DirectoryServiceData / Client / create_group

create_group#

DirectoryServiceData.Client.create_group(**kwargs)#

Creates a new group.

See also: AWS API Documentation

Request Syntax

response = client.create_group(
    ClientToken='string',
    DirectoryId='string',
    GroupScope='DomainLocal'|'Global'|'Universal'|'BuiltinLocal',
    GroupType='Distribution'|'Security',
    OtherAttributes={
        'string': {
            'BOOL': True|False,
            'N': 123,
            'S': 'string',
            'SS': [
                'string',
            ]
        }
    },
    SAMAccountName='string'
)
Parameters:
  • ClientToken (string) –

    A unique and case-sensitive identifier that you provide to make sure the idempotency of the request, so multiple identical calls have the same effect as one single call.

    A client token is valid for 8 hours after the first request that uses it completes. After 8 hours, any request with the same client token is treated as a new request. If the request succeeds, any future uses of that token will be idempotent for another 8 hours.

    If you submit a request with the same client token but change one of the other parameters within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

    Note

    This parameter is optional when using the CLI or SDK.

    This field is autopopulated if not provided.

  • DirectoryId (string) –

    [REQUIRED]

    The identifier (ID) of the directory that’s associated with the group.

  • GroupScope (string) – The scope of the AD group. For details, see Active Directory security group scope.

  • GroupType (string) – The AD group type. For details, see Active Directory security group type.

  • OtherAttributes (dict) –

    An expression that defines one or more attributes with the data type and value of each attribute.

    • (string) –

      • (dict) –

        The data type for an attribute. Each attribute value is described as a name-value pair. The name is the AD schema name, and the value is the data itself. For a list of supported attributes, see Directory Service Data Attributes.

        Note

        This is a Tagged Union structure. Only one of the following top level keys can be set: BOOL, N, S, SS.

        • BOOL (boolean) –

          Indicates that the attribute type value is a boolean. For example:

          "BOOL": true

        • N (integer) –

          Indicates that the attribute type value is a number. For example:

          "N": "16"

        • S (string) –

          Indicates that the attribute type value is a string. For example:

          "S": "S Group"

        • SS (list) –

          Indicates that the attribute type value is a string set. For example:

          "SS": ["sample_service_class/host.sample.com:1234/sample_service_name_1", "sample_service_class/host.sample.com:1234/sample_service_name_2"]

          • (string) –

  • SAMAccountName (string) –

    [REQUIRED]

    The name of the group.

Return type:

dict

Returns:

Response Syntax

{
    'DirectoryId': 'string',
    'SAMAccountName': 'string',
    'SID': 'string'
}

Response Structure

  • (dict) –

    • DirectoryId (string) –

      The identifier (ID) of the directory that’s associated with the group.

    • SAMAccountName (string) –

      The name of the group.

    • SID (string) –

      The unique security identifier (SID) of the group.

Exceptions

  • DirectoryServiceData.Client.exceptions.AccessDeniedException

  • DirectoryServiceData.Client.exceptions.InternalServerException

  • DirectoryServiceData.Client.exceptions.ValidationException

  • DirectoryServiceData.Client.exceptions.DirectoryUnavailableException

  • DirectoryServiceData.Client.exceptions.ConflictException

  • DirectoryServiceData.Client.exceptions.ThrottlingException