Namespace Pulumi.Aws.DirectoryService
Classes
ConditionalForwader
Provides a conditional forwarder for managed Microsoft AD in AWS Directory Service.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var example = new Aws.DirectoryService.ConditionalForwader("example", new Aws.DirectoryService.ConditionalForwaderArgs
{
DirectoryId = aws_directory_service_directory.Ad.Id,
DnsIps =
{
"8.8.8.8",
"8.8.4.4",
},
RemoteDomainName = "example.com",
});
}
}
ConditionalForwaderArgs
ConditionalForwaderState
Directory
Provides a Simple or Managed Microsoft directory in AWS Directory Service.
Note: All arguments including the password and customer username will be stored in the raw state as plain-text. Read more about sensitive data in state.
Example Usage
SimpleAD
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs
{
CidrBlock = "10.0.0.0/16",
});
var foo = new Aws.Ec2.Subnet("foo", new Aws.Ec2.SubnetArgs
{
AvailabilityZone = "us-west-2a",
CidrBlock = "10.0.1.0/24",
VpcId = main.Id,
});
var barSubnet = new Aws.Ec2.Subnet("barSubnet", new Aws.Ec2.SubnetArgs
{
AvailabilityZone = "us-west-2b",
CidrBlock = "10.0.2.0/24",
VpcId = main.Id,
});
var barDirectory = new Aws.DirectoryService.Directory("barDirectory", new Aws.DirectoryService.DirectoryArgs
{
Password = "SuperSecretPassw0rd",
Size = "Small",
Tags =
{
{ "Project", "foo" },
},
VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs
{
SubnetIds =
{
foo.Id,
barSubnet.Id,
},
VpcId = main.Id,
},
});
}
}
Microsoft Active Directory (MicrosoftAD)
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs
{
CidrBlock = "10.0.0.0/16",
});
var foo = new Aws.Ec2.Subnet("foo", new Aws.Ec2.SubnetArgs
{
AvailabilityZone = "us-west-2a",
CidrBlock = "10.0.1.0/24",
VpcId = main.Id,
});
var barSubnet = new Aws.Ec2.Subnet("barSubnet", new Aws.Ec2.SubnetArgs
{
AvailabilityZone = "us-west-2b",
CidrBlock = "10.0.2.0/24",
VpcId = main.Id,
});
var barDirectory = new Aws.DirectoryService.Directory("barDirectory", new Aws.DirectoryService.DirectoryArgs
{
Edition = "Standard",
Password = "SuperSecretPassw0rd",
Tags =
{
{ "Project", "foo" },
},
Type = "MicrosoftAD",
VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs
{
SubnetIds =
{
foo.Id,
barSubnet.Id,
},
VpcId = main.Id,
},
});
}
}
Microsoft Active Directory Connector (ADConnector)
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs
{
CidrBlock = "10.0.0.0/16",
});
var foo = new Aws.Ec2.Subnet("foo", new Aws.Ec2.SubnetArgs
{
AvailabilityZone = "us-west-2a",
CidrBlock = "10.0.1.0/24",
VpcId = main.Id,
});
var bar = new Aws.Ec2.Subnet("bar", new Aws.Ec2.SubnetArgs
{
AvailabilityZone = "us-west-2b",
CidrBlock = "10.0.2.0/24",
VpcId = main.Id,
});
var connector = new Aws.DirectoryService.Directory("connector", new Aws.DirectoryService.DirectoryArgs
{
ConnectSettings = new Aws.DirectoryService.Inputs.DirectoryConnectSettingsArgs
{
CustomerDnsIps =
{
"A.B.C.D",
},
CustomerUsername = "Admin",
SubnetIds =
{
foo.Id,
bar.Id,
},
VpcId = main.Id,
},
Password = "SuperSecretPassw0rd",
Size = "Small",
Type = "ADConnector",
});
}
}
DirectoryArgs
DirectoryState
GetDirectory
GetDirectoryArgs
GetDirectoryResult
LogService
Provides a Log subscription for AWS Directory Service that pushes logs to cloudwatch.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var exampleLogGroup = new Aws.CloudWatch.LogGroup("exampleLogGroup", new Aws.CloudWatch.LogGroupArgs
{
RetentionInDays = 14,
});
var ad_log_policyPolicyDocument = exampleLogGroup.Arn.Apply(arn => Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"logs:CreateLogStream",
"logs:PutLogEvents",
},
Effect = "Allow",
Principals =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
{
Identifiers =
{
"ds.amazonaws.com",
},
Type = "Service",
},
},
Resources =
{
arn,
},
},
},
}));
var ad_log_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("ad-log-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs
{
PolicyDocument = ad_log_policyPolicyDocument.Apply(ad_log_policyPolicyDocument => ad_log_policyPolicyDocument.Json),
PolicyName = "ad-log-policy",
});
var exampleLogService = new Aws.DirectoryService.LogService("exampleLogService", new Aws.DirectoryService.LogServiceArgs
{
DirectoryId = aws_directory_service_directory.Example.Id,
LogGroupName = exampleLogGroup.Name,
});
}
}