

****************
DirectoryService
****************

.. contents:: Table of Contents
   :depth: 2


======
Client
======



.. py:class:: DirectoryService.Client

  A low-level client representing AWS Directory Service::

    
    import boto3
    
    client = boto3.client('ds')

  
  These are the available methods:
  
  *   :py:meth:`can_paginate`

  
  *   :py:meth:`connect_directory`

  
  *   :py:meth:`create_alias`

  
  *   :py:meth:`create_computer`

  
  *   :py:meth:`create_directory`

  
  *   :py:meth:`create_snapshot`

  
  *   :py:meth:`delete_directory`

  
  *   :py:meth:`delete_snapshot`

  
  *   :py:meth:`describe_directories`

  
  *   :py:meth:`describe_snapshots`

  
  *   :py:meth:`disable_radius`

  
  *   :py:meth:`disable_sso`

  
  *   :py:meth:`enable_radius`

  
  *   :py:meth:`enable_sso`

  
  *   :py:meth:`generate_presigned_url`

  
  *   :py:meth:`get_directory_limits`

  
  *   :py:meth:`get_paginator`

  
  *   :py:meth:`get_snapshot_limits`

  
  *   :py:meth:`get_waiter`

  
  *   :py:meth:`restore_from_snapshot`

  
  *   :py:meth:`update_radius`

  

  .. py:method:: can_paginate(operation_name)

        
    Check if an operation can be paginated.
    
    :type operation_name: string
    :param operation_name: The operation name.  This is the same name
        as the method name on the client.  For example, if the
        method name is ``create_foo``, and you'd normally invoke the
        operation as ``client.create_foo(**kwargs)``, if the
        ``create_foo`` operation can be paginated, you can use the
        call ``client.get_paginator("create_foo")``.
    
    :return: ``True`` if the operation can be paginated,
        ``False`` otherwise.


  .. py:method:: connect_directory(**kwargs)

    

    Creates an AD Connector to connect an on-premises directory.

    

    **Request Syntax** 
    ::

      response = client.connect_directory(
          Name='string',
          ShortName='string',
          Password='string',
          Description='string',
          Size='Small'|'Large',
          ConnectSettings={
              'VpcId': 'string',
              'SubnetIds': [
                  'string',
              ],
              'CustomerDnsIps': [
                  'string',
              ],
              'CustomerUserName': 'string'
          }
      )
    :type Name: string
    :param Name: **[REQUIRED]** 

      The fully-qualified name of the on-premises directory, such as ``corp.example.com`` .

      

    
    :type ShortName: string
    :param ShortName: 

      The NetBIOS name of the on-premises directory, such as ``CORP`` .

      

    
    :type Password: string
    :param Password: **[REQUIRED]** 

      The password for the on-premises user account.

      

    
    :type Description: string
    :param Description: 

      A textual description for the directory.

      

    
    :type Size: string
    :param Size: **[REQUIRED]** 

      The size of the directory.

      

    
    :type ConnectSettings: dict
    :param ConnectSettings: **[REQUIRED]** 

      A  DirectoryConnectSettings object that contains additional information for the operation.

      

    
      - **VpcId** *(string) --* **[REQUIRED]** 

        The identifier of the VPC that the AD Connector is created in.

        

      
      - **SubnetIds** *(list) --* **[REQUIRED]** 

        A list of subnet identifiers in the VPC that the AD Connector is created in.

        

      
        - *(string) --* 

        
    
      - **CustomerDnsIps** *(list) --* **[REQUIRED]** 

        A list of one or more IP addresses of DNS servers or domain controllers in the on-premises directory.

        

      
        - *(string) --* 

        
    
      - **CustomerUserName** *(string) --* **[REQUIRED]** 

        The username of an account in the on-premises directory that is used to connect to the directory. This account must have the following privileges:

         

         
        * Read users and groups
         
        * Create computer objects
         
        * Join computers to the domain
         

        

      
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'DirectoryId': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  ConnectDirectory operation.

        
        

        - **DirectoryId** *(string) --* 

          The identifier of the new directory.

          
    

  .. py:method:: create_alias(**kwargs)

    

    Creates an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as ``http://alias.awsapps.com`` .

     

    .. warning::

       

      After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.

       

    

    **Request Syntax** 
    ::

      response = client.create_alias(
          DirectoryId='string',
          Alias='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to create the alias for.

      

    
    :type Alias: string
    :param Alias: **[REQUIRED]** 

      The requested alias.

       

      The alias must be unique amongst all aliases in AWS. This operation will throw an ``EntityAlreadyExistsException`` if this alias already exists.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'DirectoryId': 'string',
            'Alias': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  CreateAlias operation.

        
        

        - **DirectoryId** *(string) --* 

          The identifier of the directory.

          
        

        - **Alias** *(string) --* 

          The alias for the directory.

          
    

  .. py:method:: create_computer(**kwargs)

    

    Creates a computer account in the specified directory, and joins the computer to the directory.

    

    **Request Syntax** 
    ::

      response = client.create_computer(
          DirectoryId='string',
          ComputerName='string',
          Password='string',
          OrganizationalUnitDistinguishedName='string',
          ComputerAttributes=[
              {
                  'Name': 'string',
                  'Value': 'string'
              },
          ]
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to create the computer account in.

      

    
    :type ComputerName: string
    :param ComputerName: **[REQUIRED]** 

      The name of the computer account.

      

    
    :type Password: string
    :param Password: **[REQUIRED]** 

      A one-time password that is used to join the computer to the directory. You should generate a random, strong password to use for this parameter.

      

    
    :type OrganizationalUnitDistinguishedName: string
    :param OrganizationalUnitDistinguishedName: 

      The fully-qualified distinguished name of the organizational unit to place the computer account in.

      

    
    :type ComputerAttributes: list
    :param ComputerAttributes: 

      An array of  Attribute objects that contain any LDAP attributes to apply to the computer account.

      

    
      - *(dict) --* 

        Represents a named directory attribute.

        

      
        - **Name** *(string) --* 

          The name of the attribute.

          

        
        - **Value** *(string) --* 

          The value of the attribute.

          

        
      
  
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'Computer': {
                'ComputerId': 'string',
                'ComputerName': 'string',
                'ComputerAttributes': [
                    {
                        'Name': 'string',
                        'Value': 'string'
                    },
                ]
            }
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results for the  CreateComputer operation.

        
        

        - **Computer** *(dict) --* 

          A Computer object the represents the computer account.

          
          

          - **ComputerId** *(string) --* 

            The identifier of the computer.

            
          

          - **ComputerName** *(string) --* 

            The computer name.

            
          

          - **ComputerAttributes** *(list) --* 

            An array of  Attribute objects that contain the LDAP attributes that belong to the computer account.

            
            

            - *(dict) --* 

              Represents a named directory attribute.

              
              

              - **Name** *(string) --* 

                The name of the attribute.

                
              

              - **Value** *(string) --* 

                The value of the attribute.

                
          
        
      
    

  .. py:method:: create_directory(**kwargs)

    

    Creates a Simple AD directory.

    

    **Request Syntax** 
    ::

      response = client.create_directory(
          Name='string',
          ShortName='string',
          Password='string',
          Description='string',
          Size='Small'|'Large',
          VpcSettings={
              'VpcId': 'string',
              'SubnetIds': [
                  'string',
              ]
          }
      )
    :type Name: string
    :param Name: **[REQUIRED]** 

      The fully qualified name for the directory, such as ``corp.example.com`` .

      

    
    :type ShortName: string
    :param ShortName: 

      The short name of the directory, such as ``CORP`` .

      

    
    :type Password: string
    :param Password: **[REQUIRED]** 

      The password for the directory administrator. The directory creation process creates a directory administrator account with the username ``Administrator`` and this password.

      

    
    :type Description: string
    :param Description: 

      A textual description for the directory.

      

    
    :type Size: string
    :param Size: **[REQUIRED]** 

      The size of the directory.

      

    
    :type VpcSettings: dict
    :param VpcSettings: 

      A  DirectoryVpcSettings object that contains additional information for the operation.

      

    
      - **VpcId** *(string) --* **[REQUIRED]** 

        The identifier of the VPC to create the Simple AD directory in.

        

      
      - **SubnetIds** *(list) --* **[REQUIRED]** 

        The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service creates a directory server and a DNS server in each of these subnets.

        

      
        - *(string) --* 

        
    
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'DirectoryId': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  CreateDirectory operation.

        
        

        - **DirectoryId** *(string) --* 

          The identifier of the directory that was created.

          
    

  .. py:method:: create_snapshot(**kwargs)

    

    Creates a snapshot of an existing directory.

     

    You cannot take snapshots of extended or connected directories.

    

    **Request Syntax** 
    ::

      response = client.create_snapshot(
          DirectoryId='string',
          Name='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to take a snapshot of.

      

    
    :type Name: string
    :param Name: 

      The descriptive name to apply to the snapshot.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'SnapshotId': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  CreateSnapshot operation.

        
        

        - **SnapshotId** *(string) --* 

          The identifier of the snapshot that was created.

          
    

  .. py:method:: delete_directory(**kwargs)

    

    Deletes an AWS Directory Service directory.

    

    **Request Syntax** 
    ::

      response = client.delete_directory(
          DirectoryId='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to delete.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'DirectoryId': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  DeleteDirectory operation.

        
        

        - **DirectoryId** *(string) --* 

          The directory identifier.

          
    

  .. py:method:: delete_snapshot(**kwargs)

    

    Deletes a directory snapshot.

    

    **Request Syntax** 
    ::

      response = client.delete_snapshot(
          SnapshotId='string'
      )
    :type SnapshotId: string
    :param SnapshotId: **[REQUIRED]** 

      The identifier of the directory snapshot to be deleted.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'SnapshotId': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  DeleteSnapshot operation.

        
        

        - **SnapshotId** *(string) --* 

          The identifier of the directory snapshot that was deleted.

          
    

  .. py:method:: describe_directories(**kwargs)

    

    Obtains information about the directories that belong to this account.

     

    You can retrieve information about specific directories by passing the directory identifiers in the *DirectoryIds* parameter. Otherwise, all directories that belong to the current account are returned.

     

    This operation supports pagination with the use of the *NextToken* request and response parameters. If more results are available, the *DescribeDirectoriesResult.NextToken* member contains a token that you pass in the next call to  DescribeDirectories to retrieve the next set of items.

     

    You can also specify a maximum number of return results with the *Limit* parameter.

    

    **Request Syntax** 
    ::

      response = client.describe_directories(
          DirectoryIds=[
              'string',
          ],
          NextToken='string',
          Limit=123
      )
    :type DirectoryIds: list
    :param DirectoryIds: 

      A list of identifiers of the directories to obtain the information for. If this member is null, all directories that belong to the current account are returned.

       

      An empty list results in an ``InvalidParameterException`` being thrown.

      

    
      - *(string) --* 

      
  
    :type NextToken: string
    :param NextToken: 

      The *DescribeDirectoriesResult.NextToken* value from a previous call to  DescribeDirectories . Pass null if this is the first call.

      

    
    :type Limit: integer
    :param Limit: 

      The maximum number of items to return. If this value is zero, the maximum number of items is specified by the limitations of the operation.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'DirectoryDescriptions': [
                {
                    'DirectoryId': 'string',
                    'Name': 'string',
                    'ShortName': 'string',
                    'Size': 'Small'|'Large',
                    'Alias': 'string',
                    'AccessUrl': 'string',
                    'Description': 'string',
                    'DnsIpAddrs': [
                        'string',
                    ],
                    'Stage': 'Requested'|'Creating'|'Created'|'Active'|'Inoperable'|'Impaired'|'Restoring'|'RestoreFailed'|'Deleting'|'Deleted'|'Failed',
                    'LaunchTime': datetime(2015, 1, 1),
                    'StageLastUpdatedDateTime': datetime(2015, 1, 1),
                    'Type': 'SimpleAD'|'ADConnector',
                    'VpcSettings': {
                        'VpcId': 'string',
                        'SubnetIds': [
                            'string',
                        ],
                        'SecurityGroupId': 'string',
                        'AvailabilityZones': [
                            'string',
                        ]
                    },
                    'ConnectSettings': {
                        'VpcId': 'string',
                        'SubnetIds': [
                            'string',
                        ],
                        'CustomerUserName': 'string',
                        'SecurityGroupId': 'string',
                        'AvailabilityZones': [
                            'string',
                        ],
                        'ConnectIps': [
                            'string',
                        ]
                    },
                    'RadiusSettings': {
                        'RadiusServers': [
                            'string',
                        ],
                        'RadiusPort': 123,
                        'RadiusTimeout': 123,
                        'RadiusRetries': 123,
                        'SharedSecret': 'string',
                        'AuthenticationProtocol': 'PAP'|'CHAP'|'MS-CHAPv1'|'MS-CHAPv2',
                        'DisplayLabel': 'string',
                        'UseSameUsername': True|False
                    },
                    'RadiusStatus': 'Creating'|'Completed'|'Failed',
                    'StageReason': 'string',
                    'SsoEnabled': True|False
                },
            ],
            'NextToken': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  DescribeDirectories operation.

        
        

        - **DirectoryDescriptions** *(list) --* 

          The list of  DirectoryDescription objects that were retrieved.

           

          It is possible that this list contains less than the number of items specified in the *Limit* member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.

          
          

          - *(dict) --* 

            Contains information about an AWS Directory Service directory.

            
            

            - **DirectoryId** *(string) --* 

              The directory identifier.

              
            

            - **Name** *(string) --* 

              The fully-qualified name of the directory.

              
            

            - **ShortName** *(string) --* 

              The short name of the directory.

              
            

            - **Size** *(string) --* 

              The directory size.

              
            

            - **Alias** *(string) --* 

              The alias for the directory.

              
            

            - **AccessUrl** *(string) --* 

              The access URL for the directory, such as ``http://alias.awsapps.com`` .

              
            

            - **Description** *(string) --* 

              The textual description for the directory.

              
            

            - **DnsIpAddrs** *(list) --* 

              The IP addresses of the DNS servers for the directory. For a Simple AD directory, these are the IP addresses of the Simple AD directory servers. For an AD Connector directory, these are the IP addresses of the DNS servers or domain controllers in the on-premises directory that the AD Connector is connected to.

              
              

              - *(string) --* 
          
            

            - **Stage** *(string) --* 

              The current stage of the directory.

              
            

            - **LaunchTime** *(datetime) --* 

              Specifies when the directory was created.

              
            

            - **StageLastUpdatedDateTime** *(datetime) --* 

              The date and time that the stage was last updated.

              
            

            - **Type** *(string) --* 

              The directory size.

              
            

            - **VpcSettings** *(dict) --* 

              A  DirectoryVpcSettingsDescription object that contains additional information about a Simple AD directory. This member is only present if the directory is a Simple AD directory.

              
              

              - **VpcId** *(string) --* 

                The identifier of the VPC that the directory is in.

                
              

              - **SubnetIds** *(list) --* 

                The identifiers of the subnets for the directory servers.

                
                

                - *(string) --* 
            
              

              - **SecurityGroupId** *(string) --* 

                The security group identifier for the directory.

                
              

              - **AvailabilityZones** *(list) --* 

                The list of Availability Zones that the directory is in.

                
                

                - *(string) --* 
            
          
            

            - **ConnectSettings** *(dict) --* 

              A  DirectoryConnectSettingsDescription object that contains additional information about an AD Connector directory. This member is only present if the directory is an AD Connector directory.

              
              

              - **VpcId** *(string) --* 

                The identifier of the VPC that the AD Connector is in.

                
              

              - **SubnetIds** *(list) --* 

                A list of subnet identifiers in the VPC that the AD connector is in.

                
                

                - *(string) --* 
            
              

              - **CustomerUserName** *(string) --* 

                The username of the service account in the on-premises directory.

                
              

              - **SecurityGroupId** *(string) --* 

                The security group identifier for the AD Connector directory.

                
              

              - **AvailabilityZones** *(list) --* 

                A list of the Availability Zones that the directory is in.

                
                

                - *(string) --* 
            
              

              - **ConnectIps** *(list) --* 

                The IP addresses of the AD Connector servers.

                
                

                - *(string) --* 
            
          
            

            - **RadiusSettings** *(dict) --* 

              A  RadiusSettings object that contains information about the RADIUS server configured for this directory.

              
              

              - **RadiusServers** *(list) --* 

                An array of strings that contains the IP addresses of the RADIUS server endpoints, or the IP addresses of your RADIUS server load balancer.

                
                

                - *(string) --* 
            
              

              - **RadiusPort** *(integer) --* 

                The port that your RADIUS server is using for communications. Your on-premises network must allow inbound traffic over this port from the AWS Directory Service servers.

                
              

              - **RadiusTimeout** *(integer) --* 

                The amount of time, in seconds, to wait for the RADIUS server to respond.

                
              

              - **RadiusRetries** *(integer) --* 

                The maximum number of times that communication with the RADIUS server is attempted. 

                
              

              - **SharedSecret** *(string) --* 

                The shared secret code that was specified when your RADIUS endpoints were created.

                
              

              - **AuthenticationProtocol** *(string) --* 

                The protocol specified for your RADIUS endpoints.

                
              

              - **DisplayLabel** *(string) --* 

                Not currently used.

                
              

              - **UseSameUsername** *(boolean) --* 

                Not currently used.

                
          
            

            - **RadiusStatus** *(string) --* 

              The status of the RADIUS MFA server connection.

              
            

            - **StageReason** *(string) --* 

              Additional information about the directory stage.

              
            

            - **SsoEnabled** *(boolean) --* 

              Indicates if single-sign on is enabled for the directory. For more information, see  EnableSso and  DisableSso .

              
        
      
        

        - **NextToken** *(string) --* 

          If not null, more results are available. Pass this value for the *NextToken* parameter in a subsequent call to  DescribeDirectories to retrieve the next set of items.

          
    

  .. py:method:: describe_snapshots(**kwargs)

    

    Obtains information about the directory snapshots that belong to this account.

     

    This operation supports pagination with the use of the *NextToken* request and response parameters. If more results are available, the *DescribeSnapshots.NextToken* member contains a token that you pass in the next call to  DescribeSnapshots to retrieve the next set of items.

     

    You can also specify a maximum number of return results with the *Limit* parameter.

    

    **Request Syntax** 
    ::

      response = client.describe_snapshots(
          DirectoryId='string',
          SnapshotIds=[
              'string',
          ],
          NextToken='string',
          Limit=123
      )
    :type DirectoryId: string
    :param DirectoryId: 

      The identifier of the directory to retrieve snapshot information for.

      

    
    :type SnapshotIds: list
    :param SnapshotIds: 

      A list of identifiers of the snapshots to obtain the information for. If this member is null or empty, all snapshots are returned using the *Limit* and *NextToken* members.

      

    
      - *(string) --* 

      
  
    :type NextToken: string
    :param NextToken: 

      The *DescribeSnapshotsResult.NextToken* value from a previous call to  DescribeSnapshots . Pass null if this is the first call.

      

    
    :type Limit: integer
    :param Limit: 

      The maximum number of objects to return.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'Snapshots': [
                {
                    'DirectoryId': 'string',
                    'SnapshotId': 'string',
                    'Type': 'Auto'|'Manual',
                    'Name': 'string',
                    'Status': 'Creating'|'Completed'|'Failed',
                    'StartTime': datetime(2015, 1, 1)
                },
            ],
            'NextToken': 'string'
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  DescribeSnapshots operation.

        
        

        - **Snapshots** *(list) --* 

          The list of  Snapshot objects that were retrieved.

           

          It is possible that this list contains less than the number of items specified in the *Limit* member of the request. This occurs if there are less than the requested number of items left to retrieve, or if the limitations of the operation have been exceeded.

          
          

          - *(dict) --* 

            Describes a directory snapshot.

            
            

            - **DirectoryId** *(string) --* 

              The directory identifier.

              
            

            - **SnapshotId** *(string) --* 

              The snapshot identifier.

              
            

            - **Type** *(string) --* 

              The snapshot type.

              
            

            - **Name** *(string) --* 

              The descriptive name of the snapshot.

              
            

            - **Status** *(string) --* 

              The snapshot status.

              
            

            - **StartTime** *(datetime) --* 

              The date and time that the snapshot was taken.

              
        
      
        

        - **NextToken** *(string) --* 

          If not null, more results are available. Pass this value in the *NextToken* member of a subsequent call to  DescribeSnapshots .

          
    

  .. py:method:: disable_radius(**kwargs)

    

    Disables multi-factor authentication (MFA) with Remote Authentication Dial In User Service (RADIUS) for an AD Connector directory.

    

    **Request Syntax** 
    ::

      response = client.disable_radius(
          DirectoryId='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to disable MFA for.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {}
        
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  DisableRadius operation.

        
    

  .. py:method:: disable_sso(**kwargs)

    

    Disables single-sign on for a directory.

    

    **Request Syntax** 
    ::

      response = client.disable_sso(
          DirectoryId='string',
          UserName='string',
          Password='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to disable single-sign on for.

      

    
    :type UserName: string
    :param UserName: 

      The username of an alternate account to use to disable single-sign on. This is only used for AD Connector directories. This account must have privileges to remove a service principle name. 

       

      If the AD Connector service account does not have privileges to remove a service principle name, you can specify an alternate account with the *UserName* and *Password* parameters. These credentials are only used to disable single sign-on and are not stored by the service. The AD Connector service account is not changed.

      

    
    :type Password: string
    :param Password: 

      The password of an alternate account to use to disable single-sign on. This is only used for AD Connector directories. See the *UserName* parameter for more information.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {}
        
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  DisableSso operation.

        
    

  .. py:method:: enable_radius(**kwargs)

    

    Enables multi-factor authentication (MFA) with Remote Authentication Dial In User Service (RADIUS) for an AD Connector directory.

    

    **Request Syntax** 
    ::

      response = client.enable_radius(
          DirectoryId='string',
          RadiusSettings={
              'RadiusServers': [
                  'string',
              ],
              'RadiusPort': 123,
              'RadiusTimeout': 123,
              'RadiusRetries': 123,
              'SharedSecret': 'string',
              'AuthenticationProtocol': 'PAP'|'CHAP'|'MS-CHAPv1'|'MS-CHAPv2',
              'DisplayLabel': 'string',
              'UseSameUsername': True|False
          }
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to enable MFA for.

      

    
    :type RadiusSettings: dict
    :param RadiusSettings: **[REQUIRED]** 

      A  RadiusSettings object that contains information about the RADIUS server.

      

    
      - **RadiusServers** *(list) --* 

        An array of strings that contains the IP addresses of the RADIUS server endpoints, or the IP addresses of your RADIUS server load balancer.

        

      
        - *(string) --* 

        
    
      - **RadiusPort** *(integer) --* 

        The port that your RADIUS server is using for communications. Your on-premises network must allow inbound traffic over this port from the AWS Directory Service servers.

        

      
      - **RadiusTimeout** *(integer) --* 

        The amount of time, in seconds, to wait for the RADIUS server to respond.

        

      
      - **RadiusRetries** *(integer) --* 

        The maximum number of times that communication with the RADIUS server is attempted. 

        

      
      - **SharedSecret** *(string) --* 

        The shared secret code that was specified when your RADIUS endpoints were created.

        

      
      - **AuthenticationProtocol** *(string) --* 

        The protocol specified for your RADIUS endpoints.

        

      
      - **DisplayLabel** *(string) --* 

        Not currently used.

        

      
      - **UseSameUsername** *(boolean) --* 

        Not currently used.

        

      
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {}
        
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  EnableRadius operation.

        
    

  .. py:method:: enable_sso(**kwargs)

    

    Enables single-sign on for a directory.

    

    **Request Syntax** 
    ::

      response = client.enable_sso(
          DirectoryId='string',
          UserName='string',
          Password='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to enable single-sign on for.

      

    
    :type UserName: string
    :param UserName: 

      The username of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. This account must have privileges to add a service principle name. 

       

      If the AD Connector service account does not have privileges to add a service principle name, you can specify an alternate account with the *UserName* and *Password* parameters. These credentials are only used to enable single sign-on and are not stored by the service. The AD Connector service account is not changed.

      

    
    :type Password: string
    :param Password: 

      The password of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. See the *UserName* parameter for more information.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {}
        
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  EnableSso operation.

        
    

  .. py:method:: generate_presigned_url(ClientMethod, Params=None, ExpiresIn=3600, HttpMethod=None)

        
    Generate a presigned url given a client, its method, and arguments
    
    :type ClientMethod: string
    :param ClientMethod: The client method to presign for
    
    :type Params: dict
    :param Params: The parameters normally passed to
        ``ClientMethod``.
    
    :type ExpiresIn: int
    :param ExpiresIn: The number of seconds the presigned url is valid
        for. By default it expires in an hour (3600 seconds)
    
    :type HttpMethod: string
    :param HttpMethod: The http method to use on the generated url. By
        default, the http method is whatever is used in the method's model.
    
    :returns: The presigned url


  .. py:method:: get_directory_limits()

    

    Obtains directory limit information for the current region.

    

    **Request Syntax** 
    ::

      response = client.get_directory_limits()
      
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'DirectoryLimits': {
                'CloudOnlyDirectoriesLimit': 123,
                'CloudOnlyDirectoriesCurrentCount': 123,
                'CloudOnlyDirectoriesLimitReached': True|False,
                'ConnectedDirectoriesLimit': 123,
                'ConnectedDirectoriesCurrentCount': 123,
                'ConnectedDirectoriesLimitReached': True|False
            }
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  GetDirectoryLimits operation.

        
        

        - **DirectoryLimits** *(dict) --* 

          A  DirectoryLimits object that contains the directory limits for the current region.

          
          

          - **CloudOnlyDirectoriesLimit** *(integer) --* 

            The maximum number of cloud directories allowed in the region.

            
          

          - **CloudOnlyDirectoriesCurrentCount** *(integer) --* 

            The current number of cloud directories in the region.

            
          

          - **CloudOnlyDirectoriesLimitReached** *(boolean) --* 

            Indicates if the cloud directory limit has been reached.

            
          

          - **ConnectedDirectoriesLimit** *(integer) --* 

            The maximum number of connected directories allowed in the region.

            
          

          - **ConnectedDirectoriesCurrentCount** *(integer) --* 

            The current number of connected directories in the region.

            
          

          - **ConnectedDirectoriesLimitReached** *(boolean) --* 

            Indicates if the connected directory limit has been reached.

            
      
    

  .. py:method:: get_paginator(operation_name)

        
    Create a paginator for an operation.
    
    :type operation_name: string
    :param operation_name: The operation name.  This is the same name
        as the method name on the client.  For example, if the
        method name is ``create_foo``, and you'd normally invoke the
        operation as ``client.create_foo(**kwargs)``, if the
        ``create_foo`` operation can be paginated, you can use the
        call ``client.get_paginator("create_foo")``.
    
    :raise OperationNotPageableError: Raised if the operation is not
        pageable.  You can use the ``client.can_paginate`` method to
        check if an operation is pageable.
    
    :rtype: L{botocore.paginate.Paginator}
    :return: A paginator object.


  .. py:method:: get_snapshot_limits(**kwargs)

    

    Obtains the manual snapshot limits for a directory.

    

    **Request Syntax** 
    ::

      response = client.get_snapshot_limits(
          DirectoryId='string'
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      Contains the identifier of the directory to obtain the limits for.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {
            'SnapshotLimits': {
                'ManualSnapshotsLimit': 123,
                'ManualSnapshotsCurrentCount': 123,
                'ManualSnapshotsLimitReached': True|False
            }
        }
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  GetSnapshotLimits operation.

        
        

        - **SnapshotLimits** *(dict) --* 

          A  SnapshotLimits object that contains the manual snapshot limits for the specified directory.

          
          

          - **ManualSnapshotsLimit** *(integer) --* 

            The maximum number of manual snapshots allowed.

            
          

          - **ManualSnapshotsCurrentCount** *(integer) --* 

            The current number of manual snapshots of the directory.

            
          

          - **ManualSnapshotsLimitReached** *(boolean) --* 

            Indicates if the manual snapshot limit has been reached.

            
      
    

  .. py:method:: get_waiter(waiter_name)

        


  .. py:method:: restore_from_snapshot(**kwargs)

    

    Restores a directory using an existing directory snapshot.

     

    When you restore a directory from a snapshot, any changes made to the directory after the snapshot date are overwritten.

     

    This action returns as soon as the restore operation is initiated. You can monitor the progress of the restore operation by calling the  DescribeDirectories operation with the directory identifier. When the **DirectoryDescription.Stage** value changes to ``Active`` , the restore operation is complete.

    

    **Request Syntax** 
    ::

      response = client.restore_from_snapshot(
          SnapshotId='string'
      )
    :type SnapshotId: string
    :param SnapshotId: **[REQUIRED]** 

      The identifier of the snapshot to restore from.

      

    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {}
        
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  RestoreFromSnapshot operation.

        
    

  .. py:method:: update_radius(**kwargs)

    

    Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector directory.

    

    **Request Syntax** 
    ::

      response = client.update_radius(
          DirectoryId='string',
          RadiusSettings={
              'RadiusServers': [
                  'string',
              ],
              'RadiusPort': 123,
              'RadiusTimeout': 123,
              'RadiusRetries': 123,
              'SharedSecret': 'string',
              'AuthenticationProtocol': 'PAP'|'CHAP'|'MS-CHAPv1'|'MS-CHAPv2',
              'DisplayLabel': 'string',
              'UseSameUsername': True|False
          }
      )
    :type DirectoryId: string
    :param DirectoryId: **[REQUIRED]** 

      The identifier of the directory to update the RADIUS server information for.

      

    
    :type RadiusSettings: dict
    :param RadiusSettings: **[REQUIRED]** 

      A  RadiusSettings object that contains information about the RADIUS server.

      

    
      - **RadiusServers** *(list) --* 

        An array of strings that contains the IP addresses of the RADIUS server endpoints, or the IP addresses of your RADIUS server load balancer.

        

      
        - *(string) --* 

        
    
      - **RadiusPort** *(integer) --* 

        The port that your RADIUS server is using for communications. Your on-premises network must allow inbound traffic over this port from the AWS Directory Service servers.

        

      
      - **RadiusTimeout** *(integer) --* 

        The amount of time, in seconds, to wait for the RADIUS server to respond.

        

      
      - **RadiusRetries** *(integer) --* 

        The maximum number of times that communication with the RADIUS server is attempted. 

        

      
      - **SharedSecret** *(string) --* 

        The shared secret code that was specified when your RADIUS endpoints were created.

        

      
      - **AuthenticationProtocol** *(string) --* 

        The protocol specified for your RADIUS endpoints.

        

      
      - **DisplayLabel** *(string) --* 

        Not currently used.

        

      
      - **UseSameUsername** *(boolean) --* 

        Not currently used.

        

      
    
    
    :rtype: dict
    :returns: 
      
      **Response Syntax** 

      
      ::

        {}
        
      **Response Structure** 

      

      - *(dict) --* 

        Contains the results of the  UpdateRadius operation.

        
    