DirectoryService / Client / create_trust
create_trust#
- DirectoryService.Client.create_trust(**kwargs)#
Directory Service for Microsoft Active Directory allows you to configure trust relationships. For example, you can establish a trust between your Managed Microsoft AD directory, and your existing self-managed Microsoft Active Directory. This would allow you to provide users and groups access to resources in either domain, with a single set of credentials.
This action initiates the creation of the Amazon Web Services side of a trust relationship between an Managed Microsoft AD directory and an external domain. You can create either a forest trust or an external trust.
See also: AWS API Documentation
Request Syntax
response = client.create_trust( DirectoryId='string', RemoteDomainName='string', TrustPassword='string', TrustDirection='One-Way: Outgoing'|'One-Way: Incoming'|'Two-Way', TrustType='Forest'|'External', ConditionalForwarderIpAddrs=[ 'string', ], SelectiveAuth='Enabled'|'Disabled' )
- Parameters:
DirectoryId (string) –
[REQUIRED]
The Directory ID of the Managed Microsoft AD directory for which to establish the trust relationship.
RemoteDomainName (string) –
[REQUIRED]
The Fully Qualified Domain Name (FQDN) of the external domain for which to create the trust relationship.
TrustPassword (string) –
[REQUIRED]
The trust password. The trust password must be the same password that was used when creating the trust relationship on the external domain.
TrustDirection (string) –
[REQUIRED]
The direction of the trust relationship.
TrustType (string) – The trust relationship type.
Forest
is the default.ConditionalForwarderIpAddrs (list) –
The IP addresses of the remote DNS server associated with RemoteDomainName.
(string) –
SelectiveAuth (string) – Optional parameter to enable selective authentication for the trust.
- Return type:
dict
- Returns:
Response Syntax
{ 'TrustId': 'string' }
Response Structure
(dict) –
The result of a CreateTrust request.
TrustId (string) –
A unique identifier for the trust relationship that was created.
Exceptions
DirectoryService.Client.exceptions.EntityAlreadyExistsException
DirectoryService.Client.exceptions.EntityDoesNotExistException
DirectoryService.Client.exceptions.InvalidParameterException
DirectoryService.Client.exceptions.ClientException
DirectoryService.Client.exceptions.ServiceException
DirectoryService.Client.exceptions.UnsupportedOperationException