ShareDirectory - AWS Directory Service

ShareDirectory

Shares a specified directory (DirectoryId) in your AWS account (directory owner) with another AWS account (directory consumer). With this operation you can use your directory from any AWS account and from any Amazon VPC within an AWS Region.

When you share your AWS Managed Microsoft AD directory, AWS Directory Service creates a shared directory in the directory consumer account. This shared directory contains the metadata to provide access to the directory within the directory owner account. The shared directory is visible in all VPCs in the directory consumer account.

The ShareMethod parameter determines whether the specified directory can be shared between AWS accounts inside the same AWS organization (ORGANIZATIONS). It also determines whether you can share the directory with any other AWS account either inside or outside of the organization (HANDSHAKE).

The ShareNotes parameter is only used when HANDSHAKE is called, which sends a directory sharing request to the directory consumer.

Request Syntax

{ "DirectoryId": "string", "ShareMethod": "string", "ShareNotes": "string", "ShareTarget": { "Id": "string", "Type": "string" } }

Request Parameters

The request accepts the following data in JSON format.

DirectoryId

Identifier of the AWS Managed Microsoft AD directory that you want to share with other AWS accounts.

Type: String

Pattern: ^d-[0-9a-f]{10}$

Required: Yes

ShareMethod

The method used when sharing a directory to determine whether the directory should be shared within your AWS organization (ORGANIZATIONS) or with any AWS account by sending a directory sharing request (HANDSHAKE).

Type: String

Valid Values: ORGANIZATIONS | HANDSHAKE

Required: Yes

ShareNotes

A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.

Type: String

Length Constraints: Maximum length of 1024.

Required: No

ShareTarget

Identifier for the directory consumer account with whom the directory is to be shared.

Type: ShareTarget object

Required: Yes

Response Syntax

{ "SharedDirectoryId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

SharedDirectoryId

Identifier of the directory that is stored in the directory consumer account that is shared from the specified directory (DirectoryId).

Type: String

Pattern: ^d-[0-9a-f]{10}$

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 400

ClientException

A client exception has occurred.

HTTP Status Code: 400

DirectoryAlreadySharedException

The specified directory has already been shared with this AWS account.

HTTP Status Code: 400

EntityDoesNotExistException

The specified entity could not be found.

HTTP Status Code: 400

InvalidParameterException

One or more parameters are not valid.

HTTP Status Code: 400

InvalidTargetException

The specified shared target is not valid.

HTTP Status Code: 400

OrganizationsException

Exception encountered while trying to access your AWS organization.

HTTP Status Code: 400

ServiceException

An exception has occurred in AWS Directory Service.

HTTP Status Code: 500

ShareLimitExceededException

The maximum number of AWS accounts that you can share with this directory has been reached.

HTTP Status Code: 400

UnsupportedOperationException

The operation is not supported.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: