- Navigation GuideYou are on a Client landing page. Commands (operations) are listed on this page. The Client constructor type is linked at the bottom.
DirectoryServiceDataClient
Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information about Directory Service Data operations and object types.
With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from your Managed Microsoft AD without additional costs and without deploying dedicated management instances. You can also perform built-in object management tasks across directories without direct network connectivity, which simplifies provisioning and access management to achieve fully automated deployments. Directory Service Data supports user and group write operations, such as CreateUser
and CreateGroup
, within the organizational unit (OU) of your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers
and ListGroups
, on all users, groups, and group memberships within your Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles and permissions. For more information, see Manage users and groups in the Directory Service Administration Guide.
Directory management operations and configuration changes made against the Directory Service API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay between management changes, such as adding a new directory trust and calling the Directory Service Data API for the newly created trusted realm.
Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data uses an available domain controller. As a result, you might notice eventual consistency while objects replicate from one domain controller to another domain controller. For more information, see What gets created in the Directory Service Administration Guide. Directory limits vary by Managed Microsoft AD edition:
-
Standard edition – Supports 8 transactions per second (TPS) for read operations and 4 TPS for write operations per directory. There's a concurrency limit of 10 concurrent requests.
-
Enterprise edition – Supports 16 transactions per second (TPS) for read operations and 8 TPS for write operations per directory. There's a concurrency limit of 10 concurrent requests.
-
Amazon Web Services Account - Supports a total of 100 TPS for Directory Service Data operations across all directories.
Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary Amazon Web Services Region. For more information, see Managed Microsoft AD and Primary vs additional Regions in the Directory Service Administration Guide.
Installation
npm install @aws-sdk/client-directory-service-data
yarn add @aws-sdk/client-directory-service-data
pnpm add @aws-sdk/client-directory-service-data
DirectoryServiceDataClient Operations
Command | Summary |
---|
Command | Summary |
---|---|
AddGroupMemberCommand | Adds an existing user, group, or computer as a group member. |
CreateGroupCommand | Creates a new group. |
CreateUserCommand | Creates a new user. |
DeleteGroupCommand | Deletes a group. |
DeleteUserCommand | Deletes a user. |
DescribeGroupCommand | Returns information about a specific group. |
DescribeUserCommand | Returns information about a specific user. |
DisableUserCommand | Deactivates an active user account. For information about how to enable an inactive user account, see ResetUserPassword in the Directory Service API Reference. |
ListGroupMembersCommand | Returns member information for the specified group. This operation supports pagination with the use of the You can also specify a maximum number of return results with the |
ListGroupsCommand | Returns group information for the specified directory. This operation supports pagination with the use of the You can also specify a maximum number of return results with the |
ListGroupsForMemberCommand | Returns group information for the specified member. This operation supports pagination with the use of the You can also specify a maximum number of return results with the |
ListUsersCommand | Returns user information for the specified directory. This operation supports pagination with the use of the You can also specify a maximum number of return results with the |
RemoveGroupMemberCommand | Removes a member from a group. |
SearchGroupsCommand | Searches the specified directory for a group. You can find groups that match the This operation supports pagination with the use of the You can also specify a maximum number of return results with the |
SearchUsersCommand | Searches the specified directory for a user. You can find users that match the This operation supports pagination with the use of the You can also specify a maximum number of return results with the |
UpdateGroupCommand | Updates group information. |
UpdateUserCommand | Updates user information. |
DirectoryServiceDataClient Configuration
Parameter | Type | Description |
---|
Parameter | Type | Description |
---|---|---|
defaultsMode Optional | DefaultsMode | Provider<DefaultsMode> | The @smithy/smithy-client#DefaultsMode that will be used to determine how certain default configuration options are resolved in the SDK. |
disableHostPrefix Optional | boolean | Disable dynamically changing the endpoint of the client based on the hostPrefix trait of an operation. |
extensions Optional | RuntimeExtension[] | Optional extensions |
logger Optional | Logger | Optional logger for logging debug/info/warn/error. |
maxAttempts Optional | number | Provider<number> | Value for how many times a request will be made at most in case of retry. |
profile Optional | string | Setting a client profile is similar to setting a value for the AWS_PROFILE environment variable. Setting a profile on a client in code only affects the single client instance, unlike AWS_PROFILE.When set, and only for environments where an AWS configuration file exists, fields configurable by this file will be retrieved from the specified profile within that file. Conflicting code configuration and environment variables will still have higher priority.For client credential resolution that involves checking the AWS configuration file, the client's profile (this value) will be used unless a different profile is set in the credential provider options. |
region Optional | string | Provider<string> | The AWS region to which this client will send requests |
requestHandler Optional | __HttpHandlerUserInput | The HTTP handler to use or its constructor options. Fetch in browser and Https in Nodejs. |
retryMode Optional | string | Provider<string> | Specifies which retry algorithm to use. |
useDualstackEndpoint Optional | boolean | Provider<boolean> | Enables IPv6/IPv4 dualstack endpoint. |
useFipsEndpoint Optional | boolean | Provider<boolean> | Enables FIPS compatible endpoints. |
Additional config fields are described in the full configuration type: DirectoryServiceDataClientConfig