create_trust(**kwargs)¶Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.
This action initiates the creation of the Amazon Web Services side of a trust relationship between an Managed Microsoft AD directory and an external domain. You can create either a forest trust or an external trust.
See also: AWS API Documentation
Request Syntax
response = client.create_trust(
DirectoryId='string',
RemoteDomainName='string',
TrustPassword='string',
TrustDirection='One-Way: Outgoing'|'One-Way: Incoming'|'Two-Way',
TrustType='Forest'|'External',
ConditionalForwarderIpAddrs=[
'string',
],
SelectiveAuth='Enabled'|'Disabled'
)
[REQUIRED]
The Directory ID of the Managed Microsoft AD directory for which to establish the trust relationship.
[REQUIRED]
The Fully Qualified Domain Name (FQDN) of the external domain for which to create the trust relationship.
[REQUIRED]
The trust password. The must be the same password that was used when creating the trust relationship on the external domain.
[REQUIRED]
The direction of the trust relationship.
Forest is the default.The IP addresses of the remote DNS server associated with RemoteDomainName.
dict
Response Syntax
{
'TrustId': 'string'
}
Response Structure
(dict) --
The result of a CreateTrust request.
TrustId (string) --
A unique identifier for the trust relationship that was created.
Exceptions
DirectoryService.Client.exceptions.EntityAlreadyExistsExceptionDirectoryService.Client.exceptions.EntityDoesNotExistExceptionDirectoryService.Client.exceptions.InvalidParameterExceptionDirectoryService.Client.exceptions.ClientExceptionDirectoryService.Client.exceptions.ServiceExceptionDirectoryService.Client.exceptions.UnsupportedOperationException