2019/11/26 - AWS Directory Service - 7 new api methods
Changes This release will introduce optional encryption over LDAP network traffic using SSL certificates between customer's self-managed AD and AWS Directory Services instances. The release also provides APIs for Certificate management.
Registers a certificate for secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.register_certificate(
DirectoryId='string',
CertificateData='string'
)
string
[REQUIRED]
The identifier of the directory.
string
[REQUIRED]
The certificate PEM string that needs to be registered.
dict
Response Syntax
{
'CertificateId': 'string'
}
Response Structure
(dict) --
CertificateId (string) --
The identifier of the certificate.
Deactivates LDAP secure calls for the specified directory.
See also: AWS API Documentation
Request Syntax
client.disable_ldaps(
DirectoryId='string',
Type='Client'
)
string
[REQUIRED]
The identifier of the directory.
string
The type of LDAP security that the customer wants to enable. The security can be either server or client, but currently only the default Client is supported.
dict
Response Syntax
{}
Response Structure
(dict) --
Deletes from the system the certificate that was registered for a secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.deregister_certificate(
DirectoryId='string',
CertificateId='string'
)
string
[REQUIRED]
The identifier of the directory.
string
[REQUIRED]
The identifier of the certificate.
dict
Response Syntax
{}
Response Structure
(dict) --
For the specified directory, lists all the certificates registered for a secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.list_certificates(
DirectoryId='string',
NextToken='string',
Limit=123
)
string
[REQUIRED]
The identifier of the directory.
string
A token for requesting another page of certificates if the NextToken response element indicates that more certificates are available. Use the value of the returned NextToken element in your request until the token comes back as null . Pass null if this is the first call.
integer
The number of items that should show up on one page
dict
Response Syntax
{
'NextToken': 'string',
'CertificatesInfo': [
{
'CertificateId': 'string',
'CommonName': 'string',
'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed'
},
]
}
Response Structure
(dict) --
NextToken (string) --
Indicates whether another page of certificates is available when the number of available certificates exceeds the page limit.
CertificatesInfo (list) --
A list of certificates with basic details including certificate ID, certificate common name, certificate state.
(dict) --
Contains general information about a certificate.
CertificateId (string) --
The identifier of the certificate.
CommonName (string) --
The common name for the certificate.
State (string) --
The state of the certificate.
Describes the status of LDAP security for the specified directory.
See also: AWS API Documentation
Request Syntax
client.describe_ldaps_settings(
DirectoryId='string',
Type='Client',
NextToken='string',
Limit=123
)
string
[REQUIRED]
The identifier of the directory.
string
The type of LDAP security the customer wants to enable, either server or client. Currently supports only Client , (the default).
string
The type of next token used for pagination.
integer
Specifies the number of items that should be displayed on one page.
dict
Response Syntax
{
'LDAPSSettingsInfo': [
{
'LDAPSStatus': 'Enabling'|'Enabled'|'EnableFailed'|'Disabled',
'LDAPSStatusReason': 'string',
'LastUpdatedDateTime': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
LDAPSSettingsInfo (list) --
Information about LDAP security for the specified directory, including status of enablement, state last updated date time, and the reason for the state.
(dict) --
Contains general information about the LDAPS settings.
LDAPSStatus (string) --
The state of the LDAPS settings.
LDAPSStatusReason (string) --
Describes a state change for LDAPS.
LastUpdatedDateTime (datetime) --
The date and time when the LDAPS settings were last updated.
NextToken (string) --
The next token used to retrieve the LDAPS settings if the number of setting types exceeds page limit and there is another page.
Displays information about the certificate registered for a secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.describe_certificate(
DirectoryId='string',
CertificateId='string'
)
string
[REQUIRED]
The identifier of the directory.
string
[REQUIRED]
The identifier of the certificate.
dict
Response Syntax
{
'Certificate': {
'CertificateId': 'string',
'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed',
'StateReason': 'string',
'CommonName': 'string',
'RegisteredDateTime': datetime(2015, 1, 1),
'ExpiryDateTime': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
Certificate (dict) --
Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.
CertificateId (string) --
The identifier of the certificate.
State (string) --
The state of the certificate.
StateReason (string) --
Describes a state change for the certificate.
CommonName (string) --
The common name for the certificate.
RegisteredDateTime (datetime) --
The date and time that the certificate was registered.
ExpiryDateTime (datetime) --
The date and time when the certificate will expire.
Activates the switch for the specific directory to always use LDAP secure calls.
See also: AWS API Documentation
Request Syntax
client.enable_ldaps(
DirectoryId='string',
Type='Client'
)
string
[REQUIRED]
The identifier of the directory.
string
The type of LDAP security the customer wants to enable. The security can be either server or client, but currently only the default Client is supported.
dict
Response Syntax
{}
Response Structure
(dict) --