : setting list;
    (*

    The list of Setting objects.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory for which to update settings.

    *)
}
type nonrec unsupported_settings_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified directory setting is not supported.

type nonrec incompatible_settings_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified directory setting is not compatible with other settings.

type nonrec directory_unavailable_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified directory is unavailable or could not be found.

type nonrec directory_does_not_exist_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified directory does not exist in the system.

type nonrec radius_authentication_protocol =
  1. | MSCHAPV2
  2. | MSCHAPV1
  3. | CHAP
  4. | PAP
type nonrec radius_settings = {
  1. use_same_username : bool option;
    (*

    Not currently used.

    *)
  2. display_label : string option;
    (*

    Not currently used.

    *)
  3. authentication_protocol : radius_authentication_protocol option;
    (*

    The protocol specified for your RADIUS endpoints.

    *)
  4. shared_secret : string option;
    (*

    Required for enabling RADIUS on the directory.

    *)
  5. radius_retries : int option;
    (*

    The maximum number of times that communication with the RADIUS server is attempted.

    *)
  6. radius_timeout : int option;
    (*

    The amount of time, in seconds, to wait for the RADIUS server to respond.

    *)
  7. radius_port : int option;
    (*

    The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the Directory Service servers.

    *)
  8. radius_servers : string list option;
    (*

    An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.

    *)
}

Contains information about a Remote Authentication Dial In User Service (RADIUS) server.

type nonrec update_radius_request = {
  1. radius_settings : radius_settings;
    (*

    A RadiusSettings object that contains information about the RADIUS server.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory for which to update the RADIUS server information.

    *)
}

Contains the inputs for the UpdateRadius operation.

type nonrec update_number_of_domain_controllers_request = {
  1. desired_number : int;
    (*

    The number of domain controllers desired in the directory.

    *)
  2. directory_id : string;
    (*

    Identifier of the directory to which the domain controllers will be added or removed.

    *)
}
type nonrec domain_controller_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The maximum allowed number of domain controllers per directory was exceeded. The default limit per directory is 20 domain controllers.

type nonrec update_info_entry = {
  1. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The last updated date and time of a particular directory setting.

    *)
  2. start_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The start time of the UpdateDirectorySetup for the particular type.

    *)
  3. previous_value : update_value option;
    (*

    The old value of the target setting.

    *)
  4. new_value : update_value option;
    (*

    The new value of the target setting.

    *)
  5. initiated_by : string option;
    (*

    This specifies if the update was initiated by the customer or by the service team.

    *)
  6. status_reason : string option;
    (*

    The reason for the current status of the update type activity.

    *)
  7. status : update_status option;
    (*

    The status of the update performed on the directory.

    *)
  8. region : string option;
    (*

    The name of the Region.

    *)
}

An entry of update information related to a requested update type.

type nonrec update_directory_setup_request = {
  1. create_snapshot_before_update : bool option;
    (*

    The boolean that specifies if a snapshot for the directory needs to be taken before updating the directory.

    *)
  2. os_update_settings : os_update_settings option;
    (*

    The settings for the OS update that needs to be performed on the directory.

    *)
  3. update_type : update_type;
    (*

    The type of update that needs to be performed on the directory. For example, OS.

    *)
  4. directory_id : string;
    (*

    The identifier of the directory on which you want to perform the update.

    *)
}
type nonrec snapshot_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The maximum number of manual snapshots for the directory has been reached. You can use the GetSnapshotLimits operation to determine the snapshot limits for a directory.

type nonrec directory_in_desired_state_exception = {
  1. request_id : string option;
  2. message : string option;
}

The directory is already updated to desired update type settings.

type nonrec access_denied_exception = {
  1. request_id : string option;
  2. message : string option;
}

Client authentication is not available in this region at this time.

type nonrec update_conditional_forwarder_request = {
  1. dns_ip_addrs : string list;
    (*

    The updated IP addresses of the remote DNS server associated with the conditional forwarder.

    *)
  2. remote_domain_name : string;
    (*

    The fully qualified domain name (FQDN) of the remote domain with which you will set up a trust relationship.

    *)
  3. directory_id : string;
    (*

    The directory ID of the Amazon Web Services directory for which to update the conditional forwarder.

    *)
}

Updates a conditional forwarder.

type nonrec target_type =
  1. | ACCOUNT
type nonrec unshare_target = {
  1. type_ : target_type;
    (*

    Type of identifier to be used in the Id field.

    *)
  2. id : string;
    (*

    Identifier of the directory consumer account.

    *)
}

Identifier that contains details about the directory consumer account with whom the directory is being unshared.

type nonrec unshare_directory_result = {
  1. shared_directory_id : string option;
    (*

    Identifier of the directory stored in the directory consumer account that is to be unshared from the specified directory (DirectoryId).

    *)
}
type nonrec unshare_directory_request = {
  1. unshare_target : unshare_target;
    (*

    Identifier for the directory consumer account with whom the directory has to be unshared.

    *)
  2. directory_id : string;
    (*

    The identifier of the Managed Microsoft AD directory that you want to stop sharing.

    *)
}
type nonrec invalid_target_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified shared target is not valid.

type nonrec directory_not_shared_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified directory has not been shared with this Amazon Web Services account.

type nonrec trust_type =
  1. | EXTERNAL
  2. | FOREST
type nonrec trust_direction =
  1. | TWO_WAY
  2. | ONE_WAY_INCOMING
  3. | ONE_WAY_OUTGOING
type nonrec trust_state =
  1. | FAILED
  2. | DELETED
  3. | DELETING
  4. | UPDATED
  5. | UPDATE_FAILED
  6. | UPDATING
  7. | VERIFIED
  8. | VERIFY_FAILED
  9. | VERIFYING
  10. | CREATED
  11. | CREATING
type nonrec trust = {
  1. selective_auth : selective_auth option;
    (*

    Current state of selective authentication for the trust.

    *)
  2. trust_state_reason : string option;
    (*

    The reason for the TrustState.

    *)
  3. state_last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the TrustState was last updated.

    *)
  4. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the trust relationship was last updated.

    *)
  5. created_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the trust relationship was created.

    *)
  6. trust_state : trust_state option;
    (*

    The trust relationship state.

    *)
  7. trust_direction : trust_direction option;
    (*

    The trust relationship direction.

    *)
  8. trust_type : trust_type option;
    (*

    The trust relationship type. Forest is the default.

    *)
  9. remote_domain_name : string option;
    (*

    The Fully Qualified Domain Name (FQDN) of the external domain involved in the trust relationship.

    *)
  10. trust_id : string option;
    (*

    The unique ID of the trust relationship.

    *)
  11. directory_id : string option;
    (*

    The Directory ID of the Amazon Web Services directory involved in the trust relationship.

    *)
}

Describes a trust relationship between an Managed Microsoft AD directory and an external domain.

type nonrec topic_status =
  1. | DELETED
  2. | FAILED
  3. | TOPIC_NOT_FOUND
  4. | REGISTERED
type nonrec tag = {
  1. value : string;
    (*

    The optional value of the tag. The string value can be Unicode characters. The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").

    *)
  2. key : string;
    (*

    Required name of the tag. The string value can be Unicode characters and cannot be prefixed with "aws:". The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").

    *)
}

Metadata assigned to a directory consisting of a key-value pair.

type nonrec tag_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The maximum allowed number of tags was exceeded.

type nonrec start_schema_extension_result = {
  1. schema_extension_id : string option;
    (*

    The identifier of the schema extension that will be applied.

    *)
}
type nonrec start_schema_extension_request = {
  1. description : string;
    (*

    A description of the schema extension.

    *)
  2. ldif_content : string;
    (*

    The LDIF file represented as a string. To construct the LdifContent string, precede each line as it would be formatted in an ldif file with \n. See the example request below for more details. The file size can be no larger than 1MB.

    *)
  3. create_snapshot_before_schema_extension : bool;
    (*

    If true, creates a snapshot of the directory before applying the schema extension.

    *)
  4. directory_id : string;
    (*

    The identifier of the directory for which the schema extension will be applied to.

    *)
}
type nonrec snapshot_type =
  1. | MANUAL
  2. | AUTO
type nonrec snapshot_status =
  1. | FAILED
  2. | COMPLETED
  3. | CREATING
type nonrec snapshot = {
  1. start_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the snapshot was taken.

    *)
  2. status : snapshot_status option;
    (*

    The snapshot status.

    *)
  3. name : string option;
    (*

    The descriptive name of the snapshot.

    *)
  4. type_ : snapshot_type option;
    (*

    The snapshot type.

    *)
  5. snapshot_id : string option;
    (*

    The snapshot identifier.

    *)
  6. directory_id : string option;
    (*

    The directory identifier.

    *)
}

Describes a directory snapshot.

type nonrec snapshot_limits = {
  1. manual_snapshots_limit_reached : bool option;
    (*

    Indicates if the manual snapshot limit has been reached.

    *)
  2. manual_snapshots_current_count : int option;
    (*

    The current number of manual snapshots of the directory.

    *)
  3. manual_snapshots_limit : int option;
    (*

    The maximum number of manual snapshots allowed.

    *)
}

Contains manual snapshot limit information for a directory.

type nonrec share_method =
  1. | HANDSHAKE
  2. | ORGANIZATIONS
type nonrec share_status =
  1. | DELETING
  2. | DELETED
  3. | SHARE_FAILED
  4. | SHARING
  5. | REJECT_FAILED
  6. | REJECTING
  7. | REJECTED
  8. | PENDING_ACCEPTANCE
  9. | SHARED
type nonrec shared_directory = {
  1. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the shared directory was last updated.

    *)
  2. created_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the shared directory was created.

    *)
  3. share_notes : string option;
    (*

    A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.

    *)
  4. share_status : share_status option;
    (*

    Current directory status of the shared Managed Microsoft AD directory.

    *)
  5. shared_directory_id : string option;
    (*

    Identifier of the shared directory in the directory consumer account. This identifier is different for each directory owner account.

    *)
  6. shared_account_id : string option;
    (*

    Identifier of the directory consumer account that has access to the shared directory (OwnerDirectoryId) in the directory owner account.

    *)
  7. share_method : share_method option;
    (*

    The method used when sharing a directory to determine whether the directory should be shared within your Amazon Web Services organization (ORGANIZATIONS) or with any Amazon Web Services account by sending a shared directory request (HANDSHAKE).

    *)
  8. owner_directory_id : string option;
    (*

    Identifier of the directory in the directory owner account.

    *)
  9. owner_account_id : string option;
    (*

    Identifier of the directory owner account, which contains the directory that has been shared to the consumer account.

    *)
}

Details about the shared directory in the directory owner account for which the share request in the directory consumer account has been accepted.

type nonrec share_target = {
  1. type_ : target_type;
    (*

    Type of identifier to be used in the Id field.

    *)
  2. id : string;
    (*

    Identifier of the directory consumer account.

    *)
}

Identifier that contains details about the directory consumer account.

type nonrec share_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The maximum number of Amazon Web Services accounts that you can share with this directory has been reached.

type nonrec share_directory_result = {
  1. shared_directory_id : string option;
    (*

    Identifier of the directory that is stored in the directory consumer account that is shared from the specified directory (DirectoryId).

    *)
}
type nonrec share_directory_request = {
  1. share_method : share_method;
    (*

    The method used when sharing a directory to determine whether the directory should be shared within your Amazon Web Services organization (ORGANIZATIONS) or with any Amazon Web Services account by sending a directory sharing request (HANDSHAKE).

    *)
  2. share_target : share_target;
    (*

    Identifier for the directory consumer account with whom the directory is to be shared.

    *)
  3. share_notes : string option;
    (*

    A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.

    *)
  4. directory_id : string;
    (*

    Identifier of the Managed Microsoft AD directory that you want to share with other Amazon Web Services accounts.

    *)
}
type nonrec organizations_exception = {
  1. request_id : string option;
  2. message : string option;
}

Exception encountered while trying to access your Amazon Web Services organization.

type nonrec directory_already_shared_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified directory has already been shared with this Amazon Web Services account.

type nonrec directory_configuration_status =
  1. | DEFAULT
  2. | FAILED
  3. | UPDATED
  4. | UPDATING
  5. | REQUESTED
type nonrec directory_configuration_setting_request_detailed_status = (string * directory_configuration_status) list
type nonrec setting_entry = {
  1. data_type : string option;
    (*

    The data type of a directory setting. This is used to define the AllowedValues of a setting. For example a data type can be Boolean, DurationInSeconds, or Enum.

    *)
  2. last_requested_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time when the request to update a directory setting was last submitted.

    *)
  3. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time when the directory setting was last updated.

    *)
  4. request_status_message : string option;
    (*

    The last status message for the directory status request.

    *)
  5. request_detailed_status : directory_configuration_setting_request_detailed_status option;
    (*

    Details about the status of the request to update the directory setting. If the directory setting is deployed in more than one region, status is returned for the request in each region where the setting is deployed.

    *)
  6. request_status : directory_configuration_status option;
    (*

    The overall status of the request to update the directory setting request. If the directory setting is deployed in more than one region, and the request fails in any region, the overall status is Failed.

    *)
  7. requested_value : string option;
    (*

    The value that was last requested for the directory setting.

    *)
  8. applied_value : string option;
    (*

    The value of the directory setting that is applied to the directory.

    *)
  9. allowed_values : string option;
    (*

    The valid range of values for the directory setting. These values depend on the DataType of your directory.

    *)
  10. name : string option;
    (*

    The name of the directory setting. For example:

    TLS_1_0

    *)
  11. type_ : string option;
    (*

    The type, or category, of a directory setting. Similar settings have the same type. For example, Protocol, Cipher, or Certificate-Based Authentication.

    *)
}

Contains information about the specified configurable setting for a directory.

type nonrec schema_extension_status =
  1. | COMPLETED
  2. | FAILED
  3. | CANCELLED
  4. | ROLLBACK_IN_PROGRESS
  5. | CANCEL_IN_PROGRESS
  6. | REPLICATING
  7. | UPDATING_SCHEMA
  8. | CREATING_SNAPSHOT
  9. | INITIALIZING
type nonrec schema_extension_info = {
  1. end_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the schema extension was completed.

    *)
  2. start_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the schema extension started being applied to the directory.

    *)
  3. schema_extension_status_reason : string option;
    (*

    The reason for the SchemaExtensionStatus.

    *)
  4. schema_extension_status : schema_extension_status option;
    (*

    The current status of the schema extension.

    *)
  5. description : string option;
    (*

    A description of the schema extension.

    *)
  6. schema_extension_id : string option;
    (*

    The identifier of the schema extension.

    *)
  7. directory_id : string option;
    (*

    The identifier of the directory to which the schema extension is applied.

    *)
}

Information about a schema extension.

type nonrec restore_from_snapshot_request = {
  1. snapshot_id : string;
    (*

    The identifier of the snapshot to restore from.

    *)
}

An object representing the inputs for the RestoreFromSnapshot operation.

type nonrec reset_user_password_request = {
  1. new_password : string;
    (*

    The new password that will be reset.

    *)
  2. user_name : string;
    (*

    The user name of the user whose password will be reset.

    *)
  3. directory_id : string;
    (*

    Identifier of the Managed Microsoft AD or Simple AD directory in which the user resides.

    *)
}
type nonrec invalid_password_exception = {
  1. request_id : string option;
  2. message : string option;
}

The new password provided by the user does not meet the password complexity requirements defined in your directory.

type nonrec replication_scope =
  1. | Domain
type nonrec remove_tags_from_resource_request = {
  1. tag_keys : string list;
    (*

    The tag key (name) of the tag to be removed.

    *)
  2. resource_id : string;
    (*

    Identifier (ID) of the directory from which to remove the tag.

    *)
}
type nonrec remove_region_request = {
  1. directory_id : string;
    (*

    The identifier of the directory for which you want to remove Region replication.

    *)
}
type nonrec remove_ip_routes_request = {
  1. cidr_ips : string list;
    (*

    IP address blocks that you want to remove.

    *)
  2. directory_id : string;
    (*

    Identifier (ID) of the directory from which you want to remove the IP addresses.

    *)
}
type nonrec reject_shared_directory_result = {
  1. shared_directory_id : string option;
    (*

    Identifier of the shared directory in the directory consumer account.

    *)
}
type nonrec reject_shared_directory_request = {
  1. shared_directory_id : string;
    (*

    Identifier of the shared directory in the directory consumer account. This identifier is different for each directory owner account.

    *)
}
type nonrec register_event_topic_request = {
  1. topic_name : string;
    (*

    The Amazon SNS topic name to which the directory will publish status messages. This Amazon SNS topic must be in the same region as the specified Directory ID.

    *)
  2. directory_id : string;
    (*

    The Directory ID that will publish status messages to the Amazon SNS topic.

    *)
}

Registers a new event topic.

type nonrec register_certificate_result = {
  1. certificate_id : string option;
    (*

    The identifier of the certificate.

    *)
}
type nonrec certificate_type =
  1. | CLIENT_LDAPS
  2. | CLIENT_CERT_AUTH
type nonrec client_cert_auth_settings = {
  1. ocsp_url : string option;
    (*

    Specifies the URL of the default OCSP server used to check for revocation status. A secondary value to any OCSP address found in the AIA extension of the user certificate.

    *)
}

Contains information about the client certificate authentication settings for the RegisterCertificate and DescribeCertificate operations.

type nonrec register_certificate_request = {
  1. client_cert_auth_settings : client_cert_auth_settings option;
    (*

    A ClientCertAuthSettings object that contains client certificate authentication settings.

    *)
  2. type_ : certificate_type option;
    (*

    The function that the registered certificate performs. Valid values include ClientLDAPS or ClientCertAuth. The default value is ClientLDAPS.

    *)
  3. certificate_data : string;
    (*

    The certificate PEM string that needs to be registered.

    *)
  4. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec invalid_certificate_exception = {
  1. request_id : string option;
  2. message : string option;
}

The certificate PEM that was provided has incorrect encoding.

type nonrec certificate_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The certificate could not be added because the certificate limit has been reached.

type nonrec certificate_already_exists_exception = {
  1. request_id : string option;
  2. message : string option;
}

The certificate has already been registered into the system.

type nonrec regions_info = {
  1. additional_regions : string list option;
    (*

    Lists the Regions where the directory has been replicated, excluding the primary Region.

    *)
  2. primary_region : string option;
    (*

    The Region where the Managed Microsoft AD directory was originally created.

    *)
}

Provides information about the Regions that are configured for multi-Region replication.

type nonrec region_type =
  1. | ADDITIONAL
  2. | PRIMARY
type nonrec directory_stage =
  1. | FAILED
  2. | DELETED
  3. | DELETING
  4. | RESTOREFAILED
  5. | RESTORING
  6. | IMPAIRED
  7. | INOPERABLE
  8. | ACTIVE
  9. | CREATED
  10. | CREATING
  11. | REQUESTED
type nonrec directory_vpc_settings = {
  1. subnet_ids : string list;
    (*

    The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. Directory Service creates a directory server and a DNS server in each of these subnets.

    *)
  2. vpc_id : string;
    (*

    The identifier of the VPC in which to create the directory.

    *)
}

Contains VPC information for the CreateDirectory or CreateMicrosoftAD operation.

type nonrec region_description = {
  1. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the Region description was last updated.

    *)
  2. status_last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the Region status was last updated.

    *)
  3. launch_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    Specifies when the Region replication began.

    *)
  4. desired_number_of_domain_controllers : int option;
    (*

    The desired number of domain controllers in the specified Region for the specified directory.

    *)
  5. vpc_settings : directory_vpc_settings option;
  6. status : directory_stage option;
    (*

    The status of the replication process for the specified Region.

    *)
  7. region_type : region_type option;
    (*

    Specifies whether the Region is the primary Region or an additional Region.

    *)
  8. region_name : string option;
    (*

    The name of the Region. For example, us-east-1.

    *)
  9. directory_id : string option;
    (*

    The identifier of the directory.

    *)
}

The replicated Region information for a directory.

type nonrec region_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

You have reached the limit for maximum number of simultaneous Region replications per directory.

type nonrec radius_status =
  1. | FAILED
  2. | COMPLETED
  3. | CREATING
type nonrec directory_vpc_settings_description = {
  1. availability_zones : string list option;
    (*

    The list of Availability Zones that the directory is in.

    *)
  2. security_group_id : string option;
    (*

    The domain controller security group identifier for the directory.

    *)
  3. subnet_ids : string list option;
    (*

    The identifiers of the subnets for the directory servers.

    *)
  4. vpc_id : string option;
    (*

    The identifier of the VPC that the directory is in.

    *)
}

Contains information about the directory.

type nonrec owner_directory_description = {
  1. radius_status : radius_status option;
    (*

    Information about the status of the RADIUS server.

    *)
  2. radius_settings : radius_settings option;
    (*

    A RadiusSettings object that contains information about the RADIUS server.

    *)
  3. vpc_settings : directory_vpc_settings_description option;
    (*

    Information about the VPC settings for the directory.

    *)
  4. dns_ip_addrs : string list option;
    (*

    IP address of the directory’s domain controllers.

    *)
  5. account_id : string option;
    (*

    Identifier of the directory owner account.

    *)
  6. directory_id : string option;
    (*

    Identifier of the Managed Microsoft AD directory in the directory owner account.

    *)
}

Describes the directory owner account details that have been shared to the directory consumer account.

type nonrec no_available_certificate_exception = {
  1. request_id : string option;
  2. message : string option;
}

Client authentication setup could not be completed because at least one valid certificate must be registered in the system.

type nonrec log_subscription = {
  1. subscription_created_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the log subscription was created.

    *)
  2. log_group_name : string option;
    (*

    The name of the log group.

    *)
  3. directory_id : string option;
    (*

    Identifier (ID) of the directory that you want to associate with the log subscription.

    *)
}

Represents a log subscription, which tracks real-time data from a chosen log group to a specified destination.

type nonrec list_tags_for_resource_result = {
  1. next_token : string option;
    (*

    Reserved for future use.

    *)
  2. tags : tag list option;
    (*

    List of tags returned by the ListTagsForResource operation.

    *)
}
type nonrec list_tags_for_resource_request = {
  1. limit : int option;
    (*

    Reserved for future use.

    *)
  2. next_token : string option;
    (*

    Reserved for future use.

    *)
  3. resource_id : string;
    (*

    Identifier (ID) of the directory for which you want to retrieve tags.

    *)
}
type nonrec invalid_next_token_exception = {
  1. request_id : string option;
  2. message : string option;
}

The NextToken value is not valid.

type nonrec list_schema_extensions_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter in a subsequent call to ListSchemaExtensions to retrieve the next set of items.

    *)
  2. schema_extensions_info : schema_extension_info list option;
    (*

    Information about the schema extensions applied to the directory.

    *)
}
type nonrec list_schema_extensions_request = {
  1. limit : int option;
    (*

    The maximum number of items to return.

    *)
  2. next_token : string option;
    (*

    The ListSchemaExtensions.NextToken value from a previous call to ListSchemaExtensions. Pass null if this is the first call.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory from which to retrieve the schema extension information.

    *)
}
type nonrec list_log_subscriptions_result = {
  1. next_token : string option;
    (*

    The token for the next set of items to return.

    *)
  2. log_subscriptions : log_subscription list option;
    (*

    A list of active LogSubscription objects for calling the Amazon Web Services account.

    *)
}
type nonrec list_log_subscriptions_request = {
  1. limit : int option;
    (*

    The maximum number of items returned.

    *)
  2. next_token : string option;
    (*

    The token for the next set of items to return.

    *)
  3. directory_id : string option;
    (*

    If a DirectoryID is provided, lists only the log subscription associated with that directory. If no DirectoryId is provided, lists all log subscriptions associated with your Amazon Web Services account. If there are no log subscriptions for the Amazon Web Services account or the directory, an empty list will be returned.

    *)
}
type nonrec ip_route_status_msg =
  1. | REMOVE_FAILED
  2. | ADD_FAILED
  3. | REMOVED
  4. | REMOVING
  5. | ADDED
  6. | ADDING
type nonrec ip_route_info = {
  1. description : string option;
    (*

    Description of the IpRouteInfo.

    *)
  2. ip_route_status_reason : string option;
    (*

    The reason for the IpRouteStatusMsg.

    *)
  3. added_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time the address block was added to the directory.

    *)
  4. ip_route_status_msg : ip_route_status_msg option;
    (*

    The status of the IP address block.

    *)
  5. cidr_ip : string option;
    (*

    IP address block in the IpRoute.

    *)
  6. directory_id : string option;
    (*

    Identifier (ID) of the directory associated with the IP addresses.

    *)
}

Information about one or more IP address blocks.

type nonrec list_ip_routes_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter in a subsequent call to ListIpRoutes to retrieve the next set of items.

    *)
  2. ip_routes_info : ip_route_info list option;
    (*

    A list of IpRoutes.

    *)
}
type nonrec list_ip_routes_request = {
  1. limit : int option;
    (*

    Maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation.

    *)
  2. next_token : string option;
    (*

    The ListIpRoutes.NextToken value from a previous call to ListIpRoutes. Pass null if this is the first call.

    *)
  3. directory_id : string;
    (*

    Identifier (ID) of the directory for which you want to retrieve the IP addresses.

    *)
}
type nonrec certificate_state =
  1. | DEREGISTER_FAILED
  2. | DEREGISTERED
  3. | DEREGISTERING
  4. | REGISTER_FAILED
  5. | REGISTERED
  6. | REGISTERING
type nonrec certificate_info = {
  1. type_ : certificate_type option;
    (*

    The function that the registered certificate performs. Valid values include ClientLDAPS or ClientCertAuth. The default value is ClientLDAPS.

    *)
  2. expiry_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time when the certificate will expire.

    *)
  3. state : certificate_state option;
    (*

    The state of the certificate.

    *)
  4. common_name : string option;
    (*

    The common name for the certificate.

    *)
  5. certificate_id : string option;
    (*

    The identifier of the certificate.

    *)
}

Contains general information about a certificate.

type nonrec list_certificates_result = {
  1. certificates_info : certificate_info list option;
    (*

    A list of certificates with basic details including certificate ID, certificate common name, certificate state.

    *)
  2. next_token : string option;
    (*

    Indicates whether another page of certificates is available when the number of available certificates exceeds the page limit.

    *)
}
type nonrec list_certificates_request = {
  1. limit : int option;
    (*

    The number of items that should show up on one page

    *)
  2. next_token : string option;
    (*

    A token for requesting another page of certificates if the NextToken response element indicates that more certificates are available. Use the value of the returned NextToken element in your request until the token comes back as null. Pass null if this is the first call.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec ldaps_type =
  1. | CLIENT
type nonrec ldaps_status =
  1. | DISABLED
  2. | ENABLE_FAILED
  3. | ENABLED
  4. | ENABLING
type nonrec ldaps_setting_info = {
  1. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time when the LDAPS settings were last updated.

    *)
  2. ldaps_status_reason : string option;
    (*

    Describes a state change for LDAPS.

    *)
  3. ldaps_status : ldaps_status option;
    (*

    The state of the LDAPS settings.

    *)
}

Contains general information about the LDAPS settings.

type nonrec ip_route = {
  1. description : string option;
    (*

    Description of the address block.

    *)
  2. cidr_ip : string option;
    (*

    IP address block using CIDR format, for example 10.0.0.0/24. This is often the address block of the DNS server used for your self-managed domain. For a single IP address use a CIDR address block with /32. For example 10.0.0.0/32.

    *)
}

IP address block. This is often the address block of the DNS server used for your self-managed domain.

type nonrec ip_route_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The maximum allowed number of IP addresses was exceeded. The default limit is 100 IP address blocks.

type nonrec invalid_ldaps_status_exception = {
  1. request_id : string option;
  2. message : string option;
}

The LDAP activities could not be performed because they are limited by the LDAPS status.

type nonrec invalid_client_auth_status_exception = {
  1. request_id : string option;
  2. message : string option;
}

Client authentication is already enabled.

type nonrec insufficient_permissions_exception = {
  1. request_id : string option;
  2. message : string option;
}

The account does not have sufficient permission to perform the operation.

type nonrec get_snapshot_limits_result = {
  1. snapshot_limits : snapshot_limits option;
    (*

    A SnapshotLimits object that contains the manual snapshot limits for the specified directory.

    *)
}

Contains the results of the GetSnapshotLimits operation.

type nonrec get_snapshot_limits_request = {
  1. directory_id : string;
    (*

    Contains the identifier of the directory to obtain the limits for.

    *)
}

Contains the inputs for the GetSnapshotLimits operation.

type nonrec directory_limits = {
  1. connected_directories_limit_reached : bool option;
    (*

    Indicates if the connected directory limit has been reached.

    *)
  2. connected_directories_current_count : int option;
    (*

    The current number of connected directories in the Region.

    *)
  3. connected_directories_limit : int option;
    (*

    The maximum number of connected directories allowed in the Region.

    *)
  4. cloud_only_microsoft_ad_limit_reached : bool option;
    (*

    Indicates if the Managed Microsoft AD directory limit has been reached.

    *)
  5. cloud_only_microsoft_ad_current_count : int option;
    (*

    The current number of Managed Microsoft AD directories in the region.

    *)
  6. cloud_only_microsoft_ad_limit : int option;
    (*

    The maximum number of Managed Microsoft AD directories allowed in the region.

    *)
  7. cloud_only_directories_limit_reached : bool option;
    (*

    Indicates if the cloud directory limit has been reached.

    *)
  8. cloud_only_directories_current_count : int option;
    (*

    The current number of cloud directories in the Region.

    *)
  9. cloud_only_directories_limit : int option;
    (*

    The maximum number of cloud directories allowed in the Region.

    *)
}

Contains directory limit information for a Region.

type nonrec get_directory_limits_result = {
  1. directory_limits : directory_limits option;
    (*

    A DirectoryLimits object that contains the directory limits for the current Region.

    *)
}

Contains the results of the GetDirectoryLimits operation.

type nonrec event_topic = {
  1. status : topic_status option;
    (*

    The topic registration status.

    *)
  2. created_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time of when you associated your directory with the Amazon SNS topic.

    *)
  3. topic_arn : string option;
    (*

    The Amazon SNS topic ARN (Amazon Resource Name).

    *)
  4. topic_name : string option;
    (*

    The name of an Amazon SNS topic the receives status messages from the directory.

    *)
  5. directory_id : string option;
    (*

    The Directory ID of an Directory Service directory that will publish status messages to an Amazon SNS topic.

    *)
}

Information about Amazon SNS topic and Directory Service directory associations.

type nonrec entity_already_exists_exception = {
  1. request_id : string option;
  2. message : string option;
}

The specified entity already exists.

type nonrec enable_sso_request = {
  1. password : string option;
    (*

    The password of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. For more information, see the UserName parameter.

    *)
  2. user_name : string option;
    (*

    The username of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. This account must have privileges to add a service principal name.

    If the AD Connector service account does not have privileges to add a service principal name, you can specify an alternate account with the UserName and Password parameters. These credentials are only used to enable single sign-on and are not stored by the service. The AD Connector service account is not changed.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory for which to enable single-sign on.

    *)
}

Contains the inputs for the EnableSso operation.

type nonrec authentication_failed_exception = {
  1. request_id : string option;
    (*

    The identifier of the request that caused the exception.

    *)
  2. message : string option;
    (*

    The textual message for the exception.

    *)
}

An authentication error occurred.

type nonrec enable_radius_request = {
  1. radius_settings : radius_settings;
    (*

    A RadiusSettings object that contains information about the RADIUS server.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory for which to enable MFA.

    *)
}

Contains the inputs for the EnableRadius operation.

type nonrec enable_ldaps_request = {
  1. type_ : ldaps_type;
    (*

    The type of LDAP security to enable. Currently only the value Client is supported.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec client_authentication_type =
  1. | SMART_CARD_OR_PASSWORD
  2. | SMART_CARD
type nonrec enable_client_authentication_request = {
  1. type_ : client_authentication_type;
    (*

    The type of client authentication to enable. Currently only the value SmartCard is supported. Smart card authentication in AD Connector requires that you enable Kerberos Constrained Delegation for the Service User to the LDAP service in your self-managed AD.

    *)
  2. directory_id : string;
    (*

    The identifier of the specified directory.

    *)
}
type nonrec domain_controller_status =
  1. | FAILED
  2. | DELETED
  3. | DELETING
  4. | RESTORING
  5. | IMPAIRED
  6. | ACTIVE
  7. | CREATING
type nonrec domain_controller = {
  1. status_last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the status was last updated.

    *)
  2. launch_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    Specifies when the domain controller was created.

    *)
  3. status_reason : string option;
    (*

    A description of the domain controller state.

    *)
  4. status : domain_controller_status option;
    (*

    The status of the domain controller.

    *)
  5. availability_zone : string option;
    (*

    The Availability Zone where the domain controller is located.

    *)
  6. subnet_id : string option;
    (*

    Identifier of the subnet in the VPC that contains the domain controller.

    *)
  7. vpc_id : string option;
    (*

    The identifier of the VPC that contains the domain controller.

    *)
  8. dns_ip_addr : string option;
    (*

    The IP address of the domain controller.

    *)
  9. domain_controller_id : string option;
    (*

    Identifies a specific domain controller in the directory.

    *)
  10. directory_id : string option;
    (*

    Identifier of the directory where the domain controller resides.

    *)
}

Contains information about the domain controllers for a specified directory.

type nonrec disable_sso_request = {
  1. password : string option;
    (*

    The password of an alternate account to use to disable single-sign on. This is only used for AD Connector directories. For more information, see the UserName parameter.

    *)
  2. user_name : string option;
    (*

    The username of an alternate account to use to disable single-sign on. This is only used for AD Connector directories. This account must have privileges to remove a service principal name.

    If the AD Connector service account does not have privileges to remove a service principal name, you can specify an alternate account with the UserName and Password parameters. These credentials are only used to disable single sign-on and are not stored by the service. The AD Connector service account is not changed.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory for which to disable single-sign on.

    *)
}

Contains the inputs for the DisableSso operation.

type nonrec disable_radius_request = {
  1. directory_id : string;
    (*

    The identifier of the directory for which to disable MFA.

    *)
}

Contains the inputs for the DisableRadius operation.

type nonrec disable_ldaps_request = {
  1. type_ : ldaps_type;
    (*

    The type of LDAP security to enable. Currently only the value Client is supported.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec disable_client_authentication_request = {
  1. type_ : client_authentication_type;
    (*

    The type of client authentication to disable. Currently, only the parameter, SmartCard is supported.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory

    *)
}
type nonrec directory_type =
  1. | SHARED_MICROSOFT_AD
  2. | MICROSOFT_AD
  3. | AD_CONNECTOR
  4. | SIMPLE_AD
type nonrec directory_size =
  1. | LARGE
  2. | SMALL
type nonrec describe_update_directory_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter.

    *)
  2. update_activities : update_info_entry list option;
    (*

    The list of update activities on a directory for the requested update type.

    *)
}
type nonrec describe_update_directory_request = {
  1. next_token : string option;
    (*

    The DescribeUpdateDirectoryResult. NextToken value from a previous call to DescribeUpdateDirectory. Pass null if this is the first call.

    *)
  2. region_name : string option;
    (*

    The name of the Region.

    *)
  3. update_type : update_type;
    (*

    The type of updates you want to describe for the directory.

    *)
  4. directory_id : string;
    (*

    The unique identifier of the directory.

    *)
}
type nonrec describe_trusts_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter in a subsequent call to DescribeTrusts to retrieve the next set of items.

    *)
  2. trusts : trust list option;
    (*

    The list of Trust objects that were retrieved.

    It is possible that this list contains less than the number of items specified in the Limit member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.

    *)
}

The result of a DescribeTrust request.

type nonrec describe_trusts_request = {
  1. limit : int option;
    (*

    The maximum number of objects to return.

    *)
  2. next_token : string option;
    (*

    The DescribeTrustsResult.NextToken value from a previous call to DescribeTrusts. Pass null if this is the first call.

    *)
  3. trust_ids : string list option;
    (*

    A list of identifiers of the trust relationships for which to obtain the information. If this member is null, all trust relationships that belong to the current account are returned.

    An empty list results in an InvalidParameterException being thrown.

    *)
  4. directory_id : string option;
    (*

    The Directory ID of the Amazon Web Services directory that is a part of the requested trust relationship.

    *)
}

Describes the trust relationships for a particular Managed Microsoft AD directory. If no input parameters are provided, such as directory ID or trust ID, this request describes all the trust relationships.

type nonrec describe_snapshots_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value in the NextToken member of a subsequent call to DescribeSnapshots.

    *)
  2. snapshots : snapshot list option;
    (*

    The list of Snapshot objects that were retrieved.

    It is possible that this list contains less than the number of items specified in the Limit member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.

    *)
}

Contains the results of the DescribeSnapshots operation.

type nonrec describe_snapshots_request = {
  1. limit : int option;
    (*

    The maximum number of objects to return.

    *)
  2. next_token : string option;
    (*

    The DescribeSnapshotsResult.NextToken value from a previous call to DescribeSnapshots. Pass null if this is the first call.

    *)
  3. snapshot_ids : string list option;
    (*

    A list of identifiers of the snapshots to obtain the information for. If this member is null or empty, all snapshots are returned using the Limit and NextToken members.

    *)
  4. directory_id : string option;
    (*

    The identifier of the directory for which to retrieve snapshot information.

    *)
}

Contains the inputs for the DescribeSnapshots operation.

type nonrec describe_shared_directories_result = {
  1. next_token : string option;
    (*

    If not null, token that indicates that more results are available. Pass this value for the NextToken parameter in a subsequent call to DescribeSharedDirectories to retrieve the next set of items.

    *)
  2. shared_directories : shared_directory list option;
    (*

    A list of all shared directories in your account.

    *)
}
type nonrec describe_shared_directories_request = {
  1. limit : int option;
    (*

    The number of shared directories to return in the response object.

    *)
  2. next_token : string option;
    (*

    The DescribeSharedDirectoriesResult.NextToken value from a previous call to DescribeSharedDirectories. Pass null if this is the first call.

    *)
  3. shared_directory_ids : string list option;
    (*

    A list of identifiers of all shared directories in your account.

    *)
  4. owner_directory_id : string;
    (*

    Returns the identifier of the directory in the directory owner account.

    *)
}
type nonrec describe_settings_result = {
  1. next_token : string option;
    (*

    If not null, token that indicates that more results are available. Pass this value for the NextToken parameter in a subsequent call to DescribeSettings to retrieve the next set of items.

    *)
  2. setting_entries : setting_entry list option;
    (*

    The list of SettingEntry objects that were retrieved.

    It is possible that this list contains less than the number of items specified in the Limit member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.

    *)
  3. directory_id : string option;
    (*

    The identifier of the directory.

    *)
}
type nonrec describe_settings_request = {
  1. next_token : string option;
    (*

    The DescribeSettingsResult.NextToken value from a previous call to DescribeSettings. Pass null if this is the first call.

    *)
  2. status : directory_configuration_status option;
    (*

    The status of the directory settings for which to retrieve information.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory for which to retrieve information.

    *)
}
type nonrec describe_regions_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter in a subsequent call to DescribeRegions to retrieve the next set of items.

    *)
  2. regions_description : region_description list option;
    (*

    List of Region information related to the directory for each replicated Region.

    *)
}
type nonrec describe_regions_request = {
  1. next_token : string option;
    (*

    The DescribeRegionsResult.NextToken value from a previous call to DescribeRegions. Pass null if this is the first call.

    *)
  2. region_name : string option;
    (*

    The name of the Region. For example, us-east-1.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec describe_ldaps_settings_result = {
  1. next_token : string option;
    (*

    The next token used to retrieve the LDAPS settings if the number of setting types exceeds page limit and there is another page.

    *)
  2. ldaps_settings_info : ldaps_setting_info list option;
    (*

    Information about LDAP security for the specified directory, including status of enablement, state last updated date time, and the reason for the state.

    *)
}
type nonrec describe_ldaps_settings_request = {
  1. limit : int option;
    (*

    Specifies the number of items that should be displayed on one page.

    *)
  2. next_token : string option;
    (*

    The type of next token used for pagination.

    *)
  3. type_ : ldaps_type option;
    (*

    The type of LDAP security to enable. Currently only the value Client is supported.

    *)
  4. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec describe_event_topics_result = {
  1. event_topics : event_topic list option;
    (*

    A list of Amazon SNS topic names that receive status messages from the specified Directory ID.

    *)
}

The result of a DescribeEventTopic request.

type nonrec describe_event_topics_request = {
  1. topic_names : string list option;
    (*

    A list of Amazon SNS topic names for which to obtain the information. If this member is null, all associations for the specified Directory ID are returned.

    An empty list results in an InvalidParameterException being thrown.

    *)
  2. directory_id : string option;
    (*

    The Directory ID for which to get the list of associated Amazon SNS topics. If this member is null, associations for all Directory IDs are returned.

    *)
}

Describes event topics.

type nonrec describe_domain_controllers_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter in a subsequent call to DescribeDomainControllers retrieve the next set of items.

    *)
  2. domain_controllers : domain_controller list option;
    (*

    List of the DomainController objects that were retrieved.

    *)
}
type nonrec describe_domain_controllers_request = {
  1. limit : int option;
    (*

    The maximum number of items to return.

    *)
  2. next_token : string option;
    (*

    The DescribeDomainControllers.NextToken value from a previous call to DescribeDomainControllers. Pass null if this is the first call.

    *)
  3. domain_controller_ids : string list option;
    (*

    A list of identifiers for the domain controllers whose information will be provided.

    *)
  4. directory_id : string;
    (*

    Identifier of the directory for which to retrieve the domain controller information.

    *)
}
type nonrec directory_edition =
  1. | STANDARD
  2. | ENTERPRISE
type nonrec directory_connect_settings_description = {
  1. connect_ips : string list option;
    (*

    The IP addresses of the AD Connector servers.

    *)
  2. availability_zones : string list option;
    (*

    A list of the Availability Zones that the directory is in.

    *)
  3. security_group_id : string option;
    (*

    The security group identifier for the AD Connector directory.

    *)
  4. customer_user_name : string option;
    (*

    The user name of the service account in your self-managed directory.

    *)
  5. subnet_ids : string list option;
    (*

    A list of subnet identifiers in the VPC that the AD Connector is in.

    *)
  6. vpc_id : string option;
    (*

    The identifier of the VPC that the AD Connector is in.

    *)
}

Contains information about an AD Connector directory.

type nonrec directory_description = {
  1. os_version : os_version option;
    (*

    The operating system (OS) version of the directory.

    *)
  2. regions_info : regions_info option;
    (*

    Lists the Regions where the directory has replicated.

    *)
  3. owner_directory_description : owner_directory_description option;
    (*

    Describes the Managed Microsoft AD directory in the directory owner account.

    *)
  4. desired_number_of_domain_controllers : int option;
    (*

    The desired number of domain controllers in the directory if the directory is Microsoft AD.

    *)
  5. sso_enabled : bool option;
    (*

    Indicates if single sign-on is enabled for the directory. For more information, see EnableSso and DisableSso.

    *)
  6. stage_reason : string option;
    (*

    Additional information about the directory stage.

    *)
  7. radius_status : radius_status option;
    (*

    The status of the RADIUS MFA server connection.

    *)
  8. radius_settings : radius_settings option;
    (*

    A RadiusSettings object that contains information about the RADIUS server configured for this directory.

    *)
  9. connect_settings : directory_connect_settings_description option;
    (*

    A DirectoryConnectSettingsDescription object that contains additional information about an AD Connector directory. This member is only present if the directory is an AD Connector directory.

    *)
  10. vpc_settings : directory_vpc_settings_description option;
    (*

    A DirectoryVpcSettingsDescription object that contains additional information about a directory. This member is only present if the directory is a Simple AD or Managed Microsoft AD directory.

    *)
  11. type_ : directory_type option;
    (*

    The directory size.

    *)
  12. stage_last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the stage was last updated.

    *)
  13. launch_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    Specifies when the directory was created.

    *)
  14. share_notes : string option;
    (*

    A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.

    *)
  15. share_method : share_method option;
    (*

    The method used when sharing a directory to determine whether the directory should be shared within your Amazon Web Services organization (ORGANIZATIONS) or with any Amazon Web Services account by sending a shared directory request (HANDSHAKE).

    *)
  16. share_status : share_status option;
    (*

    Current directory status of the shared Managed Microsoft AD directory.

    *)
  17. stage : directory_stage option;
    (*

    The current stage of the directory.

    *)
  18. dns_ip_addrs : string list option;
    (*

    The IP addresses of the DNS servers for the directory. For a Simple AD or Microsoft AD directory, these are the IP addresses of the Simple AD or Microsoft AD directory servers. For an AD Connector directory, these are the IP addresses of the DNS servers or domain controllers in your self-managed directory to which the AD Connector is connected.

    *)
  19. description : string option;
    (*

    The description for the directory.

    *)
  20. access_url : string option;
    (*

    The access URL for the directory, such as

    http://.awsapps.com

    . If no alias has been created for the directory,

    is the directory identifier, such as d-XXXXXXXXXX.

    *)
  21. alias : string option;
    (*

    The alias for the directory. If no alias has been created for the directory, the alias is the directory identifier, such as d-XXXXXXXXXX.

    *)
  22. edition : directory_edition option;
    (*

    The edition associated with this directory.

    *)
  23. size : directory_size option;
    (*

    The directory size.

    *)
  24. short_name : string option;
    (*

    The short name of the directory.

    *)
  25. name : string option;
    (*

    The fully qualified name of the directory.

    *)
  26. directory_id : string option;
    (*

    The directory identifier.

    *)
}

Contains information about an Directory Service directory.

type nonrec describe_directories_result = {
  1. next_token : string option;
    (*

    If not null, more results are available. Pass this value for the NextToken parameter in a subsequent call to DescribeDirectories to retrieve the next set of items.

    *)
  2. directory_descriptions : directory_description list option;
    (*

    The list of DirectoryDescription objects that were retrieved.

    It is possible that this list contains less than the number of items specified in the Limit member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.

    *)
}

Contains the results of the DescribeDirectories operation.

type nonrec describe_directories_request = {
  1. limit : int option;
    (*

    The maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation.

    *)
  2. next_token : string option;
    (*

    The DescribeDirectoriesResult.NextToken value from a previous call to DescribeDirectories. Pass null if this is the first call.

    *)
  3. directory_ids : string list option;
    (*

    A list of identifiers of the directories for which to obtain the information. If this member is null, all directories that belong to the current account are returned.

    An empty list results in an InvalidParameterException being thrown.

    *)
}

Contains the inputs for the DescribeDirectories operation.

type nonrec conditional_forwarder = {
  1. replication_scope : replication_scope option;
    (*

    The replication scope of the conditional forwarder. The only allowed value is Domain, which will replicate the conditional forwarder to all of the domain controllers for your Amazon Web Services directory.

    *)
  2. dns_ip_addrs : string list option;
    (*

    The IP addresses of the remote DNS server associated with RemoteDomainName. This is the IP address of the DNS server that your conditional forwarder points to.

    *)
  3. remote_domain_name : string option;
    (*

    The fully qualified domain name (FQDN) of the remote domains pointed to by the conditional forwarder.

    *)
}

Points to a remote domain with which you are setting up a trust relationship. Conditional forwarders are required in order to set up a trust relationship with another domain.

type nonrec describe_conditional_forwarders_result = {
  1. conditional_forwarders : conditional_forwarder list option;
    (*

    The list of conditional forwarders that have been created.

    *)
}

The result of a DescribeConditionalForwarder request.

type nonrec describe_conditional_forwarders_request = {
  1. remote_domain_names : string list option;
    (*

    The fully qualified domain names (FQDN) of the remote domains for which to get the list of associated conditional forwarders. If this member is null, all conditional forwarders are returned.

    *)
  2. directory_id : string;
    (*

    The directory ID for which to get the list of associated conditional forwarders.

    *)
}

Describes a conditional forwarder.

type nonrec client_authentication_status =
  1. | DISABLED
  2. | ENABLED
type nonrec client_authentication_setting_info = {
  1. last_updated_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time when the status of the client authentication type was last updated.

    *)
  2. status : client_authentication_status option;
    (*

    Whether the client authentication type is enabled or disabled for the specified directory.

    *)
  3. type_ : client_authentication_type option;
    (*

    The type of client authentication for the specified directory. If no type is specified, a list of all client authentication types that are supported for the directory is retrieved.

    *)
}

Contains information about a client authentication method for a directory.

type nonrec describe_client_authentication_settings_result = {
  1. next_token : string option;
    (*

    The next token used to retrieve the client authentication settings if the number of setting types exceeds page limit and there is another page.

    *)
  2. client_authentication_settings_info : client_authentication_setting_info list option;
    (*

    Information about the type of client authentication for the specified directory. The following information is retrieved: The date and time when the status of the client authentication type was last updated, whether the client authentication type is enabled or disabled, and the type of client authentication.

    *)
}
type nonrec describe_client_authentication_settings_request = {
  1. limit : int option;
    (*

    The maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation.

    *)
  2. next_token : string option;
    (*

    The DescribeClientAuthenticationSettingsResult.NextToken value from a previous call to DescribeClientAuthenticationSettings. Pass null if this is the first call.

    *)
  3. type_ : client_authentication_type option;
    (*

    The type of client authentication for which to retrieve information. If no type is specified, a list of all client authentication types that are supported for the specified directory is retrieved.

    *)
  4. directory_id : string;
    (*

    The identifier of the directory for which to retrieve information.

    *)
}
type nonrec certificate_does_not_exist_exception = {
  1. request_id : string option;
  2. message : string option;
}

The certificate is not present in the system for describe or deregister activities.

type nonrec certificate = {
  1. client_cert_auth_settings : client_cert_auth_settings option;
    (*

    A ClientCertAuthSettings object that contains client certificate authentication settings.

    *)
  2. type_ : certificate_type option;
    (*

    The function that the registered certificate performs. Valid values include ClientLDAPS or ClientCertAuth. The default value is ClientLDAPS.

    *)
  3. expiry_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time when the certificate will expire.

    *)
  4. registered_date_time : Smaws_Lib.CoreTypes.Timestamp.t option;
    (*

    The date and time that the certificate was registered.

    *)
  5. common_name : string option;
    (*

    The common name for the certificate.

    *)
  6. state_reason : string option;
    (*

    Describes a state change for the certificate.

    *)
  7. state : certificate_state option;
    (*

    The state of the certificate.

    *)
  8. certificate_id : string option;
    (*

    The identifier of the certificate.

    *)
}

Information about the certificate.

type nonrec describe_certificate_result = {
  1. certificate : certificate option;
    (*

    Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.

    *)
}
type nonrec describe_certificate_request = {
  1. certificate_id : string;
    (*

    The identifier of the certificate.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec deregister_event_topic_request = {
  1. topic_name : string;
    (*

    The name of the Amazon SNS topic from which to remove the directory as a publisher.

    *)
  2. directory_id : string;
    (*

    The Directory ID to remove as a publisher. This directory will no longer send messages to the specified Amazon SNS topic.

    *)
}

Removes the specified directory as a publisher to the specified Amazon SNS topic.

type nonrec certificate_in_use_exception = {
  1. request_id : string option;
  2. message : string option;
}

The certificate is being used for the LDAP security connection and cannot be removed without disabling LDAP security.

type nonrec deregister_certificate_request = {
  1. certificate_id : string;
    (*

    The identifier of the certificate.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory.

    *)
}
type nonrec delete_trust_result = {
  1. trust_id : string option;
    (*

    The Trust ID of the trust relationship that was deleted.

    *)
}

The result of a DeleteTrust request.

type nonrec delete_trust_request = {
  1. delete_associated_conditional_forwarder : bool option;
    (*

    Delete a conditional forwarder as part of a DeleteTrustRequest.

    *)
  2. trust_id : string;
    (*

    The Trust ID of the trust relationship to be deleted.

    *)
}

Deletes the local side of an existing trust relationship between the Managed Microsoft AD directory and the external domain.

type nonrec delete_snapshot_result = {
  1. snapshot_id : string option;
    (*

    The identifier of the directory snapshot that was deleted.

    *)
}

Contains the results of the DeleteSnapshot operation.

type nonrec delete_snapshot_request = {
  1. snapshot_id : string;
    (*

    The identifier of the directory snapshot to be deleted.

    *)
}

Contains the inputs for the DeleteSnapshot operation.

type nonrec delete_log_subscription_request = {
  1. directory_id : string;
    (*

    Identifier of the directory whose log subscription you want to delete.

    *)
}
type nonrec delete_directory_result = {
  1. directory_id : string option;
    (*

    The directory identifier.

    *)
}

Contains the results of the DeleteDirectory operation.

type nonrec delete_directory_request = {
  1. directory_id : string;
    (*

    The identifier of the directory to delete.

    *)
}

Contains the inputs for the DeleteDirectory operation.

type nonrec delete_conditional_forwarder_request = {
  1. remote_domain_name : string;
    (*

    The fully qualified domain name (FQDN) of the remote domain with which you are deleting the conditional forwarder.

    *)
  2. directory_id : string;
    (*

    The directory ID for which you are deleting the conditional forwarder.

    *)
}

Deletes a conditional forwarder.

type nonrec create_trust_result = {
  1. trust_id : string option;
    (*

    A unique identifier for the trust relationship that was created.

    *)
}

The result of a CreateTrust request.

type nonrec create_trust_request = {
  1. selective_auth : selective_auth option;
    (*

    Optional parameter to enable selective authentication for the trust.

    *)
  2. conditional_forwarder_ip_addrs : string list option;
    (*

    The IP addresses of the remote DNS server associated with RemoteDomainName.

    *)
  3. trust_type : trust_type option;
    (*

    The trust relationship type. Forest is the default.

    *)
  4. trust_direction : trust_direction;
    (*

    The direction of the trust relationship.

    *)
  5. trust_password : string;
    (*

    The trust password. The must be the same password that was used when creating the trust relationship on the external domain.

    *)
  6. remote_domain_name : string;
    (*

    The Fully Qualified Domain Name (FQDN) of the external domain for which to create the trust relationship.

    *)
  7. directory_id : string;
    (*

    The Directory ID of the Managed Microsoft AD directory for which to establish the trust relationship.

    *)
}

Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.

This action initiates the creation of the Amazon Web Services side of a trust relationship between an Managed Microsoft AD directory and an external domain.

type nonrec create_snapshot_result = {
  1. snapshot_id : string option;
    (*

    The identifier of the snapshot that was created.

    *)
}

Contains the results of the CreateSnapshot operation.

type nonrec create_snapshot_request = {
  1. name : string option;
    (*

    The descriptive name to apply to the snapshot.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory of which to take a snapshot.

    *)
}

Contains the inputs for the CreateSnapshot operation.

type nonrec directory_limit_exceeded_exception = {
  1. request_id : string option;
  2. message : string option;
}

The maximum number of directories in the region has been reached. You can use the GetDirectoryLimits operation to determine your directory limits in the region.

type nonrec create_microsoft_ad_result = {
  1. directory_id : string option;
    (*

    The identifier of the directory that was created.

    *)
}

Result of a CreateMicrosoftAD request.

type nonrec create_microsoft_ad_request = {
  1. tags : tag list option;
    (*

    The tags to be assigned to the Managed Microsoft AD directory.

    *)
  2. edition : directory_edition option;
    (*

    Managed Microsoft AD is available in two editions: Standard and Enterprise. Enterprise is the default.

    *)
  3. vpc_settings : directory_vpc_settings;
    (*

    Contains VPC information for the CreateDirectory or CreateMicrosoftAD operation.

    *)
  4. description : string option;
    (*

    A description for the directory. This label will appear on the Amazon Web Services console Directory Details page after the directory is created.

    *)
  5. password : string;
    (*

    The password for the default administrative user named Admin.

    If you need to change the password for the administrator account, you can use the ResetUserPassword API call.

    *)
  6. short_name : string option;
    (*

    The NetBIOS name for your domain, such as CORP. If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, CORP for the directory DNS corp.example.com.

    *)
  7. name : string;
    (*

    The fully qualified domain name for the Managed Microsoft AD directory, such as corp.example.com. This name will resolve inside your VPC only. It does not need to be publicly resolvable.

    *)
}

Creates an Managed Microsoft AD directory.

type nonrec create_log_subscription_request = {
  1. log_group_name : string;
    (*

    The name of the CloudWatch log group where the real-time domain controller logs are forwarded.

    *)
  2. directory_id : string;
    (*

    Identifier of the directory to which you want to subscribe and receive real-time logs to your specified CloudWatch log group.

    *)
}
type nonrec create_directory_result = {
  1. directory_id : string option;
    (*

    The identifier of the directory that was created.

    *)
}

Contains the results of the CreateDirectory operation.

type nonrec create_directory_request = {
  1. tags : tag list option;
    (*

    The tags to be assigned to the Simple AD directory.

    *)
  2. vpc_settings : directory_vpc_settings option;
    (*

    A DirectoryVpcSettings object that contains additional information for the operation.

    *)
  3. size : directory_size;
    (*

    The size of the directory.

    *)
  4. description : string option;
    (*

    A description for the directory.

    *)
  5. password : string;
    (*

    The password for the directory administrator. The directory creation process creates a directory administrator account with the user name Administrator and this password.

    If you need to change the password for the administrator account, you can use the ResetUserPassword API call.

    The regex pattern for this string is made up of the following conditions:

    • Length (?=^.{8,64}$) – Must be between 8 and 64 characters

    AND any 3 of the following password complexity rules required by Active Directory:

    • Numbers and upper case and lowercase (?=.*\d)(?=.*[A-Z])(?=.*[a-z])
    • Numbers and special characters and lower case (?=.*\d)(?=.*[^A-Za-z0-9\s])(?=.*[a-z])
    • Special characters and upper case and lower case (?=.*[^A-Za-z0-9\s])(?=.*[A-Z])(?=.*[a-z])
    • Numbers and upper case and special characters (?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9\s])

    For additional information about how Active Directory passwords are enforced, see Password must meet complexity requirements on the Microsoft website.

    *)
  6. short_name : string option;
    (*

    The NetBIOS name of the directory, such as CORP.

    *)
  7. name : string;
    (*

    The fully qualified name for the directory, such as corp.example.com.

    *)
}

Contains the inputs for the CreateDirectory operation.

type nonrec create_conditional_forwarder_request = {
  1. dns_ip_addrs : string list;
    (*

    The IP addresses of the remote DNS server associated with RemoteDomainName.

    *)
  2. remote_domain_name : string;
    (*

    The fully qualified domain name (FQDN) of the remote domain with which you will set up a trust relationship.

    *)
  3. directory_id : string;
    (*

    The directory ID of the Amazon Web Services directory for which you are creating the conditional forwarder.

    *)
}

Initiates the creation of a conditional forwarder for your Directory Service for Microsoft Active Directory. Conditional forwarders are required in order to set up a trust relationship with another domain.

type nonrec attribute = {
  1. value : string option;
    (*

    The value of the attribute.

    *)
  2. name : string option;
    (*

    The name of the attribute.

    *)
}

Represents a named directory attribute.

type nonrec computer = {
  1. computer_attributes : attribute list option;
    (*

    An array of Attribute objects containing the LDAP attributes that belong to the computer account.

    *)
  2. computer_name : string option;
    (*

    The computer name.

    *)
  3. computer_id : string option;
    (*

    The identifier of the computer.

    *)
}

Contains information about a computer account in a directory.

type nonrec create_computer_result = {
  1. computer : computer option;
    (*

    A Computer object that represents the computer account.

    *)
}

Contains the results for the CreateComputer operation.

type nonrec create_computer_request = {
  1. computer_attributes : attribute list option;
    (*

    An array of Attribute objects that contain any LDAP attributes to apply to the computer account.

    *)
  2. organizational_unit_distinguished_name : string option;
    (*

    The fully-qualified distinguished name of the organizational unit to place the computer account in.

    *)
  3. password : string;
    (*

    A one-time password that is used to join the computer to the directory. You should generate a random, strong password to use for this parameter.

    *)
  4. computer_name : string;
    (*

    The name of the computer account.

    *)
  5. directory_id : string;
    (*

    The identifier of the directory in which to create the computer account.

    *)
}

Contains the inputs for the CreateComputer operation.

type nonrec create_alias_result = {
  1. alias : string option;
    (*

    The alias for the directory.

    *)
  2. directory_id : string option;
    (*

    The identifier of the directory.

    *)
}

Contains the results of the CreateAlias operation.

type nonrec create_alias_request = {
  1. alias : string;
    (*

    The requested alias.

    The alias must be unique amongst all aliases in Amazon Web Services. This operation throws an EntityAlreadyExistsException error if the alias already exists.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory for which to create the alias.

    *)
}

Contains the inputs for the CreateAlias operation.

type nonrec connect_directory_result = {
  1. directory_id : string option;
    (*

    The identifier of the new directory.

    *)
}

Contains the results of the ConnectDirectory operation.

type nonrec directory_connect_settings = {
  1. customer_user_name : string;
    (*

    The user name of an account in your self-managed directory that is used to connect to the directory. This account must have the following permissions:

    • Read users and groups
    • Create computer objects
    • Join computers to the domain
    *)
  2. customer_dns_ips : string list;
    (*

    A list of one or more IP addresses of DNS servers or domain controllers in your self-managed directory.

    *)
  3. subnet_ids : string list;
    (*

    A list of subnet identifiers in the VPC in which the AD Connector is created.

    *)
  4. vpc_id : string;
    (*

    The identifier of the VPC in which the AD Connector is created.

    *)
}

Contains information for the ConnectDirectory operation when an AD Connector directory is being created.

type nonrec connect_directory_request = {
  1. tags : tag list option;
    (*

    The tags to be assigned to AD Connector.

    *)
  2. connect_settings : directory_connect_settings;
    (*

    A DirectoryConnectSettings object that contains additional information for the operation.

    *)
  3. size : directory_size;
    (*

    The size of the directory.

    *)
  4. description : string option;
    (*

    A description for the directory.

    *)
  5. password : string;
    (*

    The password for your self-managed user account.

    *)
  6. short_name : string option;
    (*

    The NetBIOS name of your self-managed directory, such as CORP.

    *)
  7. name : string;
    (*

    The fully qualified name of your self-managed directory, such as corp.example.com.

    *)
}

Contains the inputs for the ConnectDirectory operation.

type nonrec cancel_schema_extension_request = {
  1. schema_extension_id : string;
    (*

    The identifier of the schema extension that will be canceled.

    *)
  2. directory_id : string;
    (*

    The identifier of the directory whose schema extension will be canceled.

    *)
}
type nonrec add_tags_to_resource_request = {
  1. tags : tag list;
    (*

    The tags to be assigned to the directory.

    *)
  2. resource_id : string;
    (*

    Identifier (ID) for the directory to which to add the tag.

    *)
}
type nonrec directory_already_in_region_exception = {
  1. request_id : string option;
  2. message : string option;
}

The Region you specified is the same Region where the Managed Microsoft AD directory was created. Specify a different Region and try again.

type nonrec add_region_request = {
  1. vpc_settings : directory_vpc_settings;
  2. region_name : string;
    (*

    The name of the Region where you want to add domain controllers for replication. For example, us-east-1.

    *)
  3. directory_id : string;
    (*

    The identifier of the directory to which you want to add Region replication.

    *)
}
type nonrec add_ip_routes_request = {
  1. update_security_group_for_directory_controllers : bool option;
    (*

    If set to true, updates the inbound and outbound rules of the security group that has the description: "Amazon Web Services created security group for directory ID directory controllers." Following are the new rules:

    Inbound:

    • Type: Custom UDP Rule, Protocol: UDP, Range: 88, Source: 0.0.0.0/0
    • Type: Custom UDP Rule, Protocol: UDP, Range: 123, Source: 0.0.0.0/0
    • Type: Custom UDP Rule, Protocol: UDP, Range: 138, Source: 0.0.0.0/0
    • Type: Custom UDP Rule, Protocol: UDP, Range: 389, Source: 0.0.0.0/0
    • Type: Custom UDP Rule, Protocol: UDP, Range: 464, Source: 0.0.0.0/0
    • Type: Custom UDP Rule, Protocol: UDP, Range: 445, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 88, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 135, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 445, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 464, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 636, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 1024-65535, Source: 0.0.0.0/0
    • Type: Custom TCP Rule, Protocol: TCP, Range: 3268-33269, Source: 0.0.0.0/0
    • Type: DNS (UDP), Protocol: UDP, Range: 53, Source: 0.0.0.0/0
    • Type: DNS (TCP), Protocol: TCP, Range: 53, Source: 0.0.0.0/0
    • Type: LDAP, Protocol: TCP, Range: 389, Source: 0.0.0.0/0
    • Type: All ICMP, Protocol: All, Range: N/A, Source: 0.0.0.0/0

    Outbound:

    • Type: All traffic, Protocol: All, Range: All, Destination: 0.0.0.0/0

    These security rules impact an internal network interface that is not exposed publicly.

    *)
  2. ip_routes : ip_route list;
    (*

    IP address blocks, using CIDR format, of the traffic to route. This is often the IP address block of the DNS server used for your self-managed domain.

    *)
  3. directory_id : string;
    (*

    Identifier (ID) of the directory to which to add the address block.

    *)
}
type nonrec accept_shared_directory_result = {
  1. shared_directory : shared_directory option;
    (*

    The shared directory in the directory consumer account.

    *)
}
type nonrec accept_shared_directory_request = {
  1. shared_directory_id : string;
    (*

    Identifier of the shared directory in the directory consumer account. This identifier is different for each directory owner account.

    *)
}

Builders

val make_verify_trust_request : trust_id:string -> unit -> verify_trust_request
val make_os_update_settings : ?os_version:os_version -> unit -> os_update_settings
val make_update_value : ?os_update_settings:os_update_settings -> unit -> update_value
val make_update_trust_request : ?selective_auth:selective_auth -> trust_id:string -> unit -> update_trust_request
val make_setting : value:string -> name:string -> unit -> setting
val make_update_settings_request : settings:setting list -> directory_id:string -> unit -> update_settings_request
val make_radius_settings : ?use_same_username:bool -> ?display_label:string -> ?authentication_protocol:radius_authentication_protocol -> ?shared_secret:string -> ?radius_retries:int -> ?radius_timeout:int -> ?radius_port:int -> ?radius_servers:string list -> unit -> radius_settings
val make_update_radius_request : radius_settings:radius_settings -> directory_id:string -> unit -> update_radius_request
val make_update_number_of_domain_controllers_request : desired_number:int -> directory_id:string -> unit -> update_number_of_domain_controllers_request
val make_update_info_entry : ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?start_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?previous_value:update_value -> ?new_value:update_value -> ?initiated_by:string -> ?status_reason:string -> ?status:update_status -> ?region:string -> unit -> update_info_entry
val make_update_directory_setup_request : ?create_snapshot_before_update:bool -> ?os_update_settings:os_update_settings -> update_type:update_type -> directory_id:string -> unit -> update_directory_setup_request
val make_update_conditional_forwarder_request : dns_ip_addrs:string list -> remote_domain_name:string -> directory_id:string -> unit -> update_conditional_forwarder_request
val make_unshare_target : type_:target_type -> id:string -> unit -> unshare_target
val make_unshare_directory_request : unshare_target:unshare_target -> directory_id:string -> unit -> unshare_directory_request
val make_trust : ?selective_auth:selective_auth -> ?trust_state_reason:string -> ?state_last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?created_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?trust_state:trust_state -> ?trust_direction:trust_direction -> ?trust_type:trust_type -> ?remote_domain_name:string -> ?trust_id:string -> ?directory_id:string -> unit -> trust
val make_tag : value:string -> key:string -> unit -> tag
val make_start_schema_extension_request : description:string -> ldif_content:string -> create_snapshot_before_schema_extension:bool -> directory_id:string -> unit -> start_schema_extension_request
val make_snapshot : ?start_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?status:snapshot_status -> ?name:string -> ?type_:snapshot_type -> ?snapshot_id:string -> ?directory_id:string -> unit -> snapshot
val make_snapshot_limits : ?manual_snapshots_limit_reached:bool -> ?manual_snapshots_current_count:int -> ?manual_snapshots_limit:int -> unit -> snapshot_limits
val make_shared_directory : ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?created_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?share_notes:string -> ?share_status:share_status -> ?shared_directory_id:string -> ?shared_account_id:string -> ?share_method:share_method -> ?owner_directory_id:string -> ?owner_account_id:string -> unit -> shared_directory
val make_share_target : type_:target_type -> id:string -> unit -> share_target
val make_share_directory_request : ?share_notes:string -> share_method:share_method -> share_target:share_target -> directory_id:string -> unit -> share_directory_request
val make_setting_entry : ?data_type:string -> ?last_requested_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?request_status_message:string -> ?request_detailed_status: directory_configuration_setting_request_detailed_status -> ?request_status:directory_configuration_status -> ?requested_value:string -> ?applied_value:string -> ?allowed_values:string -> ?name:string -> ?type_:string -> unit -> setting_entry
val make_schema_extension_info : ?end_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?start_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?schema_extension_status_reason:string -> ?schema_extension_status:schema_extension_status -> ?description:string -> ?schema_extension_id:string -> ?directory_id:string -> unit -> schema_extension_info
val make_restore_from_snapshot_request : snapshot_id:string -> unit -> restore_from_snapshot_request
val make_reset_user_password_request : new_password:string -> user_name:string -> directory_id:string -> unit -> reset_user_password_request
val make_remove_tags_from_resource_request : tag_keys:string list -> resource_id:string -> unit -> remove_tags_from_resource_request
val make_remove_region_request : directory_id:string -> unit -> remove_region_request
val make_remove_ip_routes_request : cidr_ips:string list -> directory_id:string -> unit -> remove_ip_routes_request
val make_reject_shared_directory_request : shared_directory_id:string -> unit -> reject_shared_directory_request
val make_register_event_topic_request : topic_name:string -> directory_id:string -> unit -> register_event_topic_request
val make_client_cert_auth_settings : ?ocsp_url:string -> unit -> client_cert_auth_settings
val make_register_certificate_request : ?client_cert_auth_settings:client_cert_auth_settings -> ?type_:certificate_type -> certificate_data:string -> directory_id:string -> unit -> register_certificate_request
val make_regions_info : ?additional_regions:string list -> ?primary_region:string -> unit -> regions_info
val make_directory_vpc_settings : subnet_ids:string list -> vpc_id:string -> unit -> directory_vpc_settings
val make_region_description : ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?status_last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?launch_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?desired_number_of_domain_controllers:int -> ?vpc_settings:directory_vpc_settings -> ?status:directory_stage -> ?region_type:region_type -> ?region_name:string -> ?directory_id:string -> unit -> region_description
val make_directory_vpc_settings_description : ?availability_zones:string list -> ?security_group_id:string -> ?subnet_ids:string list -> ?vpc_id:string -> unit -> directory_vpc_settings_description
val make_owner_directory_description : ?radius_status:radius_status -> ?radius_settings:radius_settings -> ?vpc_settings:directory_vpc_settings_description -> ?dns_ip_addrs:string list -> ?account_id:string -> ?directory_id:string -> unit -> owner_directory_description
val make_log_subscription : ?subscription_created_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?log_group_name:string -> ?directory_id:string -> unit -> log_subscription
val make_list_tags_for_resource_request : ?limit:int -> ?next_token:string -> resource_id:string -> unit -> list_tags_for_resource_request
val make_list_schema_extensions_request : ?limit:int -> ?next_token:string -> directory_id:string -> unit -> list_schema_extensions_request
val make_list_log_subscriptions_request : ?limit:int -> ?next_token:string -> ?directory_id:string -> unit -> list_log_subscriptions_request
val make_ip_route_info : ?description:string -> ?ip_route_status_reason:string -> ?added_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?ip_route_status_msg:ip_route_status_msg -> ?cidr_ip:string -> ?directory_id:string -> unit -> ip_route_info
val make_list_ip_routes_request : ?limit:int -> ?next_token:string -> directory_id:string -> unit -> list_ip_routes_request
val make_certificate_info : ?type_:certificate_type -> ?expiry_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?state:certificate_state -> ?common_name:string -> ?certificate_id:string -> unit -> certificate_info
val make_list_certificates_request : ?limit:int -> ?next_token:string -> directory_id:string -> unit -> list_certificates_request
val make_ldaps_setting_info : ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?ldaps_status_reason:string -> ?ldaps_status:ldaps_status -> unit -> ldaps_setting_info
val make_ip_route : ?description:string -> ?cidr_ip:string -> unit -> ip_route
val make_get_snapshot_limits_request : directory_id:string -> unit -> get_snapshot_limits_request
val make_directory_limits : ?connected_directories_limit_reached:bool -> ?connected_directories_current_count:int -> ?connected_directories_limit:int -> ?cloud_only_microsoft_ad_limit_reached:bool -> ?cloud_only_microsoft_ad_current_count:int -> ?cloud_only_microsoft_ad_limit:int -> ?cloud_only_directories_limit_reached:bool -> ?cloud_only_directories_current_count:int -> ?cloud_only_directories_limit:int -> unit -> directory_limits
val make_get_directory_limits_request : unit -> unit
val make_event_topic : ?status:topic_status -> ?created_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?topic_arn:string -> ?topic_name:string -> ?directory_id:string -> unit -> event_topic
val make_enable_sso_request : ?password:string -> ?user_name:string -> directory_id:string -> unit -> enable_sso_request
val make_enable_radius_request : radius_settings:radius_settings -> directory_id:string -> unit -> enable_radius_request
val make_enable_ldaps_request : type_:ldaps_type -> directory_id:string -> unit -> enable_ldaps_request
val make_enable_client_authentication_request : type_:client_authentication_type -> directory_id:string -> unit -> enable_client_authentication_request
val make_domain_controller : ?status_last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?launch_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?status_reason:string -> ?status:domain_controller_status -> ?availability_zone:string -> ?subnet_id:string -> ?vpc_id:string -> ?dns_ip_addr:string -> ?domain_controller_id:string -> ?directory_id:string -> unit -> domain_controller
val make_disable_sso_request : ?password:string -> ?user_name:string -> directory_id:string -> unit -> disable_sso_request
val make_disable_radius_request : directory_id:string -> unit -> disable_radius_request
val make_disable_ldaps_request : type_:ldaps_type -> directory_id:string -> unit -> disable_ldaps_request
val make_disable_client_authentication_request : type_:client_authentication_type -> directory_id:string -> unit -> disable_client_authentication_request
val make_describe_update_directory_request : ?next_token:string -> ?region_name:string -> update_type:update_type -> directory_id:string -> unit -> describe_update_directory_request
val make_describe_trusts_request : ?limit:int -> ?next_token:string -> ?trust_ids:string list -> ?directory_id:string -> unit -> describe_trusts_request
val make_describe_snapshots_request : ?limit:int -> ?next_token:string -> ?snapshot_ids:string list -> ?directory_id:string -> unit -> describe_snapshots_request
val make_describe_shared_directories_request : ?limit:int -> ?next_token:string -> ?shared_directory_ids:string list -> owner_directory_id:string -> unit -> describe_shared_directories_request
val make_describe_settings_request : ?next_token:string -> ?status:directory_configuration_status -> directory_id:string -> unit -> describe_settings_request
val make_describe_regions_request : ?next_token:string -> ?region_name:string -> directory_id:string -> unit -> describe_regions_request
val make_describe_ldaps_settings_request : ?limit:int -> ?next_token:string -> ?type_:ldaps_type -> directory_id:string -> unit -> describe_ldaps_settings_request
val make_describe_event_topics_request : ?topic_names:string list -> ?directory_id:string -> unit -> describe_event_topics_request
val make_describe_domain_controllers_request : ?limit:int -> ?next_token:string -> ?domain_controller_ids:string list -> directory_id:string -> unit -> describe_domain_controllers_request
val make_directory_connect_settings_description : ?connect_ips:string list -> ?availability_zones:string list -> ?security_group_id:string -> ?customer_user_name:string -> ?subnet_ids:string list -> ?vpc_id:string -> unit -> directory_connect_settings_description
val make_directory_description : ?os_version:os_version -> ?regions_info:regions_info -> ?owner_directory_description:owner_directory_description -> ?desired_number_of_domain_controllers:int -> ?sso_enabled:bool -> ?stage_reason:string -> ?radius_status:radius_status -> ?radius_settings:radius_settings -> ?connect_settings:directory_connect_settings_description -> ?vpc_settings:directory_vpc_settings_description -> ?type_:directory_type -> ?stage_last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?launch_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?share_notes:string -> ?share_method:share_method -> ?share_status:share_status -> ?stage:directory_stage -> ?dns_ip_addrs:string list -> ?description:string -> ?access_url:string -> ?alias:string -> ?edition:directory_edition -> ?size:directory_size -> ?short_name:string -> ?name:string -> ?directory_id:string -> unit -> directory_description
val make_describe_directories_request : ?limit:int -> ?next_token:string -> ?directory_ids:string list -> unit -> describe_directories_request
val make_conditional_forwarder : ?replication_scope:replication_scope -> ?dns_ip_addrs:string list -> ?remote_domain_name:string -> unit -> conditional_forwarder
val make_describe_conditional_forwarders_request : ?remote_domain_names:string list -> directory_id:string -> unit -> describe_conditional_forwarders_request
val make_client_authentication_setting_info : ?last_updated_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?status:client_authentication_status -> ?type_:client_authentication_type -> unit -> client_authentication_setting_info
val make_describe_client_authentication_settings_request : ?limit:int -> ?next_token:string -> ?type_:client_authentication_type -> directory_id:string -> unit -> describe_client_authentication_settings_request
val make_certificate : ?client_cert_auth_settings:client_cert_auth_settings -> ?type_:certificate_type -> ?expiry_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?registered_date_time:Smaws_Lib.CoreTypes.Timestamp.t -> ?common_name:string -> ?state_reason:string -> ?state:certificate_state -> ?certificate_id:string -> unit -> certificate
val make_describe_certificate_request : certificate_id:string -> directory_id:string -> unit -> describe_certificate_request
val make_deregister_event_topic_request : topic_name:string -> directory_id:string -> unit -> deregister_event_topic_request
val make_deregister_certificate_request : certificate_id:string -> directory_id:string -> unit -> deregister_certificate_request
val make_delete_trust_request : ?delete_associated_conditional_forwarder:bool -> trust_id:string -> unit -> delete_trust_request
val make_delete_snapshot_request : snapshot_id:string -> unit -> delete_snapshot_request
val make_delete_log_subscription_request : directory_id:string -> unit -> delete_log_subscription_request
val make_delete_directory_request : directory_id:string -> unit -> delete_directory_request
val make_delete_conditional_forwarder_request : remote_domain_name:string -> directory_id:string -> unit -> delete_conditional_forwarder_request
val make_create_trust_request : ?selective_auth:selective_auth -> ?conditional_forwarder_ip_addrs:string list -> ?trust_type:trust_type -> trust_direction:trust_direction -> trust_password:string -> remote_domain_name:string -> directory_id:string -> unit -> create_trust_request
val make_create_snapshot_request : ?name:string -> directory_id:string -> unit -> create_snapshot_request
val make_create_microsoft_ad_request : ?tags:tag list -> ?edition:directory_edition -> ?description:string -> ?short_name:string -> vpc_settings:directory_vpc_settings -> password:string -> name:string -> unit -> create_microsoft_ad_request
val make_create_log_subscription_request : log_group_name:string -> directory_id:string -> unit -> create_log_subscription_request
val make_create_directory_request : ?tags:tag list -> ?vpc_settings:directory_vpc_settings -> ?description:string -> ?short_name:string -> size:directory_size -> password:string -> name:string -> unit -> create_directory_request
val make_create_conditional_forwarder_request : dns_ip_addrs:string list -> remote_domain_name:string -> directory_id:string -> unit -> create_conditional_forwarder_request
val make_attribute : ?value:string -> ?name:string -> unit -> attribute
val make_computer : ?computer_attributes:attribute list -> ?computer_name:string -> ?computer_id:string -> unit -> computer
val make_create_computer_request : ?computer_attributes:attribute list -> ?organizational_unit_distinguished_name:string -> password:string -> computer_name:string -> directory_id:string -> unit -> create_computer_request
val make_create_alias_request : alias:string -> directory_id:string -> unit -> create_alias_request
val make_directory_connect_settings : customer_user_name:string -> customer_dns_ips:string list -> subnet_ids:string list -> vpc_id:string -> unit -> directory_connect_settings
val make_connect_directory_request : ?tags:tag list -> ?description:string -> ?short_name:string -> connect_settings:directory_connect_settings -> size:directory_size -> password:string -> name:string -> unit -> connect_directory_request
val make_cancel_schema_extension_request : schema_extension_id:string -> directory_id:string -> unit -> cancel_schema_extension_request
val make_add_tags_to_resource_request : tags:tag list -> resource_id:string -> unit -> add_tags_to_resource_request
val make_add_region_request : vpc_settings:directory_vpc_settings -> region_name:string -> directory_id:string -> unit -> add_region_request
val make_add_ip_routes_request : ?update_security_group_for_directory_controllers:bool -> ip_routes:ip_route list -> directory_id:string -> unit -> add_ip_routes_request
val make_accept_shared_directory_request : shared_directory_id:string -> unit -> accept_shared_directory_request

Operations

module AcceptSharedDirectory : sig ... end

Accepts a directory sharing request that was sent from the directory owner account.

module AddIpRoutes : sig ... end

If the DNS server for your self-managed domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services. AddIpRoutes adds this address block. You can also use AddIpRoutes to facilitate routing traffic that uses public IP ranges from your Microsoft AD on Amazon Web Services to a peer VPC.

module AddRegion : sig ... end

Adds two domain controllers in the specified Region for the specified directory.

module AddTagsToResource : sig ... end

Adds or overwrites one or more tags for the specified directory. Each directory can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique to each resource.

module CancelSchemaExtension : sig ... end

Cancels an in-progress schema extension to a Microsoft AD directory. Once a schema extension has started replicating to all domain controllers, the task can no longer be canceled. A schema extension can be canceled during any of the following states; Initializing, CreatingSnapshot, and UpdatingSchema.

module ConnectDirectory : sig ... end

Creates an AD Connector to connect to a self-managed directory.

module CreateAlias : sig ... end

Creates an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as

module CreateComputer : sig ... end

Creates an Active Directory computer object in the specified directory.

module CreateConditionalForwarder : sig ... end

Creates a conditional forwarder associated with your Amazon Web Services directory. Conditional forwarders are required in order to set up a trust relationship with another domain. The conditional forwarder points to the trusted domain.

module CreateDirectory : sig ... end

Creates a Simple AD directory. For more information, see Simple Active Directory in the Directory Service Admin Guide.

module CreateLogSubscription : sig ... end

Creates a subscription to forward real-time Directory Service domain controller security logs to the specified Amazon CloudWatch log group in your Amazon Web Services account.

module CreateMicrosoftAD : sig ... end

Creates a Microsoft AD directory in the Amazon Web Services Cloud. For more information, see Managed Microsoft AD in the Directory Service Admin Guide.

module CreateSnapshot : sig ... end

Creates a snapshot of a Simple AD or Microsoft AD directory in the Amazon Web Services cloud.

module CreateTrust : sig ... end

Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.

module DeleteConditionalForwarder : sig ... end

Deletes a conditional forwarder that has been set up for your Amazon Web Services directory.

module DeleteDirectory : sig ... end

Deletes an Directory Service directory.

module DeleteLogSubscription : sig ... end

Deletes the specified log subscription.

module DeleteSnapshot : sig ... end

Deletes a directory snapshot.

module DeleteTrust : sig ... end

Deletes an existing trust relationship between your Managed Microsoft AD directory and an external domain.

module DeregisterCertificate : sig ... end

Deletes from the system the certificate that was registered for secure LDAP or client certificate authentication.

module DeregisterEventTopic : sig ... end

Removes the specified directory as a publisher to the specified Amazon SNS topic.

module DescribeCertificate : sig ... end

Displays information about the certificate registered for secure LDAP or client certificate authentication.

Retrieves information about the type of client authentication for the specified directory, if the type is specified. If no type is specified, information about all client authentication types that are supported for the specified directory is retrieved. Currently, only SmartCard is supported.

module DescribeConditionalForwarders : sig ... end

Obtains information about the conditional forwarders for this account.

module DescribeDirectories : sig ... end

Obtains information about the directories that belong to this account.

module DescribeDomainControllers : sig ... end

Provides information about any domain controllers in your directory.

module DescribeEventTopics : sig ... end

Obtains information about which Amazon SNS topics receive status messages from the specified directory.

module DescribeLDAPSSettings : sig ... end

Describes the status of LDAP security for the specified directory.

module DescribeRegions : sig ... end

Provides information about the Regions that are configured for multi-Region replication.

module DescribeSettings : sig ... end

Retrieves information about the configurable settings for the specified directory.

module DescribeSharedDirectories : sig ... end

Returns the shared directories in your account.

module DescribeSnapshots : sig ... end

Obtains information about the directory snapshots that belong to this account.

module DescribeTrusts : sig ... end

Obtains information about the trust relationships for this account.

module DescribeUpdateDirectory : sig ... end

Describes the updates of a directory for a particular update type.

module DisableClientAuthentication : sig ... end

Disables alternative client authentication methods for the specified directory.

module DisableLDAPS : sig ... end

Deactivates LDAP secure calls for the specified directory.

module DisableRadius : sig ... end

Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.

module DisableSso : sig ... end

Disables single-sign on for a directory.

module EnableClientAuthentication : sig ... end

Enables alternative client authentication methods for the specified directory.

module EnableLDAPS : sig ... end

Activates the switch for the specific directory to always use LDAP secure calls.

module EnableRadius : sig ... end

Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.

module EnableSso : sig ... end

Enables single sign-on for a directory. Single sign-on allows users in your directory to access certain Amazon Web Services services from a computer joined to the directory without having to enter their credentials separately.

module GetDirectoryLimits : sig ... end

Obtains directory limit information for the current Region.

module GetSnapshotLimits : sig ... end

Obtains the manual snapshot limits for a directory.

module ListCertificates : sig ... end

For the specified directory, lists all the certificates registered for a secure LDAP or client certificate authentication.

module ListIpRoutes : sig ... end

Lists the address blocks that you have added to a directory.

module ListLogSubscriptions : sig ... end

Lists the active log subscriptions for the Amazon Web Services account.

module ListSchemaExtensions : sig ... end

Lists all schema extensions applied to a Microsoft AD Directory.

module ListTagsForResource : sig ... end

Lists all tags on a directory.

module RegisterCertificate : sig ... end

Registers a certificate for a secure LDAP or client certificate authentication.

module RegisterEventTopic : sig ... end

Associates a directory with an Amazon SNS topic. This establishes the directory as a publisher to the specified Amazon SNS topic. You can then receive email or text (SMS) messages when the status of your directory changes. You get notified if your directory goes from an Active status to an Impaired or Inoperable status. You also receive a notification when the directory returns to an Active status.

module RejectSharedDirectory : sig ... end

Rejects a directory sharing request that was sent from the directory owner account.

module RemoveIpRoutes : sig ... end

Removes IP address blocks from a directory.

module RemoveRegion : sig ... end

Stops all replication and removes the domain controllers from the specified Region. You cannot remove the primary Region with this operation. Instead, use the DeleteDirectory API.

module RemoveTagsFromResource : sig ... end

Removes tags from a directory.

module ResetUserPassword : sig ... end

Resets the password for any user in your Managed Microsoft AD or Simple AD directory.

module RestoreFromSnapshot : sig ... end

Restores a directory using an existing directory snapshot.

module ShareDirectory : sig ... end

Shares a specified directory (DirectoryId) in your Amazon Web Services account (directory owner) with another Amazon Web Services account (directory consumer). With this operation you can use your directory from any Amazon Web Services account and from any Amazon VPC within an Amazon Web Services Region.

module StartSchemaExtension : sig ... end

Applies a schema extension to a Microsoft AD directory.

module UnshareDirectory : sig ... end

Stops the directory sharing between the directory owner and consumer accounts.

module UpdateConditionalForwarder : sig ... end

Updates a conditional forwarder that has been set up for your Amazon Web Services directory.

module UpdateDirectorySetup : sig ... end

Updates the directory for a particular update type.

module UpdateNumberOfDomainControllers : sig ... end

Adds or removes domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request.

module UpdateRadius : sig ... end

Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector or Microsoft AD directory.

module UpdateSettings : sig ... end

Updates the configurable settings for the specified directory.

module UpdateTrust : sig ... end

Updates the trust that has been set up between your Managed Microsoft AD directory and an self-managed Active Directory.

module VerifyTrust : sig ... end

Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships.