1{ 2 "version": "2.0", 3 "service": "<fullname>Directory Service</fullname> <p>Directory Service is a web service that makes it easy for you to setup and run directories in the Amazon Web Services cloud, or connect your Amazon Web Services resources with an existing self-managed Microsoft Active Directory. This guide provides detailed information about Directory Service operations, data types, parameters, and errors. For information about Directory Services features, see <a href=\"https://aws.amazon.com/directoryservice/\">Directory Service</a> and the <a href=\"http://docs.aws.amazon.com/directoryservice/latest/admin-guide/what_is.html\">Directory Service Administration Guide</a>.</p> <note> <p>Amazon Web Services provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .Net, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to Directory Service and other Amazon Web Services services. For more information about the Amazon Web Services SDKs, including how to download and install them, see <a href=\"http://aws.amazon.com/tools/\">Tools for Amazon Web Services</a>.</p> </note>", 4 "operations": { 5 "AcceptSharedDirectory": "<p>Accepts a directory sharing request that was sent from the directory owner account.</p>", 6 "AddIpRoutes": "<p>If the DNS server for your self-managed domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services. <i>AddIpRoutes</i> adds this address block. You can also use <i>AddIpRoutes</i> to facilitate routing traffic that uses public IP ranges from your Microsoft AD on Amazon Web Services to a peer VPC. </p> <p>Before you call <i>AddIpRoutes</i>, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the <i>AddIpRoutes</i> operation, see <a href=\"http://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html\">Directory Service API Permissions: Actions, Resources, and Conditions Reference</a>.</p>", 7 "AddRegion": "<p>Adds two domain controllers in the specified Region for the specified directory.</p>", 8 "AddTagsToResource": "<p>Adds or overwrites one or more tags for the specified directory. Each directory can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique to each resource.</p>", 9 "CancelSchemaExtension": "<p>Cancels an in-progress schema extension to a Microsoft AD directory. Once a schema extension has started replicating to all domain controllers, the task can no longer be canceled. A schema extension can be canceled during any of the following states; <code>Initializing</code>, <code>CreatingSnapshot</code>, and <code>UpdatingSchema</code>.</p>", 10 "ConnectDirectory": "<p>Creates an AD Connector to connect to a self-managed directory.</p> <p>Before you call <code>ConnectDirectory</code>, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the <code>ConnectDirectory</code> operation, see <a href=\"http://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html\">Directory Service API Permissions: Actions, Resources, and Conditions Reference</a>.</p>", 11 "CreateAlias": "<p>Creates an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as <code>http://<alias>.awsapps.com</code>.</p> <important> <p>After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.</p> </important>", 12 "CreateComputer": "<p>Creates an Active Directory computer object in the specified directory.</p>", 13 "CreateConditionalForwarder": "<p>Creates a conditional forwarder associated with your Amazon Web Services directory. Conditional forwarders are required in order to set up a trust relationship with another domain. The conditional forwarder points to the trusted domain.</p>", 14 "CreateDirectory": "<p>Creates a Simple AD directory. For more information, see <a href=\"https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_simple_ad.html\">Simple Active Directory</a> in the <i>Directory Service Admin Guide</i>.</p> <p>Before you call <code>CreateDirectory</code>, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the <code>CreateDirectory</code> operation, see <a href=\"http://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html\">Directory Service API Permissions: Actions, Resources, and Conditions Reference</a>.</p>", 15 "CreateLogSubscription": "<p>Creates a subscription to forward real-time Directory Service domain controller security logs to the specified Amazon CloudWatch log group in your Amazon Web Services account.</p>", 16 "CreateMicrosoftAD": "<p>Creates a Microsoft AD directory in the Amazon Web Services Cloud. For more information, see <a href=\"https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html\">Managed Microsoft AD</a> in the <i>Directory Service Admin Guide</i>.</p> <p>Before you call <i>CreateMicrosoftAD</i>, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the <i>CreateMicrosoftAD</i> operation, see <a href=\"http://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html\">Directory Service API Permissions: Actions, Resources, and Conditions Reference</a>.</p>", 17 "CreateSnapshot": "<p>Creates a snapshot of a Simple AD or Microsoft AD directory in the Amazon Web Services cloud.</p> <note> <p>You cannot take snapshots of AD Connector directories.</p> </note>", 18 "CreateTrust": "<p>Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.</p> <p>This action initiates the creation of the Amazon Web Services side of a trust relationship between an Managed Microsoft AD directory and an external domain. You can create either a forest trust or an external trust.</p>", 19 "DeleteConditionalForwarder": "<p>Deletes a conditional forwarder that has been set up for your Amazon Web Services directory.</p>", 20 "DeleteDirectory": "<p>Deletes an Directory Service directory.</p> <p>Before you call <code>DeleteDirectory</code>, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the <code>DeleteDirectory</code> operation, see <a href=\"http://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_ResourcePermissions.html\">Directory Service API Permissions: Actions, Resources, and Conditions Reference</a>.</p>", 21 "DeleteLogSubscription": "<p>Deletes the specified log subscription.</p>", 22 "DeleteSnapshot": "<p>Deletes a directory snapshot.</p>", 23 "DeleteTrust": "<p>Deletes an existing trust relationship between your Managed Microsoft AD directory and an external domain.</p>", 24 "DeregisterCertificate": "<p>Deletes from the system the certificate that was registered for secure LDAP or client certificate authentication.</p>", 25 "DeregisterEventTopic": "<p>Removes the specified directory as a publisher to the specified Amazon SNS topic.</p>", 26 "DescribeCertificate": "<p>Displays information about the certificate registered for secure LDAP or client certificate authentication.</p>", 27 "DescribeClientAuthenticationSettings": "<p>Retrieves information about the type of client authentication for the specified directory, if the type is specified. If no type is specified, information about all client authentication types that are supported for the specified directory is retrieved. Currently, only <code>SmartCard</code> is supported. </p>", 28 "DescribeConditionalForwarders": "<p>Obtains information about the conditional forwarders for this account.</p> <p>If no input parameters are provided for RemoteDomainNames, this request describes all conditional forwarders for the specified directory ID.</p>", 29 "DescribeDirectories": "<p>Obtains information about the directories that belong to this account.</p> <p>You can retrieve information about specific directories by passing the directory identifiers in the <code>DirectoryIds</code> parameter. Otherwise, all directories that belong to the current account are returned.</p> <p>This operation supports pagination with the use of the <code>NextToken</code> request and response parameters. If more results are available, the <code>DescribeDirectoriesResult.NextToken</code> member contains a token that you pass in the next call to <a>DescribeDirectories</a> to retrieve the next set of items.</p> <p>You can also specify a maximum number of return results with the <code>Limit</code> parameter.</p>", 30 "DescribeDomainControllers": "<p>Provides information about any domain controllers in your directory.</p>", 31 "DescribeEventTopics": "<p>Obtains information about which Amazon SNS topics receive status messages from the specified directory.</p> <p>If no input parameters are provided, such as DirectoryId or TopicName, this request describes all of the associations in the account.</p>", 32 "DescribeLDAPSSettings": "<p>Describes the status of LDAP security for the specified directory.</p>", 33 "DescribeRegions": "<p>Provides information about the Regions that are configured for multi-Region replication.</p>", 34 "DescribeSharedDirectories": "<p>Returns the shared directories in your account. </p>", 35 "DescribeSnapshots": "<p>Obtains information about the directory snapshots that belong to this account.</p> <p>This operation supports pagination with the use of the <i>NextToken</i> request and response parameters. If more results are available, the <i>DescribeSnapshots.NextToken</i> member contains a token that you pass in the next call to <a>DescribeSnapshots</a> to retrieve the next set of items.</p> <p>You can also specify a maximum number of return results with the <i>Limit</i> parameter.</p>", 36 "DescribeTrusts": "<p>Obtains information about the trust relationships for this account.</p> <p>If no input parameters are provided, such as DirectoryId or TrustIds, this request describes all the trust relationships belonging to the account.</p>", 37 "DisableClientAuthentication": "<p>Disables alternative client authentication methods for the specified directory. </p>", 38 "DisableLDAPS": "<p>Deactivates LDAP secure calls for the specified directory.</p>", 39 "DisableRadius": "<p>Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.</p>", 40 "DisableSso": "<p>Disables single-sign on for a directory.</p>", 41 "EnableClientAuthentication": "<p>Enables alternative client authentication methods for the specified directory.</p>", 42 "EnableLDAPS": "<p>Activates the switch for the specific directory to always use LDAP secure calls.</p>", 43 "EnableRadius": "<p>Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory.</p>", 44 "EnableSso": "<p>Enables single sign-on for a directory. Single sign-on allows users in your directory to access certain Amazon Web Services services from a computer joined to the directory without having to enter their credentials separately.</p>", 45 "GetDirectoryLimits": "<p>Obtains directory limit information for the current Region.</p>", 46 "GetSnapshotLimits": "<p>Obtains the manual snapshot limits for a directory.</p>", 47 "ListCertificates": "<p>For the specified directory, lists all the certificates registered for a secure LDAP or client certificate authentication.</p>", 48 "ListIpRoutes": "<p>Lists the address blocks that you have added to a directory.</p>", 49 "ListLogSubscriptions": "<p>Lists the active log subscriptions for the Amazon Web Services account.</p>", 50 "ListSchemaExtensions": "<p>Lists all schema extensions applied to a Microsoft AD Directory.</p>", 51 "ListTagsForResource": "<p>Lists all tags on a directory.</p>", 52 "RegisterCertificate": "<p>Registers a certificate for a secure LDAP or client certificate authentication.</p>", 53 "RegisterEventTopic": "<p>Associates a directory with an Amazon SNS topic. This establishes the directory as a publisher to the specified Amazon SNS topic. You can then receive email or text (SMS) messages when the status of your directory changes. You get notified if your directory goes from an Active status to an Impaired or Inoperable status. You also receive a notification when the directory returns to an Active status.</p>", 54 "RejectSharedDirectory": "<p>Rejects a directory sharing request that was sent from the directory owner account.</p>", 55 "RemoveIpRoutes": "<p>Removes IP address blocks from a directory.</p>", 56 "RemoveRegion": "<p>Stops all replication and removes the domain controllers from the specified Region. You cannot remove the primary Region with this operation. Instead, use the <code>DeleteDirectory</code> API.</p>", 57 "RemoveTagsFromResource": "<p>Removes tags from a directory.</p>", 58 "ResetUserPassword": "<p>Resets the password for any user in your Managed Microsoft AD or Simple AD directory.</p> <p>You can reset the password for any user in your directory with the following exceptions:</p> <ul> <li> <p>For Simple AD, you cannot reset the password for any user that is a member of either the <b>Domain Admins</b> or <b>Enterprise Admins</b> group except for the administrator user.</p> </li> <li> <p>For Managed Microsoft AD, you can only reset the password for a user that is in an OU based off of the NetBIOS name that you typed when you created your directory. For example, you cannot reset the password for a user in the <b>Amazon Web Services Reserved</b> OU. For more information about the OU structure for an Managed Microsoft AD directory, see <a href=\"https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_getting_started_what_gets_created.html\">What Gets Created</a> in the <i>Directory Service Administration Guide</i>.</p> </li> </ul>", 59 "RestoreFromSnapshot": "<p>Restores a directory using an existing directory snapshot.</p> <p>When you restore a directory from a snapshot, any changes made to the directory after the snapshot date are overwritten.</p> <p>This action returns as soon as the restore operation is initiated. You can monitor the progress of the restore operation by calling the <a>DescribeDirectories</a> operation with the directory identifier. When the <b>DirectoryDescription.Stage</b> value changes to <code>Active</code>, the restore operation is complete.</p>", 60 "ShareDirectory": "<p>Shares a specified directory (<code>DirectoryId</code>) in your Amazon Web Services account (directory owner) with another Amazon Web Services account (directory consumer). With this operation you can use your directory from any Amazon Web Services account and from any Amazon VPC within an Amazon Web Services Region.</p> <p>When you share your Managed Microsoft AD directory, Directory Service creates a shared directory in the directory consumer account. This shared directory contains the metadata to provide access to the directory within the directory owner account. The shared directory is visible in all VPCs in the directory consumer account.</p> <p>The <code>ShareMethod</code> parameter determines whether the specified directory can be shared between Amazon Web Services accounts inside the same Amazon Web Services organization (<code>ORGANIZATIONS</code>). It also determines whether you can share the directory with any other Amazon Web Services account either inside or outside of the organization (<code>HANDSHAKE</code>).</p> <p>The <code>ShareNotes</code> parameter is only used when <code>HANDSHAKE</code> is called, which sends a directory sharing request to the directory consumer. </p>", 61 "StartSchemaExtension": "<p>Applies a schema extension to a Microsoft AD directory.</p>", 62 "UnshareDirectory": "<p>Stops the directory sharing between the directory owner and consumer accounts. </p>", 63 "UpdateConditionalForwarder": "<p>Updates a conditional forwarder that has been set up for your Amazon Web Services directory.</p>", 64 "UpdateNumberOfDomainControllers": "<p>Adds or removes domain controllers to or from the directory. Based on the difference between current value and new value (provided through this API call), domain controllers will be added or removed. It may take up to 45 minutes for any new domain controllers to become fully active once the requested number of domain controllers is updated. During this time, you cannot make another update request.</p>", 65 "UpdateRadius": "<p>Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector or Microsoft AD directory.</p>", 66 "UpdateTrust": "<p>Updates the trust that has been set up between your Managed Microsoft AD directory and an self-managed Active Directory.</p>", 67 "VerifyTrust": "<p>Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships.</p> <p>This action verifies a trust relationship between your Managed Microsoft AD directory and an external domain.</p>" 68 }, 69 "shapes": { 70 "AcceptSharedDirectoryRequest": { 71 "base": null, 72 "refs": { 73 } 74 }, 75 "AcceptSharedDirectoryResult": { 76 "base": null, 77 "refs": { 78 } 79 }, 80 "AccessDeniedException": { 81 "base": "<p>Client authentication is not available in this region at this time.</p>", 82 "refs": { 83 } 84 }, 85 "AccessUrl": { 86 "base": null, 87 "refs": { 88 "DirectoryDescription$AccessUrl": "<p>The access URL for the directory, such as <code>http://<alias>.awsapps.com</code>. If no alias has been created for the directory, <code><alias></code> is the directory identifier, such as <code>d-XXXXXXXXXX</code>.</p>" 89 } 90 }, 91 "AddIpRoutesRequest": { 92 "base": null, 93 "refs": { 94 } 95 }, 96 "AddIpRoutesResult": { 97 "base": null, 98 "refs": { 99 } 100 }, 101 "AddRegionRequest": { 102 "base": null, 103 "refs": { 104 } 105 }, 106 "AddRegionResult": { 107 "base": null, 108 "refs": { 109 } 110 }, 111 "AddTagsToResourceRequest": { 112 "base": null, 113 "refs": { 114 } 115 }, 116 "AddTagsToResourceResult": { 117 "base": null, 118 "refs": { 119 } 120 }, 121 "AddedDateTime": { 122 "base": null, 123 "refs": { 124 "IpRouteInfo$AddedDateTime": "<p>The date and time the address block was added to the directory.</p>" 125 } 126 }, 127 "AdditionalRegions": { 128 "base": null, 129 "refs": { 130 "RegionsInfo$AdditionalRegions": "<p>Lists the Regions where the directory has been replicated, excluding the primary Region.</p>" 131 } 132 }, 133 "AliasName": { 134 "base": null, 135 "refs": { 136 "CreateAliasRequest$Alias": "<p>The requested alias.</p> <p>The alias must be unique amongst all aliases in Amazon Web Services. This operation throws an <code>EntityAlreadyExistsException</code> error if the alias already exists.</p>", 137 "CreateAliasResult$Alias": "<p>The alias for the directory.</p>", 138 "DirectoryDescription$Alias": "<p>The alias for the directory. If no alias has been created for the directory, the alias is the directory identifier, such as <code>d-XXXXXXXXXX</code>.</p>" 139 } 140 }, 141 "Attribute": { 142 "base": "<p>Represents a named directory attribute.</p>", 143 "refs": { 144 "Attributes$member": null 145 } 146 }, 147 "AttributeName": { 148 "base": null, 149 "refs": { 150 "Attribute$Name": "<p>The name of the attribute.</p>" 151 } 152 }, 153 "AttributeValue": { 154 "base": null, 155 "refs": { 156 "Attribute$Value": "<p>The value of the attribute.</p>" 157 } 158 }, 159 "Attributes": { 160 "base": null, 161 "refs": { 162 "Computer$ComputerAttributes": "<p>An array of <a>Attribute</a> objects containing the LDAP attributes that belong to the computer account.</p>", 163 "CreateComputerRequest$ComputerAttributes": "<p>An array of <a>Attribute</a> objects that contain any LDAP attributes to apply to the computer account.</p>" 164 } 165 }, 166 "AuthenticationFailedException": { 167 "base": "<p>An authentication error occurred.</p>", 168 "refs": { 169 } 170 }, 171 "AvailabilityZone": { 172 "base": null, 173 "refs": { 174 "AvailabilityZones$member": null, 175 "DomainController$AvailabilityZone": "<p>The Availability Zone where the domain controller is located.</p>" 176 } 177 }, 178 "AvailabilityZones": { 179 "base": null, 180 "refs": { 181 "DirectoryConnectSettingsDescription$AvailabilityZones": "<p>A list of the Availability Zones that the directory is in.</p>", 182 "DirectoryVpcSettingsDescription$AvailabilityZones": "<p>The list of Availability Zones that the directory is in.</p>" 183 } 184 }, 185 "CancelSchemaExtensionRequest": { 186 "base": null, 187 "refs": { 188 } 189 }, 190 "CancelSchemaExtensionResult": { 191 "base": null, 192 "refs": { 193 } 194 }, 195 "Certificate": { 196 "base": "<p>Information about the certificate.</p>", 197 "refs": { 198 "DescribeCertificateResult$Certificate": "<p>Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.</p>" 199 } 200 }, 201 "CertificateAlreadyExistsException": { 202 "base": "<p>The certificate has already been registered into the system.</p>", 203 "refs": { 204 } 205 }, 206 "CertificateCN": { 207 "base": null, 208 "refs": { 209 "Certificate$CommonName": "<p>The common name for the certificate.</p>", 210 "CertificateInfo$CommonName": "<p>The common name for the certificate.</p>" 211 } 212 }, 213 "CertificateData": { 214 "base": null, 215 "refs": { 216 "RegisterCertificateRequest$CertificateData": "<p>The certificate PEM string that needs to be registered.</p>" 217 } 218 }, 219 "CertificateDoesNotExistException": { 220 "base": "<p>The certificate is not present in the system for describe or deregister activities.</p>", 221 "refs": { 222 } 223 }, 224 "CertificateExpiryDateTime": { 225 "base": null, 226 "refs": { 227 "Certificate$ExpiryDateTime": "<p>The date and time when the certificate will expire.</p>", 228 "CertificateInfo$ExpiryDateTime": "<p>The date and time when the certificate will expire.</p>" 229 } 230 }, 231 "CertificateId": { 232 "base": null, 233 "refs": { 234 "Certificate$CertificateId": "<p>The identifier of the certificate.</p>", 235 "CertificateInfo$CertificateId": "<p>The identifier of the certificate.</p>", 236 "DeregisterCertificateRequest$CertificateId": "<p>The identifier of the certificate.</p>", 237 "DescribeCertificateRequest$CertificateId": "<p>The identifier of the certificate.</p>", 238 "RegisterCertificateResult$CertificateId": "<p>The identifier of the certificate.</p>" 239 } 240 }, 241 "CertificateInUseException": { 242 "base": "<p>The certificate is being used for the LDAP security connection and cannot be removed without disabling LDAP security.</p>", 243 "refs": { 244 } 245 }, 246 "CertificateInfo": { 247 "base": "<p>Contains general information about a certificate.</p>", 248 "refs": { 249 "CertificatesInfo$member": null 250 } 251 }, 252 "CertificateLimitExceededException": { 253 "base": "<p>The certificate could not be added because the certificate limit has been reached.</p>", 254 "refs": { 255 } 256 }, 257 "CertificateRegisteredDateTime": { 258 "base": null, 259 "refs": { 260 "Certificate$RegisteredDateTime": "<p>The date and time that the certificate was registered.</p>" 261 } 262 }, 263 "CertificateState": { 264 "base": null, 265 "refs": { 266 "Certificate$State": "<p>The state of the certificate.</p>", 267 "CertificateInfo$State": "<p>The state of the certificate.</p>" 268 } 269 }, 270 "CertificateStateReason": { 271 "base": null, 272 "refs": { 273 "Certificate$StateReason": "<p>Describes a state change for the certificate.</p>" 274 } 275 }, 276 "CertificateType": { 277 "base": null, 278 "refs": { 279 "Certificate$Type": "<p>The function that the registered certificate performs. Valid values include <code>ClientLDAPS</code> or <code>ClientCertAuth</code>. The default value is <code>ClientLDAPS</code>.</p>", 280 "CertificateInfo$Type": "<p>The function that the registered certificate performs. Valid values include <code>ClientLDAPS</code> or <code>ClientCertAuth</code>. The default value is <code>ClientLDAPS</code>.</p>", 281 "RegisterCertificateRequest$Type": "<p>The function that the registered certificate performs. Valid values include <code>ClientLDAPS</code> or <code>ClientCertAuth</code>. The default value is <code>ClientLDAPS</code>.</p>" 282 } 283 }, 284 "CertificatesInfo": { 285 "base": null, 286 "refs": { 287 "ListCertificatesResult$CertificatesInfo": "<p>A list of certificates with basic details including certificate ID, certificate common name, certificate state.</p>" 288 } 289 }, 290 "CidrIp": { 291 "base": null, 292 "refs": { 293 "CidrIps$member": null, 294 "IpRoute$CidrIp": "<p>IP address block using CIDR format, for example 10.0.0.0/24. This is often the address block of the DNS server used for your self-managed domain. For a single IP address use a CIDR address block with /32. For example 10.0.0.0/32.</p>", 295 "IpRouteInfo$CidrIp": "<p>IP address block in the <a>IpRoute</a>.</p>" 296 } 297 }, 298 "CidrIps": { 299 "base": null, 300 "refs": { 301 "RemoveIpRoutesRequest$CidrIps": "<p>IP address blocks that you want to remove.</p>" 302 } 303 }, 304 "ClientAuthenticationSettingInfo": { 305 "base": "<p>Contains information about a client authentication method for a directory.</p>", 306 "refs": { 307 "ClientAuthenticationSettingsInfo$member": null 308 } 309 }, 310 "ClientAuthenticationSettingsInfo": { 311 "base": null, 312 "refs": { 313 "DescribeClientAuthenticationSettingsResult$ClientAuthenticationSettingsInfo": "<p>Information about the type of client authentication for the specified directory. The following information is retrieved: The date and time when the status of the client authentication type was last updated, whether the client authentication type is enabled or disabled, and the type of client authentication.</p>" 314 } 315 }, 316 "ClientAuthenticationStatus": { 317 "base": null, 318 "refs": { 319 "ClientAuthenticationSettingInfo$Status": "<p>Whether the client authentication type is enabled or disabled for the specified directory.</p>" 320 } 321 }, 322 "ClientAuthenticationType": { 323 "base": null, 324 "refs": { 325 "ClientAuthenticationSettingInfo$Type": "<p>The type of client authentication for the specified directory. If no type is specified, a list of all client authentication types that are supported for the directory is retrieved. </p>", 326 "DescribeClientAuthenticationSettingsRequest$Type": "<p>The type of client authentication for which to retrieve information. If no type is specified, a list of all client authentication types that are supported for the specified directory is retrieved.</p>", 327 "DisableClientAuthenticationRequest$Type": "<p>The type of client authentication to disable. Currently, only the parameter, <code>SmartCard</code> is supported.</p>", 328 "EnableClientAuthenticationRequest$Type": "<p>The type of client authentication to enable. Currently only the value <code>SmartCard</code> is supported. Smart card authentication in AD Connector requires that you enable Kerberos Constrained Delegation for the Service User to the LDAP service in your self-managed AD. </p>" 329 } 330 }, 331 "ClientCertAuthSettings": { 332 "base": "<p>Contains information about the client certificate authentication settings for the <code>RegisterCertificate</code> and <code>DescribeCertificate</code> operations. </p>", 333 "refs": { 334 "Certificate$ClientCertAuthSettings": "<p>A <code>ClientCertAuthSettings</code> object that contains client certificate authentication settings.</p>", 335 "RegisterCertificateRequest$ClientCertAuthSettings": "<p>A <code>ClientCertAuthSettings</code> object that contains client certificate authentication settings.</p>" 336 } 337 }, 338 "ClientException": { 339 "base": "<p>A client exception has occurred.</p>", 340 "refs": { 341 } 342 }, 343 "CloudOnlyDirectoriesLimitReached": { 344 "base": null, 345 "refs": { 346 "DirectoryLimits$CloudOnlyDirectoriesLimitReached": "<p>Indicates if the cloud directory limit has been reached.</p>", 347 "DirectoryLimits$CloudOnlyMicrosoftADLimitReached": "<p>Indicates if the Managed Microsoft AD directory limit has been reached.</p>" 348 } 349 }, 350 "Computer": { 351 "base": "<p>Contains information about a computer account in a directory.</p>", 352 "refs": { 353 "CreateComputerResult$Computer": "<p>A <a>Computer</a> object that represents the computer account.</p>" 354 } 355 }, 356 "ComputerName": { 357 "base": null, 358 "refs": { 359 "Computer$ComputerName": "<p>The computer name.</p>", 360 "CreateComputerRequest$ComputerName": "<p>The name of the computer account.</p>" 361 } 362 }, 363 "ComputerPassword": { 364 "base": null, 365 "refs": { 366 "CreateComputerRequest$Password": "<p>A one-time password that is used to join the computer to the directory. You should generate a random, strong password to use for this parameter.</p>" 367 } 368 }, 369 "ConditionalForwarder": { 370 "base": "<p>Points to a remote domain with which you are setting up a trust relationship. Conditional forwarders are required in order to set up a trust relationship with another domain.</p>", 371 "refs": { 372 "ConditionalForwarders$member": null 373 } 374 }, 375 "ConditionalForwarders": { 376 "base": null, 377 "refs": { 378 "DescribeConditionalForwardersResult$ConditionalForwarders": "<p>The list of conditional forwarders that have been created.</p>" 379 } 380 }, 381 "ConnectDirectoryRequest": { 382 "base": "<p>Contains the inputs for the <a>ConnectDirectory</a> operation.</p>", 383 "refs": { 384 } 385 }, 386 "ConnectDirectoryResult": { 387 "base": "<p>Contains the results of the <a>ConnectDirectory</a> operation.</p>", 388 "refs": { 389 } 390 }, 391 "ConnectPassword": { 392 "base": null, 393 "refs": { 394 "ConnectDirectoryRequest$Password": "<p>The password for your self-managed user account.</p>", 395 "DisableSsoRequest$Password": "<p>The password of an alternate account to use to disable single-sign on. This is only used for AD Connector directories. For more information, see the <i>UserName</i> parameter.</p>", 396 "EnableSsoRequest$Password": "<p>The password of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. For more information, see the <i>UserName</i> parameter.</p>" 397 } 398 }, 399 "ConnectedDirectoriesLimitReached": { 400 "base": null, 401 "refs": { 402 "DirectoryLimits$ConnectedDirectoriesLimitReached": "<p>Indicates if the connected directory limit has been reached.</p>" 403 } 404 }, 405 "CreateAliasRequest": { 406 "base": "<p>Contains the inputs for the <a>CreateAlias</a> operation.</p>", 407 "refs": { 408 } 409 }, 410 "CreateAliasResult": { 411 "base": "<p>Contains the results of the <a>CreateAlias</a> operation.</p>", 412 "refs": { 413 } 414 }, 415 "CreateComputerRequest": { 416 "base": "<p>Contains the inputs for the <a>CreateComputer</a> operation.</p>", 417 "refs": { 418 } 419 }, 420 "CreateComputerResult": { 421 "base": "<p>Contains the results for the <a>CreateComputer</a> operation.</p>", 422 "refs": { 423 } 424 }, 425 "CreateConditionalForwarderRequest": { 426 "base": "<p>Initiates the creation of a conditional forwarder for your Directory Service for Microsoft Active Directory. Conditional forwarders are required in order to set up a trust relationship with another domain.</p>", 427 "refs": { 428 } 429 }, 430 "CreateConditionalForwarderResult": { 431 "base": "<p>The result of a CreateConditinalForwarder request.</p>", 432 "refs": { 433 } 434 }, 435 "CreateDirectoryRequest": { 436 "base": "<p>Contains the inputs for the <a>CreateDirectory</a> operation. </p>", 437 "refs": { 438 } 439 }, 440 "CreateDirectoryResult": { 441 "base": "<p>Contains the results of the <a>CreateDirectory</a> operation.</p>", 442 "refs": { 443 } 444 }, 445 "CreateLogSubscriptionRequest": { 446 "base": null, 447 "refs": { 448 } 449 }, 450 "CreateLogSubscriptionResult": { 451 "base": null, 452 "refs": { 453 } 454 }, 455 "CreateMicrosoftADRequest": { 456 "base": "<p>Creates an Managed Microsoft AD directory.</p>", 457 "refs": { 458 } 459 }, 460 "CreateMicrosoftADResult": { 461 "base": "<p>Result of a CreateMicrosoftAD request.</p>", 462 "refs": { 463 } 464 }, 465 "CreateSnapshotBeforeSchemaExtension": { 466 "base": null, 467 "refs": { 468 "StartSchemaExtensionRequest$CreateSnapshotBeforeSchemaExtension": "<p>If true, creates a snapshot of the directory before applying the schema extension.</p>" 469 } 470 }, 471 "CreateSnapshotRequest": { 472 "base": "<p>Contains the inputs for the <a>CreateSnapshot</a> operation.</p>", 473 "refs": { 474 } 475 }, 476 "CreateSnapshotResult": { 477 "base": "<p>Contains the results of the <a>CreateSnapshot</a> operation.</p>", 478 "refs": { 479 } 480 }, 481 "CreateTrustRequest": { 482 "base": "<p>Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.</p> <p>This action initiates the creation of the Amazon Web Services side of a trust relationship between an Managed Microsoft AD directory and an external domain.</p>", 483 "refs": { 484 } 485 }, 486 "CreateTrustResult": { 487 "base": "<p>The result of a CreateTrust request.</p>", 488 "refs": { 489 } 490 }, 491 "CreatedDateTime": { 492 "base": null, 493 "refs": { 494 "EventTopic$CreatedDateTime": "<p>The date and time of when you associated your directory with the Amazon SNS topic.</p>", 495 "SharedDirectory$CreatedDateTime": "<p>The date and time that the shared directory was created.</p>", 496 "Trust$CreatedDateTime": "<p>The date and time that the trust relationship was created.</p>" 497 } 498 }, 499 "CustomerId": { 500 "base": null, 501 "refs": { 502 "OwnerDirectoryDescription$AccountId": "<p>Identifier of the directory owner account.</p>", 503 "SharedDirectory$OwnerAccountId": "<p>Identifier of the directory owner account, which contains the directory that has been shared to the consumer account.</p>", 504 "SharedDirectory$SharedAccountId": "<p>Identifier of the directory consumer account that has access to the shared directory (<code>OwnerDirectoryId</code>) in the directory owner account.</p>" 505 } 506 }, 507 "CustomerUserName": { 508 "base": null, 509 "refs": { 510 "ResetUserPasswordRequest$UserName": "<p>The user name of the user whose password will be reset.</p>" 511 } 512 }, 513 "DeleteAssociatedConditionalForwarder": { 514 "base": null, 515 "refs": { 516 "DeleteTrustRequest$DeleteAssociatedConditionalForwarder": "<p>Delete a conditional forwarder as part of a DeleteTrustRequest.</p>" 517 } 518 }, 519 "DeleteConditionalForwarderRequest": { 520 "base": "<p>Deletes a conditional forwarder.</p>", 521 "refs": { 522 } 523 }, 524 "DeleteConditionalForwarderResult": { 525 "base": "<p>The result of a DeleteConditionalForwarder request.</p>", 526 "refs": { 527 } 528 }, 529 "DeleteDirectoryRequest": { 530 "base": "<p>Contains the inputs for the <a>DeleteDirectory</a> operation.</p>", 531 "refs": { 532 } 533 }, 534 "DeleteDirectoryResult": { 535 "base": "<p>Contains the results of the <a>DeleteDirectory</a> operation.</p>", 536 "refs": { 537 } 538 }, 539 "DeleteLogSubscriptionRequest": { 540 "base": null, 541 "refs": { 542 } 543 }, 544 "DeleteLogSubscriptionResult": { 545 "base": null, 546 "refs": { 547 } 548 }, 549 "DeleteSnapshotRequest": { 550 "base": "<p>Contains the inputs for the <a>DeleteSnapshot</a> operation.</p>", 551 "refs": { 552 } 553 }, 554 "DeleteSnapshotResult": { 555 "base": "<p>Contains the results of the <a>DeleteSnapshot</a> operation.</p>", 556 "refs": { 557 } 558 }, 559 "DeleteTrustRequest": { 560 "base": "<p>Deletes the local side of an existing trust relationship between the Managed Microsoft AD directory and the external domain.</p>", 561 "refs": { 562 } 563 }, 564 "DeleteTrustResult": { 565 "base": "<p>The result of a DeleteTrust request.</p>", 566 "refs": { 567 } 568 }, 569 "DeregisterCertificateRequest": { 570 "base": null, 571 "refs": { 572 } 573 }, 574 "DeregisterCertificateResult": { 575 "base": null, 576 "refs": { 577 } 578 }, 579 "DeregisterEventTopicRequest": { 580 "base": "<p>Removes the specified directory as a publisher to the specified Amazon SNS topic.</p>", 581 "refs": { 582 } 583 }, 584 "DeregisterEventTopicResult": { 585 "base": "<p>The result of a DeregisterEventTopic request.</p>", 586 "refs": { 587 } 588 }, 589 "DescribeCertificateRequest": { 590 "base": null, 591 "refs": { 592 } 593 }, 594 "DescribeCertificateResult": { 595 "base": null, 596 "refs": { 597 } 598 }, 599 "DescribeClientAuthenticationSettingsRequest": { 600 "base": null, 601 "refs": { 602 } 603 }, 604 "DescribeClientAuthenticationSettingsResult": { 605 "base": null, 606 "refs": { 607 } 608 }, 609 "DescribeConditionalForwardersRequest": { 610 "base": "<p>Describes a conditional forwarder.</p>", 611 "refs": { 612 } 613 }, 614 "DescribeConditionalForwardersResult": { 615 "base": "<p>The result of a DescribeConditionalForwarder request.</p>", 616 "refs": { 617 } 618 }, 619 "DescribeDirectoriesRequest": { 620 "base": "<p>Contains the inputs for the <a>DescribeDirectories</a> operation.</p>", 621 "refs": { 622 } 623 }, 624 "DescribeDirectoriesResult": { 625 "base": "<p>Contains the results of the <a>DescribeDirectories</a> operation.</p>", 626 "refs": { 627 } 628 }, 629 "DescribeDomainControllersRequest": { 630 "base": null, 631 "refs": { 632 } 633 }, 634 "DescribeDomainControllersResult": { 635 "base": null, 636 "refs": { 637 } 638 }, 639 "DescribeEventTopicsRequest": { 640 "base": "<p>Describes event topics.</p>", 641 "refs": { 642 } 643 }, 644 "DescribeEventTopicsResult": { 645 "base": "<p>The result of a DescribeEventTopic request.</p>", 646 "refs": { 647 } 648 }, 649 "DescribeLDAPSSettingsRequest": { 650 "base": null, 651 "refs": { 652 } 653 }, 654 "DescribeLDAPSSettingsResult": { 655 "base": null, 656 "refs": { 657 } 658 }, 659 "DescribeRegionsRequest": { 660 "base": null, 661 "refs": { 662 } 663 }, 664 "DescribeRegionsResult": { 665 "base": null, 666 "refs": { 667 } 668 }, 669 "DescribeSharedDirectoriesRequest": { 670 "base": null, 671 "refs": { 672 } 673 }, 674 "DescribeSharedDirectoriesResult": { 675 "base": null, 676 "refs": { 677 } 678 }, 679 "DescribeSnapshotsRequest": { 680 "base": "<p>Contains the inputs for the <a>DescribeSnapshots</a> operation.</p>", 681 "refs": { 682 } 683 }, 684 "DescribeSnapshotsResult": { 685 "base": "<p>Contains the results of the <a>DescribeSnapshots</a> operation.</p>", 686 "refs": { 687 } 688 }, 689 "DescribeTrustsRequest": { 690 "base": "<p>Describes the trust relationships for a particular Managed Microsoft AD directory. If no input parameters are provided, such as directory ID or trust ID, this request describes all the trust relationships.</p>", 691 "refs": { 692 } 693 }, 694 "DescribeTrustsResult": { 695 "base": "<p>The result of a DescribeTrust request.</p>", 696 "refs": { 697 } 698 }, 699 "Description": { 700 "base": null, 701 "refs": { 702 "ConnectDirectoryRequest$Description": "<p>A description for the directory.</p>", 703 "CreateDirectoryRequest$Description": "<p>A description for the directory.</p>", 704 "CreateMicrosoftADRequest$Description": "<p>A description for the directory. This label will appear on the Amazon Web Services console <code>Directory Details</code> page after the directory is created.</p>", 705 "DirectoryDescription$Description": "<p>The description for the directory.</p>", 706 "IpRoute$Description": "<p>Description of the address block.</p>", 707 "IpRouteInfo$Description": "<p>Description of the <a>IpRouteInfo</a>.</p>", 708 "SchemaExtensionInfo$Description": "<p>A description of the schema extension.</p>", 709 "StartSchemaExtensionRequest$Description": "<p>A description of the schema extension.</p>" 710 } 711 }, 712 "DesiredNumberOfDomainControllers": { 713 "base": null, 714 "refs": { 715 "DirectoryDescription$DesiredNumberOfDomainControllers": "<p>The desired number of domain controllers in the directory if the directory is Microsoft AD.</p>", 716 "RegionDescription$DesiredNumberOfDomainControllers": "<p>The desired number of domain controllers in the specified Region for the specified directory.</p>", 717 "UpdateNumberOfDomainControllersRequest$DesiredNumber": "<p>The number of domain controllers desired in the directory.</p>" 718 } 719 }, 720 "DirectoryAlreadyInRegionException": { 721 "base": "<p>The Region you specified is the same Region where the Managed Microsoft AD directory was created. Specify a different Region and try again.</p>", 722 "refs": { 723 } 724 }, 725 "DirectoryAlreadySharedException": { 726 "base": "<p>The specified directory has already been shared with this Amazon Web Services account.</p>", 727 "refs": { 728 } 729 }, 730 "DirectoryConnectSettings": { 731 "base": "<p>Contains information for the <a>ConnectDirectory</a> operation when an AD Connector directory is being created.</p>", 732 "refs": { 733 "ConnectDirectoryRequest$ConnectSettings": "<p>A <a>DirectoryConnectSettings</a> object that contains additional information for the operation.</p>" 734 } 735 }, 736 "DirectoryConnectSettingsDescription": { 737 "base": "<p>Contains information about an AD Connector directory.</p>", 738 "refs": { 739 "DirectoryDescription$ConnectSettings": "<p>A <a>DirectoryConnectSettingsDescription</a> object that contains additional information about an AD Connector directory. This member is only present if the directory is an AD Connector directory.</p>" 740 } 741 }, 742 "DirectoryDescription": { 743 "base": "<p>Contains information about an Directory Service directory.</p>", 744 "refs": { 745 "DirectoryDescriptions$member": null 746 } 747 }, 748 "DirectoryDescriptions": { 749 "base": "<p>A list of directory descriptions.</p>", 750 "refs": { 751 "DescribeDirectoriesResult$DirectoryDescriptions": "<p>The list of <a>DirectoryDescription</a> objects that were retrieved.</p> <p>It is possible that this list contains less than the number of items specified in the <code>Limit</code> member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.</p>" 752 } 753 }, 754 "DirectoryDoesNotExistException": { 755 "base": "<p>The specified directory does not exist in the system.</p>", 756 "refs": { 757 } 758 }, 759 "DirectoryEdition": { 760 "base": null, 761 "refs": { 762 "CreateMicrosoftADRequest$Edition": "<p>Managed Microsoft AD is available in two editions: <code>Standard</code> and <code>Enterprise</code>. <code>Enterprise</code> is the default.</p>", 763 "DirectoryDescription$Edition": "<p>The edition associated with this directory.</p>" 764 } 765 }, 766 "DirectoryId": { 767 "base": null, 768 "refs": { 769 "AcceptSharedDirectoryRequest$SharedDirectoryId": "<p>Identifier of the shared directory in the directory consumer account. This identifier is different for each directory owner account. </p>", 770 "AddIpRoutesRequest$DirectoryId": "<p>Identifier (ID) of the directory to which to add the address block.</p>", 771 "AddRegionRequest$DirectoryId": "<p>The identifier of the directory to which you want to add Region replication.</p>", 772 "CancelSchemaExtensionRequest$DirectoryId": "<p>The identifier of the directory whose schema extension will be canceled.</p>", 773 "ConnectDirectoryResult$DirectoryId": "<p>The identifier of the new directory.</p>", 774 "CreateAliasRequest$DirectoryId": "<p>The identifier of the directory for which to create the alias.</p>", 775 "CreateAliasResult$DirectoryId": "<p>The identifier of the directory.</p>", 776 "CreateComputerRequest$DirectoryId": "<p>The identifier of the directory in which to create the computer account.</p>", 777 "CreateConditionalForwarderRequest$DirectoryId": "<p>The directory ID of the Amazon Web Services directory for which you are creating the conditional forwarder.</p>", 778 "CreateDirectoryResult$DirectoryId": "<p>The identifier of the directory that was created.</p>", 779 "CreateLogSubscriptionRequest$DirectoryId": "<p>Identifier of the directory to which you want to subscribe and receive real-time logs to your specified CloudWatch log group.</p>", 780 "CreateMicrosoftADResult$DirectoryId": "<p>The identifier of the directory that was created.</p>", 781 "CreateSnapshotRequest$DirectoryId": "<p>The identifier of the directory of which to take a snapshot.</p>", 782 "CreateTrustRequest$DirectoryId": "<p>The Directory ID of the Managed Microsoft AD directory for which to establish the trust relationship.</p>", 783 "DeleteConditionalForwarderRequest$DirectoryId": "<p>The directory ID for which you are deleting the conditional forwarder.</p>", 784 "DeleteDirectoryRequest$DirectoryId": "<p>The identifier of the directory to delete.</p>", 785 "DeleteDirectoryResult$DirectoryId": "<p>The directory identifier.</p>", 786 "DeleteLogSubscriptionRequest$DirectoryId": "<p>Identifier of the directory whose log subscription you want to delete.</p>", 787 "DeregisterCertificateRequest$DirectoryId": "<p>The identifier of the directory.</p>", 788 "DeregisterEventTopicRequest$DirectoryId": "<p>The Directory ID to remove as a publisher. This directory will no longer send messages to the specified Amazon SNS topic.</p>", 789 "DescribeCertificateRequest$DirectoryId": "<p>The identifier of the directory.</p>", 790 "DescribeClientAuthenticationSettingsRequest$DirectoryId": "<p>The identifier of the directory for which to retrieve information.</p>", 791 "DescribeConditionalForwardersRequest$DirectoryId": "<p>The directory ID for which to get the list of associated conditional forwarders.</p>", 792 "DescribeDomainControllersRequest$DirectoryId": "<p>Identifier of the directory for which to retrieve the domain controller information.</p>", 793 "DescribeEventTopicsRequest$DirectoryId": "<p>The Directory ID for which to get the list of associated Amazon SNS topics. If this member is null, associations for all Directory IDs are returned.</p>", 794 "DescribeLDAPSSettingsRequest$DirectoryId": "<p>The identifier of the directory.</p>", 795 "DescribeRegionsRequest$DirectoryId": "<p>The identifier of the directory.</p>", 796 "DescribeSharedDirectoriesRequest$OwnerDirectoryId": "<p>Returns the identifier of the directory in the directory owner account. </p>", 797 "DescribeSnapshotsRequest$DirectoryId": "<p>The identifier of the directory for which to retrieve snapshot information.</p>", 798 "DescribeTrustsRequest$DirectoryId": "<p>The Directory ID of the Amazon Web Services directory that is a part of the requested trust relationship.</p>", 799 "DirectoryDescription$DirectoryId": "<p>The directory identifier.</p>", 800 "DirectoryIds$member": null, 801 "DisableClientAuthenticationRequest$DirectoryId": "<p>The identifier of the directory </p>", 802 "DisableLDAPSRequest$DirectoryId": "<p>The identifier of the directory.</p>", 803 "DisableRadiusRequest$DirectoryId": "<p>The identifier of the directory for which to disable MFA.</p>", 804 "DisableSsoRequest$DirectoryId": "<p>The identifier of the directory for which to disable single-sign on.</p>", 805 "DomainController$DirectoryId": "<p>Identifier of the directory where the domain controller resides.</p>", 806 "EnableClientAuthenticationRequest$DirectoryId": "<p>The identifier of the specified directory. </p>", 807 "EnableLDAPSRequest$DirectoryId": "<p>The identifier of the directory.</p>", 808 "EnableRadiusRequest$DirectoryId": "<p>The identifier of the directory for which to enable MFA.</p>", 809 "EnableSsoRequest$DirectoryId": "<p>The identifier of the directory for which to enable single-sign on.</p>", 810 "EventTopic$DirectoryId": "<p>The Directory ID of an Directory Service directory that will publish status messages to an Amazon SNS topic.</p>", 811 "GetSnapshotLimitsRequest$DirectoryId": "<p>Contains the identifier of the directory to obtain the limits for.</p>", 812 "IpRouteInfo$DirectoryId": "<p>Identifier (ID) of the directory associated with the IP addresses.</p>", 813 "ListCertificatesRequest$DirectoryId": "<p>The identifier of the directory.</p>", 814 "ListIpRoutesRequest$DirectoryId": "<p>Identifier (ID) of the directory for which you want to retrieve the IP addresses.</p>", 815 "ListLogSubscriptionsRequest$DirectoryId": "<p>If a <i>DirectoryID</i> is provided, lists only the log subscription associated with that directory. If no <i>DirectoryId</i> is provided, lists all log subscriptions associated with your Amazon Web Services account. If there are no log subscriptions for the Amazon Web Services account or the directory, an empty list will be returned.</p>", 816 "ListSchemaExtensionsRequest$DirectoryId": "<p>The identifier of the directory from which to retrieve the schema extension information.</p>", 817 "LogSubscription$DirectoryId": "<p>Identifier (ID) of the directory that you want to associate with the log subscription.</p>", 818 "OwnerDirectoryDescription$DirectoryId": "<p>Identifier of the Managed Microsoft AD directory in the directory owner account.</p>", 819 "RegionDescription$DirectoryId": "<p>The identifier of the directory.</p>", 820 "RegisterCertificateRequest$DirectoryId": "<p>The identifier of the directory.</p>", 821 "RegisterEventTopicRequest$DirectoryId": "<p>The Directory ID that will publish status messages to the Amazon SNS topic.</p>", 822 "RejectSharedDirectoryRequest$SharedDirectoryId": "<p>Identifier of the shared directory in the directory consumer account. This identifier is different for each directory owner account.</p>", 823 "RejectSharedDirectoryResult$SharedDirectoryId": "<p>Identifier of the shared directory in the directory consumer account.</p>", 824 "RemoveIpRoutesRequest$DirectoryId": "<p>Identifier (ID) of the directory from which you want to remove the IP addresses.</p>", 825 "RemoveRegionRequest$DirectoryId": "<p>The identifier of the directory for which you want to remove Region replication.</p>", 826 "ResetUserPasswordRequest$DirectoryId": "<p>Identifier of the Managed Microsoft AD or Simple AD directory in which the user resides.</p>", 827 "SchemaExtensionInfo$DirectoryId": "<p>The identifier of the directory to which the schema extension is applied.</p>", 828 "ShareDirectoryRequest$DirectoryId": "<p>Identifier of the Managed Microsoft AD directory that you want to share with other Amazon Web Services accounts.</p>", 829 "ShareDirectoryResult$SharedDirectoryId": "<p>Identifier of the directory that is stored in the directory consumer account that is shared from the specified directory (<code>DirectoryId</code>).</p>", 830 "SharedDirectory$OwnerDirectoryId": "<p>Identifier of the directory in the directory owner account. </p>", 831 "SharedDirectory$SharedDirectoryId": "<p>Identifier of the shared directory in the directory consumer account. This identifier is different for each directory owner account.</p>", 832 "Snapshot$DirectoryId": "<p>The directory identifier.</p>", 833 "StartSchemaExtensionRequest$DirectoryId": "<p>The identifier of the directory for which the schema extension will be applied to.</p>", 834 "Trust$DirectoryId": "<p>The Directory ID of the Amazon Web Services directory involved in the trust relationship.</p>", 835 "UnshareDirectoryRequest$DirectoryId": "<p>The identifier of the Managed Microsoft AD directory that you want to stop sharing.</p>", 836 "UnshareDirectoryResult$SharedDirectoryId": "<p>Identifier of the directory stored in the directory consumer account that is to be unshared from the specified directory (<code>DirectoryId</code>).</p>", 837 "UpdateConditionalForwarderRequest$DirectoryId": "<p>The directory ID of the Amazon Web Services directory for which to update the conditional forwarder.</p>", 838 "UpdateNumberOfDomainControllersRequest$DirectoryId": "<p>Identifier of the directory to which the domain controllers will be added or removed.</p>", 839 "UpdateRadiusRequest$DirectoryId": "<p>The identifier of the directory for which to update the RADIUS server information.</p>" 840 } 841 }, 842 "DirectoryIds": { 843 "base": "<p>A list of directory identifiers.</p>", 844 "refs": { 845 "DescribeDirectoriesRequest$DirectoryIds": "<p>A list of identifiers of the directories for which to obtain the information. If this member is null, all directories that belong to the current account are returned.</p> <p>An empty list results in an <code>InvalidParameterException</code> being thrown.</p>", 846 "DescribeSharedDirectoriesRequest$SharedDirectoryIds": "<p>A list of identifiers of all shared directories in your account. </p>" 847 } 848 }, 849 "DirectoryLimitExceededException": { 850 "base": "<p>The maximum number of directories in the region has been reached. You can use the <a>GetDirectoryLimits</a> operation to determine your directory limits in the region.</p>", 851 "refs": { 852 } 853 }, 854 "DirectoryLimits": { 855 "base": "<p>Contains directory limit information for a Region.</p>", 856 "refs": { 857 "GetDirectoryLimitsResult$DirectoryLimits": "<p>A <a>DirectoryLimits</a> object that contains the directory limits for the current Region.</p>" 858 } 859 }, 860 "DirectoryName": { 861 "base": null, 862 "refs": { 863 "ConnectDirectoryRequest$Name": "<p>The fully qualified name of your self-managed directory, such as <code>corp.example.com</code>.</p>", 864 "CreateDirectoryRequest$Name": "<p>The fully qualified name for the directory, such as <code>corp.example.com</code>.</p>", 865 "CreateMicrosoftADRequest$Name": "<p>The fully qualified domain name for the Managed Microsoft AD directory, such as <code>corp.example.com</code>. This name will resolve inside your VPC only. It does not need to be publicly resolvable.</p>", 866 "DirectoryDescription$Name": "<p>The fully qualified name of the directory.</p>" 867 } 868 }, 869 "DirectoryNotSharedException": { 870 "base": "<p>The specified directory has not been shared with this Amazon Web Services account.</p>", 871 "refs": { 872 } 873 }, 874 "DirectoryShortName": { 875 "base": null, 876 "refs": { 877 "ConnectDirectoryRequest$ShortName": "<p>The NetBIOS name of your self-managed directory, such as <code>CORP</code>.</p>", 878 "CreateDirectoryRequest$ShortName": "<p>The NetBIOS name of the directory, such as <code>CORP</code>.</p>", 879 "CreateMicrosoftADRequest$ShortName": "<p>The NetBIOS name for your domain, such as <code>CORP</code>. If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, <code>CORP</code> for the directory DNS <code>corp.example.com</code>. </p>", 880 "DirectoryDescription$ShortName": "<p>The short name of the directory.</p>" 881 } 882 }, 883 "DirectorySize": { 884 "base": null, 885 "refs": { 886 "ConnectDirectoryRequest$Size": "<p>The size of the directory.</p>", 887 "CreateDirectoryRequest$Size": "<p>The size of the directory.</p>", 888 "DirectoryDescription$Size": "<p>The directory size.</p>" 889 } 890 }, 891 "DirectoryStage": { 892 "base": null, 893 "refs": { 894 "DirectoryDescription$Stage": "<p>The current stage of the directory.</p>", 895 "RegionDescription$Status": "<p>The status of the replication process for the specified Region.</p>" 896 } 897 }, 898 "DirectoryType": { 899 "base": null, 900 "refs": { 901 "DirectoryDescription$Type": "<p>The directory size.</p>" 902 } 903 }, 904 "DirectoryUnavailableException": { 905 "base": "<p>The specified directory is unavailable or could not be found.</p>", 906 "refs": { 907 } 908 }, 909 "DirectoryVpcSettings": { 910 "base": "<p>Contains VPC information for the <a>CreateDirectory</a> or <a>CreateMicrosoftAD</a> operation.</p>", 911 "refs": { 912 "AddRegionRequest$VPCSettings": null, 913 "CreateDirectoryRequest$VpcSettings": "<p>A <a>DirectoryVpcSettings</a> object that contains additional information for the operation.</p>", 914 "CreateMicrosoftADRequest$VpcSettings": "<p>Contains VPC information for the <a>CreateDirectory</a> or <a>CreateMicrosoftAD</a> operation.</p>", 915 "RegionDescription$VpcSettings": null 916 } 917 }, 918 "DirectoryVpcSettingsDescription": { 919 "base": "<p>Contains information about the directory.</p>", 920 "refs": { 921 "DirectoryDescription$VpcSettings": "<p>A <a>DirectoryVpcSettingsDescription</a> object that contains additional information about a directory. This member is only present if the directory is a Simple AD or Managed Microsoft AD directory.</p>", 922 "OwnerDirectoryDescription$VpcSettings": "<p>Information about the VPC settings for the directory.</p>" 923 } 924 }, 925 "DisableClientAuthenticationRequest": { 926 "base": null, 927 "refs": { 928 } 929 }, 930 "DisableClientAuthenticationResult": { 931 "base": null, 932 "refs": { 933 } 934 }, 935 "DisableLDAPSRequest": { 936 "base": null, 937 "refs": { 938 } 939 }, 940 "DisableLDAPSResult": { 941 "base": null, 942 "refs": { 943 } 944 }, 945 "DisableRadiusRequest": { 946 "base": "<p>Contains the inputs for the <a>DisableRadius</a> operation.</p>", 947 "refs": { 948 } 949 }, 950 "DisableRadiusResult": { 951 "base": "<p>Contains the results of the <a>DisableRadius</a> operation.</p>", 952 "refs": { 953 } 954 }, 955 "DisableSsoRequest": { 956 "base": "<p>Contains the inputs for the <a>DisableSso</a> operation.</p>", 957 "refs": { 958 } 959 }, 960 "DisableSsoResult": { 961 "base": "<p>Contains the results of the <a>DisableSso</a> operation.</p>", 962 "refs": { 963 } 964 }, 965 "DnsIpAddrs": { 966 "base": null, 967 "refs": { 968 "ConditionalForwarder$DnsIpAddrs": "<p>The IP addresses of the remote DNS server associated with RemoteDomainName. This is the IP address of the DNS server that your conditional forwarder points to.</p>", 969 "CreateConditionalForwarderRequest$DnsIpAddrs": "<p>The IP addresses of the remote DNS server associated with RemoteDomainName.</p>", 970 "CreateTrustRequest$ConditionalForwarderIpAddrs": "<p>The IP addresses of the remote DNS server associated with RemoteDomainName.</p>", 971 "DirectoryConnectSettings$CustomerDnsIps": "<p>A list of one or more IP addresses of DNS servers or domain controllers in your self-managed directory.</p>", 972 "DirectoryDescription$DnsIpAddrs": "<p>The IP addresses of the DNS servers for the directory. For a Simple AD or Microsoft AD directory, these are the IP addresses of the Simple AD or Microsoft AD directory servers. For an AD Connector directory, these are the IP addresses of the DNS servers or domain controllers in your self-managed directory to which the AD Connector is connected.</p>", 973 "OwnerDirectoryDescription$DnsIpAddrs": "<p>IP address of the directory’s domain controllers.</p>", 974 "UpdateConditionalForwarderRequest$DnsIpAddrs": "<p>The updated IP addresses of the remote DNS server associated with the conditional forwarder.</p>" 975 } 976 }, 977 "DomainController": { 978 "base": "<p>Contains information about the domain controllers for a specified directory.</p>", 979 "refs": { 980 "DomainControllers$member": null 981 } 982 }, 983 "DomainControllerId": { 984 "base": null, 985 "refs": { 986 "DomainController$DomainControllerId": "<p>Identifies a specific domain controller in the directory.</p>", 987 "DomainControllerIds$member": null 988 } 989 }, 990 "DomainControllerIds": { 991 "base": null, 992 "refs": { 993 "DescribeDomainControllersRequest$DomainControllerIds": "<p>A list of identifiers for the domain controllers whose information will be provided.</p>" 994 } 995 }, 996 "DomainControllerLimitExceededException": { 997 "base": "<p>The maximum allowed number of domain controllers per directory was exceeded. The default limit per directory is 20 domain controllers.</p>", 998 "refs": { 999 } 1000 }, 1001 "DomainControllerStatus": { 1002 "base": null, 1003 "refs": { 1004 "DomainController$Status": "<p>The status of the domain controller.</p>" 1005 } 1006 }, 1007 "DomainControllerStatusReason": { 1008 "base": null, 1009 "refs": { 1010 "DomainController$StatusReason": "<p>A description of the domain controller state.</p>" 1011 } 1012 }, 1013 "DomainControllers": { 1014 "base": null, 1015 "refs": { 1016 "DescribeDomainControllersResult$DomainControllers": "<p>List of the <a>DomainController</a> objects that were retrieved.</p>" 1017 } 1018 }, 1019 "EnableClientAuthenticationRequest": { 1020 "base": null, 1021 "refs": { 1022 } 1023 }, 1024 "EnableClientAuthenticationResult": { 1025 "base": null, 1026 "refs": { 1027 } 1028 }, 1029 "EnableLDAPSRequest": { 1030 "base": null, 1031 "refs": { 1032 } 1033 }, 1034 "EnableLDAPSResult": { 1035 "base": null, 1036 "refs": { 1037 } 1038 }, 1039 "EnableRadiusRequest": { 1040 "base": "<p>Contains the inputs for the <a>EnableRadius</a> operation.</p>", 1041 "refs": { 1042 } 1043 }, 1044 "EnableRadiusResult": { 1045 "base": "<p>Contains the results of the <a>EnableRadius</a> operation.</p>", 1046 "refs": { 1047 } 1048 }, 1049 "EnableSsoRequest": { 1050 "base": "<p>Contains the inputs for the <a>EnableSso</a> operation.</p>", 1051 "refs": { 1052 } 1053 }, 1054 "EnableSsoResult": { 1055 "base": "<p>Contains the results of the <a>EnableSso</a> operation.</p>", 1056 "refs": { 1057 } 1058 }, 1059 "EndDateTime": { 1060 "base": null, 1061 "refs": { 1062 "SchemaExtensionInfo$EndDateTime": "<p>The date and time that the schema extension was completed.</p>" 1063 } 1064 }, 1065 "EntityAlreadyExistsException": { 1066 "base": "<p>The specified entity already exists.</p>", 1067 "refs": { 1068 } 1069 }, 1070 "EntityDoesNotExistException": { 1071 "base": "<p>The specified entity could not be found.</p>", 1072 "refs": { 1073 } 1074 }, 1075 "EventTopic": { 1076 "base": "<p>Information about Amazon SNS topic and Directory Service directory associations.</p>", 1077 "refs": { 1078 "EventTopics$member": null 1079 } 1080 }, 1081 "EventTopics": { 1082 "base": null, 1083 "refs": { 1084 "DescribeEventTopicsResult$EventTopics": "<p>A list of Amazon SNS topic names that receive status messages from the specified Directory ID.</p>" 1085 } 1086 }, 1087 "ExceptionMessage": { 1088 "base": "<p>The descriptive message for the exception.</p>", 1089 "refs": { 1090 "AccessDeniedException$Message": null, 1091 "AuthenticationFailedException$Message": "<p>The textual message for the exception.</p>", 1092 "CertificateAlreadyExistsException$Message": null, 1093 "CertificateDoesNotExistException$Message": null, 1094 "CertificateInUseException$Message": null, 1095 "CertificateLimitExceededException$Message": null, 1096 "ClientException$Message": null, 1097 "DirectoryAlreadyInRegionException$Message": null, 1098 "DirectoryAlreadySharedException$Message": null, 1099 "DirectoryDoesNotExistException$Message": null, 1100 "DirectoryLimitExceededException$Message": null, 1101 "DirectoryNotSharedException$Message": null, 1102 "DirectoryUnavailableException$Message": null, 1103 "DomainControllerLimitExceededException$Message": null, 1104 "EntityAlreadyExistsException$Message": null, 1105 "EntityDoesNotExistException$Message": null, 1106 "InsufficientPermissionsException$Message": null, 1107 "InvalidCertificateException$Message": null, 1108 "InvalidClientAuthStatusException$Message": null, 1109 "InvalidLDAPSStatusException$Message": null, 1110 "InvalidNextTokenException$Message": null, 1111 "InvalidParameterException$Message": null, 1112 "InvalidPasswordException$Message": null, 1113 "InvalidTargetException$Message": null, 1114 "IpRouteLimitExceededException$Message": null, 1115 "NoAvailableCertificateException$Message": null, 1116 "OrganizationsException$Message": null, 1117 "RegionLimitExceededException$Message": null, 1118 "ServiceException$Message": null, 1119 "ShareLimitExceededException$Message": null, 1120 "SnapshotLimitExceededException$Message": null, 1121 "TagLimitExceededException$Message": null, 1122 "UnsupportedOperationException$Message": null, 1123 "UserDoesNotExistException$Message": null 1124 } 1125 }, 1126 "GetDirectoryLimitsRequest": { 1127 "base": "<p>Contains the inputs for the <a>GetDirectoryLimits</a> operation.</p>", 1128 "refs": { 1129 } 1130 }, 1131 "GetDirectoryLimitsResult": { 1132 "base": "<p>Contains the results of the <a>GetDirectoryLimits</a> operation.</p>", 1133 "refs": { 1134 } 1135 }, 1136 "GetSnapshotLimitsRequest": { 1137 "base": "<p>Contains the inputs for the <a>GetSnapshotLimits</a> operation.</p>", 1138 "refs": { 1139 } 1140 }, 1141 "GetSnapshotLimitsResult": { 1142 "base": "<p>Contains the results of the <a>GetSnapshotLimits</a> operation.</p>", 1143 "refs": { 1144 } 1145 }, 1146 "InsufficientPermissionsException": { 1147 "base": "<p>The account does not have sufficient permission to perform the operation.</p>", 1148 "refs": { 1149 } 1150 }, 1151 "InvalidCertificateException": { 1152 "base": "<p>The certificate PEM that was provided has incorrect encoding.</p>", 1153 "refs": { 1154 } 1155 }, 1156 "InvalidClientAuthStatusException": { 1157 "base": "<p>Client authentication is already enabled.</p>", 1158 "refs": { 1159 } 1160 }, 1161 "InvalidLDAPSStatusException": { 1162 "base": "<p>The LDAP activities could not be performed because they are limited by the LDAPS status.</p>", 1163 "refs": { 1164 } 1165 }, 1166 "InvalidNextTokenException": { 1167 "base": "<p>The <code>NextToken</code> value is not valid.</p>", 1168 "refs": { 1169 } 1170 }, 1171 "InvalidParameterException": { 1172 "base": "<p>One or more parameters are not valid.</p>", 1173 "refs": { 1174 } 1175 }, 1176 "InvalidPasswordException": { 1177 "base": "<p>The new password provided by the user does not meet the password complexity requirements defined in your directory.</p>", 1178 "refs": { 1179 } 1180 }, 1181 "InvalidTargetException": { 1182 "base": "<p>The specified shared target is not valid.</p>", 1183 "refs": { 1184 } 1185 }, 1186 "IpAddr": { 1187 "base": null, 1188 "refs": { 1189 "DnsIpAddrs$member": null, 1190 "DomainController$DnsIpAddr": "<p>The IP address of the domain controller.</p>", 1191 "IpAddrs$member": null 1192 } 1193 }, 1194 "IpAddrs": { 1195 "base": null, 1196 "refs": { 1197 "DirectoryConnectSettingsDescription$ConnectIps": "<p>The IP addresses of the AD Connector servers.</p>" 1198 } 1199 }, 1200 "IpRoute": { 1201 "base": "<p>IP address block. This is often the address block of the DNS server used for your self-managed domain. </p>", 1202 "refs": { 1203 "IpRoutes$member": null 1204 } 1205 }, 1206 "IpRouteInfo": { 1207 "base": "<p>Information about one or more IP address blocks.</p>", 1208 "refs": { 1209 "IpRoutesInfo$member": null 1210 } 1211 }, 1212 "IpRouteLimitExceededException": { 1213 "base": "<p>The maximum allowed number of IP addresses was exceeded. The default limit is 100 IP address blocks.</p>", 1214 "refs": { 1215 } 1216 }, 1217 "IpRouteStatusMsg": { 1218 "base": null, 1219 "refs": { 1220 "IpRouteInfo$IpRouteStatusMsg": "<p>The status of the IP address block.</p>" 1221 } 1222 }, 1223 "IpRouteStatusReason": { 1224 "base": null, 1225 "refs": { 1226 "IpRouteInfo$IpRouteStatusReason": "<p>The reason for the IpRouteStatusMsg.</p>" 1227 } 1228 }, 1229 "IpRoutes": { 1230 "base": null, 1231 "refs": { 1232 "AddIpRoutesRequest$IpRoutes": "<p>IP address blocks, using CIDR format, of the traffic to route. This is often the IP address block of the DNS server used for your self-managed domain.</p>" 1233 } 1234 }, 1235 "IpRoutesInfo": { 1236 "base": null, 1237 "refs": { 1238 "ListIpRoutesResult$IpRoutesInfo": "<p>A list of <a>IpRoute</a>s.</p>" 1239 } 1240 }, 1241 "LDAPSSettingInfo": { 1242 "base": "<p>Contains general information about the LDAPS settings.</p>", 1243 "refs": { 1244 "LDAPSSettingsInfo$member": null 1245 } 1246 }, 1247 "LDAPSSettingsInfo": { 1248 "base": null, 1249 "refs": { 1250 "DescribeLDAPSSettingsResult$LDAPSSettingsInfo": "<p>Information about LDAP security for the specified directory, including status of enablement, state last updated date time, and the reason for the state.</p>" 1251 } 1252 }, 1253 "LDAPSStatus": { 1254 "base": null, 1255 "refs": { 1256 "LDAPSSettingInfo$LDAPSStatus": "<p>The state of the LDAPS settings.</p>" 1257 } 1258 }, 1259 "LDAPSStatusReason": { 1260 "base": null, 1261 "refs": { 1262 "LDAPSSettingInfo$LDAPSStatusReason": "<p>Describes a state change for LDAPS.</p>" 1263 } 1264 }, 1265 "LDAPSType": { 1266 "base": null, 1267 "refs": { 1268 "DescribeLDAPSSettingsRequest$Type": "<p>The type of LDAP security to enable. Currently only the value <code>Client</code> is supported.</p>", 1269 "DisableLDAPSRequest$Type": "<p>The type of LDAP security to enable. Currently only the value <code>Client</code> is supported.</p>", 1270 "EnableLDAPSRequest$Type": "<p>The type of LDAP security to enable. Currently only the value <code>Client</code> is supported.</p>" 1271 } 1272 }, 1273 "LastUpdatedDateTime": { 1274 "base": null, 1275 "refs": { 1276 "ClientAuthenticationSettingInfo$LastUpdatedDateTime": "<p>The date and time when the status of the client authentication type was last updated.</p>", 1277 "DirectoryDescription$StageLastUpdatedDateTime": "<p>The date and time that the stage was last updated.</p>", 1278 "DomainController$StatusLastUpdatedDateTime": "<p>The date and time that the status was last updated.</p>", 1279 "LDAPSSettingInfo$LastUpdatedDateTime": "<p>The date and time when the LDAPS settings were last updated.</p>", 1280 "RegionDescription$LastUpdatedDateTime": "<p>The date and time that the Region description was last updated.</p>", 1281 "SharedDirectory$LastUpdatedDateTime": "<p>The date and time that the shared directory was last updated.</p>", 1282 "Trust$LastUpdatedDateTime": "<p>The date and time that the trust relationship was last updated.</p>" 1283 } 1284 }, 1285 "LaunchTime": { 1286 "base": null, 1287 "refs": { 1288 "DirectoryDescription$LaunchTime": "<p>Specifies when the directory was created.</p>", 1289 "DomainController$LaunchTime": "<p>Specifies when the domain controller was created.</p>", 1290 "RegionDescription$LaunchTime": "<p>Specifies when the Region replication began.</p>" 1291 } 1292 }, 1293 "LdifContent": { 1294 "base": null, 1295 "refs": { 1296 "StartSchemaExtensionRequest$LdifContent": "<p>The LDIF file represented as a string. To construct the LdifContent string, precede each line as it would be formatted in an ldif file with \\n. See the example request below for more details. The file size can be no larger than 1MB.</p>" 1297 } 1298 }, 1299 "Limit": { 1300 "base": null, 1301 "refs": { 1302 "DescribeDirectoriesRequest$Limit": "<p>The maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation.</p>", 1303 "DescribeDomainControllersRequest$Limit": "<p>The maximum number of items to return.</p>", 1304 "DescribeSharedDirectoriesRequest$Limit": "<p>The number of shared directories to return in the response object.</p>", 1305 "DescribeSnapshotsRequest$Limit": "<p>The maximum number of objects to return.</p>", 1306 "DescribeTrustsRequest$Limit": "<p>The maximum number of objects to return.</p>", 1307 "DirectoryLimits$CloudOnlyDirectoriesLimit": "<p>The maximum number of cloud directories allowed in the Region.</p>", 1308 "DirectoryLimits$CloudOnlyDirectoriesCurrentCount": "<p>The current number of cloud directories in the Region.</p>", 1309 "DirectoryLimits$CloudOnlyMicrosoftADLimit": "<p>The maximum number of Managed Microsoft AD directories allowed in the region.</p>", 1310 "DirectoryLimits$CloudOnlyMicrosoftADCurrentCount": "<p>The current number of Managed Microsoft AD directories in the region.</p>", 1311 "DirectoryLimits$ConnectedDirectoriesLimit": "<p>The maximum number of connected directories allowed in the Region.</p>", 1312 "DirectoryLimits$ConnectedDirectoriesCurrentCount": "<p>The current number of connected directories in the Region.</p>", 1313 "ListIpRoutesRequest$Limit": "<p>Maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation.</p>", 1314 "ListLogSubscriptionsRequest$Limit": "<p>The maximum number of items returned.</p>", 1315 "ListSchemaExtensionsRequest$Limit": "<p>The maximum number of items to return.</p>", 1316 "ListTagsForResourceRequest$Limit": "<p>Reserved for future use.</p>", 1317 "SnapshotLimits$ManualSnapshotsLimit": "<p>The maximum number of manual snapshots allowed.</p>", 1318 "SnapshotLimits$ManualSnapshotsCurrentCount": "<p>The current number of manual snapshots of the directory.</p>" 1319 } 1320 }, 1321 "ListCertificatesRequest": { 1322 "base": null, 1323 "refs": { 1324 } 1325 }, 1326 "ListCertificatesResult": { 1327 "base": null, 1328 "refs": { 1329 } 1330 }, 1331 "ListIpRoutesRequest": { 1332 "base": null, 1333 "refs": { 1334 } 1335 }, 1336 "ListIpRoutesResult": { 1337 "base": null, 1338 "refs": { 1339 } 1340 }, 1341 "ListLogSubscriptionsRequest": { 1342 "base": null, 1343 "refs": { 1344 } 1345 }, 1346 "ListLogSubscriptionsResult": { 1347 "base": null, 1348 "refs": { 1349 } 1350 }, 1351 "ListSchemaExtensionsRequest": { 1352 "base": null, 1353 "refs": { 1354 } 1355 }, 1356 "ListSchemaExtensionsResult": { 1357 "base": null, 1358 "refs": { 1359 } 1360 }, 1361 "ListTagsForResourceRequest": { 1362 "base": null, 1363 "refs": { 1364 } 1365 }, 1366 "ListTagsForResourceResult": { 1367 "base": null, 1368 "refs": { 1369 } 1370 }, 1371 "LogGroupName": { 1372 "base": null, 1373 "refs": { 1374 "CreateLogSubscriptionRequest$LogGroupName": "<p>The name of the CloudWatch log group where the real-time domain controller logs are forwarded.</p>", 1375 "LogSubscription$LogGroupName": "<p>The name of the log group.</p>" 1376 } 1377 }, 1378 "LogSubscription": { 1379 "base": "<p>Represents a log subscription, which tracks real-time data from a chosen log group to a specified destination.</p>", 1380 "refs": { 1381 "LogSubscriptions$member": null 1382 } 1383 }, 1384 "LogSubscriptions": { 1385 "base": null, 1386 "refs": { 1387 "ListLogSubscriptionsResult$LogSubscriptions": "<p>A list of active <a>LogSubscription</a> objects for calling the Amazon Web Services account.</p>" 1388 } 1389 }, 1390 "ManualSnapshotsLimitReached": { 1391 "base": null, 1392 "refs": { 1393 "SnapshotLimits$ManualSnapshotsLimitReached": "<p>Indicates if the manual snapshot limit has been reached.</p>" 1394 } 1395 }, 1396 "NextToken": { 1397 "base": null, 1398 "refs": { 1399 "DescribeClientAuthenticationSettingsRequest$NextToken": "<p>The <i>DescribeClientAuthenticationSettingsResult.NextToken</i> value from a previous call to <a>DescribeClientAuthenticationSettings</a>. Pass null if this is the first call.</p>", 1400 "DescribeClientAuthenticationSettingsResult$NextToken": "<p>The next token used to retrieve the client authentication settings if the number of setting types exceeds page limit and there is another page.</p>", 1401 "DescribeDirectoriesRequest$NextToken": "<p>The <code>DescribeDirectoriesResult.NextToken</code> value from a previous call to <a>DescribeDirectories</a>. Pass null if this is the first call.</p>", 1402 "DescribeDirectoriesResult$NextToken": "<p>If not null, more results are available. Pass this value for the <code>NextToken</code> parameter in a subsequent call to <a>DescribeDirectories</a> to retrieve the next set of items.</p>", 1403 "DescribeDomainControllersRequest$NextToken": "<p>The <i>DescribeDomainControllers.NextToken</i> value from a previous call to <a>DescribeDomainControllers</a>. Pass null if this is the first call. </p>", 1404 "DescribeDomainControllersResult$NextToken": "<p>If not null, more results are available. Pass this value for the <code>NextToken</code> parameter in a subsequent call to <a>DescribeDomainControllers</a> retrieve the next set of items.</p>", 1405 "DescribeLDAPSSettingsRequest$NextToken": "<p>The type of next token used for pagination.</p>", 1406 "DescribeLDAPSSettingsResult$NextToken": "<p>The next token used to retrieve the LDAPS settings if the number of setting types exceeds page limit and there is another page.</p>", 1407 "DescribeRegionsRequest$NextToken": "<p>The <code>DescribeRegionsResult.NextToken</code> value from a previous call to <a>DescribeRegions</a>. Pass null if this is the first call.</p>", 1408 "DescribeRegionsResult$NextToken": "<p>If not null, more results are available. Pass this value for the <code>NextToken</code> parameter in a subsequent call to <a>DescribeRegions</a> to retrieve the next set of items.</p>", 1409 "DescribeSharedDirectoriesRequest$NextToken": "<p>The <code>DescribeSharedDirectoriesResult.NextToken</code> value from a previous call to <a>DescribeSharedDirectories</a>. Pass null if this is the first call. </p>", 1410 "DescribeSharedDirectoriesResult$NextToken": "<p>If not null, token that indicates that more results are available. Pass this value for the <code>NextToken</code> parameter in a subsequent call to <a>DescribeSharedDirectories</a> to retrieve the next set of items.</p>", 1411 "DescribeSnapshotsRequest$NextToken": "<p>The <i>DescribeSnapshotsResult.NextToken</i> value from a previous call to <a>DescribeSnapshots</a>. Pass null if this is the first call.</p>", 1412 "DescribeSnapshotsResult$NextToken": "<p>If not null, more results are available. Pass this value in the <i>NextToken</i> member of a subsequent call to <a>DescribeSnapshots</a>.</p>", 1413 "DescribeTrustsRequest$NextToken": "<p>The <i>DescribeTrustsResult.NextToken</i> value from a previous call to <a>DescribeTrusts</a>. Pass null if this is the first call.</p>", 1414 "DescribeTrustsResult$NextToken": "<p>If not null, more results are available. Pass this value for the <i>NextToken</i> parameter in a subsequent call to <a>DescribeTrusts</a> to retrieve the next set of items.</p>", 1415 "ListCertificatesRequest$NextToken": "<p>A token for requesting another page of certificates if the <code>NextToken</code> response element indicates that more certificates are available. Use the value of the returned <code>NextToken</code> element in your request until the token comes back as <code>null</code>. Pass <code>null</code> if this is the first call.</p>", 1416 "ListCertificatesResult$NextToken": "<p>Indicates whether another page of certificates is available when the number of available certificates exceeds the page limit.</p>", 1417 "ListIpRoutesRequest$NextToken": "<p>The <i>ListIpRoutes.NextToken</i> value from a previous call to <a>ListIpRoutes</a>. Pass null if this is the first call.</p>", 1418 "ListIpRoutesResult$NextToken": "<p>If not null, more results are available. Pass this value for the <i>NextToken</i> parameter in a subsequent call to <a>ListIpRoutes</a> to retrieve the next set of items.</p>", 1419 "ListLogSubscriptionsRequest$NextToken": "<p>The token for the next set of items to return.</p>", 1420 "ListLogSubscriptionsResult$NextToken": "<p>The token for the next set of items to return.</p>", 1421 "ListSchemaExtensionsRequest$NextToken": "<p>The <code>ListSchemaExtensions.NextToken</code> value from a previous call to <code>ListSchemaExtensions</code>. Pass null if this is the first call.</p>", 1422 "ListSchemaExtensionsResult$NextToken": "<p>If not null, more results are available. Pass this value for the <code>NextToken</code> parameter in a subsequent call to <code>ListSchemaExtensions</code> to retrieve the next set of items.</p>", 1423 "ListTagsForResourceRequest$NextToken": "<p>Reserved for future use.</p>", 1424 "ListTagsForResourceResult$NextToken": "<p>Reserved for future use.</p>" 1425 } 1426 }, 1427 "NoAvailableCertificateException": { 1428 "base": "<p>Client authentication setup could not be completed because at least one valid certificate must be registered in the system.</p>", 1429 "refs": { 1430 } 1431 }, 1432 "Notes": { 1433 "base": null, 1434 "refs": { 1435 "DirectoryDescription$ShareNotes": "<p>A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.</p>", 1436 "ShareDirectoryRequest$ShareNotes": "<p>A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.</p>", 1437 "SharedDirectory$ShareNotes": "<p>A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.</p>" 1438 } 1439 }, 1440 "OCSPUrl": { 1441 "base": null, 1442 "refs": { 1443 "ClientCertAuthSettings$OCSPUrl": "<p>Specifies the URL of the default OCSP server used to check for revocation status. A secondary value to any OCSP address found in the AIA extension of the user certificate.</p>" 1444 } 1445 }, 1446 "OrganizationalUnitDN": { 1447 "base": null, 1448 "refs": { 1449 "CreateComputerRequest$OrganizationalUnitDistinguishedName": "<p>The fully-qualified distinguished name of the organizational unit to place the computer account in.</p>" 1450 } 1451 }, 1452 "OrganizationsException": { 1453 "base": "<p>Exception encountered while trying to access your Amazon Web Services organization.</p>", 1454 "refs": { 1455 } 1456 }, 1457 "OwnerDirectoryDescription": { 1458 "base": "<p>Describes the directory owner account details that have been shared to the directory consumer account.</p>", 1459 "refs": { 1460 "DirectoryDescription$OwnerDirectoryDescription": "<p>Describes the Managed Microsoft AD directory in the directory owner account.</p>" 1461 } 1462 }, 1463 "PageLimit": { 1464 "base": null, 1465 "refs": { 1466 "DescribeClientAuthenticationSettingsRequest$Limit": "<p>The maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation. </p>", 1467 "DescribeLDAPSSettingsRequest$Limit": "<p>Specifies the number of items that should be displayed on one page.</p>", 1468 "ListCertificatesRequest$Limit": "<p>The number of items that should show up on one page</p>" 1469 } 1470 }, 1471 "Password": { 1472 "base": null, 1473 "refs": { 1474 "CreateDirectoryRequest$Password": "<p>The password for the directory administrator. The directory creation process creates a directory administrator account with the user name <code>Administrator</code> and this password.</p> <p>If you need to change the password for the administrator account, you can use the <a>ResetUserPassword</a> API call.</p> <p>The regex pattern for this string is made up of the following conditions:</p> <ul> <li> <p>Length (?=^.{8,64}$) – Must be between 8 and 64 characters</p> </li> </ul> <p>AND any 3 of the following password complexity rules required by Active Directory:</p> <ul> <li> <p>Numbers and upper case and lowercase (?=.*\\d)(?=.*[A-Z])(?=.*[a-z])</p> </li> <li> <p>Numbers and special characters and lower case (?=.*\\d)(?=.*[^A-Za-z0-9\\s])(?=.*[a-z])</p> </li> <li> <p>Special characters and upper case and lower case (?=.*[^A-Za-z0-9\\s])(?=.*[A-Z])(?=.*[a-z])</p> </li> <li> <p>Numbers and upper case and special characters (?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9\\s])</p> </li> </ul> <p>For additional information about how Active Directory passwords are enforced, see <a href=\"https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements\">Password must meet complexity requirements</a> on the Microsoft website.</p>", 1475 "CreateMicrosoftADRequest$Password": "<p>The password for the default administrative user named <code>Admin</code>.</p> <p>If you need to change the password for the administrator account, you can use the <a>ResetUserPassword</a> API call.</p>" 1476 } 1477 }, 1478 "PortNumber": { 1479 "base": null, 1480 "refs": { 1481 "RadiusSettings$RadiusPort": "<p>The port that your RADIUS server is using for communications. Your self-managed network must allow inbound traffic over this port from the Directory Service servers.</p>" 1482 } 1483 }, 1484 "RadiusAuthenticationProtocol": { 1485 "base": null, 1486 "refs": { 1487 "RadiusSettings$AuthenticationProtocol": "<p>The protocol specified for your RADIUS endpoints.</p>" 1488 } 1489 }, 1490 "RadiusDisplayLabel": { 1491 "base": null, 1492 "refs": { 1493 "RadiusSettings$DisplayLabel": "<p>Not currently used.</p>" 1494 } 1495 }, 1496 "RadiusRetries": { 1497 "base": null, 1498 "refs": { 1499 "RadiusSettings$RadiusRetries": "<p>The maximum number of times that communication with the RADIUS server is attempted.</p>" 1500 } 1501 }, 1502 "RadiusSettings": { 1503 "base": "<p>Contains information about a Remote Authentication Dial In User Service (RADIUS) server.</p>", 1504 "refs": { 1505 "DirectoryDescription$RadiusSettings": "<p>A <a>RadiusSettings</a> object that contains information about the RADIUS server configured for this directory.</p>", 1506 "EnableRadiusRequest$RadiusSettings": "<p>A <a>RadiusSettings</a> object that contains information about the RADIUS server.</p>", 1507 "OwnerDirectoryDescription$RadiusSettings": "<p>A <a>RadiusSettings</a> object that contains information about the RADIUS server.</p>", 1508 "UpdateRadiusRequest$RadiusSettings": "<p>A <a>RadiusSettings</a> object that contains information about the RADIUS server.</p>" 1509 } 1510 }, 1511 "RadiusSharedSecret": { 1512 "base": null, 1513 "refs": { 1514 "RadiusSettings$SharedSecret": "<p>Required for enabling RADIUS on the directory.</p>" 1515 } 1516 }, 1517 "RadiusStatus": { 1518 "base": null, 1519 "refs": { 1520 "DirectoryDescription$RadiusStatus": "<p>The status of the RADIUS MFA server connection.</p>", 1521 "OwnerDirectoryDescription$RadiusStatus": "<p>Information about the status of the RADIUS server.</p>" 1522 } 1523 }, 1524 "RadiusTimeout": { 1525 "base": null, 1526 "refs": { 1527 "RadiusSettings$RadiusTimeout": "<p>The amount of time, in seconds, to wait for the RADIUS server to respond.</p>" 1528 } 1529 }, 1530 "RegionDescription": { 1531 "base": "<p>The replicated Region information for a directory.</p>", 1532 "refs": { 1533 "RegionsDescription$member": null 1534 } 1535 }, 1536 "RegionLimitExceededException": { 1537 "base": "<p>You have reached the limit for maximum number of simultaneous Region replications per directory.</p>", 1538 "refs": { 1539 } 1540 }, 1541 "RegionName": { 1542 "base": null, 1543 "refs": { 1544 "AddRegionRequest$RegionName": "<p>The name of the Region where you want to add domain controllers for replication. For example, <code>us-east-1</code>.</p>", 1545 "AdditionalRegions$member": null, 1546 "DescribeRegionsRequest$RegionName": "<p>The name of the Region. For example, <code>us-east-1</code>.</p>", 1547 "RegionDescription$RegionName": "<p>The name of the Region. For example, <code>us-east-1</code>.</p>", 1548 "RegionsInfo$PrimaryRegion": "<p>The Region where the Managed Microsoft AD directory was originally created.</p>" 1549 } 1550 }, 1551 "RegionType": { 1552 "base": null, 1553 "refs": { 1554 "RegionDescription$RegionType": "<p>Specifies whether the Region is the primary Region or an additional Region.</p>" 1555 } 1556 }, 1557 "RegionsDescription": { 1558 "base": null, 1559 "refs": { 1560 "DescribeRegionsResult$RegionsDescription": "<p>List of Region information related to the directory for each replicated Region.</p>" 1561 } 1562 }, 1563 "RegionsInfo": { 1564 "base": "<p>Provides information about the Regions that are configured for multi-Region replication.</p>", 1565 "refs": { 1566 "DirectoryDescription$RegionsInfo": "<p>Lists the Regions where the directory has replicated.</p>" 1567 } 1568 }, 1569 "RegisterCertificateRequest": { 1570 "base": null, 1571 "refs": { 1572 } 1573 }, 1574 "RegisterCertificateResult": { 1575 "base": null, 1576 "refs": { 1577 } 1578 }, 1579 "RegisterEventTopicRequest": { 1580 "base": "<p>Registers a new event topic.</p>", 1581 "refs": { 1582 } 1583 }, 1584 "RegisterEventTopicResult": { 1585 "base": "<p>The result of a RegisterEventTopic request.</p>", 1586 "refs": { 1587 } 1588 }, 1589 "RejectSharedDirectoryRequest": { 1590 "base": null, 1591 "refs": { 1592 } 1593 }, 1594 "RejectSharedDirectoryResult": { 1595 "base": null, 1596 "refs": { 1597 } 1598 }, 1599 "RemoteDomainName": { 1600 "base": null, 1601 "refs": { 1602 "ConditionalForwarder$RemoteDomainName": "<p>The fully qualified domain name (FQDN) of the remote domains pointed to by the conditional forwarder.</p>", 1603 "CreateConditionalForwarderRequest$RemoteDomainName": "<p>The fully qualified domain name (FQDN) of the remote domain with which you will set up a trust relationship.</p>", 1604 "CreateTrustRequest$RemoteDomainName": "<p>The Fully Qualified Domain Name (FQDN) of the external domain for which to create the trust relationship.</p>", 1605 "DeleteConditionalForwarderRequest$RemoteDomainName": "<p>The fully qualified domain name (FQDN) of the remote domain with which you are deleting the conditional forwarder.</p>", 1606 "RemoteDomainNames$member": null, 1607 "Trust$RemoteDomainName": "<p>The Fully Qualified Domain Name (FQDN) of the external domain involved in the trust relationship.</p>", 1608 "UpdateConditionalForwarderRequest$RemoteDomainName": "<p>The fully qualified domain name (FQDN) of the remote domain with which you will set up a trust relationship.</p>" 1609 } 1610 }, 1611 "RemoteDomainNames": { 1612 "base": null, 1613 "refs": { 1614 "DescribeConditionalForwardersRequest$RemoteDomainNames": "<p>The fully qualified domain names (FQDN) of the remote domains for which to get the list of associated conditional forwarders. If this member is null, all conditional forwarders are returned.</p>" 1615 } 1616 }, 1617 "RemoveIpRoutesRequest": { 1618 "base": null, 1619 "refs": { 1620 } 1621 }, 1622 "RemoveIpRoutesResult": { 1623 "base": null, 1624 "refs": { 1625 } 1626 }, 1627 "RemoveRegionRequest": { 1628 "base": null, 1629 "refs": { 1630 } 1631 }, 1632 "RemoveRegionResult": { 1633 "base": null, 1634 "refs": { 1635 } 1636 }, 1637 "RemoveTagsFromResourceRequest": { 1638 "base": null, 1639 "refs": { 1640 } 1641 }, 1642 "RemoveTagsFromResourceResult": { 1643 "base": null, 1644 "refs": { 1645 } 1646 }, 1647 "ReplicationScope": { 1648 "base": null, 1649 "refs": { 1650 "ConditionalForwarder$ReplicationScope": "<p>The replication scope of the conditional forwarder. The only allowed value is <code>Domain</code>, which will replicate the conditional forwarder to all of the domain controllers for your Amazon Web Services directory.</p>" 1651 } 1652 }, 1653 "RequestId": { 1654 "base": "<p>The Amazon Web Services request identifier.</p>", 1655 "refs": { 1656 "AccessDeniedException$RequestId": null, 1657 "AuthenticationFailedException$RequestId": "<p>The identifier of the request that caused the exception.</p>", 1658 "CertificateAlreadyExistsException$RequestId": null, 1659 "CertificateDoesNotExistException$RequestId": null, 1660 "CertificateInUseException$RequestId": null, 1661 "CertificateLimitExceededException$RequestId": null, 1662 "ClientException$RequestId": null, 1663 "DirectoryAlreadyInRegionException$RequestId": null, 1664 "DirectoryAlreadySharedException$RequestId": null, 1665 "DirectoryDoesNotExistException$RequestId": null, 1666 "DirectoryLimitExceededException$RequestId": null, 1667 "DirectoryNotSharedException$RequestId": null, 1668 "DirectoryUnavailableException$RequestId": null, 1669 "DomainControllerLimitExceededException$RequestId": null, 1670 "EntityAlreadyExistsException$RequestId": null, 1671 "EntityDoesNotExistException$RequestId": null, 1672 "InsufficientPermissionsException$RequestId": null, 1673 "InvalidCertificateException$RequestId": null, 1674 "InvalidClientAuthStatusException$RequestId": null, 1675 "InvalidLDAPSStatusException$RequestId": null, 1676 "InvalidNextTokenException$RequestId": null, 1677 "InvalidParameterException$RequestId": null, 1678 "InvalidPasswordException$RequestId": null, 1679 "InvalidTargetException$RequestId": null, 1680 "IpRouteLimitExceededException$RequestId": null, 1681 "NoAvailableCertificateException$RequestId": null, 1682 "OrganizationsException$RequestId": null, 1683 "RegionLimitExceededException$RequestId": null, 1684 "ServiceException$RequestId": null, 1685 "ShareLimitExceededException$RequestId": null, 1686 "SnapshotLimitExceededException$RequestId": null, 1687 "TagLimitExceededException$RequestId": null, 1688 "UnsupportedOperationException$RequestId": null, 1689 "UpdateTrustResult$RequestId": null, 1690 "UserDoesNotExistException$RequestId": null 1691 } 1692 }, 1693 "ResetUserPasswordRequest": { 1694 "base": null, 1695 "refs": { 1696 } 1697 }, 1698 "ResetUserPasswordResult": { 1699 "base": null, 1700 "refs": { 1701 } 1702 }, 1703 "ResourceId": { 1704 "base": null, 1705 "refs": { 1706 "AddTagsToResourceRequest$ResourceId": "<p>Identifier (ID) for the directory to which to add the tag.</p>", 1707 "ListTagsForResourceRequest$ResourceId": "<p>Identifier (ID) of the directory for which you want to retrieve tags.</p>", 1708 "RemoveTagsFromResourceRequest$ResourceId": "<p>Identifier (ID) of the directory from which to remove the tag.</p>" 1709 } 1710 }, 1711 "RestoreFromSnapshotRequest": { 1712 "base": "<p>An object representing the inputs for the <a>RestoreFromSnapshot</a> operation.</p>", 1713 "refs": { 1714 } 1715 }, 1716 "RestoreFromSnapshotResult": { 1717 "base": "<p>Contains the results of the <a>RestoreFromSnapshot</a> operation.</p>", 1718 "refs": { 1719 } 1720 }, 1721 "SID": { 1722 "base": null, 1723 "refs": { 1724 "Computer$ComputerId": "<p>The identifier of the computer.</p>" 1725 } 1726 }, 1727 "SchemaExtensionId": { 1728 "base": null, 1729 "refs": { 1730 "CancelSchemaExtensionRequest$SchemaExtensionId": "<p>The identifier of the schema extension that will be canceled.</p>", 1731 "SchemaExtensionInfo$SchemaExtensionId": "<p>The identifier of the schema extension.</p>", 1732 "StartSchemaExtensionResult$SchemaExtensionId": "<p>The identifier of the schema extension that will be applied.</p>" 1733 } 1734 }, 1735 "SchemaExtensionInfo": { 1736 "base": "<p>Information about a schema extension.</p>", 1737 "refs": { 1738 "SchemaExtensionsInfo$member": null 1739 } 1740 }, 1741 "SchemaExtensionStatus": { 1742 "base": null, 1743 "refs": { 1744 "SchemaExtensionInfo$SchemaExtensionStatus": "<p>The current status of the schema extension.</p>" 1745 } 1746 }, 1747 "SchemaExtensionStatusReason": { 1748 "base": null, 1749 "refs": { 1750 "SchemaExtensionInfo$SchemaExtensionStatusReason": "<p>The reason for the <code>SchemaExtensionStatus</code>.</p>" 1751 } 1752 }, 1753 "SchemaExtensionsInfo": { 1754 "base": null, 1755 "refs": { 1756 "ListSchemaExtensionsResult$SchemaExtensionsInfo": "<p>Information about the schema extensions applied to the directory.</p>" 1757 } 1758 }, 1759 "SecurityGroupId": { 1760 "base": null, 1761 "refs": { 1762 "DirectoryConnectSettingsDescription$SecurityGroupId": "<p>The security group identifier for the AD Connector directory.</p>", 1763 "DirectoryVpcSettingsDescription$SecurityGroupId": "<p>The domain controller security group identifier for the directory.</p>" 1764 } 1765 }, 1766 "SelectiveAuth": { 1767 "base": null, 1768 "refs": { 1769 "CreateTrustRequest$SelectiveAuth": "<p>Optional parameter to enable selective authentication for the trust.</p>", 1770 "Trust$SelectiveAuth": "<p>Current state of selective authentication for the trust.</p>", 1771 "UpdateTrustRequest$SelectiveAuth": "<p>Updates selective authentication for the trust.</p>" 1772 } 1773 }, 1774 "Server": { 1775 "base": null, 1776 "refs": { 1777 "Servers$member": null 1778 } 1779 }, 1780 "Servers": { 1781 "base": null, 1782 "refs": { 1783 "RadiusSettings$RadiusServers": "<p>An array of strings that contains the fully qualified domain name (FQDN) or IP addresses of the RADIUS server endpoints, or the FQDN or IP addresses of your RADIUS server load balancer.</p>" 1784 } 1785 }, 1786 "ServiceException": { 1787 "base": "<p>An exception has occurred in Directory Service.</p>", 1788 "refs": { 1789 } 1790 }, 1791 "ShareDirectoryRequest": { 1792 "base": null, 1793 "refs": { 1794 } 1795 }, 1796 "ShareDirectoryResult": { 1797 "base": null, 1798 "refs": { 1799 } 1800 }, 1801 "ShareLimitExceededException": { 1802 "base": "<p>The maximum number of Amazon Web Services accounts that you can share with this directory has been reached.</p>", 1803 "refs": { 1804 } 1805 }, 1806 "ShareMethod": { 1807 "base": null, 1808 "refs": { 1809 "DirectoryDescription$ShareMethod": "<p>The method used when sharing a directory to determine whether the directory should be shared within your Amazon Web Services organization (<code>ORGANIZATIONS</code>) or with any Amazon Web Services account by sending a shared directory request (<code>HANDSHAKE</code>).</p>", 1810 "ShareDirectoryRequest$ShareMethod": "<p>The method used when sharing a directory to determine whether the directory should be shared within your Amazon Web Services organization (<code>ORGANIZATIONS</code>) or with any Amazon Web Services account by sending a directory sharing request (<code>HANDSHAKE</code>).</p>", 1811 "SharedDirectory$ShareMethod": "<p>The method used when sharing a directory to determine whether the directory should be shared within your Amazon Web Services organization (<code>ORGANIZATIONS</code>) or with any Amazon Web Services account by sending a shared directory request (<code>HANDSHAKE</code>).</p>" 1812 } 1813 }, 1814 "ShareStatus": { 1815 "base": null, 1816 "refs": { 1817 "DirectoryDescription$ShareStatus": "<p>Current directory status of the shared Managed Microsoft AD directory.</p>", 1818 "SharedDirectory$ShareStatus": "<p>Current directory status of the shared Managed Microsoft AD directory.</p>" 1819 } 1820 }, 1821 "ShareTarget": { 1822 "base": "<p>Identifier that contains details about the directory consumer account.</p>", 1823 "refs": { 1824 "ShareDirectoryRequest$ShareTarget": "<p>Identifier for the directory consumer account with whom the directory is to be shared.</p>" 1825 } 1826 }, 1827 "SharedDirectories": { 1828 "base": null, 1829 "refs": { 1830 "DescribeSharedDirectoriesResult$SharedDirectories": "<p>A list of all shared directories in your account.</p>" 1831 } 1832 }, 1833 "SharedDirectory": { 1834 "base": "<p>Details about the shared directory in the directory owner account for which the share request in the directory consumer account has been accepted.</p>", 1835 "refs": { 1836 "AcceptSharedDirectoryResult$SharedDirectory": "<p>The shared directory in the directory consumer account.</p>", 1837 "SharedDirectories$member": null 1838 } 1839 }, 1840 "Snapshot": { 1841 "base": "<p>Describes a directory snapshot.</p>", 1842 "refs": { 1843 "Snapshots$member": null 1844 } 1845 }, 1846 "SnapshotId": { 1847 "base": null, 1848 "refs": { 1849 "CreateSnapshotResult$SnapshotId": "<p>The identifier of the snapshot that was created.</p>", 1850 "DeleteSnapshotRequest$SnapshotId": "<p>The identifier of the directory snapshot to be deleted.</p>", 1851 "DeleteSnapshotResult$SnapshotId": "<p>The identifier of the directory snapshot that was deleted.</p>", 1852 "RestoreFromSnapshotRequest$SnapshotId": "<p>The identifier of the snapshot to restore from.</p>", 1853 "Snapshot$SnapshotId": "<p>The snapshot identifier.</p>", 1854 "SnapshotIds$member": null 1855 } 1856 }, 1857 "SnapshotIds": { 1858 "base": "<p>A list of directory snapshot identifiers.</p>", 1859 "refs": { 1860 "DescribeSnapshotsRequest$SnapshotIds": "<p>A list of identifiers of the snapshots to obtain the information for. If this member is null or empty, all snapshots are returned using the <i>Limit</i> and <i>NextToken</i> members.</p>" 1861 } 1862 }, 1863 "SnapshotLimitExceededException": { 1864 "base": "<p>The maximum number of manual snapshots for the directory has been reached. You can use the <a>GetSnapshotLimits</a> operation to determine the snapshot limits for a directory.</p>", 1865 "refs": { 1866 } 1867 }, 1868 "SnapshotLimits": { 1869 "base": "<p>Contains manual snapshot limit information for a directory.</p>", 1870 "refs": { 1871 "GetSnapshotLimitsResult$SnapshotLimits": "<p>A <a>SnapshotLimits</a> object that contains the manual snapshot limits for the specified directory.</p>" 1872 } 1873 }, 1874 "SnapshotName": { 1875 "base": null, 1876 "refs": { 1877 "CreateSnapshotRequest$Name": "<p>The descriptive name to apply to the snapshot.</p>", 1878 "Snapshot$Name": "<p>The descriptive name of the snapshot.</p>" 1879 } 1880 }, 1881 "SnapshotStatus": { 1882 "base": null, 1883 "refs": { 1884 "Snapshot$Status": "<p>The snapshot status.</p>" 1885 } 1886 }, 1887 "SnapshotType": { 1888 "base": null, 1889 "refs": { 1890 "Snapshot$Type": "<p>The snapshot type.</p>" 1891 } 1892 }, 1893 "Snapshots": { 1894 "base": "<p>A list of descriptions of directory snapshots.</p>", 1895 "refs": { 1896 "DescribeSnapshotsResult$Snapshots": "<p>The list of <a>Snapshot</a> objects that were retrieved.</p> <p>It is possible that this list contains less than the number of items specified in the <i>Limit</i> member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.</p>" 1897 } 1898 }, 1899 "SsoEnabled": { 1900 "base": null, 1901 "refs": { 1902 "DirectoryDescription$SsoEnabled": "<p>Indicates if single sign-on is enabled for the directory. For more information, see <a>EnableSso</a> and <a>DisableSso</a>.</p>" 1903 } 1904 }, 1905 "StageReason": { 1906 "base": null, 1907 "refs": { 1908 "DirectoryDescription$StageReason": "<p>Additional information about the directory stage.</p>" 1909 } 1910 }, 1911 "StartDateTime": { 1912 "base": null, 1913 "refs": { 1914 "SchemaExtensionInfo$StartDateTime": "<p>The date and time that the schema extension started being applied to the directory.</p>" 1915 } 1916 }, 1917 "StartSchemaExtensionRequest": { 1918 "base": null, 1919 "refs": { 1920 } 1921 }, 1922 "StartSchemaExtensionResult": { 1923 "base": null, 1924 "refs": { 1925 } 1926 }, 1927 "StartTime": { 1928 "base": null, 1929 "refs": { 1930 "Snapshot$StartTime": "<p>The date and time that the snapshot was taken.</p>" 1931 } 1932 }, 1933 "StateLastUpdatedDateTime": { 1934 "base": null, 1935 "refs": { 1936 "RegionDescription$StatusLastUpdatedDateTime": "<p>The date and time that the Region status was last updated.</p>", 1937 "Trust$StateLastUpdatedDateTime": "<p>The date and time that the TrustState was last updated.</p>" 1938 } 1939 }, 1940 "SubnetId": { 1941 "base": null, 1942 "refs": { 1943 "DomainController$SubnetId": "<p>Identifier of the subnet in the VPC that contains the domain controller.</p>", 1944 "SubnetIds$member": null 1945 } 1946 }, 1947 "SubnetIds": { 1948 "base": null, 1949 "refs": { 1950 "DirectoryConnectSettings$SubnetIds": "<p>A list of subnet identifiers in the VPC in which the AD Connector is created.</p>", 1951 "DirectoryConnectSettingsDescription$SubnetIds": "<p>A list of subnet identifiers in the VPC that the AD Connector is in.</p>", 1952 "DirectoryVpcSettings$SubnetIds": "<p>The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. Directory Service creates a directory server and a DNS server in each of these subnets.</p>", 1953 "DirectoryVpcSettingsDescription$SubnetIds": "<p>The identifiers of the subnets for the directory servers.</p>" 1954 } 1955 }, 1956 "SubscriptionCreatedDateTime": { 1957 "base": null, 1958 "refs": { 1959 "LogSubscription$SubscriptionCreatedDateTime": "<p>The date and time that the log subscription was created.</p>" 1960 } 1961 }, 1962 "Tag": { 1963 "base": "<p>Metadata assigned to a directory consisting of a key-value pair.</p>", 1964 "refs": { 1965 "Tags$member": null 1966 } 1967 }, 1968 "TagKey": { 1969 "base": null, 1970 "refs": { 1971 "Tag$Key": "<p>Required name of the tag. The string value can be Unicode characters and cannot be prefixed with \"aws:\". The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-]*)$\").</p>", 1972 "TagKeys$member": null 1973 } 1974 }, 1975 "TagKeys": { 1976 "base": null, 1977 "refs": { 1978 "RemoveTagsFromResourceRequest$TagKeys": "<p>The tag key (name) of the tag to be removed.</p>" 1979 } 1980 }, 1981 "TagLimitExceededException": { 1982 "base": "<p>The maximum allowed number of tags was exceeded.</p>", 1983 "refs": { 1984 } 1985 }, 1986 "TagValue": { 1987 "base": null, 1988 "refs": { 1989 "Tag$Value": "<p>The optional value of the tag. The string value can be Unicode characters. The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-]*)$\").</p>" 1990 } 1991 }, 1992 "Tags": { 1993 "base": null, 1994 "refs": { 1995 "AddTagsToResourceRequest$Tags": "<p>The tags to be assigned to the directory.</p>", 1996 "ConnectDirectoryRequest$Tags": "<p>The tags to be assigned to AD Connector.</p>", 1997 "CreateDirectoryRequest$Tags": "<p>The tags to be assigned to the Simple AD directory.</p>", 1998 "CreateMicrosoftADRequest$Tags": "<p>The tags to be assigned to the Managed Microsoft AD directory.</p>", 1999 "ListTagsForResourceResult$Tags": "<p>List of tags returned by the ListTagsForResource operation.</p>" 2000 } 2001 }, 2002 "TargetId": { 2003 "base": null, 2004 "refs": { 2005 "ShareTarget$Id": "<p>Identifier of the directory consumer account.</p>", 2006 "UnshareTarget$Id": "<p>Identifier of the directory consumer account.</p>" 2007 } 2008 }, 2009 "TargetType": { 2010 "base": null, 2011 "refs": { 2012 "ShareTarget$Type": "<p>Type of identifier to be used in the <code>Id</code> field.</p>", 2013 "UnshareTarget$Type": "<p>Type of identifier to be used in the <i>Id</i> field.</p>" 2014 } 2015 }, 2016 "TopicArn": { 2017 "base": null, 2018 "refs": { 2019 "EventTopic$TopicArn": "<p>The Amazon SNS topic ARN (Amazon Resource Name).</p>" 2020 } 2021 }, 2022 "TopicName": { 2023 "base": null, 2024 "refs": { 2025 "DeregisterEventTopicRequest$TopicName": "<p>The name of the Amazon SNS topic from which to remove the directory as a publisher.</p>", 2026 "EventTopic$TopicName": "<p>The name of an Amazon SNS topic the receives status messages from the directory.</p>", 2027 "RegisterEventTopicRequest$TopicName": "<p>The Amazon SNS topic name to which the directory will publish status messages. This Amazon SNS topic must be in the same region as the specified Directory ID.</p>", 2028 "TopicNames$member": null 2029 } 2030 }, 2031 "TopicNames": { 2032 "base": null, 2033 "refs": { 2034 "DescribeEventTopicsRequest$TopicNames": "<p>A list of Amazon SNS topic names for which to obtain the information. If this member is null, all associations for the specified Directory ID are returned.</p> <p>An empty list results in an <code>InvalidParameterException</code> being thrown.</p>" 2035 } 2036 }, 2037 "TopicStatus": { 2038 "base": null, 2039 "refs": { 2040 "EventTopic$Status": "<p>The topic registration status.</p>" 2041 } 2042 }, 2043 "Trust": { 2044 "base": "<p>Describes a trust relationship between an Managed Microsoft AD directory and an external domain.</p>", 2045 "refs": { 2046 "Trusts$member": null 2047 } 2048 }, 2049 "TrustDirection": { 2050 "base": null, 2051 "refs": { 2052 "CreateTrustRequest$TrustDirection": "<p>The direction of the trust relationship.</p>", 2053 "Trust$TrustDirection": "<p>The trust relationship direction.</p>" 2054 } 2055 }, 2056 "TrustId": { 2057 "base": null, 2058 "refs": { 2059 "CreateTrustResult$TrustId": "<p>A unique identifier for the trust relationship that was created.</p>", 2060 "DeleteTrustRequest$TrustId": "<p>The Trust ID of the trust relationship to be deleted.</p>", 2061 "DeleteTrustResult$TrustId": "<p>The Trust ID of the trust relationship that was deleted.</p>", 2062 "Trust$TrustId": "<p>The unique ID of the trust relationship.</p>", 2063 "TrustIds$member": null, 2064 "UpdateTrustRequest$TrustId": "<p>Identifier of the trust relationship.</p>", 2065 "UpdateTrustResult$TrustId": "<p>Identifier of the trust relationship.</p>", 2066 "VerifyTrustRequest$TrustId": "<p>The unique Trust ID of the trust relationship to verify.</p>", 2067 "VerifyTrustResult$TrustId": "<p>The unique Trust ID of the trust relationship that was verified.</p>" 2068 } 2069 }, 2070 "TrustIds": { 2071 "base": null, 2072 "refs": { 2073 "DescribeTrustsRequest$TrustIds": "<p>A list of identifiers of the trust relationships for which to obtain the information. If this member is null, all trust relationships that belong to the current account are returned.</p> <p>An empty list results in an <code>InvalidParameterException</code> being thrown.</p>" 2074 } 2075 }, 2076 "TrustPassword": { 2077 "base": null, 2078 "refs": { 2079 "CreateTrustRequest$TrustPassword": "<p>The trust password. The must be the same password that was used when creating the trust relationship on the external domain.</p>" 2080 } 2081 }, 2082 "TrustState": { 2083 "base": null, 2084 "refs": { 2085 "Trust$TrustState": "<p>The trust relationship state.</p>" 2086 } 2087 }, 2088 "TrustStateReason": { 2089 "base": null, 2090 "refs": { 2091 "Trust$TrustStateReason": "<p>The reason for the TrustState.</p>" 2092 } 2093 }, 2094 "TrustType": { 2095 "base": null, 2096 "refs": { 2097 "CreateTrustRequest$TrustType": "<p>The trust relationship type. <code>Forest</code> is the default.</p>", 2098 "Trust$TrustType": "<p>The trust relationship type. <code>Forest</code> is the default.</p>" 2099 } 2100 }, 2101 "Trusts": { 2102 "base": null, 2103 "refs": { 2104 "DescribeTrustsResult$Trusts": "<p>The list of Trust objects that were retrieved.</p> <p>It is possible that this list contains less than the number of items specified in the <i>Limit</i> member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.</p>" 2105 } 2106 }, 2107 "UnshareDirectoryRequest": { 2108 "base": null, 2109 "refs": { 2110 } 2111 }, 2112 "UnshareDirectoryResult": { 2113 "base": null, 2114 "refs": { 2115 } 2116 }, 2117 "UnshareTarget": { 2118 "base": "<p>Identifier that contains details about the directory consumer account with whom the directory is being unshared.</p>", 2119 "refs": { 2120 "UnshareDirectoryRequest$UnshareTarget": "<p>Identifier for the directory consumer account with whom the directory has to be unshared.</p>" 2121 } 2122 }, 2123 "UnsupportedOperationException": { 2124 "base": "<p>The operation is not supported.</p>", 2125 "refs": { 2126 } 2127 }, 2128 "UpdateConditionalForwarderRequest": { 2129 "base": "<p>Updates a conditional forwarder.</p>", 2130 "refs": { 2131 } 2132 }, 2133 "UpdateConditionalForwarderResult": { 2134 "base": "<p>The result of an UpdateConditionalForwarder request.</p>", 2135 "refs": { 2136 } 2137 }, 2138 "UpdateNumberOfDomainControllersRequest": { 2139 "base": null, 2140 "refs": { 2141 } 2142 }, 2143 "UpdateNumberOfDomainControllersResult": { 2144 "base": null, 2145 "refs": { 2146 } 2147 }, 2148 "UpdateRadiusRequest": { 2149 "base": "<p>Contains the inputs for the <a>UpdateRadius</a> operation.</p>", 2150 "refs": { 2151 } 2152 }, 2153 "UpdateRadiusResult": { 2154 "base": "<p>Contains the results of the <a>UpdateRadius</a> operation.</p>", 2155 "refs": { 2156 } 2157 }, 2158 "UpdateSecurityGroupForDirectoryControllers": { 2159 "base": null, 2160 "refs": { 2161 "AddIpRoutesRequest$UpdateSecurityGroupForDirectoryControllers": "<p>If set to true, updates the inbound and outbound rules of the security group that has the description: \"Amazon Web Services created security group for <i>directory ID</i> directory controllers.\" Following are the new rules: </p> <p>Inbound:</p> <ul> <li> <p>Type: Custom UDP Rule, Protocol: UDP, Range: 88, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom UDP Rule, Protocol: UDP, Range: 123, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom UDP Rule, Protocol: UDP, Range: 138, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom UDP Rule, Protocol: UDP, Range: 389, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom UDP Rule, Protocol: UDP, Range: 464, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom UDP Rule, Protocol: UDP, Range: 445, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 88, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 135, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 445, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 464, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 636, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 1024-65535, Source: 0.0.0.0/0</p> </li> <li> <p>Type: Custom TCP Rule, Protocol: TCP, Range: 3268-33269, Source: 0.0.0.0/0</p> </li> <li> <p>Type: DNS (UDP), Protocol: UDP, Range: 53, Source: 0.0.0.0/0</p> </li> <li> <p>Type: DNS (TCP), Protocol: TCP, Range: 53, Source: 0.0.0.0/0</p> </li> <li> <p>Type: LDAP, Protocol: TCP, Range: 389, Source: 0.0.0.0/0</p> </li> <li> <p>Type: All ICMP, Protocol: All, Range: N/A, Source: 0.0.0.0/0</p> </li> </ul> <p/> <p>Outbound:</p> <ul> <li> <p>Type: All traffic, Protocol: All, Range: All, Destination: 0.0.0.0/0</p> </li> </ul> <p>These security rules impact an internal network interface that is not exposed publicly.</p>" 2162 } 2163 }, 2164 "UpdateTrustRequest": { 2165 "base": null, 2166 "refs": { 2167 } 2168 }, 2169 "UpdateTrustResult": { 2170 "base": null, 2171 "refs": { 2172 } 2173 }, 2174 "UseSameUsername": { 2175 "base": null, 2176 "refs": { 2177 "RadiusSettings$UseSameUsername": "<p>Not currently used.</p>" 2178 } 2179 }, 2180 "UserDoesNotExistException": { 2181 "base": "<p>The user provided a username that does not exist in your directory.</p>", 2182 "refs": { 2183 } 2184 }, 2185 "UserName": { 2186 "base": null, 2187 "refs": { 2188 "DirectoryConnectSettings$CustomerUserName": "<p>The user name of an account in your self-managed directory that is used to connect to the directory. This account must have the following permissions:</p> <ul> <li> <p>Read users and groups</p> </li> <li> <p>Create computer objects</p> </li> <li> <p>Join computers to the domain</p> </li> </ul>", 2189 "DirectoryConnectSettingsDescription$CustomerUserName": "<p>The user name of the service account in your self-managed directory.</p>", 2190 "DisableSsoRequest$UserName": "<p>The username of an alternate account to use to disable single-sign on. This is only used for AD Connector directories. This account must have privileges to remove a service principal name.</p> <p>If the AD Connector service account does not have privileges to remove a service principal name, you can specify an alternate account with the <i>UserName</i> and <i>Password</i> parameters. These credentials are only used to disable single sign-on and are not stored by the service. The AD Connector service account is not changed.</p>", 2191 "EnableSsoRequest$UserName": "<p>The username of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. This account must have privileges to add a service principal name.</p> <p>If the AD Connector service account does not have privileges to add a service principal name, you can specify an alternate account with the <i>UserName</i> and <i>Password</i> parameters. These credentials are only used to enable single sign-on and are not stored by the service. The AD Connector service account is not changed.</p>" 2192 } 2193 }, 2194 "UserPassword": { 2195 "base": null, 2196 "refs": { 2197 "ResetUserPasswordRequest$NewPassword": "<p>The new password that will be reset.</p>" 2198 } 2199 }, 2200 "VerifyTrustRequest": { 2201 "base": "<p>Initiates the verification of an existing trust relationship between an Managed Microsoft AD directory and an external domain.</p>", 2202 "refs": { 2203 } 2204 }, 2205 "VerifyTrustResult": { 2206 "base": "<p>Result of a VerifyTrust request.</p>", 2207 "refs": { 2208 } 2209 }, 2210 "VpcId": { 2211 "base": null, 2212 "refs": { 2213 "DirectoryConnectSettings$VpcId": "<p>The identifier of the VPC in which the AD Connector is created.</p>", 2214 "DirectoryConnectSettingsDescription$VpcId": "<p>The identifier of the VPC that the AD Connector is in.</p>", 2215 "DirectoryVpcSettings$VpcId": "<p>The identifier of the VPC in which to create the directory.</p>", 2216 "DirectoryVpcSettingsDescription$VpcId": "<p>The identifier of the VPC that the directory is in.</p>", 2217 "DomainController$VpcId": "<p>The identifier of the VPC that contains the domain controller.</p>" 2218 } 2219 } 2220 } 2221} 2222