AWS Directory Service

2018/09/20 - AWS Directory Service - 3 new api methods

Changes  Added CreateLogSubscription, DeleteLogSubscription, and ListLogSubscriptions APIs for Microsoft AD. Customers can now opt in to have Windows security event logs from the domain controllers forwarded to a log group in their account.

ListLogSubscriptions (new) Link ¶

Lists the active log subscriptions for the AWS account.

See also: AWS API Documentation

Request Syntax

client.list_log_subscriptions(
    DirectoryId='string',
    NextToken='string',
    Limit=123
)
type DirectoryId

string

param DirectoryId

If a DirectoryID is provided, lists only the log subscription associated with that directory. If no DirectoryId is provided, lists all log subscriptions associated with your AWS account. If there are no log subscriptions for the AWS account or the directory, an empty list will be returned.

type NextToken

string

param NextToken

The token for the next set of items to return.

type Limit

integer

param Limit

The maximum number of items returned.

rtype

dict

returns

Response Syntax

{
    'LogSubscriptions': [
        {
            'DirectoryId': 'string',
            'LogGroupName': 'string',
            'SubscriptionCreatedDateTime': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • LogSubscriptions (list) --

      A list of active LogSubscription objects for calling the AWS account.

      • (dict) --

        Represents a log subscription, which tracks real-time data from a chosen log group to a specified destination.

        • DirectoryId (string) --

          Identifier (ID) of the directory that you want to associate with the log subscription.

        • LogGroupName (string) --

          The name of the log group.

        • SubscriptionCreatedDateTime (datetime) --

          The date and time that the log subscription was created.

    • NextToken (string) --

      The token for the next set of items to return.

CreateLogSubscription (new) Link ¶

Creates a subscription to forward real time Directory Service domain controller security logs to the specified CloudWatch log group in your AWS account.

See also: AWS API Documentation

Request Syntax

client.create_log_subscription(
    DirectoryId='string',
    LogGroupName='string'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

Identifier (ID) of the directory to which you want to subscribe and receive real-time logs to your specified CloudWatch log group.

type LogGroupName

string

param LogGroupName

[REQUIRED]

The name of the CloudWatch log group where the real-time domain controller logs are forwarded.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

DeleteLogSubscription (new) Link ¶

Deletes the specified log subscription.

See also: AWS API Documentation

Request Syntax

client.delete_log_subscription(
    DirectoryId='string'
)
type DirectoryId

string

param DirectoryId

[REQUIRED]

Identifier (ID) of the directory whose log subscription you want to delete.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --