- Navigation GuideYou are on a Command (operation) page with structural examples. Use the navigation breadcrumb if you would like to return to the Client landing page.
AddIpRoutesCommand
If the DNS server for your self-managed domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services. AddIpRoutes adds this address block. You can also use AddIpRoutes to facilitate routing traffic that uses public IP ranges from your Microsoft AD on Amazon Web Services to a peer VPC.
Before you call AddIpRoutes, ensure that all of the required permissions have been explicitly granted through a policy. For details about what permissions are required to run the AddIpRoutes operation, see Directory Service API Permissions: Actions, Resources, and Conditions Reference .
Example Syntax
Use a bare-bones client and the command you need to make an API call.
import { DirectoryServiceClient, AddIpRoutesCommand } from "@aws-sdk/client-directory-service"; // ES Modules import
// const { DirectoryServiceClient, AddIpRoutesCommand } = require("@aws-sdk/client-directory-service"); // CommonJS import
const client = new DirectoryServiceClient(config);
const input = { // AddIpRoutesRequest
DirectoryId: "STRING_VALUE", // required
IpRoutes: [ // IpRoutes // required
{ // IpRoute
CidrIp: "STRING_VALUE",
Description: "STRING_VALUE",
},
],
UpdateSecurityGroupForDirectoryControllers: true || false,
};
const command = new AddIpRoutesCommand(input);
const response = await client.send(command);
// {};
AddIpRoutesCommand Input
Parameter | Type | Description |
|---|
Parameter | Type | Description |
|---|---|---|
DirectoryIdRequired | string | undefined | Identifier (ID) of the directory to which to add the address block. |
IpRoutesRequired | IpRoute[] | undefined | IP address blocks, using CIDR format, of the traffic to route. This is often the IP address block of the DNS server used for your self-managed domain. |
UpdateSecurityGroupForDirectoryControllers | boolean | undefined | If set to true, updates the inbound and outbound rules of the security group that has the description: "Amazon Web Services created security group for directory ID directory controllers." Following are the new rules: Inbound:
Outbound:
These security rules impact an internal network interface that is not exposed publicly. |
AddIpRoutesCommand Output
Parameter | Type | Description |
|---|
Parameter | Type | Description |
|---|---|---|
$metadataRequired | ResponseMetadata | Metadata pertaining to this request. |
Throws
Name | Fault | Details |
|---|
Name | Fault | Details |
|---|---|---|
| ClientException | client | A client exception has occurred. |
| DirectoryUnavailableException | client | The specified directory is unavailable. |
| EntityAlreadyExistsException | client | The specified entity already exists. |
| EntityDoesNotExistException | client | The specified entity could not be found. |
| InvalidParameterException | client | One or more parameters are not valid. |
| IpRouteLimitExceededException | client | The maximum allowed number of IP addresses was exceeded. The default limit is 100 IP address blocks. |
| ServiceException | server | An exception has occurred in Directory Service. |
| DirectoryServiceServiceException | Base exception class for all service exceptions from DirectoryService service. |