AWS Directory Service

2019/11/26 - AWS Directory Service - 7 new api methods

Changes  This release will introduce optional encryption over LDAP network traffic using SSL certificates between customer's self-managed AD and AWS Directory Services instances. The release also provides APIs for Certificate management.

ListCertificates (new) Link ¶

For the specified directory, lists all the certificates registered for a secured LDAP connection.

See also: AWS API Documentation

Request Syntax

client.list_certificates(
    DirectoryId='string',
    NextToken='string',
    Limit=123
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type NextToken

string

param NextToken

A token for requesting another page of certificates if the NextToken response element indicates that more certificates are available. Use the value of the returned NextToken element in your request until the token comes back as null . Pass null if this is the first call.

type Limit

integer

param Limit

The number of items that should show up on one page

rtype

dict

returns

Response Syntax

{
    'NextToken': 'string',
    'CertificatesInfo': [
        {
            'CertificateId': 'string',
            'CommonName': 'string',
            'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed'
        },
    ]
}

Response Structure

  • (dict) --

    • NextToken (string) --

      Indicates whether another page of certificates is available when the number of available certificates exceeds the page limit.

    • CertificatesInfo (list) --

      A list of certificates with basic details including certificate ID, certificate common name, certificate state.

      • (dict) --

        Contains general information about a certificate.

        • CertificateId (string) --

          The identifier of the certificate.

        • CommonName (string) --

          The common name for the certificate.

        • State (string) --

          The state of the certificate.

RegisterCertificate (new) Link ¶

Registers a certificate for secured LDAP connection.

See also: AWS API Documentation

Request Syntax

client.register_certificate(
    DirectoryId='string',
    CertificateData='string'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type CertificateData

string

param CertificateData

[REQUIRED]

The certificate PEM string that needs to be registered.

rtype

dict

returns

Response Syntax

{
    'CertificateId': 'string'
}

Response Structure

  • (dict) --

    • CertificateId (string) --

      The identifier of the certificate.

DisableLDAPS (new) Link ¶

Deactivates LDAP secure calls for the specified directory.

See also: AWS API Documentation

Request Syntax

client.disable_ldaps(
    DirectoryId='string',
    Type='Client'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type Type

string

param Type

The type of LDAP security that the customer wants to enable. The security can be either server or client, but currently only the default Client is supported.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

DescribeCertificate (new) Link ¶

Displays information about the certificate registered for a secured LDAP connection.

See also: AWS API Documentation

Request Syntax

client.describe_certificate(
    DirectoryId='string',
    CertificateId='string'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type CertificateId

string

param CertificateId

[REQUIRED]

The identifier of the certificate.

rtype

dict

returns

Response Syntax

{
    'Certificate': {
        'CertificateId': 'string',
        'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed',
        'StateReason': 'string',
        'CommonName': 'string',
        'RegisteredDateTime': datetime(2015, 1, 1),
        'ExpiryDateTime': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • Certificate (dict) --

      Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.

      • CertificateId (string) --

        The identifier of the certificate.

      • State (string) --

        The state of the certificate.

      • StateReason (string) --

        Describes a state change for the certificate.

      • CommonName (string) --

        The common name for the certificate.

      • RegisteredDateTime (datetime) --

        The date and time that the certificate was registered.

      • ExpiryDateTime (datetime) --

        The date and time when the certificate will expire.

EnableLDAPS (new) Link ¶

Activates the switch for the specific directory to always use LDAP secure calls.

See also: AWS API Documentation

Request Syntax

client.enable_ldaps(
    DirectoryId='string',
    Type='Client'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type Type

string

param Type

The type of LDAP security the customer wants to enable. The security can be either server or client, but currently only the default Client is supported.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

DescribeLDAPSSettings (new) Link ¶

Describes the status of LDAP security for the specified directory.

See also: AWS API Documentation

Request Syntax

client.describe_ldaps_settings(
    DirectoryId='string',
    Type='Client',
    NextToken='string',
    Limit=123
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type Type

string

param Type

The type of LDAP security the customer wants to enable, either server or client. Currently supports only Client , (the default).

type NextToken

string

param NextToken

The type of next token used for pagination.

type Limit

integer

param Limit

Specifies the number of items that should be displayed on one page.

rtype

dict

returns

Response Syntax

{
    'LDAPSSettingsInfo': [
        {
            'LDAPSStatus': 'Enabling'|'Enabled'|'EnableFailed'|'Disabled',
            'LDAPSStatusReason': 'string',
            'LastUpdatedDateTime': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • LDAPSSettingsInfo (list) --

      Information about LDAP security for the specified directory, including status of enablement, state last updated date time, and the reason for the state.

      • (dict) --

        Contains general information about the LDAPS settings.

        • LDAPSStatus (string) --

          The state of the LDAPS settings.

        • LDAPSStatusReason (string) --

          Describes a state change for LDAPS.

        • LastUpdatedDateTime (datetime) --

          The date and time when the LDAPS settings were last updated.

    • NextToken (string) --

      The next token used to retrieve the LDAPS settings if the number of setting types exceeds page limit and there is another page.

DeregisterCertificate (new) Link ¶

Deletes from the system the certificate that was registered for a secured LDAP connection.

See also: AWS API Documentation

Request Syntax

client.deregister_certificate(
    DirectoryId='string',
    CertificateId='string'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

The identifier of the directory.

type CertificateId

string

param CertificateId

[REQUIRED]

The identifier of the certificate.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --