1. Docs
  2. Reference
  3. API
  4. @pulumi/aws
  5. directoryservice

Module directoryservice

This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

Resources

Functions

Others

Resources

Resource ConditionalForwader

class ConditionalForwader extends CustomResource

Provides a conditional forwarder for managed Microsoft AD in AWS Directory Service.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.directoryservice.ConditionalForwader("example", {
    directoryId: aws_directory_service_directory_ad.id,
    dnsIps: [
        "8.8.8.8",
        "8.8.4.4",
    ],
    remoteDomainName: "example.com",
});

constructor

new ConditionalForwader(name: string, args: ConditionalForwaderArgs, opts?: pulumi.CustomResourceOptions)

Create a ConditionalForwader resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ConditionalForwaderState, opts?: pulumi.CustomResourceOptions): ConditionalForwader

Get an existing ConditionalForwader resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ConditionalForwader

Returns true if the given object is an instance of ConditionalForwader. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property directoryId

public directoryId: pulumi.Output<string>;

The id of directory.

property dnsIps

public dnsIps: pulumi.Output<string[]>;

A list of forwarder IP addresses.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property remoteDomainName

public remoteDomainName: pulumi.Output<string>;

The fully qualified domain name of the remote domain for which forwarders will be used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Directory

class Directory extends CustomResource

Provides a Simple or Managed Microsoft directory in AWS Directory Service.

Note: All arguments including the password and customer username will be stored in the raw state as plain-text.

Example Usage

SimpleAD
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.Vpc("main", {
    cidrBlock: "10.0.0.0/16",
});
const foo = new aws.ec2.Subnet("foo", {
    availabilityZone: "us-west-2a",
    cidrBlock: "10.0.1.0/24",
    vpcId: main.id,
});
const barSubnet = new aws.ec2.Subnet("bar", {
    availabilityZone: "us-west-2b",
    cidrBlock: "10.0.2.0/24",
    vpcId: main.id,
});
const barDirectory = new aws.directoryservice.Directory("bar", {
    password: "SuperSecretPassw0rd",
    size: "Small",
    tags: {
        Project: "foo",
    },
    vpcSettings: {
        subnetIds: [
            foo.id,
            barSubnet.id,
        ],
        vpcId: main.id,
    },
});
Microsoft Active Directory (MicrosoftAD)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.Vpc("main", {
    cidrBlock: "10.0.0.0/16",
});
const foo = new aws.ec2.Subnet("foo", {
    availabilityZone: "us-west-2a",
    cidrBlock: "10.0.1.0/24",
    vpcId: main.id,
});
const barSubnet = new aws.ec2.Subnet("bar", {
    availabilityZone: "us-west-2b",
    cidrBlock: "10.0.2.0/24",
    vpcId: main.id,
});
const barDirectory = new aws.directoryservice.Directory("bar", {
    edition: "Standard",
    password: "SuperSecretPassw0rd",
    tags: {
        Project: "foo",
    },
    type: "MicrosoftAD",
    vpcSettings: {
        subnetIds: [
            foo.id,
            barSubnet.id,
        ],
        vpcId: main.id,
    },
});
Microsoft Active Directory Connector (ADConnector)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.Vpc("main", {
    cidrBlock: "10.0.0.0/16",
});
const foo = new aws.ec2.Subnet("foo", {
    availabilityZone: "us-west-2a",
    cidrBlock: "10.0.1.0/24",
    vpcId: main.id,
});
const bar = new aws.ec2.Subnet("bar", {
    availabilityZone: "us-west-2b",
    cidrBlock: "10.0.2.0/24",
    vpcId: main.id,
});
const connector = new aws.directoryservice.Directory("connector", {
    connectSettings: {
        customerDnsIps: ["A.B.C.D"],
        customerUsername: "Admin",
        subnetIds: [
            foo.id,
            bar.id,
        ],
        vpcId: main.id,
    },
    password: "SuperSecretPassw0rd",
    size: "Small",
    type: "ADConnector",
});

constructor

new Directory(name: string, args: DirectoryArgs, opts?: pulumi.CustomResourceOptions)

Create a Directory resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DirectoryState, opts?: pulumi.CustomResourceOptions): Directory

Get an existing Directory resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Directory

Returns true if the given object is an instance of Directory. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessUrl

public accessUrl: pulumi.Output<string>;

The access URL for the directory, such as http://alias.awsapps.com.

property alias

public alias: pulumi.Output<string>;

The alias for the directory (must be unique amongst all aliases in AWS). Required for enableSso.

property connectSettings

public connectSettings: pulumi.Output<DirectoryConnectSettings | undefined>;

Connector related information about the directory. Fields documented below.

property description

public description: pulumi.Output<string | undefined>;

A textual description for the directory.

property dnsIpAddresses

public dnsIpAddresses: pulumi.Output<string[]>;

A list of IP addresses of the DNS servers for the directory or connector.

property edition

public edition: pulumi.Output<string>;

The MicrosoftAD edition (Standard or Enterprise). Defaults to Enterprise (applies to MicrosoftAD type only).

property enableSso

public enableSso: pulumi.Output<boolean | undefined>;

Whether to enable single-sign on for the directory. Requires alias. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The fully qualified name for the directory, such as corp.example.com

property password

public password: pulumi.Output<string>;

The password for the directory administrator or connector user.

property securityGroupId

public securityGroupId: pulumi.Output<string>;

The ID of the security group created by the directory.

property shortName

public shortName: pulumi.Output<string>;

The short name of the directory, such as CORP.

property size

public size: pulumi.Output<string>;

The size of the directory (Small or Large are accepted values).

property tags

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A map of tags to assign to the resource.

property type

public type: pulumi.Output<string | undefined>;

The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). Defaults to SimpleAD.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcSettings

public vpcSettings: pulumi.Output<DirectoryVpcSettings | undefined>;

VPC related information about the directory. Fields documented below.

Resource LogService

class LogService extends CustomResource

Provides a Log subscription for AWS Directory Service that pushes logs to cloudwatch.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleLogGroup = new aws.cloudwatch.LogGroup("example", {
    retentionInDays: 14,
});
const ad_log_policyPolicyDocument = exampleLogGroup.arn.apply(arn => aws.iam.getPolicyDocument({
    statements: [{
        actions: [
            "logs:CreateLogStream",
            "logs:PutLogEvents",
        ],
        effect: "Allow",
        principals: [{
            identifiers: ["ds.amazonaws.com"],
            type: "Service",
        }],
        resources: [arn],
    }],
}, { async: true }));
const ad_log_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy("ad-log-policy", {
    policyDocument: ad_log_policyPolicyDocument.json,
    policyName: "ad-log-policy",
});
const exampleLogService = new aws.directoryservice.LogService("example", {
    directoryId: aws_directory_service_directory_example.id,
    logGroupName: exampleLogGroup.name,
});

constructor

new LogService(name: string, args: LogServiceArgs, opts?: pulumi.CustomResourceOptions)

Create a LogService resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LogServiceState, opts?: pulumi.CustomResourceOptions): LogService

Get an existing LogService resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is LogService

Returns true if the given object is an instance of LogService. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property directoryId

public directoryId: pulumi.Output<string>;

The id of directory.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property logGroupName

public logGroupName: pulumi.Output<string>;

Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getDirectory

getDirectory(args: GetDirectoryArgs, opts?: pulumi.InvokeOptions): Promise<GetDirectoryResult>

Get attributes of AWS Directory Service directory (SimpleAD, Managed AD, AD Connector). It’s especially useful to refer AWS Managed AD or on-premise AD in AD Connector configuration.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws_directory_service_directory_main.id.apply(id => aws.directoryservice.getDirectory({
    directoryId: id,
}, { async: true }));

Others

interface ConditionalForwaderArgs

interface ConditionalForwaderArgs

The set of arguments for constructing a ConditionalForwader resource.

property directoryId

directoryId: pulumi.Input<string>;

The id of directory.

property dnsIps

dnsIps: pulumi.Input<pulumi.Input<string>[]>;

A list of forwarder IP addresses.

property remoteDomainName

remoteDomainName: pulumi.Input<string>;

The fully qualified domain name of the remote domain for which forwarders will be used.

interface ConditionalForwaderState

interface ConditionalForwaderState

Input properties used for looking up and filtering ConditionalForwader resources.

property directoryId

directoryId?: pulumi.Input<string>;

The id of directory.

property dnsIps

dnsIps?: pulumi.Input<pulumi.Input<string>[]>;

A list of forwarder IP addresses.

property remoteDomainName

remoteDomainName?: pulumi.Input<string>;

The fully qualified domain name of the remote domain for which forwarders will be used.

interface DirectoryArgs

interface DirectoryArgs

The set of arguments for constructing a Directory resource.

property alias

alias?: pulumi.Input<string>;

The alias for the directory (must be unique amongst all aliases in AWS). Required for enableSso.

property connectSettings

connectSettings?: pulumi.Input<DirectoryConnectSettings>;

Connector related information about the directory. Fields documented below.

property description

description?: pulumi.Input<string>;

A textual description for the directory.

property edition

edition?: pulumi.Input<string>;

The MicrosoftAD edition (Standard or Enterprise). Defaults to Enterprise (applies to MicrosoftAD type only).

property enableSso

enableSso?: pulumi.Input<boolean>;

Whether to enable single-sign on for the directory. Requires alias. Defaults to false.

property name

name?: pulumi.Input<string>;

The fully qualified name for the directory, such as corp.example.com

property password

password: pulumi.Input<string>;

The password for the directory administrator or connector user.

property shortName

shortName?: pulumi.Input<string>;

The short name of the directory, such as CORP.

property size

size?: pulumi.Input<string>;

The size of the directory (Small or Large are accepted values).

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A map of tags to assign to the resource.

property type

type?: pulumi.Input<string>;

The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). Defaults to SimpleAD.

property vpcSettings

vpcSettings?: pulumi.Input<DirectoryVpcSettings>;

VPC related information about the directory. Fields documented below.

interface DirectoryState

interface DirectoryState

Input properties used for looking up and filtering Directory resources.

property accessUrl

accessUrl?: pulumi.Input<string>;

The access URL for the directory, such as http://alias.awsapps.com.

property alias

alias?: pulumi.Input<string>;

The alias for the directory (must be unique amongst all aliases in AWS). Required for enableSso.

property connectSettings

connectSettings?: pulumi.Input<DirectoryConnectSettings>;

Connector related information about the directory. Fields documented below.

property description

description?: pulumi.Input<string>;

A textual description for the directory.

property dnsIpAddresses

dnsIpAddresses?: pulumi.Input<pulumi.Input<string>[]>;

A list of IP addresses of the DNS servers for the directory or connector.

property edition

edition?: pulumi.Input<string>;

The MicrosoftAD edition (Standard or Enterprise). Defaults to Enterprise (applies to MicrosoftAD type only).

property enableSso

enableSso?: pulumi.Input<boolean>;

Whether to enable single-sign on for the directory. Requires alias. Defaults to false.

property name

name?: pulumi.Input<string>;

The fully qualified name for the directory, such as corp.example.com

property password

password?: pulumi.Input<string>;

The password for the directory administrator or connector user.

property securityGroupId

securityGroupId?: pulumi.Input<string>;

The ID of the security group created by the directory.

property shortName

shortName?: pulumi.Input<string>;

The short name of the directory, such as CORP.

property size

size?: pulumi.Input<string>;

The size of the directory (Small or Large are accepted values).

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A map of tags to assign to the resource.

property type

type?: pulumi.Input<string>;

The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). Defaults to SimpleAD.

property vpcSettings

vpcSettings?: pulumi.Input<DirectoryVpcSettings>;

VPC related information about the directory. Fields documented below.

interface GetDirectoryArgs

interface GetDirectoryArgs

A collection of arguments for invoking getDirectory.

property directoryId

directoryId: string;

The ID of the directory.

property tags

tags?: undefined | {[key: string]: any};

A map of tags assigned to the directory/connector.

interface GetDirectoryResult

interface GetDirectoryResult

A collection of values returned by getDirectory.

property accessUrl

accessUrl: string;

The access URL for the directory/connector, such as http://alias.awsapps.com.

property alias

alias: string;

The alias for the directory/connector, such as d-991708b282.awsapps.com.

property connectSettings

connectSettings: GetDirectoryConnectSetting[];

property description

description: string;

A textual description for the directory/connector.

property directoryId

directoryId: string;

property dnsIpAddresses

dnsIpAddresses: string[];

A list of IP addresses of the DNS servers for the directory/connector.

property edition

edition: string;

(for MicrosoftAD) The Microsoft AD edition (Standard or Enterprise).

property enableSso

enableSso: boolean;

The directory/connector single-sign on status.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property name

name: string;

The fully qualified name for the directory/connector.

property securityGroupId

securityGroupId: string;

The ID of the security group created by the directory/connector.

property shortName

shortName: string;

The short name of the directory/connector, such as CORP.

property size

size: string;

(for SimpleAD and ADConnector) The size of the directory/connector (Small or Large).

property tags

tags?: undefined | {[key: string]: any};

A map of tags assigned to the directory/connector.

property type

type: string;

The directory type (SimpleAD, ADConnector or MicrosoftAD).

property vpcSettings

vpcSettings: GetDirectoryVpcSetting[];

interface LogServiceArgs

interface LogServiceArgs

The set of arguments for constructing a LogService resource.

property directoryId

directoryId: pulumi.Input<string>;

The id of directory.

property logGroupName

logGroupName: pulumi.Input<string>;

Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.

interface LogServiceState

interface LogServiceState

Input properties used for looking up and filtering LogService resources.

property directoryId

directoryId?: pulumi.Input<string>;

The id of directory.

property logGroupName

logGroupName?: pulumi.Input<string>;

Name of the cloudwatch log group to which the logs should be published. The log group should be already created and the directory service principal should be provided with required permission to create stream and publish logs. Changing this value would delete the current subscription and create a new one. A directory can only have one log subscription at a time.