diff --git a/clients/client-directory-service-data/.gitignore b/clients/client-directory-service-data/.gitignore new file mode 100644 index 000000000000..54f14c9aef25 --- /dev/null +++ b/clients/client-directory-service-data/.gitignore @@ -0,0 +1,9 @@ +/node_modules/ +/build/ +/coverage/ +/docs/ +/dist-* +*.tsbuildinfo +*.tgz +*.log +package-lock.json diff --git a/clients/client-directory-service-data/LICENSE b/clients/client-directory-service-data/LICENSE new file mode 100644 index 000000000000..1349aa7c9923 --- /dev/null +++ b/clients/client-directory-service-data/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/clients/client-directory-service-data/README.md b/clients/client-directory-service-data/README.md new file mode 100644 index 000000000000..e49613dbe2c9 --- /dev/null +++ b/clients/client-directory-service-data/README.md @@ -0,0 +1,391 @@ + + +# @aws-sdk/client-directory-service-data + +## Description + +AWS SDK for JavaScript DirectoryServiceData Client for Node.js, Browser and React Native. + +

Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information +about Directory Service Data operations and object types.

+

With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from +your Managed Microsoft AD without additional costs and without deploying dedicated management +instances. You can also perform built-in object management tasks across directories without +direct network connectivity, which simplifies provisioning and access management to achieve +fully automated deployments. Directory Service Data supports user and group write operations, such as +CreateUser and CreateGroup, within the organizational unit (OU) of +your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers and +ListGroups, on all users, groups, and group memberships within your +Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in +your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles +and permissions. For more information, see Manage users and +groups in the Directory Service Administration Guide.

+ +

Directory management operations and configuration changes made against the Directory Service +API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay +between management changes, such as adding a new directory trust and calling the Directory Service Data API +for the newly created trusted realm.

+
+

Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on +underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain +controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data +uses an available domain controller. As a result, you might notice eventual consistency while +objects replicate from one domain controller to another domain controller. For more +information, see What +gets created in the Directory Service Administration Guide. +Directory limits vary by Managed Microsoft AD edition:

+ +

Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary +Amazon Web Services Region. For more information, see Managed Microsoft AD +and Primary vs additional Regions in the Directory Service Administration +Guide.

+ +## Installing + +To install the this package, simply type add or install @aws-sdk/client-directory-service-data +using your favorite package manager: + +- `npm install @aws-sdk/client-directory-service-data` +- `yarn add @aws-sdk/client-directory-service-data` +- `pnpm add @aws-sdk/client-directory-service-data` + +## Getting Started + +### Import + +The AWS SDK is modulized by clients and commands. +To send a request, you only need to import the `DirectoryServiceDataClient` and +the commands you need, for example `ListGroupsCommand`: + +```js +// ES5 example +const { DirectoryServiceDataClient, ListGroupsCommand } = require("@aws-sdk/client-directory-service-data"); +``` + +```ts +// ES6+ example +import { DirectoryServiceDataClient, ListGroupsCommand } from "@aws-sdk/client-directory-service-data"; +``` + +### Usage + +To send a request, you: + +- Initiate client with configuration (e.g. credentials, region). +- Initiate command with input parameters. +- Call `send` operation on client with command object as input. +- If you are using a custom http handler, you may call `destroy()` to close open connections. + +```js +// a client can be shared by different commands. +const client = new DirectoryServiceDataClient({ region: "REGION" }); + +const params = { + /** input parameters */ +}; +const command = new ListGroupsCommand(params); +``` + +#### Async/await + +We recommend using [await](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/await) +operator to wait for the promise returned by send operation as follows: + +```js +// async/await. +try { + const data = await client.send(command); + // process data. +} catch (error) { + // error handling. +} finally { + // finally. +} +``` + +Async-await is clean, concise, intuitive, easy to debug and has better error handling +as compared to using Promise chains or callbacks. + +#### Promises + +You can also use [Promise chaining](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Using_promises#chaining) +to execute send operation. + +```js +client.send(command).then( + (data) => { + // process data. + }, + (error) => { + // error handling. + } +); +``` + +Promises can also be called using `.catch()` and `.finally()` as follows: + +```js +client + .send(command) + .then((data) => { + // process data. + }) + .catch((error) => { + // error handling. + }) + .finally(() => { + // finally. + }); +``` + +#### Callbacks + +We do not recommend using callbacks because of [callback hell](http://callbackhell.com/), +but they are supported by the send operation. + +```js +// callbacks. +client.send(command, (err, data) => { + // process err and data. +}); +``` + +#### v2 compatible style + +The client can also send requests using v2 compatible style. +However, it results in a bigger bundle size and may be dropped in next major version. More details in the blog post +on [modular packages in AWS SDK for JavaScript](https://aws.amazon.com/blogs/developer/modular-packages-in-aws-sdk-for-javascript/) + +```ts +import * as AWS from "@aws-sdk/client-directory-service-data"; +const client = new AWS.DirectoryServiceData({ region: "REGION" }); + +// async/await. +try { + const data = await client.listGroups(params); + // process data. +} catch (error) { + // error handling. +} + +// Promises. +client + .listGroups(params) + .then((data) => { + // process data. + }) + .catch((error) => { + // error handling. + }); + +// callbacks. +client.listGroups(params, (err, data) => { + // process err and data. +}); +``` + +### Troubleshooting + +When the service returns an exception, the error will include the exception information, +as well as response metadata (e.g. request id). + +```js +try { + const data = await client.send(command); + // process data. +} catch (error) { + const { requestId, cfId, extendedRequestId } = error.$metadata; + console.log({ requestId, cfId, extendedRequestId }); + /** + * The keys within exceptions are also parsed. + * You can access them by specifying exception names: + * if (error.name === 'SomeServiceException') { + * const value = error.specialKeyInException; + * } + */ +} +``` + +## Getting Help + +Please use these community resources for getting help. +We use the GitHub issues for tracking bugs and feature requests, but have limited bandwidth to address them. + +- Visit [Developer Guide](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/welcome.html) + or [API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/index.html). +- Check out the blog posts tagged with [`aws-sdk-js`](https://aws.amazon.com/blogs/developer/tag/aws-sdk-js/) + on AWS Developer Blog. +- Ask a question on [StackOverflow](https://stackoverflow.com/questions/tagged/aws-sdk-js) and tag it with `aws-sdk-js`. +- Join the AWS JavaScript community on [gitter](https://gitter.im/aws/aws-sdk-js-v3). +- If it turns out that you may have found a bug, please [open an issue](https://github.com/aws/aws-sdk-js-v3/issues/new/choose). + +To test your universal JavaScript code in Node.js, browser and react-native environments, +visit our [code samples repo](https://github.com/aws-samples/aws-sdk-js-tests). + +## Contributing + +This client code is generated automatically. Any modifications will be overwritten the next time the `@aws-sdk/client-directory-service-data` package is updated. +To contribute to client you can check our [generate clients scripts](https://github.com/aws/aws-sdk-js-v3/tree/main/scripts/generate-clients). + +## License + +This SDK is distributed under the +[Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0), +see LICENSE for more information. + +## Client Commands (Operations List) + +
+ +AddGroupMember + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/AddGroupMemberCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/AddGroupMemberCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/AddGroupMemberCommandOutput/) + +
+
+ +CreateGroup + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/CreateGroupCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/CreateGroupCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/CreateGroupCommandOutput/) + +
+
+ +CreateUser + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/CreateUserCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/CreateUserCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/CreateUserCommandOutput/) + +
+
+ +DeleteGroup + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/DeleteGroupCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DeleteGroupCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DeleteGroupCommandOutput/) + +
+
+ +DeleteUser + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/DeleteUserCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DeleteUserCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DeleteUserCommandOutput/) + +
+
+ +DescribeGroup + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/DescribeGroupCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DescribeGroupCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DescribeGroupCommandOutput/) + +
+
+ +DescribeUser + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/DescribeUserCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DescribeUserCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DescribeUserCommandOutput/) + +
+
+ +DisableUser + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/DisableUserCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DisableUserCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/DisableUserCommandOutput/) + +
+
+ +ListGroupMembers + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/ListGroupMembersCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListGroupMembersCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListGroupMembersCommandOutput/) + +
+
+ +ListGroups + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/ListGroupsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListGroupsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListGroupsCommandOutput/) + +
+
+ +ListGroupsForMember + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/ListGroupsForMemberCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListGroupsForMemberCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListGroupsForMemberCommandOutput/) + +
+
+ +ListUsers + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/ListUsersCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListUsersCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/ListUsersCommandOutput/) + +
+
+ +RemoveGroupMember + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/RemoveGroupMemberCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/RemoveGroupMemberCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/RemoveGroupMemberCommandOutput/) + +
+
+ +SearchGroups + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/SearchGroupsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/SearchGroupsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/SearchGroupsCommandOutput/) + +
+
+ +SearchUsers + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/SearchUsersCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/SearchUsersCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/SearchUsersCommandOutput/) + +
+
+ +UpdateGroup + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/UpdateGroupCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/UpdateGroupCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/UpdateGroupCommandOutput/) + +
+
+ +UpdateUser + + +[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/directory-service-data/command/UpdateUserCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/UpdateUserCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-directory-service-data/Interface/UpdateUserCommandOutput/) + +
diff --git a/clients/client-directory-service-data/api-extractor.json b/clients/client-directory-service-data/api-extractor.json new file mode 100644 index 000000000000..d5bf5ffeee85 --- /dev/null +++ b/clients/client-directory-service-data/api-extractor.json @@ -0,0 +1,4 @@ +{ + "extends": "../../api-extractor.json", + "mainEntryPointFilePath": "/dist-types/index.d.ts" +} diff --git a/clients/client-directory-service-data/package.json b/clients/client-directory-service-data/package.json new file mode 100644 index 000000000000..022c53876f63 --- /dev/null +++ b/clients/client-directory-service-data/package.json @@ -0,0 +1,103 @@ +{ + "name": "@aws-sdk/client-directory-service-data", + "description": "AWS SDK for JavaScript Directory Service Data Client for Node.js, Browser and React Native", + "version": "3.0.0", + "scripts": { + "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'", + "build:cjs": "tsc -p tsconfig.cjs.json", + "build:es": "tsc -p tsconfig.es.json", + "build:include:deps": "lerna run --scope $npm_package_name --include-dependencies build", + "build:types": "tsc -p tsconfig.types.json", + "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4", + "clean": "rimraf ./dist-* && rimraf *.tsbuildinfo || exit 0", + "extract:docs": "api-extractor run --local", + "generate:client": "node ../../scripts/generate-clients/single-service --solo directory-service-data" + }, + "main": "./dist-cjs/index.js", + "types": "./dist-types/index.d.ts", + "module": "./dist-es/index.js", + "sideEffects": false, + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "*", + "@aws-sdk/client-sts": "*", + "@aws-sdk/core": "*", + "@aws-sdk/credential-provider-node": "*", + "@aws-sdk/middleware-host-header": "*", + "@aws-sdk/middleware-logger": "*", + "@aws-sdk/middleware-recursion-detection": "*", + "@aws-sdk/middleware-user-agent": "*", + "@aws-sdk/region-config-resolver": "*", + "@aws-sdk/types": "*", + "@aws-sdk/util-endpoints": "*", + "@aws-sdk/util-user-agent-browser": "*", + "@aws-sdk/util-user-agent-node": "*", + "@smithy/config-resolver": "^3.0.8", + "@smithy/core": "^2.4.3", + "@smithy/fetch-http-handler": "^3.2.7", + "@smithy/hash-node": "^3.0.6", + "@smithy/invalid-dependency": "^3.0.6", + "@smithy/middleware-content-length": "^3.0.8", + "@smithy/middleware-endpoint": "^3.1.3", + "@smithy/middleware-retry": "^3.0.18", + "@smithy/middleware-serde": "^3.0.6", + "@smithy/middleware-stack": "^3.0.6", + "@smithy/node-config-provider": "^3.1.7", + "@smithy/node-http-handler": "^3.2.2", + "@smithy/protocol-http": "^4.1.3", + "@smithy/smithy-client": "^3.3.2", + "@smithy/types": "^3.4.2", + "@smithy/url-parser": "^3.0.6", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.18", + "@smithy/util-defaults-mode-node": "^3.0.18", + "@smithy/util-endpoints": "^2.1.2", + "@smithy/util-middleware": "^3.0.6", + "@smithy/util-retry": "^3.0.6", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2", + "uuid": "^9.0.1" + }, + "devDependencies": { + "@tsconfig/node16": "16.1.3", + "@types/node": "^16.18.96", + "@types/uuid": "^9.0.4", + "concurrently": "7.0.0", + "downlevel-dts": "0.10.1", + "rimraf": "3.0.2", + "typescript": "~4.9.5" + }, + "engines": { + "node": ">=16.0.0" + }, + "typesVersions": { + "<4.0": { + "dist-types/*": [ + "dist-types/ts3.4/*" + ] + } + }, + "files": [ + "dist-*/**" + ], + "author": { + "name": "AWS SDK for JavaScript Team", + "url": "https://aws.amazon.com/javascript/" + }, + "license": "Apache-2.0", + "browser": { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser" + }, + "react-native": { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.native" + }, + "homepage": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-directory-service-data", + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-sdk-js-v3.git", + "directory": "clients/client-directory-service-data" + } +} diff --git a/clients/client-directory-service-data/src/DirectoryServiceData.ts b/clients/client-directory-service-data/src/DirectoryServiceData.ts new file mode 100644 index 000000000000..633220911bbd --- /dev/null +++ b/clients/client-directory-service-data/src/DirectoryServiceData.ts @@ -0,0 +1,337 @@ +// smithy-typescript generated code +import { createAggregatedClient } from "@smithy/smithy-client"; +import { HttpHandlerOptions as __HttpHandlerOptions } from "@smithy/types"; + +import { + AddGroupMemberCommand, + AddGroupMemberCommandInput, + AddGroupMemberCommandOutput, +} from "./commands/AddGroupMemberCommand"; +import { CreateGroupCommand, CreateGroupCommandInput, CreateGroupCommandOutput } from "./commands/CreateGroupCommand"; +import { CreateUserCommand, CreateUserCommandInput, CreateUserCommandOutput } from "./commands/CreateUserCommand"; +import { DeleteGroupCommand, DeleteGroupCommandInput, DeleteGroupCommandOutput } from "./commands/DeleteGroupCommand"; +import { DeleteUserCommand, DeleteUserCommandInput, DeleteUserCommandOutput } from "./commands/DeleteUserCommand"; +import { + DescribeGroupCommand, + DescribeGroupCommandInput, + DescribeGroupCommandOutput, +} from "./commands/DescribeGroupCommand"; +import { + DescribeUserCommand, + DescribeUserCommandInput, + DescribeUserCommandOutput, +} from "./commands/DescribeUserCommand"; +import { DisableUserCommand, DisableUserCommandInput, DisableUserCommandOutput } from "./commands/DisableUserCommand"; +import { + ListGroupMembersCommand, + ListGroupMembersCommandInput, + ListGroupMembersCommandOutput, +} from "./commands/ListGroupMembersCommand"; +import { ListGroupsCommand, ListGroupsCommandInput, ListGroupsCommandOutput } from "./commands/ListGroupsCommand"; +import { + ListGroupsForMemberCommand, + ListGroupsForMemberCommandInput, + ListGroupsForMemberCommandOutput, +} from "./commands/ListGroupsForMemberCommand"; +import { ListUsersCommand, ListUsersCommandInput, ListUsersCommandOutput } from "./commands/ListUsersCommand"; +import { + RemoveGroupMemberCommand, + RemoveGroupMemberCommandInput, + RemoveGroupMemberCommandOutput, +} from "./commands/RemoveGroupMemberCommand"; +import { + SearchGroupsCommand, + SearchGroupsCommandInput, + SearchGroupsCommandOutput, +} from "./commands/SearchGroupsCommand"; +import { SearchUsersCommand, SearchUsersCommandInput, SearchUsersCommandOutput } from "./commands/SearchUsersCommand"; +import { UpdateGroupCommand, UpdateGroupCommandInput, UpdateGroupCommandOutput } from "./commands/UpdateGroupCommand"; +import { UpdateUserCommand, UpdateUserCommandInput, UpdateUserCommandOutput } from "./commands/UpdateUserCommand"; +import { DirectoryServiceDataClient, DirectoryServiceDataClientConfig } from "./DirectoryServiceDataClient"; + +const commands = { + AddGroupMemberCommand, + CreateGroupCommand, + CreateUserCommand, + DeleteGroupCommand, + DeleteUserCommand, + DescribeGroupCommand, + DescribeUserCommand, + DisableUserCommand, + ListGroupMembersCommand, + ListGroupsCommand, + ListGroupsForMemberCommand, + ListUsersCommand, + RemoveGroupMemberCommand, + SearchGroupsCommand, + SearchUsersCommand, + UpdateGroupCommand, + UpdateUserCommand, +}; + +export interface DirectoryServiceData { + /** + * @see {@link AddGroupMemberCommand} + */ + addGroupMember( + args: AddGroupMemberCommandInput, + options?: __HttpHandlerOptions + ): Promise; + addGroupMember(args: AddGroupMemberCommandInput, cb: (err: any, data?: AddGroupMemberCommandOutput) => void): void; + addGroupMember( + args: AddGroupMemberCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: AddGroupMemberCommandOutput) => void + ): void; + + /** + * @see {@link CreateGroupCommand} + */ + createGroup(args: CreateGroupCommandInput, options?: __HttpHandlerOptions): Promise; + createGroup(args: CreateGroupCommandInput, cb: (err: any, data?: CreateGroupCommandOutput) => void): void; + createGroup( + args: CreateGroupCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: CreateGroupCommandOutput) => void + ): void; + + /** + * @see {@link CreateUserCommand} + */ + createUser(args: CreateUserCommandInput, options?: __HttpHandlerOptions): Promise; + createUser(args: CreateUserCommandInput, cb: (err: any, data?: CreateUserCommandOutput) => void): void; + createUser( + args: CreateUserCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: CreateUserCommandOutput) => void + ): void; + + /** + * @see {@link DeleteGroupCommand} + */ + deleteGroup(args: DeleteGroupCommandInput, options?: __HttpHandlerOptions): Promise; + deleteGroup(args: DeleteGroupCommandInput, cb: (err: any, data?: DeleteGroupCommandOutput) => void): void; + deleteGroup( + args: DeleteGroupCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DeleteGroupCommandOutput) => void + ): void; + + /** + * @see {@link DeleteUserCommand} + */ + deleteUser(args: DeleteUserCommandInput, options?: __HttpHandlerOptions): Promise; + deleteUser(args: DeleteUserCommandInput, cb: (err: any, data?: DeleteUserCommandOutput) => void): void; + deleteUser( + args: DeleteUserCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DeleteUserCommandOutput) => void + ): void; + + /** + * @see {@link DescribeGroupCommand} + */ + describeGroup(args: DescribeGroupCommandInput, options?: __HttpHandlerOptions): Promise; + describeGroup(args: DescribeGroupCommandInput, cb: (err: any, data?: DescribeGroupCommandOutput) => void): void; + describeGroup( + args: DescribeGroupCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeGroupCommandOutput) => void + ): void; + + /** + * @see {@link DescribeUserCommand} + */ + describeUser(args: DescribeUserCommandInput, options?: __HttpHandlerOptions): Promise; + describeUser(args: DescribeUserCommandInput, cb: (err: any, data?: DescribeUserCommandOutput) => void): void; + describeUser( + args: DescribeUserCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeUserCommandOutput) => void + ): void; + + /** + * @see {@link DisableUserCommand} + */ + disableUser(args: DisableUserCommandInput, options?: __HttpHandlerOptions): Promise; + disableUser(args: DisableUserCommandInput, cb: (err: any, data?: DisableUserCommandOutput) => void): void; + disableUser( + args: DisableUserCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DisableUserCommandOutput) => void + ): void; + + /** + * @see {@link ListGroupMembersCommand} + */ + listGroupMembers( + args: ListGroupMembersCommandInput, + options?: __HttpHandlerOptions + ): Promise; + listGroupMembers( + args: ListGroupMembersCommandInput, + cb: (err: any, data?: ListGroupMembersCommandOutput) => void + ): void; + listGroupMembers( + args: ListGroupMembersCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ListGroupMembersCommandOutput) => void + ): void; + + /** + * @see {@link ListGroupsCommand} + */ + listGroups(args: ListGroupsCommandInput, options?: __HttpHandlerOptions): Promise; + listGroups(args: ListGroupsCommandInput, cb: (err: any, data?: ListGroupsCommandOutput) => void): void; + listGroups( + args: ListGroupsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ListGroupsCommandOutput) => void + ): void; + + /** + * @see {@link ListGroupsForMemberCommand} + */ + listGroupsForMember( + args: ListGroupsForMemberCommandInput, + options?: __HttpHandlerOptions + ): Promise; + listGroupsForMember( + args: ListGroupsForMemberCommandInput, + cb: (err: any, data?: ListGroupsForMemberCommandOutput) => void + ): void; + listGroupsForMember( + args: ListGroupsForMemberCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ListGroupsForMemberCommandOutput) => void + ): void; + + /** + * @see {@link ListUsersCommand} + */ + listUsers(args: ListUsersCommandInput, options?: __HttpHandlerOptions): Promise; + listUsers(args: ListUsersCommandInput, cb: (err: any, data?: ListUsersCommandOutput) => void): void; + listUsers( + args: ListUsersCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ListUsersCommandOutput) => void + ): void; + + /** + * @see {@link RemoveGroupMemberCommand} + */ + removeGroupMember( + args: RemoveGroupMemberCommandInput, + options?: __HttpHandlerOptions + ): Promise; + removeGroupMember( + args: RemoveGroupMemberCommandInput, + cb: (err: any, data?: RemoveGroupMemberCommandOutput) => void + ): void; + removeGroupMember( + args: RemoveGroupMemberCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: RemoveGroupMemberCommandOutput) => void + ): void; + + /** + * @see {@link SearchGroupsCommand} + */ + searchGroups(args: SearchGroupsCommandInput, options?: __HttpHandlerOptions): Promise; + searchGroups(args: SearchGroupsCommandInput, cb: (err: any, data?: SearchGroupsCommandOutput) => void): void; + searchGroups( + args: SearchGroupsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: SearchGroupsCommandOutput) => void + ): void; + + /** + * @see {@link SearchUsersCommand} + */ + searchUsers(args: SearchUsersCommandInput, options?: __HttpHandlerOptions): Promise; + searchUsers(args: SearchUsersCommandInput, cb: (err: any, data?: SearchUsersCommandOutput) => void): void; + searchUsers( + args: SearchUsersCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: SearchUsersCommandOutput) => void + ): void; + + /** + * @see {@link UpdateGroupCommand} + */ + updateGroup(args: UpdateGroupCommandInput, options?: __HttpHandlerOptions): Promise; + updateGroup(args: UpdateGroupCommandInput, cb: (err: any, data?: UpdateGroupCommandOutput) => void): void; + updateGroup( + args: UpdateGroupCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: UpdateGroupCommandOutput) => void + ): void; + + /** + * @see {@link UpdateUserCommand} + */ + updateUser(args: UpdateUserCommandInput, options?: __HttpHandlerOptions): Promise; + updateUser(args: UpdateUserCommandInput, cb: (err: any, data?: UpdateUserCommandOutput) => void): void; + updateUser( + args: UpdateUserCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: UpdateUserCommandOutput) => void + ): void; +} + +/** + *

Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information + * about Directory Service Data operations and object types.

+ *

With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from + * your Managed Microsoft AD without additional costs and without deploying dedicated management + * instances. You can also perform built-in object management tasks across directories without + * direct network connectivity, which simplifies provisioning and access management to achieve + * fully automated deployments. Directory Service Data supports user and group write operations, such as + * CreateUser and CreateGroup, within the organizational unit (OU) of + * your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers and + * ListGroups, on all users, groups, and group memberships within your + * Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in + * your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles + * and permissions. For more information, see Manage users and + * groups in the Directory Service Administration Guide.

+ * + *

Directory management operations and configuration changes made against the Directory Service + * API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay + * between management changes, such as adding a new directory trust and calling the Directory Service Data API + * for the newly created trusted realm.

+ *
+ *

Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on + * underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain + * controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data + * uses an available domain controller. As a result, you might notice eventual consistency while + * objects replicate from one domain controller to another domain controller. For more + * information, see What + * gets created in the Directory Service Administration Guide. + * Directory limits vary by Managed Microsoft AD edition:

+ *
    + *
  • + *

    + * Standard edition – Supports 8 transactions per + * second (TPS) for read operations and 4 TPS for write operations per directory. There's a + * concurrency limit of 10 concurrent requests.

    + *
  • + *
  • + *

    + * Enterprise edition – Supports 16 transactions per + * second (TPS) for read operations and 8 TPS for write operations per directory. There's a + * concurrency limit of 10 concurrent requests.

    + *
  • + *
  • + *

    + * Amazon Web Services Account - Supports a total of 100 TPS for + * Directory Service Data operations across all directories.

    + *
  • + *
+ *

Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary + * Amazon Web Services Region. For more information, see Managed Microsoft AD + * and Primary vs additional Regions in the Directory Service Administration + * Guide.

+ * @public + */ +export class DirectoryServiceData extends DirectoryServiceDataClient implements DirectoryServiceData {} +createAggregatedClient(commands, DirectoryServiceData); diff --git a/clients/client-directory-service-data/src/DirectoryServiceDataClient.ts b/clients/client-directory-service-data/src/DirectoryServiceDataClient.ts new file mode 100644 index 000000000000..be745c5fe08e --- /dev/null +++ b/clients/client-directory-service-data/src/DirectoryServiceDataClient.ts @@ -0,0 +1,405 @@ +// smithy-typescript generated code +import { + getHostHeaderPlugin, + HostHeaderInputConfig, + HostHeaderResolvedConfig, + resolveHostHeaderConfig, +} from "@aws-sdk/middleware-host-header"; +import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; +import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; +import { + getUserAgentPlugin, + resolveUserAgentConfig, + UserAgentInputConfig, + UserAgentResolvedConfig, +} from "@aws-sdk/middleware-user-agent"; +import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; +import { getContentLengthPlugin } from "@smithy/middleware-content-length"; +import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; +import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; +import { HttpHandlerUserInput as __HttpHandlerUserInput } from "@smithy/protocol-http"; +import { + Client as __Client, + DefaultsMode as __DefaultsMode, + SmithyConfiguration as __SmithyConfiguration, + SmithyResolvedConfiguration as __SmithyResolvedConfiguration, +} from "@smithy/smithy-client"; +import { + AwsCredentialIdentityProvider, + BodyLengthCalculator as __BodyLengthCalculator, + CheckOptionalClientConfig as __CheckOptionalClientConfig, + ChecksumConstructor as __ChecksumConstructor, + Decoder as __Decoder, + Encoder as __Encoder, + EndpointV2 as __EndpointV2, + HashConstructor as __HashConstructor, + HttpHandlerOptions as __HttpHandlerOptions, + Logger as __Logger, + Provider as __Provider, + Provider, + StreamCollector as __StreamCollector, + UrlParser as __UrlParser, + UserAgent as __UserAgent, +} from "@smithy/types"; + +import { + defaultDirectoryServiceDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; +import { AddGroupMemberCommandInput, AddGroupMemberCommandOutput } from "./commands/AddGroupMemberCommand"; +import { CreateGroupCommandInput, CreateGroupCommandOutput } from "./commands/CreateGroupCommand"; +import { CreateUserCommandInput, CreateUserCommandOutput } from "./commands/CreateUserCommand"; +import { DeleteGroupCommandInput, DeleteGroupCommandOutput } from "./commands/DeleteGroupCommand"; +import { DeleteUserCommandInput, DeleteUserCommandOutput } from "./commands/DeleteUserCommand"; +import { DescribeGroupCommandInput, DescribeGroupCommandOutput } from "./commands/DescribeGroupCommand"; +import { DescribeUserCommandInput, DescribeUserCommandOutput } from "./commands/DescribeUserCommand"; +import { DisableUserCommandInput, DisableUserCommandOutput } from "./commands/DisableUserCommand"; +import { ListGroupMembersCommandInput, ListGroupMembersCommandOutput } from "./commands/ListGroupMembersCommand"; +import { ListGroupsCommandInput, ListGroupsCommandOutput } from "./commands/ListGroupsCommand"; +import { + ListGroupsForMemberCommandInput, + ListGroupsForMemberCommandOutput, +} from "./commands/ListGroupsForMemberCommand"; +import { ListUsersCommandInput, ListUsersCommandOutput } from "./commands/ListUsersCommand"; +import { RemoveGroupMemberCommandInput, RemoveGroupMemberCommandOutput } from "./commands/RemoveGroupMemberCommand"; +import { SearchGroupsCommandInput, SearchGroupsCommandOutput } from "./commands/SearchGroupsCommand"; +import { SearchUsersCommandInput, SearchUsersCommandOutput } from "./commands/SearchUsersCommand"; +import { UpdateGroupCommandInput, UpdateGroupCommandOutput } from "./commands/UpdateGroupCommand"; +import { UpdateUserCommandInput, UpdateUserCommandOutput } from "./commands/UpdateUserCommand"; +import { + ClientInputEndpointParameters, + ClientResolvedEndpointParameters, + EndpointParameters, + resolveClientEndpointParameters, +} from "./endpoint/EndpointParameters"; +import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig"; +import { resolveRuntimeExtensions, RuntimeExtension, RuntimeExtensionsConfig } from "./runtimeExtensions"; + +export { __Client }; + +/** + * @public + */ +export type ServiceInputTypes = + | AddGroupMemberCommandInput + | CreateGroupCommandInput + | CreateUserCommandInput + | DeleteGroupCommandInput + | DeleteUserCommandInput + | DescribeGroupCommandInput + | DescribeUserCommandInput + | DisableUserCommandInput + | ListGroupMembersCommandInput + | ListGroupsCommandInput + | ListGroupsForMemberCommandInput + | ListUsersCommandInput + | RemoveGroupMemberCommandInput + | SearchGroupsCommandInput + | SearchUsersCommandInput + | UpdateGroupCommandInput + | UpdateUserCommandInput; + +/** + * @public + */ +export type ServiceOutputTypes = + | AddGroupMemberCommandOutput + | CreateGroupCommandOutput + | CreateUserCommandOutput + | DeleteGroupCommandOutput + | DeleteUserCommandOutput + | DescribeGroupCommandOutput + | DescribeUserCommandOutput + | DisableUserCommandOutput + | ListGroupMembersCommandOutput + | ListGroupsCommandOutput + | ListGroupsForMemberCommandOutput + | ListUsersCommandOutput + | RemoveGroupMemberCommandOutput + | SearchGroupsCommandOutput + | SearchUsersCommandOutput + | UpdateGroupCommandOutput + | UpdateUserCommandOutput; + +/** + * @public + */ +export interface ClientDefaults extends Partial<__SmithyConfiguration<__HttpHandlerOptions>> { + /** + * The HTTP handler to use or its constructor options. Fetch in browser and Https in Nodejs. + */ + requestHandler?: __HttpHandlerUserInput; + + /** + * A constructor for a class implementing the {@link @smithy/types#ChecksumConstructor} interface + * that computes the SHA-256 HMAC or checksum of a string or binary buffer. + * @internal + */ + sha256?: __ChecksumConstructor | __HashConstructor; + + /** + * The function that will be used to convert strings into HTTP endpoints. + * @internal + */ + urlParser?: __UrlParser; + + /** + * A function that can calculate the length of a request body. + * @internal + */ + bodyLengthChecker?: __BodyLengthCalculator; + + /** + * A function that converts a stream into an array of bytes. + * @internal + */ + streamCollector?: __StreamCollector; + + /** + * The function that will be used to convert a base64-encoded string to a byte array. + * @internal + */ + base64Decoder?: __Decoder; + + /** + * The function that will be used to convert binary data to a base64-encoded string. + * @internal + */ + base64Encoder?: __Encoder; + + /** + * The function that will be used to convert a UTF8-encoded string to a byte array. + * @internal + */ + utf8Decoder?: __Decoder; + + /** + * The function that will be used to convert binary data to a UTF-8 encoded string. + * @internal + */ + utf8Encoder?: __Encoder; + + /** + * The runtime environment. + * @internal + */ + runtime?: string; + + /** + * Disable dynamically changing the endpoint of the client based on the hostPrefix + * trait of an operation. + */ + disableHostPrefix?: boolean; + + /** + * Unique service identifier. + * @internal + */ + serviceId?: string; + + /** + * Enables IPv6/IPv4 dualstack endpoint. + */ + useDualstackEndpoint?: boolean | __Provider; + + /** + * Enables FIPS compatible endpoints. + */ + useFipsEndpoint?: boolean | __Provider; + + /** + * The AWS region to which this client will send requests + */ + region?: string | __Provider; + + /** + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal + */ + defaultUserAgentProvider?: Provider<__UserAgent>; + + /** + * Default credentials provider; Not available in browser runtime. + * @deprecated + * @internal + */ + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; + + /** + * Value for how many times a request will be made at most in case of retry. + */ + maxAttempts?: number | __Provider; + + /** + * Specifies which retry algorithm to use. + * @see https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-smithy-util-retry/Enum/RETRY_MODES/ + * + */ + retryMode?: string | __Provider; + + /** + * Optional logger for logging debug/info/warn/error. + */ + logger?: __Logger; + + /** + * Optional extensions + */ + extensions?: RuntimeExtension[]; + + /** + * The {@link @smithy/smithy-client#DefaultsMode} that will be used to determine how certain default configuration options are resolved in the SDK. + */ + defaultsMode?: __DefaultsMode | __Provider<__DefaultsMode>; +} + +/** + * @public + */ +export type DirectoryServiceDataClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & + ClientDefaults & + UserAgentInputConfig & + RetryInputConfig & + RegionInputConfig & + HostHeaderInputConfig & + EndpointInputConfig & + HttpAuthSchemeInputConfig & + ClientInputEndpointParameters; +/** + * @public + * + * The configuration interface of DirectoryServiceDataClient class constructor that set the region, credentials and other options. + */ +export interface DirectoryServiceDataClientConfig extends DirectoryServiceDataClientConfigType {} + +/** + * @public + */ +export type DirectoryServiceDataClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & + Required & + RuntimeExtensionsConfig & + UserAgentResolvedConfig & + RetryResolvedConfig & + RegionResolvedConfig & + HostHeaderResolvedConfig & + EndpointResolvedConfig & + HttpAuthSchemeResolvedConfig & + ClientResolvedEndpointParameters; +/** + * @public + * + * The resolved configuration interface of DirectoryServiceDataClient class. This is resolved and normalized from the {@link DirectoryServiceDataClientConfig | constructor configuration interface}. + */ +export interface DirectoryServiceDataClientResolvedConfig extends DirectoryServiceDataClientResolvedConfigType {} + +/** + *

Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information + * about Directory Service Data operations and object types.

+ *

With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from + * your Managed Microsoft AD without additional costs and without deploying dedicated management + * instances. You can also perform built-in object management tasks across directories without + * direct network connectivity, which simplifies provisioning and access management to achieve + * fully automated deployments. Directory Service Data supports user and group write operations, such as + * CreateUser and CreateGroup, within the organizational unit (OU) of + * your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers and + * ListGroups, on all users, groups, and group memberships within your + * Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in + * your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles + * and permissions. For more information, see Manage users and + * groups in the Directory Service Administration Guide.

+ * + *

Directory management operations and configuration changes made against the Directory Service + * API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay + * between management changes, such as adding a new directory trust and calling the Directory Service Data API + * for the newly created trusted realm.

+ *
+ *

Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on + * underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain + * controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data + * uses an available domain controller. As a result, you might notice eventual consistency while + * objects replicate from one domain controller to another domain controller. For more + * information, see What + * gets created in the Directory Service Administration Guide. + * Directory limits vary by Managed Microsoft AD edition:

+ *
    + *
  • + *

    + * Standard edition – Supports 8 transactions per + * second (TPS) for read operations and 4 TPS for write operations per directory. There's a + * concurrency limit of 10 concurrent requests.

    + *
  • + *
  • + *

    + * Enterprise edition – Supports 16 transactions per + * second (TPS) for read operations and 8 TPS for write operations per directory. There's a + * concurrency limit of 10 concurrent requests.

    + *
  • + *
  • + *

    + * Amazon Web Services Account - Supports a total of 100 TPS for + * Directory Service Data operations across all directories.

    + *
  • + *
+ *

Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary + * Amazon Web Services Region. For more information, see Managed Microsoft AD + * and Primary vs additional Regions in the Directory Service Administration + * Guide.

+ * @public + */ +export class DirectoryServiceDataClient extends __Client< + __HttpHandlerOptions, + ServiceInputTypes, + ServiceOutputTypes, + DirectoryServiceDataClientResolvedConfig +> { + /** + * The resolved configuration of DirectoryServiceDataClient class. This is resolved and normalized from the {@link DirectoryServiceDataClientConfig | constructor configuration interface}. + */ + readonly config: DirectoryServiceDataClientResolvedConfig; + + constructor(...[configuration]: __CheckOptionalClientConfig) { + const _config_0 = __getRuntimeConfig(configuration || {}); + const _config_1 = resolveClientEndpointParameters(_config_0); + const _config_2 = resolveUserAgentConfig(_config_1); + const _config_3 = resolveRetryConfig(_config_2); + const _config_4 = resolveRegionConfig(_config_3); + const _config_5 = resolveHostHeaderConfig(_config_4); + const _config_6 = resolveEndpointConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); + const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); + super(_config_8); + this.config = _config_8; + this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use(getRetryPlugin(this.config)); + this.middlewareStack.use(getContentLengthPlugin(this.config)); + this.middlewareStack.use(getHostHeaderPlugin(this.config)); + this.middlewareStack.use(getLoggerPlugin(this.config)); + this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: defaultDirectoryServiceDataHttpAuthSchemeParametersProvider, + identityProviderConfigProvider: async (config: DirectoryServiceDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); + } + + /** + * Destroy underlying resources, like sockets. It's usually not necessary to do this. + * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed. + * Otherwise, sockets might stay open for quite a long time before the server terminates them. + */ + destroy(): void { + super.destroy(); + } +} diff --git a/clients/client-directory-service-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-directory-service-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 000000000000..c9c0f4b7c0ef --- /dev/null +++ b/clients/client-directory-service-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DirectoryServiceDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DirectoryServiceDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DirectoryServiceDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DirectoryServiceDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DirectoryServiceDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DirectoryServiceDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-directory-service-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-directory-service-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 000000000000..adc0af1a3bce --- /dev/null +++ b/clients/client-directory-service-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + DirectoryServiceDataClientConfig, + DirectoryServiceDataClientResolvedConfig, +} from "../DirectoryServiceDataClient"; + +/** + * @internal + */ +export interface DirectoryServiceDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DirectoryServiceDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DirectoryServiceDataClientResolvedConfig, + HandlerExecutionContext, + DirectoryServiceDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDirectoryServiceDataHttpAuthSchemeParametersProvider = async ( + config: DirectoryServiceDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: DirectoryServiceDataHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ds-data", + region: authParameters.region, + }, + propertiesExtractor: (config: Partial, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DirectoryServiceDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDirectoryServiceDataHttpAuthSchemeProvider: DirectoryServiceDataHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DirectoryServiceDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DirectoryServiceDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-directory-service-data/src/commands/AddGroupMemberCommand.ts b/clients/client-directory-service-data/src/commands/AddGroupMemberCommand.ts new file mode 100644 index 000000000000..d9ffd7777903 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/AddGroupMemberCommand.ts @@ -0,0 +1,132 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { AddGroupMemberRequest, AddGroupMemberResult } from "../models/models_0"; +import { de_AddGroupMemberCommand, se_AddGroupMemberCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link AddGroupMemberCommand}. + */ +export interface AddGroupMemberCommandInput extends AddGroupMemberRequest {} +/** + * @public + * + * The output of {@link AddGroupMemberCommand}. + */ +export interface AddGroupMemberCommandOutput extends AddGroupMemberResult, __MetadataBearer {} + +/** + *

Adds an existing user, group, or computer as a group member.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, AddGroupMemberCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, AddGroupMemberCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // AddGroupMemberRequest + * DirectoryId: "STRING_VALUE", // required + * GroupName: "STRING_VALUE", // required + * MemberName: "STRING_VALUE", // required + * MemberRealm: "STRING_VALUE", + * ClientToken: "STRING_VALUE", + * }; + * const command = new AddGroupMemberCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param AddGroupMemberCommandInput - {@link AddGroupMemberCommandInput} + * @returns {@link AddGroupMemberCommandOutput} + * @see {@link AddGroupMemberCommandInput} for command's `input` shape. + * @see {@link AddGroupMemberCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class AddGroupMemberCommand extends $Command + .classBuilder< + AddGroupMemberCommandInput, + AddGroupMemberCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "AddGroupMember", {}) + .n("DirectoryServiceDataClient", "AddGroupMemberCommand") + .f(void 0, void 0) + .ser(se_AddGroupMemberCommand) + .de(de_AddGroupMemberCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: AddGroupMemberRequest; + output: {}; + }; + sdk: { + input: AddGroupMemberCommandInput; + output: AddGroupMemberCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/CreateGroupCommand.ts b/clients/client-directory-service-data/src/commands/CreateGroupCommand.ts new file mode 100644 index 000000000000..924d1c273702 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/CreateGroupCommand.ts @@ -0,0 +1,143 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { CreateGroupRequest, CreateGroupRequestFilterSensitiveLog, CreateGroupResult } from "../models/models_0"; +import { de_CreateGroupCommand, se_CreateGroupCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link CreateGroupCommand}. + */ +export interface CreateGroupCommandInput extends CreateGroupRequest {} +/** + * @public + * + * The output of {@link CreateGroupCommand}. + */ +export interface CreateGroupCommandOutput extends CreateGroupResult, __MetadataBearer {} + +/** + *

Creates a new group.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, CreateGroupCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, CreateGroupCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // CreateGroupRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * GroupType: "Distribution" || "Security", + * GroupScope: "DomainLocal" || "Global" || "Universal" || "BuiltinLocal", + * OtherAttributes: { // Attributes + * "": { // AttributeValue Union: only one key present + * S: "STRING_VALUE", + * N: Number("long"), + * BOOL: true || false, + * SS: [ // StringSetAttributeValue + * "STRING_VALUE", + * ], + * }, + * }, + * ClientToken: "STRING_VALUE", + * }; + * const command = new CreateGroupCommand(input); + * const response = await client.send(command); + * // { // CreateGroupResult + * // DirectoryId: "STRING_VALUE", + * // SAMAccountName: "STRING_VALUE", + * // SID: "STRING_VALUE", + * // }; + * + * ``` + * + * @param CreateGroupCommandInput - {@link CreateGroupCommandInput} + * @returns {@link CreateGroupCommandOutput} + * @see {@link CreateGroupCommandInput} for command's `input` shape. + * @see {@link CreateGroupCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class CreateGroupCommand extends $Command + .classBuilder< + CreateGroupCommandInput, + CreateGroupCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "CreateGroup", {}) + .n("DirectoryServiceDataClient", "CreateGroupCommand") + .f(CreateGroupRequestFilterSensitiveLog, void 0) + .ser(se_CreateGroupCommand) + .de(de_CreateGroupCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: CreateGroupRequest; + output: CreateGroupResult; + }; + sdk: { + input: CreateGroupCommandInput; + output: CreateGroupCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/CreateUserCommand.ts b/clients/client-directory-service-data/src/commands/CreateUserCommand.ts new file mode 100644 index 000000000000..5953b75c203d --- /dev/null +++ b/clients/client-directory-service-data/src/commands/CreateUserCommand.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { CreateUserRequest, CreateUserRequestFilterSensitiveLog, CreateUserResult } from "../models/models_0"; +import { de_CreateUserCommand, se_CreateUserCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link CreateUserCommand}. + */ +export interface CreateUserCommandInput extends CreateUserRequest {} +/** + * @public + * + * The output of {@link CreateUserCommand}. + */ +export interface CreateUserCommandOutput extends CreateUserResult, __MetadataBearer {} + +/** + *

Creates a new user.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, CreateUserCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, CreateUserCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // CreateUserRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * EmailAddress: "STRING_VALUE", + * GivenName: "STRING_VALUE", + * Surname: "STRING_VALUE", + * OtherAttributes: { // Attributes + * "": { // AttributeValue Union: only one key present + * S: "STRING_VALUE", + * N: Number("long"), + * BOOL: true || false, + * SS: [ // StringSetAttributeValue + * "STRING_VALUE", + * ], + * }, + * }, + * ClientToken: "STRING_VALUE", + * }; + * const command = new CreateUserCommand(input); + * const response = await client.send(command); + * // { // CreateUserResult + * // DirectoryId: "STRING_VALUE", + * // SID: "STRING_VALUE", + * // SAMAccountName: "STRING_VALUE", + * // }; + * + * ``` + * + * @param CreateUserCommandInput - {@link CreateUserCommandInput} + * @returns {@link CreateUserCommandOutput} + * @see {@link CreateUserCommandInput} for command's `input` shape. + * @see {@link CreateUserCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class CreateUserCommand extends $Command + .classBuilder< + CreateUserCommandInput, + CreateUserCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "CreateUser", {}) + .n("DirectoryServiceDataClient", "CreateUserCommand") + .f(CreateUserRequestFilterSensitiveLog, void 0) + .ser(se_CreateUserCommand) + .de(de_CreateUserCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: CreateUserRequest; + output: CreateUserResult; + }; + sdk: { + input: CreateUserCommandInput; + output: CreateUserCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/DeleteGroupCommand.ts b/clients/client-directory-service-data/src/commands/DeleteGroupCommand.ts new file mode 100644 index 000000000000..c329687be769 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/DeleteGroupCommand.ts @@ -0,0 +1,130 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { DeleteGroupRequest, DeleteGroupResult } from "../models/models_0"; +import { de_DeleteGroupCommand, se_DeleteGroupCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DeleteGroupCommand}. + */ +export interface DeleteGroupCommandInput extends DeleteGroupRequest {} +/** + * @public + * + * The output of {@link DeleteGroupCommand}. + */ +export interface DeleteGroupCommandOutput extends DeleteGroupResult, __MetadataBearer {} + +/** + *

Deletes a group.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, DeleteGroupCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, DeleteGroupCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // DeleteGroupRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * ClientToken: "STRING_VALUE", + * }; + * const command = new DeleteGroupCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param DeleteGroupCommandInput - {@link DeleteGroupCommandInput} + * @returns {@link DeleteGroupCommandOutput} + * @see {@link DeleteGroupCommandInput} for command's `input` shape. + * @see {@link DeleteGroupCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class DeleteGroupCommand extends $Command + .classBuilder< + DeleteGroupCommandInput, + DeleteGroupCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "DeleteGroup", {}) + .n("DirectoryServiceDataClient", "DeleteGroupCommand") + .f(void 0, void 0) + .ser(se_DeleteGroupCommand) + .de(de_DeleteGroupCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: DeleteGroupRequest; + output: {}; + }; + sdk: { + input: DeleteGroupCommandInput; + output: DeleteGroupCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/DeleteUserCommand.ts b/clients/client-directory-service-data/src/commands/DeleteUserCommand.ts new file mode 100644 index 000000000000..ba4422f6bdc2 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/DeleteUserCommand.ts @@ -0,0 +1,130 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { DeleteUserRequest, DeleteUserResult } from "../models/models_0"; +import { de_DeleteUserCommand, se_DeleteUserCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DeleteUserCommand}. + */ +export interface DeleteUserCommandInput extends DeleteUserRequest {} +/** + * @public + * + * The output of {@link DeleteUserCommand}. + */ +export interface DeleteUserCommandOutput extends DeleteUserResult, __MetadataBearer {} + +/** + *

Deletes a user.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, DeleteUserCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, DeleteUserCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // DeleteUserRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * ClientToken: "STRING_VALUE", + * }; + * const command = new DeleteUserCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param DeleteUserCommandInput - {@link DeleteUserCommandInput} + * @returns {@link DeleteUserCommandOutput} + * @see {@link DeleteUserCommandInput} for command's `input` shape. + * @see {@link DeleteUserCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class DeleteUserCommand extends $Command + .classBuilder< + DeleteUserCommandInput, + DeleteUserCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "DeleteUser", {}) + .n("DirectoryServiceDataClient", "DeleteUserCommand") + .f(void 0, void 0) + .ser(se_DeleteUserCommand) + .de(de_DeleteUserCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: DeleteUserRequest; + output: {}; + }; + sdk: { + input: DeleteUserCommandInput; + output: DeleteUserCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/DescribeGroupCommand.ts b/clients/client-directory-service-data/src/commands/DescribeGroupCommand.ts new file mode 100644 index 000000000000..10673d2357de --- /dev/null +++ b/clients/client-directory-service-data/src/commands/DescribeGroupCommand.ts @@ -0,0 +1,142 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { DescribeGroupRequest, DescribeGroupResult, DescribeGroupResultFilterSensitiveLog } from "../models/models_0"; +import { de_DescribeGroupCommand, se_DescribeGroupCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DescribeGroupCommand}. + */ +export interface DescribeGroupCommandInput extends DescribeGroupRequest {} +/** + * @public + * + * The output of {@link DescribeGroupCommand}. + */ +export interface DescribeGroupCommandOutput extends DescribeGroupResult, __MetadataBearer {} + +/** + *

Returns information about a specific group.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, DescribeGroupCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, DescribeGroupCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // DescribeGroupRequest + * DirectoryId: "STRING_VALUE", // required + * Realm: "STRING_VALUE", + * SAMAccountName: "STRING_VALUE", // required + * OtherAttributes: [ // LdapDisplayNameList + * "STRING_VALUE", + * ], + * }; + * const command = new DescribeGroupCommand(input); + * const response = await client.send(command); + * // { // DescribeGroupResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // SID: "STRING_VALUE", + * // SAMAccountName: "STRING_VALUE", + * // DistinguishedName: "STRING_VALUE", + * // GroupType: "Distribution" || "Security", + * // GroupScope: "DomainLocal" || "Global" || "Universal" || "BuiltinLocal", + * // OtherAttributes: { // Attributes + * // "": { // AttributeValue Union: only one key present + * // S: "STRING_VALUE", + * // N: Number("long"), + * // BOOL: true || false, + * // SS: [ // StringSetAttributeValue + * // "STRING_VALUE", + * // ], + * // }, + * // }, + * // }; + * + * ``` + * + * @param DescribeGroupCommandInput - {@link DescribeGroupCommandInput} + * @returns {@link DescribeGroupCommandOutput} + * @see {@link DescribeGroupCommandInput} for command's `input` shape. + * @see {@link DescribeGroupCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class DescribeGroupCommand extends $Command + .classBuilder< + DescribeGroupCommandInput, + DescribeGroupCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "DescribeGroup", {}) + .n("DirectoryServiceDataClient", "DescribeGroupCommand") + .f(void 0, DescribeGroupResultFilterSensitiveLog) + .ser(se_DescribeGroupCommand) + .de(de_DescribeGroupCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: DescribeGroupRequest; + output: DescribeGroupResult; + }; + sdk: { + input: DescribeGroupCommandInput; + output: DescribeGroupCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/DescribeUserCommand.ts b/clients/client-directory-service-data/src/commands/DescribeUserCommand.ts new file mode 100644 index 000000000000..22f08a2864b5 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/DescribeUserCommand.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { DescribeUserRequest, DescribeUserResult, DescribeUserResultFilterSensitiveLog } from "../models/models_0"; +import { de_DescribeUserCommand, se_DescribeUserCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DescribeUserCommand}. + */ +export interface DescribeUserCommandInput extends DescribeUserRequest {} +/** + * @public + * + * The output of {@link DescribeUserCommand}. + */ +export interface DescribeUserCommandOutput extends DescribeUserResult, __MetadataBearer {} + +/** + *

Returns information about a specific user.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, DescribeUserCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, DescribeUserCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // DescribeUserRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * OtherAttributes: [ // LdapDisplayNameList + * "STRING_VALUE", + * ], + * Realm: "STRING_VALUE", + * }; + * const command = new DescribeUserCommand(input); + * const response = await client.send(command); + * // { // DescribeUserResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // SID: "STRING_VALUE", + * // SAMAccountName: "STRING_VALUE", + * // DistinguishedName: "STRING_VALUE", + * // UserPrincipalName: "STRING_VALUE", + * // EmailAddress: "STRING_VALUE", + * // GivenName: "STRING_VALUE", + * // Surname: "STRING_VALUE", + * // Enabled: true || false, + * // OtherAttributes: { // Attributes + * // "": { // AttributeValue Union: only one key present + * // S: "STRING_VALUE", + * // N: Number("long"), + * // BOOL: true || false, + * // SS: [ // StringSetAttributeValue + * // "STRING_VALUE", + * // ], + * // }, + * // }, + * // }; + * + * ``` + * + * @param DescribeUserCommandInput - {@link DescribeUserCommandInput} + * @returns {@link DescribeUserCommandOutput} + * @see {@link DescribeUserCommandInput} for command's `input` shape. + * @see {@link DescribeUserCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class DescribeUserCommand extends $Command + .classBuilder< + DescribeUserCommandInput, + DescribeUserCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "DescribeUser", {}) + .n("DirectoryServiceDataClient", "DescribeUserCommand") + .f(void 0, DescribeUserResultFilterSensitiveLog) + .ser(se_DescribeUserCommand) + .de(de_DescribeUserCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: DescribeUserRequest; + output: DescribeUserResult; + }; + sdk: { + input: DescribeUserCommandInput; + output: DescribeUserCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/DisableUserCommand.ts b/clients/client-directory-service-data/src/commands/DisableUserCommand.ts new file mode 100644 index 000000000000..24e56f067ec6 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/DisableUserCommand.ts @@ -0,0 +1,132 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { DisableUserRequest, DisableUserResult } from "../models/models_0"; +import { de_DisableUserCommand, se_DisableUserCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DisableUserCommand}. + */ +export interface DisableUserCommandInput extends DisableUserRequest {} +/** + * @public + * + * The output of {@link DisableUserCommand}. + */ +export interface DisableUserCommandOutput extends DisableUserResult, __MetadataBearer {} + +/** + *

Deactivates an active user account. For information about how to enable an inactive user + * account, see ResetUserPassword + * in the Directory Service API Reference.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, DisableUserCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, DisableUserCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // DisableUserRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * ClientToken: "STRING_VALUE", + * }; + * const command = new DisableUserCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param DisableUserCommandInput - {@link DisableUserCommandInput} + * @returns {@link DisableUserCommandOutput} + * @see {@link DisableUserCommandInput} for command's `input` shape. + * @see {@link DisableUserCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class DisableUserCommand extends $Command + .classBuilder< + DisableUserCommandInput, + DisableUserCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "DisableUser", {}) + .n("DirectoryServiceDataClient", "DisableUserCommand") + .f(void 0, void 0) + .ser(se_DisableUserCommand) + .de(de_DisableUserCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: DisableUserRequest; + output: {}; + }; + sdk: { + input: DisableUserCommandInput; + output: DisableUserCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/ListGroupMembersCommand.ts b/clients/client-directory-service-data/src/commands/ListGroupMembersCommand.ts new file mode 100644 index 000000000000..9787bd9b873f --- /dev/null +++ b/clients/client-directory-service-data/src/commands/ListGroupMembersCommand.ts @@ -0,0 +1,147 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + ListGroupMembersRequest, + ListGroupMembersRequestFilterSensitiveLog, + ListGroupMembersResult, + ListGroupMembersResultFilterSensitiveLog, +} from "../models/models_0"; +import { de_ListGroupMembersCommand, se_ListGroupMembersCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link ListGroupMembersCommand}. + */ +export interface ListGroupMembersCommandInput extends ListGroupMembersRequest {} +/** + * @public + * + * The output of {@link ListGroupMembersCommand}. + */ +export interface ListGroupMembersCommandOutput extends ListGroupMembersResult, __MetadataBearer {} + +/** + *

Returns member information for the specified group.

+ *

This operation supports pagination with the use of the NextToken request and + * response parameters. If more results are available, the + * ListGroupMembers.NextToken member contains a token that you pass in the next + * call to ListGroupMembers. This retrieves the next set of items.

+ *

You can also specify a maximum number of return results with the MaxResults + * parameter.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, ListGroupMembersCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, ListGroupMembersCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // ListGroupMembersRequest + * DirectoryId: "STRING_VALUE", // required + * Realm: "STRING_VALUE", + * MemberRealm: "STRING_VALUE", + * SAMAccountName: "STRING_VALUE", // required + * NextToken: "STRING_VALUE", + * MaxResults: Number("int"), + * }; + * const command = new ListGroupMembersCommand(input); + * const response = await client.send(command); + * // { // ListGroupMembersResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // MemberRealm: "STRING_VALUE", + * // Members: [ // MemberList + * // { // Member + * // SID: "STRING_VALUE", // required + * // SAMAccountName: "STRING_VALUE", // required + * // MemberType: "USER" || "GROUP" || "COMPUTER", // required + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param ListGroupMembersCommandInput - {@link ListGroupMembersCommandInput} + * @returns {@link ListGroupMembersCommandOutput} + * @see {@link ListGroupMembersCommandInput} for command's `input` shape. + * @see {@link ListGroupMembersCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class ListGroupMembersCommand extends $Command + .classBuilder< + ListGroupMembersCommandInput, + ListGroupMembersCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "ListGroupMembers", {}) + .n("DirectoryServiceDataClient", "ListGroupMembersCommand") + .f(ListGroupMembersRequestFilterSensitiveLog, ListGroupMembersResultFilterSensitiveLog) + .ser(se_ListGroupMembersCommand) + .de(de_ListGroupMembersCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: ListGroupMembersRequest; + output: ListGroupMembersResult; + }; + sdk: { + input: ListGroupMembersCommandInput; + output: ListGroupMembersCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/ListGroupsCommand.ts b/clients/client-directory-service-data/src/commands/ListGroupsCommand.ts new file mode 100644 index 000000000000..3eef967f0af0 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/ListGroupsCommand.ts @@ -0,0 +1,142 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + ListGroupsRequest, + ListGroupsRequestFilterSensitiveLog, + ListGroupsResult, + ListGroupsResultFilterSensitiveLog, +} from "../models/models_0"; +import { de_ListGroupsCommand, se_ListGroupsCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link ListGroupsCommand}. + */ +export interface ListGroupsCommandInput extends ListGroupsRequest {} +/** + * @public + * + * The output of {@link ListGroupsCommand}. + */ +export interface ListGroupsCommandOutput extends ListGroupsResult, __MetadataBearer {} + +/** + *

Returns group information for the specified directory.

+ *

This operation supports pagination with the use of the NextToken request and + * response parameters. If more results are available, the ListGroups.NextToken + * member contains a token that you pass in the next call to ListGroups. This + * retrieves the next set of items.

+ *

You can also specify a maximum number of return results with the MaxResults + * parameter.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, ListGroupsCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, ListGroupsCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // ListGroupsRequest + * DirectoryId: "STRING_VALUE", // required + * Realm: "STRING_VALUE", + * NextToken: "STRING_VALUE", + * MaxResults: Number("int"), + * }; + * const command = new ListGroupsCommand(input); + * const response = await client.send(command); + * // { // ListGroupsResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // Groups: [ // GroupSummaryList + * // { // GroupSummary + * // SID: "STRING_VALUE", // required + * // SAMAccountName: "STRING_VALUE", // required + * // GroupType: "Distribution" || "Security", // required + * // GroupScope: "DomainLocal" || "Global" || "Universal" || "BuiltinLocal", // required + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param ListGroupsCommandInput - {@link ListGroupsCommandInput} + * @returns {@link ListGroupsCommandOutput} + * @see {@link ListGroupsCommandInput} for command's `input` shape. + * @see {@link ListGroupsCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class ListGroupsCommand extends $Command + .classBuilder< + ListGroupsCommandInput, + ListGroupsCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "ListGroups", {}) + .n("DirectoryServiceDataClient", "ListGroupsCommand") + .f(ListGroupsRequestFilterSensitiveLog, ListGroupsResultFilterSensitiveLog) + .ser(se_ListGroupsCommand) + .de(de_ListGroupsCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: ListGroupsRequest; + output: ListGroupsResult; + }; + sdk: { + input: ListGroupsCommandInput; + output: ListGroupsCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/ListGroupsForMemberCommand.ts b/clients/client-directory-service-data/src/commands/ListGroupsForMemberCommand.ts new file mode 100644 index 000000000000..88eab3abb706 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/ListGroupsForMemberCommand.ts @@ -0,0 +1,148 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + ListGroupsForMemberRequest, + ListGroupsForMemberRequestFilterSensitiveLog, + ListGroupsForMemberResult, + ListGroupsForMemberResultFilterSensitiveLog, +} from "../models/models_0"; +import { de_ListGroupsForMemberCommand, se_ListGroupsForMemberCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link ListGroupsForMemberCommand}. + */ +export interface ListGroupsForMemberCommandInput extends ListGroupsForMemberRequest {} +/** + * @public + * + * The output of {@link ListGroupsForMemberCommand}. + */ +export interface ListGroupsForMemberCommandOutput extends ListGroupsForMemberResult, __MetadataBearer {} + +/** + *

Returns group information for the specified member.

+ *

This operation supports pagination with the use of the NextToken request and + * response parameters. If more results are available, the + * ListGroupsForMember.NextToken member contains a token that you pass in the next + * call to ListGroupsForMember. This retrieves the next set of items.

+ *

You can also specify a maximum number of return results with the MaxResults + * parameter.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, ListGroupsForMemberCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, ListGroupsForMemberCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // ListGroupsForMemberRequest + * DirectoryId: "STRING_VALUE", // required + * Realm: "STRING_VALUE", + * MemberRealm: "STRING_VALUE", + * SAMAccountName: "STRING_VALUE", // required + * NextToken: "STRING_VALUE", + * MaxResults: Number("int"), + * }; + * const command = new ListGroupsForMemberCommand(input); + * const response = await client.send(command); + * // { // ListGroupsForMemberResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // MemberRealm: "STRING_VALUE", + * // Groups: [ // GroupSummaryList + * // { // GroupSummary + * // SID: "STRING_VALUE", // required + * // SAMAccountName: "STRING_VALUE", // required + * // GroupType: "Distribution" || "Security", // required + * // GroupScope: "DomainLocal" || "Global" || "Universal" || "BuiltinLocal", // required + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param ListGroupsForMemberCommandInput - {@link ListGroupsForMemberCommandInput} + * @returns {@link ListGroupsForMemberCommandOutput} + * @see {@link ListGroupsForMemberCommandInput} for command's `input` shape. + * @see {@link ListGroupsForMemberCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class ListGroupsForMemberCommand extends $Command + .classBuilder< + ListGroupsForMemberCommandInput, + ListGroupsForMemberCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "ListGroupsForMember", {}) + .n("DirectoryServiceDataClient", "ListGroupsForMemberCommand") + .f(ListGroupsForMemberRequestFilterSensitiveLog, ListGroupsForMemberResultFilterSensitiveLog) + .ser(se_ListGroupsForMemberCommand) + .de(de_ListGroupsForMemberCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: ListGroupsForMemberRequest; + output: ListGroupsForMemberResult; + }; + sdk: { + input: ListGroupsForMemberCommandInput; + output: ListGroupsForMemberCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/ListUsersCommand.ts b/clients/client-directory-service-data/src/commands/ListUsersCommand.ts new file mode 100644 index 000000000000..0b7a46cd6e67 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/ListUsersCommand.ts @@ -0,0 +1,143 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + ListUsersRequest, + ListUsersRequestFilterSensitiveLog, + ListUsersResult, + ListUsersResultFilterSensitiveLog, +} from "../models/models_0"; +import { de_ListUsersCommand, se_ListUsersCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link ListUsersCommand}. + */ +export interface ListUsersCommandInput extends ListUsersRequest {} +/** + * @public + * + * The output of {@link ListUsersCommand}. + */ +export interface ListUsersCommandOutput extends ListUsersResult, __MetadataBearer {} + +/** + *

Returns user information for the specified directory.

+ *

This operation supports pagination with the use of the NextToken request and + * response parameters. If more results are available, the ListUsers.NextToken + * member contains a token that you pass in the next call to ListUsers. This + * retrieves the next set of items.

+ *

You can also specify a maximum number of return results with the MaxResults + * parameter.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, ListUsersCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, ListUsersCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // ListUsersRequest + * DirectoryId: "STRING_VALUE", // required + * Realm: "STRING_VALUE", + * NextToken: "STRING_VALUE", + * MaxResults: Number("int"), + * }; + * const command = new ListUsersCommand(input); + * const response = await client.send(command); + * // { // ListUsersResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // Users: [ // UserSummaryList + * // { // UserSummary + * // SID: "STRING_VALUE", // required + * // SAMAccountName: "STRING_VALUE", // required + * // GivenName: "STRING_VALUE", + * // Surname: "STRING_VALUE", + * // Enabled: true || false, // required + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param ListUsersCommandInput - {@link ListUsersCommandInput} + * @returns {@link ListUsersCommandOutput} + * @see {@link ListUsersCommandInput} for command's `input` shape. + * @see {@link ListUsersCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class ListUsersCommand extends $Command + .classBuilder< + ListUsersCommandInput, + ListUsersCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "ListUsers", {}) + .n("DirectoryServiceDataClient", "ListUsersCommand") + .f(ListUsersRequestFilterSensitiveLog, ListUsersResultFilterSensitiveLog) + .ser(se_ListUsersCommand) + .de(de_ListUsersCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: ListUsersRequest; + output: ListUsersResult; + }; + sdk: { + input: ListUsersCommandInput; + output: ListUsersCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/RemoveGroupMemberCommand.ts b/clients/client-directory-service-data/src/commands/RemoveGroupMemberCommand.ts new file mode 100644 index 000000000000..af89119414da --- /dev/null +++ b/clients/client-directory-service-data/src/commands/RemoveGroupMemberCommand.ts @@ -0,0 +1,132 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { RemoveGroupMemberRequest, RemoveGroupMemberResult } from "../models/models_0"; +import { de_RemoveGroupMemberCommand, se_RemoveGroupMemberCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link RemoveGroupMemberCommand}. + */ +export interface RemoveGroupMemberCommandInput extends RemoveGroupMemberRequest {} +/** + * @public + * + * The output of {@link RemoveGroupMemberCommand}. + */ +export interface RemoveGroupMemberCommandOutput extends RemoveGroupMemberResult, __MetadataBearer {} + +/** + *

Removes a member from a group.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, RemoveGroupMemberCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, RemoveGroupMemberCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // RemoveGroupMemberRequest + * DirectoryId: "STRING_VALUE", // required + * GroupName: "STRING_VALUE", // required + * MemberName: "STRING_VALUE", // required + * MemberRealm: "STRING_VALUE", + * ClientToken: "STRING_VALUE", + * }; + * const command = new RemoveGroupMemberCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param RemoveGroupMemberCommandInput - {@link RemoveGroupMemberCommandInput} + * @returns {@link RemoveGroupMemberCommandOutput} + * @see {@link RemoveGroupMemberCommandInput} for command's `input` shape. + * @see {@link RemoveGroupMemberCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class RemoveGroupMemberCommand extends $Command + .classBuilder< + RemoveGroupMemberCommandInput, + RemoveGroupMemberCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "RemoveGroupMember", {}) + .n("DirectoryServiceDataClient", "RemoveGroupMemberCommand") + .f(void 0, void 0) + .ser(se_RemoveGroupMemberCommand) + .de(de_RemoveGroupMemberCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: RemoveGroupMemberRequest; + output: {}; + }; + sdk: { + input: RemoveGroupMemberCommandInput; + output: RemoveGroupMemberCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/SearchGroupsCommand.ts b/clients/client-directory-service-data/src/commands/SearchGroupsCommand.ts new file mode 100644 index 000000000000..cb481ef73124 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/SearchGroupsCommand.ts @@ -0,0 +1,159 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + SearchGroupsRequest, + SearchGroupsRequestFilterSensitiveLog, + SearchGroupsResult, + SearchGroupsResultFilterSensitiveLog, +} from "../models/models_0"; +import { de_SearchGroupsCommand, se_SearchGroupsCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link SearchGroupsCommand}. + */ +export interface SearchGroupsCommandInput extends SearchGroupsRequest {} +/** + * @public + * + * The output of {@link SearchGroupsCommand}. + */ +export interface SearchGroupsCommandOutput extends SearchGroupsResult, __MetadataBearer {} + +/** + *

Searches the specified directory for a group. You can find groups that match the + * SearchString parameter with the value of their attributes included in the + * SearchString parameter.

+ *

This operation supports pagination with the use of the NextToken request and + * response parameters. If more results are available, the SearchGroups.NextToken + * member contains a token that you pass in the next call to SearchGroups. This + * retrieves the next set of items.

+ *

You can also specify a maximum number of return results with the MaxResults + * parameter.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, SearchGroupsCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, SearchGroupsCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // SearchGroupsRequest + * DirectoryId: "STRING_VALUE", // required + * SearchString: "STRING_VALUE", // required + * SearchAttributes: [ // LdapDisplayNameList // required + * "STRING_VALUE", + * ], + * Realm: "STRING_VALUE", + * NextToken: "STRING_VALUE", + * MaxResults: Number("int"), + * }; + * const command = new SearchGroupsCommand(input); + * const response = await client.send(command); + * // { // SearchGroupsResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // Groups: [ // GroupList + * // { // Group + * // SID: "STRING_VALUE", + * // SAMAccountName: "STRING_VALUE", // required + * // DistinguishedName: "STRING_VALUE", + * // GroupType: "Distribution" || "Security", + * // GroupScope: "DomainLocal" || "Global" || "Universal" || "BuiltinLocal", + * // OtherAttributes: { // Attributes + * // "": { // AttributeValue Union: only one key present + * // S: "STRING_VALUE", + * // N: Number("long"), + * // BOOL: true || false, + * // SS: [ // StringSetAttributeValue + * // "STRING_VALUE", + * // ], + * // }, + * // }, + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param SearchGroupsCommandInput - {@link SearchGroupsCommandInput} + * @returns {@link SearchGroupsCommandOutput} + * @see {@link SearchGroupsCommandInput} for command's `input` shape. + * @see {@link SearchGroupsCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class SearchGroupsCommand extends $Command + .classBuilder< + SearchGroupsCommandInput, + SearchGroupsCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "SearchGroups", {}) + .n("DirectoryServiceDataClient", "SearchGroupsCommand") + .f(SearchGroupsRequestFilterSensitiveLog, SearchGroupsResultFilterSensitiveLog) + .ser(se_SearchGroupsCommand) + .de(de_SearchGroupsCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: SearchGroupsRequest; + output: SearchGroupsResult; + }; + sdk: { + input: SearchGroupsCommandInput; + output: SearchGroupsCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/SearchUsersCommand.ts b/clients/client-directory-service-data/src/commands/SearchUsersCommand.ts new file mode 100644 index 000000000000..dfa9829da139 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/SearchUsersCommand.ts @@ -0,0 +1,162 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + SearchUsersRequest, + SearchUsersRequestFilterSensitiveLog, + SearchUsersResult, + SearchUsersResultFilterSensitiveLog, +} from "../models/models_0"; +import { de_SearchUsersCommand, se_SearchUsersCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link SearchUsersCommand}. + */ +export interface SearchUsersCommandInput extends SearchUsersRequest {} +/** + * @public + * + * The output of {@link SearchUsersCommand}. + */ +export interface SearchUsersCommandOutput extends SearchUsersResult, __MetadataBearer {} + +/** + *

Searches the specified directory for a user. You can find users that match the + * SearchString parameter with the value of their attributes included in the + * SearchString parameter.

+ *

This operation supports pagination with the use of the NextToken request and + * response parameters. If more results are available, the SearchUsers.NextToken + * member contains a token that you pass in the next call to SearchUsers. This + * retrieves the next set of items.

+ *

You can also specify a maximum number of return results with the MaxResults + * parameter.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, SearchUsersCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, SearchUsersCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // SearchUsersRequest + * DirectoryId: "STRING_VALUE", // required + * Realm: "STRING_VALUE", + * SearchString: "STRING_VALUE", // required + * SearchAttributes: [ // LdapDisplayNameList // required + * "STRING_VALUE", + * ], + * NextToken: "STRING_VALUE", + * MaxResults: Number("int"), + * }; + * const command = new SearchUsersCommand(input); + * const response = await client.send(command); + * // { // SearchUsersResult + * // DirectoryId: "STRING_VALUE", + * // Realm: "STRING_VALUE", + * // Users: [ // UserList + * // { // User + * // SID: "STRING_VALUE", + * // SAMAccountName: "STRING_VALUE", // required + * // DistinguishedName: "STRING_VALUE", + * // UserPrincipalName: "STRING_VALUE", + * // EmailAddress: "STRING_VALUE", + * // GivenName: "STRING_VALUE", + * // Surname: "STRING_VALUE", + * // Enabled: true || false, + * // OtherAttributes: { // Attributes + * // "": { // AttributeValue Union: only one key present + * // S: "STRING_VALUE", + * // N: Number("long"), + * // BOOL: true || false, + * // SS: [ // StringSetAttributeValue + * // "STRING_VALUE", + * // ], + * // }, + * // }, + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param SearchUsersCommandInput - {@link SearchUsersCommandInput} + * @returns {@link SearchUsersCommandOutput} + * @see {@link SearchUsersCommandInput} for command's `input` shape. + * @see {@link SearchUsersCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class SearchUsersCommand extends $Command + .classBuilder< + SearchUsersCommandInput, + SearchUsersCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "SearchUsers", {}) + .n("DirectoryServiceDataClient", "SearchUsersCommand") + .f(SearchUsersRequestFilterSensitiveLog, SearchUsersResultFilterSensitiveLog) + .ser(se_SearchUsersCommand) + .de(de_SearchUsersCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: SearchUsersRequest; + output: SearchUsersResult; + }; + sdk: { + input: SearchUsersCommandInput; + output: SearchUsersCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/UpdateGroupCommand.ts b/clients/client-directory-service-data/src/commands/UpdateGroupCommand.ts new file mode 100644 index 000000000000..59105d58a08f --- /dev/null +++ b/clients/client-directory-service-data/src/commands/UpdateGroupCommand.ts @@ -0,0 +1,143 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { UpdateGroupRequest, UpdateGroupRequestFilterSensitiveLog, UpdateGroupResult } from "../models/models_0"; +import { de_UpdateGroupCommand, se_UpdateGroupCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link UpdateGroupCommand}. + */ +export interface UpdateGroupCommandInput extends UpdateGroupRequest {} +/** + * @public + * + * The output of {@link UpdateGroupCommand}. + */ +export interface UpdateGroupCommandOutput extends UpdateGroupResult, __MetadataBearer {} + +/** + *

Updates group information.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, UpdateGroupCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, UpdateGroupCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // UpdateGroupRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * GroupType: "Distribution" || "Security", + * GroupScope: "DomainLocal" || "Global" || "Universal" || "BuiltinLocal", + * OtherAttributes: { // Attributes + * "": { // AttributeValue Union: only one key present + * S: "STRING_VALUE", + * N: Number("long"), + * BOOL: true || false, + * SS: [ // StringSetAttributeValue + * "STRING_VALUE", + * ], + * }, + * }, + * UpdateType: "ADD" || "REPLACE" || "REMOVE", + * ClientToken: "STRING_VALUE", + * }; + * const command = new UpdateGroupCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param UpdateGroupCommandInput - {@link UpdateGroupCommandInput} + * @returns {@link UpdateGroupCommandOutput} + * @see {@link UpdateGroupCommandInput} for command's `input` shape. + * @see {@link UpdateGroupCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class UpdateGroupCommand extends $Command + .classBuilder< + UpdateGroupCommandInput, + UpdateGroupCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "UpdateGroup", {}) + .n("DirectoryServiceDataClient", "UpdateGroupCommand") + .f(UpdateGroupRequestFilterSensitiveLog, void 0) + .ser(se_UpdateGroupCommand) + .de(de_UpdateGroupCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: UpdateGroupRequest; + output: {}; + }; + sdk: { + input: UpdateGroupCommandInput; + output: UpdateGroupCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/UpdateUserCommand.ts b/clients/client-directory-service-data/src/commands/UpdateUserCommand.ts new file mode 100644 index 000000000000..e26885a697eb --- /dev/null +++ b/clients/client-directory-service-data/src/commands/UpdateUserCommand.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes, +} from "../DirectoryServiceDataClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { UpdateUserRequest, UpdateUserRequestFilterSensitiveLog, UpdateUserResult } from "../models/models_0"; +import { de_UpdateUserCommand, se_UpdateUserCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link UpdateUserCommand}. + */ +export interface UpdateUserCommandInput extends UpdateUserRequest {} +/** + * @public + * + * The output of {@link UpdateUserCommand}. + */ +export interface UpdateUserCommandOutput extends UpdateUserResult, __MetadataBearer {} + +/** + *

Updates user information.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { DirectoryServiceDataClient, UpdateUserCommand } from "@aws-sdk/client-directory-service-data"; // ES Modules import + * // const { DirectoryServiceDataClient, UpdateUserCommand } = require("@aws-sdk/client-directory-service-data"); // CommonJS import + * const client = new DirectoryServiceDataClient(config); + * const input = { // UpdateUserRequest + * DirectoryId: "STRING_VALUE", // required + * SAMAccountName: "STRING_VALUE", // required + * EmailAddress: "STRING_VALUE", + * GivenName: "STRING_VALUE", + * Surname: "STRING_VALUE", + * OtherAttributes: { // Attributes + * "": { // AttributeValue Union: only one key present + * S: "STRING_VALUE", + * N: Number("long"), + * BOOL: true || false, + * SS: [ // StringSetAttributeValue + * "STRING_VALUE", + * ], + * }, + * }, + * UpdateType: "ADD" || "REPLACE" || "REMOVE", + * ClientToken: "STRING_VALUE", + * }; + * const command = new UpdateUserCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param UpdateUserCommandInput - {@link UpdateUserCommandInput} + * @returns {@link UpdateUserCommandOutput} + * @see {@link UpdateUserCommandInput} for command's `input` shape. + * @see {@link UpdateUserCommandOutput} for command's `response` shape. + * @see {@link DirectoryServiceDataClientResolvedConfig | config} for DirectoryServiceDataClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * + * @throws {@link ConflictException} (client fault) + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * + * @throws {@link DirectoryUnavailableException} (client fault) + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * + * @throws {@link InternalServerException} (server fault) + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * + * @throws {@link ResourceNotFoundException} (client fault) + *

The resource couldn't be found.

+ * + * @throws {@link ThrottlingException} (client fault) + *

The limit on the number of requests per second has been exceeded.

+ * + * @throws {@link ValidationException} (client fault) + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * + * @throws {@link DirectoryServiceDataServiceException} + *

Base exception class for all service exceptions from DirectoryServiceData service.

+ * + * @public + */ +export class UpdateUserCommand extends $Command + .classBuilder< + UpdateUserCommandInput, + UpdateUserCommandOutput, + DirectoryServiceDataClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep(commonParams) + .m(function (this: any, Command: any, cs: any, config: DirectoryServiceDataClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("DirectoryServiceData", "UpdateUser", {}) + .n("DirectoryServiceDataClient", "UpdateUserCommand") + .f(UpdateUserRequestFilterSensitiveLog, void 0) + .ser(se_UpdateUserCommand) + .de(de_UpdateUserCommand) + .build() { + /** @internal type navigation helper, not in runtime. */ + protected declare static __types: { + api: { + input: UpdateUserRequest; + output: {}; + }; + sdk: { + input: UpdateUserCommandInput; + output: UpdateUserCommandOutput; + }; + }; +} diff --git a/clients/client-directory-service-data/src/commands/index.ts b/clients/client-directory-service-data/src/commands/index.ts new file mode 100644 index 000000000000..47afdb573630 --- /dev/null +++ b/clients/client-directory-service-data/src/commands/index.ts @@ -0,0 +1,18 @@ +// smithy-typescript generated code +export * from "./AddGroupMemberCommand"; +export * from "./CreateGroupCommand"; +export * from "./CreateUserCommand"; +export * from "./DeleteGroupCommand"; +export * from "./DeleteUserCommand"; +export * from "./DescribeGroupCommand"; +export * from "./DescribeUserCommand"; +export * from "./DisableUserCommand"; +export * from "./ListGroupMembersCommand"; +export * from "./ListGroupsCommand"; +export * from "./ListGroupsForMemberCommand"; +export * from "./ListUsersCommand"; +export * from "./RemoveGroupMemberCommand"; +export * from "./SearchGroupsCommand"; +export * from "./SearchUsersCommand"; +export * from "./UpdateGroupCommand"; +export * from "./UpdateUserCommand"; diff --git a/clients/client-directory-service-data/src/endpoint/EndpointParameters.ts b/clients/client-directory-service-data/src/endpoint/EndpointParameters.ts new file mode 100644 index 000000000000..2767d13ee97b --- /dev/null +++ b/clients/client-directory-service-data/src/endpoint/EndpointParameters.ts @@ -0,0 +1,41 @@ +// smithy-typescript generated code +import { Endpoint, EndpointParameters as __EndpointParameters, EndpointV2, Provider } from "@smithy/types"; + +/** + * @public + */ +export interface ClientInputEndpointParameters { + region?: string | Provider; + useDualstackEndpoint?: boolean | Provider; + useFipsEndpoint?: boolean | Provider; + endpoint?: string | Provider | Endpoint | Provider | EndpointV2 | Provider; +} + +export type ClientResolvedEndpointParameters = ClientInputEndpointParameters & { + defaultSigningName: string; +}; + +export const resolveClientEndpointParameters = ( + options: T & ClientInputEndpointParameters +): T & ClientResolvedEndpointParameters => { + return { + ...options, + useDualstackEndpoint: options.useDualstackEndpoint ?? false, + useFipsEndpoint: options.useFipsEndpoint ?? false, + defaultSigningName: "ds-data", + }; +}; + +export const commonParams = { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, +} as const; + +export interface EndpointParameters extends __EndpointParameters { + Region?: string; + UseDualStack?: boolean; + UseFIPS?: boolean; + Endpoint?: string; +} diff --git a/clients/client-directory-service-data/src/endpoint/endpointResolver.ts b/clients/client-directory-service-data/src/endpoint/endpointResolver.ts new file mode 100644 index 000000000000..ccee107f30d6 --- /dev/null +++ b/clients/client-directory-service-data/src/endpoint/endpointResolver.ts @@ -0,0 +1,26 @@ +// smithy-typescript generated code +import { awsEndpointFunctions } from "@aws-sdk/util-endpoints"; +import { EndpointV2, Logger } from "@smithy/types"; +import { customEndpointFunctions, EndpointCache, EndpointParams, resolveEndpoint } from "@smithy/util-endpoints"; + +import { EndpointParameters } from "./EndpointParameters"; +import { ruleSet } from "./ruleset"; + +const cache = new EndpointCache({ + size: 50, + params: ["Endpoint", "Region", "UseDualStack", "UseFIPS"], +}); + +export const defaultEndpointResolver = ( + endpointParams: EndpointParameters, + context: { logger?: Logger } = {} +): EndpointV2 => { + return cache.get(endpointParams as EndpointParams, () => + resolveEndpoint(ruleSet, { + endpointParams: endpointParams as EndpointParams, + logger: context.logger, + }) + ); +}; + +customEndpointFunctions.aws = awsEndpointFunctions; diff --git a/clients/client-directory-service-data/src/endpoint/ruleset.ts b/clients/client-directory-service-data/src/endpoint/ruleset.ts new file mode 100644 index 000000000000..0ad515f14eda --- /dev/null +++ b/clients/client-directory-service-data/src/endpoint/ruleset.ts @@ -0,0 +1,32 @@ +// @ts-nocheck +// generated code, do not edit +import { RuleSetObject } from "@smithy/types"; + +/* This file is compressed. Log this object + or see "smithy.rules#endpointRuleSet" + in codegen/sdk-codegen/aws-models/directory-service-data.json */ + +const s="required", +t="fn", +u="argv", +v="ref"; +const a=true, +b="isSet", +c="booleanEquals", +d="error", +e="endpoint", +f="tree", +g="PartitionResult", +h={[s]:false,"type":"String"}, +i={[s]:true,"default":false,"type":"Boolean"}, +j={[v]:"Endpoint"}, +k={[t]:c,[u]:[{[v]:"UseFIPS"},true]}, +l={[t]:c,[u]:[{[v]:"UseDualStack"},true]}, +m={}, +n={[t]:"getAttr",[u]:[{[v]:g},"supportsFIPS"]}, +o={[t]:c,[u]:[true,{[t]:"getAttr",[u]:[{[v]:g},"supportsDualStack"]}]}, +p=[k], +q=[l], +r=[{[v]:"Region"}]; +const _data={version:"1.0",parameters:{Region:h,UseDualStack:i,UseFIPS:i,Endpoint:h},rules:[{conditions:[{[t]:b,[u]:[j]}],rules:[{conditions:p,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:d},{rules:[{conditions:q,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:d},{endpoint:{url:j,properties:m,headers:m},type:e}],type:f}],type:f},{rules:[{conditions:[{[t]:b,[u]:r}],rules:[{conditions:[{[t]:"aws.partition",[u]:r,assign:g}],rules:[{conditions:[k,l],rules:[{conditions:[{[t]:c,[u]:[a,n]},o],rules:[{rules:[{endpoint:{url:"https://ds-data-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:e}],type:f}],type:f},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:d}],type:f},{conditions:p,rules:[{conditions:[{[t]:c,[u]:[n,a]}],rules:[{rules:[{endpoint:{url:"https://ds-data-fips.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:e}],type:f}],type:f},{error:"FIPS is enabled but this partition does not support FIPS",type:d}],type:f},{conditions:q,rules:[{conditions:[o],rules:[{rules:[{endpoint:{url:"https://ds-data.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:e}],type:f}],type:f},{error:"DualStack is enabled but this partition does not support DualStack",type:d}],type:f},{rules:[{endpoint:{url:"https://ds-data.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:e}],type:f}],type:f}],type:f},{error:"Invalid Configuration: Missing Region",type:d}],type:f}]}; +export const ruleSet: RuleSetObject = _data; diff --git a/clients/client-directory-service-data/src/extensionConfiguration.ts b/clients/client-directory-service-data/src/extensionConfiguration.ts new file mode 100644 index 000000000000..e91940dc16fd --- /dev/null +++ b/clients/client-directory-service-data/src/extensionConfiguration.ts @@ -0,0 +1,15 @@ +// smithy-typescript generated code +import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; +import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; +import { DefaultExtensionConfiguration } from "@smithy/types"; + +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + +/** + * @internal + */ +export interface DirectoryServiceDataExtensionConfiguration + extends HttpHandlerExtensionConfiguration, + DefaultExtensionConfiguration, + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-directory-service-data/src/index.ts b/clients/client-directory-service-data/src/index.ts new file mode 100644 index 000000000000..0992f21ee467 --- /dev/null +++ b/clients/client-directory-service-data/src/index.ts @@ -0,0 +1,67 @@ +// smithy-typescript generated code +/* eslint-disable */ +/** + *

Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information + * about Directory Service Data operations and object types.

+ *

With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from + * your Managed Microsoft AD without additional costs and without deploying dedicated management + * instances. You can also perform built-in object management tasks across directories without + * direct network connectivity, which simplifies provisioning and access management to achieve + * fully automated deployments. Directory Service Data supports user and group write operations, such as + * CreateUser and CreateGroup, within the organizational unit (OU) of + * your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers and + * ListGroups, on all users, groups, and group memberships within your + * Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in + * your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles + * and permissions. For more information, see Manage users and + * groups in the Directory Service Administration Guide.

+ * + *

Directory management operations and configuration changes made against the Directory Service + * API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay + * between management changes, such as adding a new directory trust and calling the Directory Service Data API + * for the newly created trusted realm.

+ *
+ *

Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on + * underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain + * controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data + * uses an available domain controller. As a result, you might notice eventual consistency while + * objects replicate from one domain controller to another domain controller. For more + * information, see What + * gets created in the Directory Service Administration Guide. + * Directory limits vary by Managed Microsoft AD edition:

+ *
    + *
  • + *

    + * Standard edition – Supports 8 transactions per + * second (TPS) for read operations and 4 TPS for write operations per directory. There's a + * concurrency limit of 10 concurrent requests.

    + *
  • + *
  • + *

    + * Enterprise edition – Supports 16 transactions per + * second (TPS) for read operations and 8 TPS for write operations per directory. There's a + * concurrency limit of 10 concurrent requests.

    + *
  • + *
  • + *

    + * Amazon Web Services Account - Supports a total of 100 TPS for + * Directory Service Data operations across all directories.

    + *
  • + *
+ *

Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary + * Amazon Web Services Region. For more information, see Managed Microsoft AD + * and Primary vs additional Regions in the Directory Service Administration + * Guide.

+ * + * @packageDocumentation + */ +export * from "./DirectoryServiceDataClient"; +export * from "./DirectoryServiceData"; +export { ClientInputEndpointParameters } from "./endpoint/EndpointParameters"; +export type { RuntimeExtension } from "./runtimeExtensions"; +export type { DirectoryServiceDataExtensionConfiguration } from "./extensionConfiguration"; +export * from "./commands"; +export * from "./pagination"; +export * from "./models"; + +export { DirectoryServiceDataServiceException } from "./models/DirectoryServiceDataServiceException"; diff --git a/clients/client-directory-service-data/src/models/DirectoryServiceDataServiceException.ts b/clients/client-directory-service-data/src/models/DirectoryServiceDataServiceException.ts new file mode 100644 index 000000000000..3acfae7749b2 --- /dev/null +++ b/clients/client-directory-service-data/src/models/DirectoryServiceDataServiceException.ts @@ -0,0 +1,24 @@ +// smithy-typescript generated code +import { + ServiceException as __ServiceException, + ServiceExceptionOptions as __ServiceExceptionOptions, +} from "@smithy/smithy-client"; + +export type { __ServiceExceptionOptions }; + +export { __ServiceException }; + +/** + * @public + * + * Base exception class for all service exceptions from DirectoryServiceData service. + */ +export class DirectoryServiceDataServiceException extends __ServiceException { + /** + * @internal + */ + constructor(options: __ServiceExceptionOptions) { + super(options); + Object.setPrototypeOf(this, DirectoryServiceDataServiceException.prototype); + } +} diff --git a/clients/client-directory-service-data/src/models/index.ts b/clients/client-directory-service-data/src/models/index.ts new file mode 100644 index 000000000000..9eaceb12865f --- /dev/null +++ b/clients/client-directory-service-data/src/models/index.ts @@ -0,0 +1,2 @@ +// smithy-typescript generated code +export * from "./models_0"; diff --git a/clients/client-directory-service-data/src/models/models_0.ts b/clients/client-directory-service-data/src/models/models_0.ts new file mode 100644 index 000000000000..6915cef8fe5c --- /dev/null +++ b/clients/client-directory-service-data/src/models/models_0.ts @@ -0,0 +1,2061 @@ +// smithy-typescript generated code +import { ExceptionOptionType as __ExceptionOptionType, SENSITIVE_STRING } from "@smithy/smithy-client"; + +import { DirectoryServiceDataServiceException as __BaseException } from "./DirectoryServiceDataServiceException"; + +/** + * @public + * @enum + */ +export const AccessDeniedReason = { + DATA_DISABLED: "DATA_DISABLED", + DIRECTORY_AUTH: "DIRECTORY_AUTH", + IAM_AUTH: "IAM_AUTH", +} as const; + +/** + * @public + */ +export type AccessDeniedReason = (typeof AccessDeniedReason)[keyof typeof AccessDeniedReason]; + +/** + *

You don't have permission to perform the request or access the directory. It can also + * occur when the DirectoryId doesn't exist or the user, member, or group might be + * outside of your organizational unit (OU).

+ *

Make sure that you have the authentication and authorization to perform the action. + * Review the directory information in the request, and make sure that the object isn't outside + * of your OU.

+ * @public + */ +export class AccessDeniedException extends __BaseException { + readonly name: "AccessDeniedException" = "AccessDeniedException"; + readonly $fault: "client" = "client"; + Message?: string; + /** + *

Reason the request was unauthorized.

+ * @public + */ + Reason?: AccessDeniedReason; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "AccessDeniedException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, AccessDeniedException.prototype); + this.Message = opts.Message; + this.Reason = opts.Reason; + } +} + +/** + * @public + */ +export interface AddGroupMemberRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the group.

+ * @public + */ + GroupName: string | undefined; + + /** + *

The SAMAccountName of the user, group, or computer to add as a group member. + *

+ * @public + */ + MemberName: string | undefined; + + /** + *

The domain name that's associated with the group member. This parameter is required only + * when adding a member outside of your Managed Microsoft AD domain to a group inside of your + * Managed Microsoft AD domain. This parameter defaults to the Managed Microsoft AD domain.

+ * + *

This parameter is case insensitive.

+ *
+ * @public + */ + MemberRealm?: string; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface AddGroupMemberResult {} + +/** + *

This error will occur when you try to create a resource that conflicts with an existing + * object. It can also occur when adding a member to a group that the member is already + * in.

+ *

This error can be caused by a request sent within the 8-hour idempotency window with the + * same client token but different input parameters. Client tokens should not be re-used across + * different requests. After 8 hours, any request with the same client token is treated as a new + * request.

+ * @public + */ +export class ConflictException extends __BaseException { + readonly name: "ConflictException" = "ConflictException"; + readonly $fault: "client" = "client"; + Message?: string; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "ConflictException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, ConflictException.prototype); + this.Message = opts.Message; + } +} + +/** + * @public + * @enum + */ +export const DirectoryUnavailableReason = { + DIRECTORY_RESOURCES_EXCEEDED: "DIRECTORY_RESOURCES_EXCEEDED", + DIRECTORY_TIMEOUT: "DIRECTORY_TIMEOUT", + INVALID_DIRECTORY_STATE: "INVALID_DIRECTORY_STATE", + NO_DISK_SPACE: "NO_DISK_SPACE", + TRUST_AUTH_FAILURE: "TRUST_AUTH_FAILURE", +} as const; + +/** + * @public + */ +export type DirectoryUnavailableReason = (typeof DirectoryUnavailableReason)[keyof typeof DirectoryUnavailableReason]; + +/** + *

The request could not be completed due to a problem in the configuration or current state + * of the specified directory.

+ * @public + */ +export class DirectoryUnavailableException extends __BaseException { + readonly name: "DirectoryUnavailableException" = "DirectoryUnavailableException"; + readonly $fault: "client" = "client"; + $retryable = {}; + Message?: string; + /** + *

Reason the request failed for the specified directory.

+ * @public + */ + Reason?: DirectoryUnavailableReason; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "DirectoryUnavailableException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, DirectoryUnavailableException.prototype); + this.Message = opts.Message; + this.Reason = opts.Reason; + } +} + +/** + *

The operation didn't succeed because an internal error occurred. Try again later.

+ * @public + */ +export class InternalServerException extends __BaseException { + readonly name: "InternalServerException" = "InternalServerException"; + readonly $fault: "server" = "server"; + $retryable = {}; + Message?: string; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "InternalServerException", + $fault: "server", + ...opts, + }); + Object.setPrototypeOf(this, InternalServerException.prototype); + this.Message = opts.Message; + } +} + +/** + *

The resource couldn't be found.

+ * @public + */ +export class ResourceNotFoundException extends __BaseException { + readonly name: "ResourceNotFoundException" = "ResourceNotFoundException"; + readonly $fault: "client" = "client"; + Message?: string; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "ResourceNotFoundException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, ResourceNotFoundException.prototype); + this.Message = opts.Message; + } +} + +/** + *

The limit on the number of requests per second has been exceeded.

+ * @public + */ +export class ThrottlingException extends __BaseException { + readonly name: "ThrottlingException" = "ThrottlingException"; + readonly $fault: "client" = "client"; + $retryable = { + throttling: true, + }; + Message: string | undefined; + /** + *

The recommended amount of seconds to retry after a throttling exception.

+ * @public + */ + RetryAfterSeconds?: number; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "ThrottlingException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, ThrottlingException.prototype); + this.Message = opts.Message; + this.RetryAfterSeconds = opts.RetryAfterSeconds; + } +} + +/** + * @public + * @enum + */ +export const ValidationExceptionReason = { + ATTRIBUTE_EXISTS: "ATTRIBUTE_EXISTS", + DUPLICATE_ATTRIBUTE: "DUPLICATE_ATTRIBUTE", + INVALID_ATTRIBUTE_FOR_GROUP: "INVALID_ATTRIBUTE_FOR_GROUP", + INVALID_ATTRIBUTE_FOR_MODIFY: "INVALID_ATTRIBUTE_FOR_MODIFY", + INVALID_ATTRIBUTE_FOR_SEARCH: "INVALID_ATTRIBUTE_FOR_SEARCH", + INVALID_ATTRIBUTE_FOR_USER: "INVALID_ATTRIBUTE_FOR_USER", + INVALID_ATTRIBUTE_NAME: "INVALID_ATTRIBUTE_NAME", + INVALID_ATTRIBUTE_VALUE: "INVALID_ATTRIBUTE_VALUE", + INVALID_DIRECTORY_TYPE: "INVALID_DIRECTORY_TYPE", + INVALID_NEXT_TOKEN: "INVALID_NEXT_TOKEN", + INVALID_REALM: "INVALID_REALM", + INVALID_SECONDARY_REGION: "INVALID_SECONDARY_REGION", + LDAP_SIZE_LIMIT_EXCEEDED: "LDAP_SIZE_LIMIT_EXCEEDED", + LDAP_UNSUPPORTED_OPERATION: "LDAP_UNSUPPORTED_OPERATION", + MISSING_ATTRIBUTE: "MISSING_ATTRIBUTE", +} as const; + +/** + * @public + */ +export type ValidationExceptionReason = (typeof ValidationExceptionReason)[keyof typeof ValidationExceptionReason]; + +/** + *

The request isn't valid. Review the details in the error message to update the invalid + * parameters or values in your request.

+ * @public + */ +export class ValidationException extends __BaseException { + readonly name: "ValidationException" = "ValidationException"; + readonly $fault: "client" = "client"; + Message?: string; + /** + *

Reason the request failed validation.

+ * @public + */ + Reason?: ValidationExceptionReason; + /** + * @internal + */ + constructor(opts: __ExceptionOptionType) { + super({ + name: "ValidationException", + $fault: "client", + ...opts, + }); + Object.setPrototypeOf(this, ValidationException.prototype); + this.Message = opts.Message; + this.Reason = opts.Reason; + } +} + +/** + *

The data type for an attribute. Each attribute value is described as a name-value pair. + * The name is the AD schema name, and the value is the data itself. For a list of supported + * attributes, see Directory Service Data Attributes. + *

+ * @public + */ +export type AttributeValue = + | AttributeValue.BOOLMember + | AttributeValue.NMember + | AttributeValue.SMember + | AttributeValue.SSMember + | AttributeValue.$UnknownMember; + +/** + * @public + */ +export namespace AttributeValue { + /** + *

Indicates that the attribute type value is a string. For example:

+ *

+ * "S": "S Group" + *

+ * @public + */ + export interface SMember { + S: string; + N?: never; + BOOL?: never; + SS?: never; + $unknown?: never; + } + + /** + *

Indicates that the attribute type value is a number. For example:

+ *

+ * "N": "16" + *

+ * @public + */ + export interface NMember { + S?: never; + N: number; + BOOL?: never; + SS?: never; + $unknown?: never; + } + + /** + *

Indicates that the attribute type value is a boolean. For example:

+ *

+ * "BOOL": true + *

+ * @public + */ + export interface BOOLMember { + S?: never; + N?: never; + BOOL: boolean; + SS?: never; + $unknown?: never; + } + + /** + *

Indicates that the attribute type value is a string set. For example:

+ *

+ * "SS": ["sample_service_class/host.sample.com:1234/sample_service_name_1", + * "sample_service_class/host.sample.com:1234/sample_service_name_2"] + *

+ * @public + */ + export interface SSMember { + S?: never; + N?: never; + BOOL?: never; + SS: string[]; + $unknown?: never; + } + + /** + * @public + */ + export interface $UnknownMember { + S?: never; + N?: never; + BOOL?: never; + SS?: never; + $unknown: [string, any]; + } + + export interface Visitor { + S: (value: string) => T; + N: (value: number) => T; + BOOL: (value: boolean) => T; + SS: (value: string[]) => T; + _: (name: string, value: any) => T; + } + + export const visit = (value: AttributeValue, visitor: Visitor): T => { + if (value.S !== undefined) return visitor.S(value.S); + if (value.N !== undefined) return visitor.N(value.N); + if (value.BOOL !== undefined) return visitor.BOOL(value.BOOL); + if (value.SS !== undefined) return visitor.SS(value.SS); + return visitor._(value.$unknown[0], value.$unknown[1]); + }; +} + +/** + * @public + * @enum + */ +export const GroupScope = { + BUILTIN_LOCAL: "BuiltinLocal", + DOMAIN_LOCAL: "DomainLocal", + GLOBAL: "Global", + UNIVERSAL: "Universal", +} as const; + +/** + * @public + */ +export type GroupScope = (typeof GroupScope)[keyof typeof GroupScope]; + +/** + * @public + * @enum + */ +export const GroupType = { + DISTRIBUTION: "Distribution", + SECURITY: "Security", +} as const; + +/** + * @public + */ +export type GroupType = (typeof GroupType)[keyof typeof GroupType]; + +/** + * @public + */ +export interface CreateGroupRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The AD group type. For details, see Active Directory security group type.

+ * @public + */ + GroupType?: GroupType; + + /** + *

The scope of the AD group. For details, see Active Directory security group scope.

+ * @public + */ + GroupScope?: GroupScope; + + /** + *

An expression that defines one or more attributes with the data type and value of each + * attribute.

+ * @public + */ + OtherAttributes?: Record; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface CreateGroupResult { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId?: string; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName?: string; + + /** + *

The unique security identifier (SID) of the group.

+ * @public + */ + SID?: string; +} + +/** + * @public + */ +export interface CreateUserRequest { + /** + *

The identifier (ID) of the directory that’s associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The email address of the user.

+ * @public + */ + EmailAddress?: string; + + /** + *

The first name of the user.

+ * @public + */ + GivenName?: string; + + /** + *

The last name of the user.

+ * @public + */ + Surname?: string; + + /** + *

An expression that defines one or more attribute names with the data type and value of + * each attribute. A key is an attribute name, and the value is a list of maps. For a list of + * supported attributes, see Directory Service Data Attributes.

+ * + *

Attribute names are case insensitive.

+ *
+ * @public + */ + OtherAttributes?: Record; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface CreateUserResult { + /** + *

The identifier (ID) of the directory where the address block is added.

+ * @public + */ + DirectoryId?: string; + + /** + *

The unique security identifier (SID) of the user.

+ * @public + */ + SID?: string; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName?: string; +} + +/** + * @public + */ +export interface DeleteGroupRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface DeleteGroupResult {} + +/** + * @public + */ +export interface DeleteUserRequest { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface DeleteUserResult {} + +/** + * @public + */ +export interface DescribeGroupRequest { + /** + *

The Identifier (ID) of the directory associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The domain name that's associated with the group.

+ * + *

This parameter is optional, so you can return groups outside of your Managed Microsoft AD + * domain. When no value is defined, only your Managed Microsoft AD groups are returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

One or more attributes to be returned for the group. For a list of supported attributes, + * see Directory Service Data Attributes. + *

+ * @public + */ + OtherAttributes?: string[]; +} + +/** + * @public + */ +export interface DescribeGroupResult { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain name that's associated with the group.

+ * @public + */ + Realm?: string; + + /** + *

The unique security identifier (SID) of the group.

+ * @public + */ + SID?: string; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName?: string; + + /** + *

The distinguished name of the object.

+ * @public + */ + DistinguishedName?: string; + + /** + *

The AD group type. For details, see Active Directory security group type.

+ * @public + */ + GroupType?: GroupType; + + /** + *

The scope of the AD group. For details, see Active Directory security groups.

+ * @public + */ + GroupScope?: GroupScope; + + /** + *

The attribute values that are returned for the attribute names that are included in the + * request.

+ * @public + */ + OtherAttributes?: Record; +} + +/** + * @public + */ +export interface DescribeUserRequest { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

One or more attribute names to be returned for the user. A key is an attribute name, and + * the value is a list of maps. For a list of supported attributes, see Directory Service Data Attributes.

+ * @public + */ + OtherAttributes?: string[]; + + /** + *

The domain name that's associated with the user.

+ * + *

This parameter is optional, so you can return users outside your Managed Microsoft AD domain. + * When no value is defined, only your Managed Microsoft AD users are returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; +} + +/** + * @public + */ +export interface DescribeUserResult { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain name that's associated with the user.

+ * @public + */ + Realm?: string; + + /** + *

The unique security identifier (SID) of the user.

+ * @public + */ + SID?: string; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName?: string; + + /** + *

The distinguished name of the object.

+ * @public + */ + DistinguishedName?: string; + + /** + *

The UPN that is an Internet-style login name for a user and is based on the Internet + * standard RFC 822. The UPN is shorter + * than the distinguished name and easier to remember.

+ * @public + */ + UserPrincipalName?: string; + + /** + *

The email address of the user.

+ * @public + */ + EmailAddress?: string; + + /** + *

The first name of the user.

+ * @public + */ + GivenName?: string; + + /** + *

The last name of the user.

+ * @public + */ + Surname?: string; + + /** + *

Indicates whether the user account is active.

+ * @public + */ + Enabled?: boolean; + + /** + *

The attribute values that are returned for the attribute names that are included in the + * request.

+ * + *

Attribute names are case insensitive.

+ *
+ * @public + */ + OtherAttributes?: Record; +} + +/** + * @public + */ +export interface DisableUserRequest { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface DisableUserResult {} + +/** + * @public + */ +export interface ListGroupMembersRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The domain name that's associated with the group.

+ * + *

This parameter is optional, so you can return members from a group outside of your + * Managed Microsoft AD domain. When no value is defined, only members of your Managed Microsoft AD groups are + * returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; + + /** + *

The domain name that's associated with the group member. This parameter defaults to the + * Managed Microsoft AD domain.

+ * + *

This parameter is optional and case insensitive.

+ *
+ * @public + */ + MemberRealm?: string; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; + + /** + *

The maximum number of results to be returned per request.

+ * @public + */ + MaxResults?: number; +} + +/** + * @public + * @enum + */ +export const MemberType = { + COMPUTER: "COMPUTER", + GROUP: "GROUP", + USER: "USER", +} as const; + +/** + * @public + */ +export type MemberType = (typeof MemberType)[keyof typeof MemberType]; + +/** + *

A member object that contains identifying information for a specified member.

+ * @public + */ +export interface Member { + /** + *

The unique security identifier (SID) of the group member.

+ * @public + */ + SID: string | undefined; + + /** + *

The name of the group member.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The AD type of the member object.

+ * @public + */ + MemberType: MemberType | undefined; +} + +/** + * @public + */ +export interface ListGroupMembersResult { + /** + *

Identifier (ID) of the directory associated with the group.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain name that's associated with the group.

+ * @public + */ + Realm?: string; + + /** + *

The domain name that's associated with the member.

+ * @public + */ + MemberRealm?: string; + + /** + *

The member information that the request returns.

+ * @public + */ + Members?: Member[]; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; +} + +/** + * @public + */ +export interface ListGroupsRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The domain name associated with the directory.

+ * + *

This parameter is optional, so you can return groups outside of your Managed Microsoft AD + * domain. When no value is defined, only your Managed Microsoft AD groups are returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; + + /** + *

The maximum number of results to be returned per request.

+ * @public + */ + MaxResults?: number; +} + +/** + *

A structure containing a subset of fields of a group object from a directory.

+ * @public + */ +export interface GroupSummary { + /** + *

The unique security identifier (SID) of the group.

+ * @public + */ + SID: string | undefined; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The AD group type. For details, see Active Directory security group type.

+ * @public + */ + GroupType: GroupType | undefined; + + /** + *

The scope of the AD group. For details, see Active Directory security groups.

+ * @public + */ + GroupScope: GroupScope | undefined; +} + +/** + * @public + */ +export interface ListGroupsResult { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain name associated with the group.

+ * @public + */ + Realm?: string; + + /** + *

The group information that the request returns.

+ * @public + */ + Groups?: GroupSummary[]; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; +} + +/** + * @public + */ +export interface ListGroupsForMemberRequest { + /** + *

The identifier (ID) of the directory that's associated with the member.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The domain name that's associated with the group.

+ * + *

This parameter is optional, so you can return groups outside of your Managed Microsoft AD + * domain. When no value is defined, only your Managed Microsoft AD groups are returned.

+ *

This value is case insensitive and defaults to your Managed Microsoft AD domain.

+ *
+ * @public + */ + Realm?: string; + + /** + *

The domain name that's associated with the group member.

+ * + *

This parameter is optional, so you can limit your results to the group members in a + * specific domain.

+ *

This parameter is case insensitive and defaults to Realm + *

+ *
+ * @public + */ + MemberRealm?: string; + + /** + *

The SAMAccountName of the user, group, or computer that's a member of the + * group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; + + /** + *

The maximum number of results to be returned per request.

+ * @public + */ + MaxResults?: number; +} + +/** + * @public + */ +export interface ListGroupsForMemberResult { + /** + *

The identifier (ID) of the directory that's associated with the member.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain that's associated with the group.

+ * @public + */ + Realm?: string; + + /** + *

The domain that's associated with the member.

+ * @public + */ + MemberRealm?: string; + + /** + *

The group information that the request returns.

+ * @public + */ + Groups?: GroupSummary[]; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; +} + +/** + * @public + */ +export interface ListUsersRequest { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The domain name that's associated with the user.

+ * + *

This parameter is optional, so you can return users outside of your Managed Microsoft AD + * domain. When no value is defined, only your Managed Microsoft AD users are returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; + + /** + *

The maximum number of results to be returned per request.

+ * @public + */ + MaxResults?: number; +} + +/** + *

A structure containing a subset of the fields of a user object from a directory.

+ * @public + */ +export interface UserSummary { + /** + *

The unique security identifier (SID) of the user.

+ * @public + */ + SID: string | undefined; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The first name of the user.

+ * @public + */ + GivenName?: string; + + /** + *

The last name of the user.

+ * @public + */ + Surname?: string; + + /** + *

Indicates whether the user account is active.

+ * @public + */ + Enabled: boolean | undefined; +} + +/** + * @public + */ +export interface ListUsersResult { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain that's associated with the user.

+ * @public + */ + Realm?: string; + + /** + *

The user information that the request returns.

+ * @public + */ + Users?: UserSummary[]; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; +} + +/** + * @public + */ +export interface RemoveGroupMemberRequest { + /** + *

The identifier (ID) of the directory that's associated with the member.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the group.

+ * @public + */ + GroupName: string | undefined; + + /** + *

The SAMAccountName of the user, group, or computer to remove from the group. + *

+ * @public + */ + MemberName: string | undefined; + + /** + *

The domain name that's associated with the group member. This parameter defaults to the + * Managed Microsoft AD domain.

+ * + *

This parameter is optional and case insensitive.

+ *
+ * @public + */ + MemberRealm?: string; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface RemoveGroupMemberResult {} + +/** + * @public + */ +export interface SearchGroupsRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The attribute value that you want to search for.

+ * + *

Wildcard (*) searches aren't supported. For a list of supported + * attributes, see Directory Service Data + * Attributes.

+ *
+ * @public + */ + SearchString: string | undefined; + + /** + *

One or more data attributes that are used to search for a group. For a list of supported + * attributes, see Directory Service Data Attributes. + *

+ * @public + */ + SearchAttributes: string[] | undefined; + + /** + *

The domain name that's associated with the group.

+ * + *

This parameter is optional, so you can return groups outside of your Managed Microsoft AD + * domain. When no value is defined, only your Managed Microsoft AD groups are returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; + + /** + *

The maximum number of results to be returned per request.

+ * @public + */ + MaxResults?: number; +} + +/** + *

A group object that contains identifying information and attributes for a specified + * group.

+ * @public + */ +export interface Group { + /** + *

The unique security identifier (SID) of the group.

+ * @public + */ + SID?: string; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The distinguished name of the object.

+ * @public + */ + DistinguishedName?: string; + + /** + *

The AD group type. For details, see Active Directory security group type.

+ * @public + */ + GroupType?: GroupType; + + /** + *

The scope of the AD group. For details, see Active Directory security groups + *

+ * @public + */ + GroupScope?: GroupScope; + + /** + *

An expression of one or more attributes, data types, and the values of a group.

+ * @public + */ + OtherAttributes?: Record; +} + +/** + * @public + */ +export interface SearchGroupsResult { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain that's associated with the group.

+ * @public + */ + Realm?: string; + + /** + *

The group information that the request returns.

+ * @public + */ + Groups?: Group[]; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; +} + +/** + * @public + */ +export interface SearchUsersRequest { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The domain name that's associated with the user.

+ * + *

This parameter is optional, so you can return users outside of your Managed Microsoft AD + * domain. When no value is defined, only your Managed Microsoft AD users are returned.

+ *

This value is case insensitive.

+ *
+ * @public + */ + Realm?: string; + + /** + *

The attribute value that you want to search for.

+ * + *

Wildcard (*) searches aren't supported. For a list of supported + * attributes, see Directory Service Data + * Attributes.

+ *
+ * @public + */ + SearchString: string | undefined; + + /** + *

One or more data attributes that are used to search for a user. For a list of supported + * attributes, see Directory Service Data Attributes. + *

+ * @public + */ + SearchAttributes: string[] | undefined; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; + + /** + *

The maximum number of results to be returned per request.

+ * @public + */ + MaxResults?: number; +} + +/** + *

A user object that contains identifying information and attributes for a specified user. + *

+ * @public + */ +export interface User { + /** + *

The unique security identifier (SID) of the user.

+ * @public + */ + SID?: string; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The distinguished name of the object.

+ * @public + */ + DistinguishedName?: string; + + /** + *

The UPN that is an internet-style login name for a user and based on the internet + * standard RFC 822. The UPN is shorter + * than the distinguished name and easier to remember.

+ * @public + */ + UserPrincipalName?: string; + + /** + *

The email address of the user.

+ * @public + */ + EmailAddress?: string; + + /** + *

The first name of the user.

+ * @public + */ + GivenName?: string; + + /** + *

The last name of the user.

+ * @public + */ + Surname?: string; + + /** + *

Indicates whether the user account is active.

+ * @public + */ + Enabled?: boolean; + + /** + *

An expression that includes one or more attributes, data types, and values of a + * user.

+ * @public + */ + OtherAttributes?: Record; +} + +/** + * @public + */ +export interface SearchUsersResult { + /** + *

The identifier (ID) of the directory where the address block is added.

+ * @public + */ + DirectoryId?: string; + + /** + *

The domain that's associated with the user.

+ * @public + */ + Realm?: string; + + /** + *

The user information that the request returns.

+ * @public + */ + Users?: User[]; + + /** + *

An encoded paging token for paginated calls that can be passed back to retrieve the next + * page.

+ * @public + */ + NextToken?: string; +} + +/** + * @public + * @enum + */ +export const UpdateType = { + ADD: "ADD", + REMOVE: "REMOVE", + REPLACE: "REPLACE", +} as const; + +/** + * @public + */ +export type UpdateType = (typeof UpdateType)[keyof typeof UpdateType]; + +/** + * @public + */ +export interface UpdateGroupRequest { + /** + *

The identifier (ID) of the directory that's associated with the group.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the group.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The AD group type. For details, see Active Directory security group type.

+ * @public + */ + GroupType?: GroupType; + + /** + *

The scope of the AD group. For details, see Active Directory security groups.

+ * @public + */ + GroupScope?: GroupScope; + + /** + *

An expression that defines one or more attributes with the data type and the value of + * each attribute.

+ * @public + */ + OtherAttributes?: Record; + + /** + *

The type of update to be performed. If no value exists for the attribute, use + * ADD. Otherwise, use REPLACE to change an attribute value or + * REMOVE to clear the attribute value.

+ * @public + */ + UpdateType?: UpdateType; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface UpdateGroupResult {} + +/** + * @public + */ +export interface UpdateUserRequest { + /** + *

The identifier (ID) of the directory that's associated with the user.

+ * @public + */ + DirectoryId: string | undefined; + + /** + *

The name of the user.

+ * @public + */ + SAMAccountName: string | undefined; + + /** + *

The email address of the user.

+ * @public + */ + EmailAddress?: string; + + /** + *

The first name of the user.

+ * @public + */ + GivenName?: string; + + /** + *

The last name of the user.

+ * @public + */ + Surname?: string; + + /** + *

An expression that defines one or more attribute names with the data type and value of + * each attribute. A key is an attribute name, and the value is a list of maps. For a list of + * supported attributes, see Directory Service Data Attributes.

+ * + *

Attribute names are case insensitive.

+ *
+ * @public + */ + OtherAttributes?: Record; + + /** + *

The type of update to be performed. If no value exists for the attribute, use + * ADD. Otherwise, use REPLACE to change an attribute value or + * REMOVE to clear the attribute value.

+ * @public + */ + UpdateType?: UpdateType; + + /** + *

A unique and case-sensitive identifier that you provide to make sure the idempotency of + * the request, so multiple identical calls have the same effect as one single call.

+ *

A client token is valid for 8 hours after the first request that uses it completes. After + * 8 hours, any request with the same client token is treated as a new request. If the request + * succeeds, any future uses of that token will be idempotent for another 8 hours.

+ *

If you submit a request with the same client token but change one of the other parameters + * within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

+ * + *

This parameter is optional when using the CLI or SDK.

+ *
+ * @public + */ + ClientToken?: string; +} + +/** + * @public + */ +export interface UpdateUserResult {} + +/** + * @internal + */ +export const AttributeValueFilterSensitiveLog = (obj: AttributeValue): any => { + if (obj.S !== undefined) return { S: SENSITIVE_STRING }; + if (obj.N !== undefined) return { N: SENSITIVE_STRING }; + if (obj.BOOL !== undefined) return { BOOL: SENSITIVE_STRING }; + if (obj.SS !== undefined) return { SS: SENSITIVE_STRING }; + if (obj.$unknown !== undefined) return { [obj.$unknown[0]]: "UNKNOWN" }; +}; + +/** + * @internal + */ +export const CreateGroupRequestFilterSensitiveLog = (obj: CreateGroupRequest): any => ({ + ...obj, + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const CreateUserRequestFilterSensitiveLog = (obj: CreateUserRequest): any => ({ + ...obj, + ...(obj.EmailAddress && { EmailAddress: SENSITIVE_STRING }), + ...(obj.GivenName && { GivenName: SENSITIVE_STRING }), + ...(obj.Surname && { Surname: SENSITIVE_STRING }), + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const DescribeGroupResultFilterSensitiveLog = (obj: DescribeGroupResult): any => ({ + ...obj, + ...(obj.DistinguishedName && { DistinguishedName: SENSITIVE_STRING }), + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const DescribeUserResultFilterSensitiveLog = (obj: DescribeUserResult): any => ({ + ...obj, + ...(obj.DistinguishedName && { DistinguishedName: SENSITIVE_STRING }), + ...(obj.UserPrincipalName && { UserPrincipalName: SENSITIVE_STRING }), + ...(obj.EmailAddress && { EmailAddress: SENSITIVE_STRING }), + ...(obj.GivenName && { GivenName: SENSITIVE_STRING }), + ...(obj.Surname && { Surname: SENSITIVE_STRING }), + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const ListGroupMembersRequestFilterSensitiveLog = (obj: ListGroupMembersRequest): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListGroupMembersResultFilterSensitiveLog = (obj: ListGroupMembersResult): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListGroupsRequestFilterSensitiveLog = (obj: ListGroupsRequest): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListGroupsResultFilterSensitiveLog = (obj: ListGroupsResult): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListGroupsForMemberRequestFilterSensitiveLog = (obj: ListGroupsForMemberRequest): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListGroupsForMemberResultFilterSensitiveLog = (obj: ListGroupsForMemberResult): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListUsersRequestFilterSensitiveLog = (obj: ListUsersRequest): any => ({ + ...obj, + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const UserSummaryFilterSensitiveLog = (obj: UserSummary): any => ({ + ...obj, + ...(obj.GivenName && { GivenName: SENSITIVE_STRING }), + ...(obj.Surname && { Surname: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListUsersResultFilterSensitiveLog = (obj: ListUsersResult): any => ({ + ...obj, + ...(obj.Users && { Users: obj.Users.map((item) => UserSummaryFilterSensitiveLog(item)) }), + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const SearchGroupsRequestFilterSensitiveLog = (obj: SearchGroupsRequest): any => ({ + ...obj, + ...(obj.SearchString && { SearchString: SENSITIVE_STRING }), + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const GroupFilterSensitiveLog = (obj: Group): any => ({ + ...obj, + ...(obj.DistinguishedName && { DistinguishedName: SENSITIVE_STRING }), + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const SearchGroupsResultFilterSensitiveLog = (obj: SearchGroupsResult): any => ({ + ...obj, + ...(obj.Groups && { Groups: obj.Groups.map((item) => GroupFilterSensitiveLog(item)) }), + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const SearchUsersRequestFilterSensitiveLog = (obj: SearchUsersRequest): any => ({ + ...obj, + ...(obj.SearchString && { SearchString: SENSITIVE_STRING }), + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const UserFilterSensitiveLog = (obj: User): any => ({ + ...obj, + ...(obj.DistinguishedName && { DistinguishedName: SENSITIVE_STRING }), + ...(obj.UserPrincipalName && { UserPrincipalName: SENSITIVE_STRING }), + ...(obj.EmailAddress && { EmailAddress: SENSITIVE_STRING }), + ...(obj.GivenName && { GivenName: SENSITIVE_STRING }), + ...(obj.Surname && { Surname: SENSITIVE_STRING }), + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const SearchUsersResultFilterSensitiveLog = (obj: SearchUsersResult): any => ({ + ...obj, + ...(obj.Users && { Users: obj.Users.map((item) => UserFilterSensitiveLog(item)) }), + ...(obj.NextToken && { NextToken: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const UpdateGroupRequestFilterSensitiveLog = (obj: UpdateGroupRequest): any => ({ + ...obj, + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); + +/** + * @internal + */ +export const UpdateUserRequestFilterSensitiveLog = (obj: UpdateUserRequest): any => ({ + ...obj, + ...(obj.EmailAddress && { EmailAddress: SENSITIVE_STRING }), + ...(obj.GivenName && { GivenName: SENSITIVE_STRING }), + ...(obj.Surname && { Surname: SENSITIVE_STRING }), + ...(obj.OtherAttributes && { + OtherAttributes: Object.entries(obj.OtherAttributes).reduce( + (acc: any, [key, value]: [string, AttributeValue]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), + {} + ), + }), +}); diff --git a/clients/client-directory-service-data/src/pagination/Interfaces.ts b/clients/client-directory-service-data/src/pagination/Interfaces.ts new file mode 100644 index 000000000000..cbc76dc38bcf --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/Interfaces.ts @@ -0,0 +1,11 @@ +// smithy-typescript generated code +import { PaginationConfiguration } from "@smithy/types"; + +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; + +/** + * @public + */ +export interface DirectoryServiceDataPaginationConfiguration extends PaginationConfiguration { + client: DirectoryServiceDataClient; +} diff --git a/clients/client-directory-service-data/src/pagination/ListGroupMembersPaginator.ts b/clients/client-directory-service-data/src/pagination/ListGroupMembersPaginator.ts new file mode 100644 index 000000000000..71613bea1f9e --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/ListGroupMembersPaginator.ts @@ -0,0 +1,24 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { + ListGroupMembersCommand, + ListGroupMembersCommandInput, + ListGroupMembersCommandOutput, +} from "../commands/ListGroupMembersCommand"; +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; +import { DirectoryServiceDataPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateListGroupMembers: ( + config: DirectoryServiceDataPaginationConfiguration, + input: ListGroupMembersCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + DirectoryServiceDataPaginationConfiguration, + ListGroupMembersCommandInput, + ListGroupMembersCommandOutput +>(DirectoryServiceDataClient, ListGroupMembersCommand, "NextToken", "NextToken", "MaxResults"); diff --git a/clients/client-directory-service-data/src/pagination/ListGroupsForMemberPaginator.ts b/clients/client-directory-service-data/src/pagination/ListGroupsForMemberPaginator.ts new file mode 100644 index 000000000000..6b10d63c1aa1 --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/ListGroupsForMemberPaginator.ts @@ -0,0 +1,24 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { + ListGroupsForMemberCommand, + ListGroupsForMemberCommandInput, + ListGroupsForMemberCommandOutput, +} from "../commands/ListGroupsForMemberCommand"; +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; +import { DirectoryServiceDataPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateListGroupsForMember: ( + config: DirectoryServiceDataPaginationConfiguration, + input: ListGroupsForMemberCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + DirectoryServiceDataPaginationConfiguration, + ListGroupsForMemberCommandInput, + ListGroupsForMemberCommandOutput +>(DirectoryServiceDataClient, ListGroupsForMemberCommand, "NextToken", "NextToken", "MaxResults"); diff --git a/clients/client-directory-service-data/src/pagination/ListGroupsPaginator.ts b/clients/client-directory-service-data/src/pagination/ListGroupsPaginator.ts new file mode 100644 index 000000000000..464d3cf6b497 --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/ListGroupsPaginator.ts @@ -0,0 +1,20 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { ListGroupsCommand, ListGroupsCommandInput, ListGroupsCommandOutput } from "../commands/ListGroupsCommand"; +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; +import { DirectoryServiceDataPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateListGroups: ( + config: DirectoryServiceDataPaginationConfiguration, + input: ListGroupsCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + DirectoryServiceDataPaginationConfiguration, + ListGroupsCommandInput, + ListGroupsCommandOutput +>(DirectoryServiceDataClient, ListGroupsCommand, "NextToken", "NextToken", "MaxResults"); diff --git a/clients/client-directory-service-data/src/pagination/ListUsersPaginator.ts b/clients/client-directory-service-data/src/pagination/ListUsersPaginator.ts new file mode 100644 index 000000000000..c6ccd75c2c49 --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/ListUsersPaginator.ts @@ -0,0 +1,20 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { ListUsersCommand, ListUsersCommandInput, ListUsersCommandOutput } from "../commands/ListUsersCommand"; +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; +import { DirectoryServiceDataPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateListUsers: ( + config: DirectoryServiceDataPaginationConfiguration, + input: ListUsersCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + DirectoryServiceDataPaginationConfiguration, + ListUsersCommandInput, + ListUsersCommandOutput +>(DirectoryServiceDataClient, ListUsersCommand, "NextToken", "NextToken", "MaxResults"); diff --git a/clients/client-directory-service-data/src/pagination/SearchGroupsPaginator.ts b/clients/client-directory-service-data/src/pagination/SearchGroupsPaginator.ts new file mode 100644 index 000000000000..9846f0cd165a --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/SearchGroupsPaginator.ts @@ -0,0 +1,24 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { + SearchGroupsCommand, + SearchGroupsCommandInput, + SearchGroupsCommandOutput, +} from "../commands/SearchGroupsCommand"; +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; +import { DirectoryServiceDataPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateSearchGroups: ( + config: DirectoryServiceDataPaginationConfiguration, + input: SearchGroupsCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + DirectoryServiceDataPaginationConfiguration, + SearchGroupsCommandInput, + SearchGroupsCommandOutput +>(DirectoryServiceDataClient, SearchGroupsCommand, "NextToken", "NextToken", "MaxResults"); diff --git a/clients/client-directory-service-data/src/pagination/SearchUsersPaginator.ts b/clients/client-directory-service-data/src/pagination/SearchUsersPaginator.ts new file mode 100644 index 000000000000..8c770c612324 --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/SearchUsersPaginator.ts @@ -0,0 +1,20 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { SearchUsersCommand, SearchUsersCommandInput, SearchUsersCommandOutput } from "../commands/SearchUsersCommand"; +import { DirectoryServiceDataClient } from "../DirectoryServiceDataClient"; +import { DirectoryServiceDataPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateSearchUsers: ( + config: DirectoryServiceDataPaginationConfiguration, + input: SearchUsersCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + DirectoryServiceDataPaginationConfiguration, + SearchUsersCommandInput, + SearchUsersCommandOutput +>(DirectoryServiceDataClient, SearchUsersCommand, "NextToken", "NextToken", "MaxResults"); diff --git a/clients/client-directory-service-data/src/pagination/index.ts b/clients/client-directory-service-data/src/pagination/index.ts new file mode 100644 index 000000000000..6062161f8b01 --- /dev/null +++ b/clients/client-directory-service-data/src/pagination/index.ts @@ -0,0 +1,8 @@ +// smithy-typescript generated code +export * from "./Interfaces"; +export * from "./ListGroupMembersPaginator"; +export * from "./ListGroupsForMemberPaginator"; +export * from "./ListGroupsPaginator"; +export * from "./ListUsersPaginator"; +export * from "./SearchGroupsPaginator"; +export * from "./SearchUsersPaginator"; diff --git a/clients/client-directory-service-data/src/protocols/Aws_restJson1.ts b/clients/client-directory-service-data/src/protocols/Aws_restJson1.ts new file mode 100644 index 000000000000..5d7288375546 --- /dev/null +++ b/clients/client-directory-service-data/src/protocols/Aws_restJson1.ts @@ -0,0 +1,1139 @@ +// smithy-typescript generated code +import { loadRestJsonErrorCode, parseJsonBody as parseBody, parseJsonErrorBody as parseErrorBody } from "@aws-sdk/core"; +import { requestBuilder as rb } from "@smithy/core"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; +import { + _json, + collectBody, + decorateServiceException as __decorateServiceException, + expectBoolean as __expectBoolean, + expectNonNull as __expectNonNull, + expectObject as __expectObject, + expectString as __expectString, + extendedEncodeURIComponent as __extendedEncodeURIComponent, + map, + strictParseInt32 as __strictParseInt32, + take, + withBaseException, +} from "@smithy/smithy-client"; +import { + Endpoint as __Endpoint, + ResponseMetadata as __ResponseMetadata, + SerdeContext as __SerdeContext, +} from "@smithy/types"; +import { v4 as generateIdempotencyToken } from "uuid"; + +import { AddGroupMemberCommandInput, AddGroupMemberCommandOutput } from "../commands/AddGroupMemberCommand"; +import { CreateGroupCommandInput, CreateGroupCommandOutput } from "../commands/CreateGroupCommand"; +import { CreateUserCommandInput, CreateUserCommandOutput } from "../commands/CreateUserCommand"; +import { DeleteGroupCommandInput, DeleteGroupCommandOutput } from "../commands/DeleteGroupCommand"; +import { DeleteUserCommandInput, DeleteUserCommandOutput } from "../commands/DeleteUserCommand"; +import { DescribeGroupCommandInput, DescribeGroupCommandOutput } from "../commands/DescribeGroupCommand"; +import { DescribeUserCommandInput, DescribeUserCommandOutput } from "../commands/DescribeUserCommand"; +import { DisableUserCommandInput, DisableUserCommandOutput } from "../commands/DisableUserCommand"; +import { ListGroupMembersCommandInput, ListGroupMembersCommandOutput } from "../commands/ListGroupMembersCommand"; +import { ListGroupsCommandInput, ListGroupsCommandOutput } from "../commands/ListGroupsCommand"; +import { + ListGroupsForMemberCommandInput, + ListGroupsForMemberCommandOutput, +} from "../commands/ListGroupsForMemberCommand"; +import { ListUsersCommandInput, ListUsersCommandOutput } from "../commands/ListUsersCommand"; +import { RemoveGroupMemberCommandInput, RemoveGroupMemberCommandOutput } from "../commands/RemoveGroupMemberCommand"; +import { SearchGroupsCommandInput, SearchGroupsCommandOutput } from "../commands/SearchGroupsCommand"; +import { SearchUsersCommandInput, SearchUsersCommandOutput } from "../commands/SearchUsersCommand"; +import { UpdateGroupCommandInput, UpdateGroupCommandOutput } from "../commands/UpdateGroupCommand"; +import { UpdateUserCommandInput, UpdateUserCommandOutput } from "../commands/UpdateUserCommand"; +import { DirectoryServiceDataServiceException as __BaseException } from "../models/DirectoryServiceDataServiceException"; +import { + AccessDeniedException, + AttributeValue, + ConflictException, + DirectoryUnavailableException, + InternalServerException, + ResourceNotFoundException, + ThrottlingException, + ValidationException, +} from "../models/models_0"; + +/** + * serializeAws_restJson1AddGroupMemberCommand + */ +export const se_AddGroupMemberCommand = async ( + input: AddGroupMemberCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/GroupMemberships/AddGroupMember"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + GroupName: [], + MemberName: [], + MemberRealm: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1CreateGroupCommand + */ +export const se_CreateGroupCommand = async ( + input: CreateGroupCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Groups/CreateGroup"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + GroupScope: [], + GroupType: [], + OtherAttributes: (_) => _json(_), + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1CreateUserCommand + */ +export const se_CreateUserCommand = async ( + input: CreateUserCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/CreateUser"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + EmailAddress: [], + GivenName: [], + OtherAttributes: (_) => _json(_), + SAMAccountName: [], + Surname: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1DeleteGroupCommand + */ +export const se_DeleteGroupCommand = async ( + input: DeleteGroupCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Groups/DeleteGroup"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1DeleteUserCommand + */ +export const se_DeleteUserCommand = async ( + input: DeleteUserCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/DeleteUser"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1DescribeGroupCommand + */ +export const se_DescribeGroupCommand = async ( + input: DescribeGroupCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Groups/DescribeGroup"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + OtherAttributes: (_) => _json(_), + Realm: [], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1DescribeUserCommand + */ +export const se_DescribeUserCommand = async ( + input: DescribeUserCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/DescribeUser"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + OtherAttributes: (_) => _json(_), + Realm: [], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1DisableUserCommand + */ +export const se_DisableUserCommand = async ( + input: DisableUserCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/DisableUser"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1ListGroupMembersCommand + */ +export const se_ListGroupMembersCommand = async ( + input: ListGroupMembersCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/GroupMemberships/ListGroupMembers"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + MaxResults: [], + MemberRealm: [], + NextToken: [], + Realm: [], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1ListGroupsCommand + */ +export const se_ListGroupsCommand = async ( + input: ListGroupsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Groups/ListGroups"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + MaxResults: [], + NextToken: [], + Realm: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1ListGroupsForMemberCommand + */ +export const se_ListGroupsForMemberCommand = async ( + input: ListGroupsForMemberCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/GroupMemberships/ListGroupsForMember"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + MaxResults: [], + MemberRealm: [], + NextToken: [], + Realm: [], + SAMAccountName: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1ListUsersCommand + */ +export const se_ListUsersCommand = async ( + input: ListUsersCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/ListUsers"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + MaxResults: [], + NextToken: [], + Realm: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1RemoveGroupMemberCommand + */ +export const se_RemoveGroupMemberCommand = async ( + input: RemoveGroupMemberCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/GroupMemberships/RemoveGroupMember"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + GroupName: [], + MemberName: [], + MemberRealm: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1SearchGroupsCommand + */ +export const se_SearchGroupsCommand = async ( + input: SearchGroupsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Groups/SearchGroups"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + MaxResults: [], + NextToken: [], + Realm: [], + SearchAttributes: (_) => _json(_), + SearchString: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1SearchUsersCommand + */ +export const se_SearchUsersCommand = async ( + input: SearchUsersCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/SearchUsers"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + MaxResults: [], + NextToken: [], + Realm: [], + SearchAttributes: (_) => _json(_), + SearchString: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1UpdateGroupCommand + */ +export const se_UpdateGroupCommand = async ( + input: UpdateGroupCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Groups/UpdateGroup"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + GroupScope: [], + GroupType: [], + OtherAttributes: (_) => _json(_), + SAMAccountName: [], + UpdateType: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * serializeAws_restJson1UpdateUserCommand + */ +export const se_UpdateUserCommand = async ( + input: UpdateUserCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/Users/UpdateUser"); + const query: any = map({ + [_DI]: [, __expectNonNull(input[_DI]!, `DirectoryId`)], + }); + let body: any; + body = JSON.stringify( + take(input, { + ClientToken: [true, (_) => _ ?? generateIdempotencyToken()], + EmailAddress: [], + GivenName: [], + OtherAttributes: (_) => _json(_), + SAMAccountName: [], + Surname: [], + UpdateType: [], + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); +}; + +/** + * deserializeAws_restJson1AddGroupMemberCommand + */ +export const de_AddGroupMemberCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserializeAws_restJson1CreateGroupCommand + */ +export const de_CreateGroupCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + SAMAccountName: __expectString, + SID: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1CreateUserCommand + */ +export const de_CreateUserCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + SAMAccountName: __expectString, + SID: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1DeleteGroupCommand + */ +export const de_DeleteGroupCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserializeAws_restJson1DeleteUserCommand + */ +export const de_DeleteUserCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserializeAws_restJson1DescribeGroupCommand + */ +export const de_DescribeGroupCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + DistinguishedName: __expectString, + GroupScope: __expectString, + GroupType: __expectString, + OtherAttributes: _json, + Realm: __expectString, + SAMAccountName: __expectString, + SID: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1DescribeUserCommand + */ +export const de_DescribeUserCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + DistinguishedName: __expectString, + EmailAddress: __expectString, + Enabled: __expectBoolean, + GivenName: __expectString, + OtherAttributes: _json, + Realm: __expectString, + SAMAccountName: __expectString, + SID: __expectString, + Surname: __expectString, + UserPrincipalName: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1DisableUserCommand + */ +export const de_DisableUserCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserializeAws_restJson1ListGroupMembersCommand + */ +export const de_ListGroupMembersCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + MemberRealm: __expectString, + Members: _json, + NextToken: __expectString, + Realm: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1ListGroupsCommand + */ +export const de_ListGroupsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + Groups: _json, + NextToken: __expectString, + Realm: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1ListGroupsForMemberCommand + */ +export const de_ListGroupsForMemberCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + Groups: _json, + MemberRealm: __expectString, + NextToken: __expectString, + Realm: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1ListUsersCommand + */ +export const de_ListUsersCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + NextToken: __expectString, + Realm: __expectString, + Users: _json, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1RemoveGroupMemberCommand + */ +export const de_RemoveGroupMemberCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserializeAws_restJson1SearchGroupsCommand + */ +export const de_SearchGroupsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + Groups: _json, + NextToken: __expectString, + Realm: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1SearchUsersCommand + */ +export const de_SearchUsersCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + DirectoryId: __expectString, + NextToken: __expectString, + Realm: __expectString, + Users: _json, + }); + Object.assign(contents, doc); + return contents; +}; + +/** + * deserializeAws_restJson1UpdateGroupCommand + */ +export const de_UpdateGroupCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserializeAws_restJson1UpdateUserCommand + */ +export const de_UpdateUserCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +/** + * deserialize_Aws_restJson1CommandError + */ +const de_CommandError = async (output: __HttpResponse, context: __SerdeContext): Promise => { + const parsedOutput: any = { + ...output, + body: await parseErrorBody(output.body, context), + }; + const errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.directoryservicedata#AccessDeniedException": + throw await de_AccessDeniedExceptionRes(parsedOutput, context); + case "ConflictException": + case "com.amazonaws.directoryservicedata#ConflictException": + throw await de_ConflictExceptionRes(parsedOutput, context); + case "DirectoryUnavailableException": + case "com.amazonaws.directoryservicedata#DirectoryUnavailableException": + throw await de_DirectoryUnavailableExceptionRes(parsedOutput, context); + case "InternalServerException": + case "com.amazonaws.directoryservicedata#InternalServerException": + throw await de_InternalServerExceptionRes(parsedOutput, context); + case "ResourceNotFoundException": + case "com.amazonaws.directoryservicedata#ResourceNotFoundException": + throw await de_ResourceNotFoundExceptionRes(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.directoryservicedata#ThrottlingException": + throw await de_ThrottlingExceptionRes(parsedOutput, context); + case "ValidationException": + case "com.amazonaws.directoryservicedata#ValidationException": + throw await de_ValidationExceptionRes(parsedOutput, context); + default: + const parsedBody = parsedOutput.body; + return throwDefaultError({ + output, + parsedBody, + errorCode, + }) as never; + } +}; + +const throwDefaultError = withBaseException(__BaseException); +/** + * deserializeAws_restJson1AccessDeniedExceptionRes + */ +const de_AccessDeniedExceptionRes = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: any = map({}); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + Reason: __expectString, + }); + Object.assign(contents, doc); + const exception = new AccessDeniedException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +/** + * deserializeAws_restJson1ConflictExceptionRes + */ +const de_ConflictExceptionRes = async (parsedOutput: any, context: __SerdeContext): Promise => { + const contents: any = map({}); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + }); + Object.assign(contents, doc); + const exception = new ConflictException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +/** + * deserializeAws_restJson1DirectoryUnavailableExceptionRes + */ +const de_DirectoryUnavailableExceptionRes = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: any = map({}); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + Reason: __expectString, + }); + Object.assign(contents, doc); + const exception = new DirectoryUnavailableException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +/** + * deserializeAws_restJson1InternalServerExceptionRes + */ +const de_InternalServerExceptionRes = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: any = map({}); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + }); + Object.assign(contents, doc); + const exception = new InternalServerException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +/** + * deserializeAws_restJson1ResourceNotFoundExceptionRes + */ +const de_ResourceNotFoundExceptionRes = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: any = map({}); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + }); + Object.assign(contents, doc); + const exception = new ResourceNotFoundException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +/** + * deserializeAws_restJson1ThrottlingExceptionRes + */ +const de_ThrottlingExceptionRes = async (parsedOutput: any, context: __SerdeContext): Promise => { + const contents: any = map({ + [_RAS]: [() => void 0 !== parsedOutput.headers[_ra], () => __strictParseInt32(parsedOutput.headers[_ra])], + }); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + }); + Object.assign(contents, doc); + const exception = new ThrottlingException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +/** + * deserializeAws_restJson1ValidationExceptionRes + */ +const de_ValidationExceptionRes = async (parsedOutput: any, context: __SerdeContext): Promise => { + const contents: any = map({}); + const data: any = parsedOutput.body; + const doc = take(data, { + Message: __expectString, + Reason: __expectString, + }); + Object.assign(contents, doc); + const exception = new ValidationException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents, + }); + return __decorateServiceException(exception, parsedOutput.body); +}; + +// se_Attributes omitted. + +// se_AttributeValue omitted. + +// se_LdapDisplayNameList omitted. + +// se_StringSetAttributeValue omitted. + +// de_Attributes omitted. + +// de_AttributeValue omitted. + +// de_Group omitted. + +// de_GroupList omitted. + +// de_GroupSummary omitted. + +// de_GroupSummaryList omitted. + +// de_Member omitted. + +// de_MemberList omitted. + +// de_StringSetAttributeValue omitted. + +// de_User omitted. + +// de_UserList omitted. + +// de_UserSummary omitted. + +// de_UserSummaryList omitted. + +const deserializeMetadata = (output: __HttpResponse): __ResponseMetadata => ({ + httpStatusCode: output.statusCode, + requestId: + output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"], + extendedRequestId: output.headers["x-amz-id-2"], + cfId: output.headers["x-amz-cf-id"], +}); + +// Encode Uint8Array data into string with utf-8. +const collectBodyString = (streamBody: any, context: __SerdeContext): Promise => + collectBody(streamBody, context).then((body) => context.utf8Encoder(body)); + +const isSerializableHeaderValue = (value: any): boolean => + value !== undefined && + value !== null && + value !== "" && + (!Object.getOwnPropertyNames(value).includes("length") || value.length != 0) && + (!Object.getOwnPropertyNames(value).includes("size") || value.size != 0); + +const _DI = "DirectoryId"; +const _RAS = "RetryAfterSeconds"; +const _ra = "retry-after"; diff --git a/clients/client-directory-service-data/src/runtimeConfig.browser.ts b/clients/client-directory-service-data/src/runtimeConfig.browser.ts new file mode 100644 index 000000000000..82a8614eb8ef --- /dev/null +++ b/clients/client-directory-service-data/src/runtimeConfig.browser.ts @@ -0,0 +1,44 @@ +// smithy-typescript generated code +// @ts-ignore: package.json will be imported from dist folders +import packageInfo from "../package.json"; // eslint-disable-line + +import { Sha256 } from "@aws-crypto/sha256-browser"; +import { defaultUserAgent } from "@aws-sdk/util-user-agent-browser"; +import { DEFAULT_USE_DUALSTACK_ENDPOINT, DEFAULT_USE_FIPS_ENDPOINT } from "@smithy/config-resolver"; +import { FetchHttpHandler as RequestHandler, streamCollector } from "@smithy/fetch-http-handler"; +import { invalidProvider } from "@smithy/invalid-dependency"; +import { calculateBodyLength } from "@smithy/util-body-length-browser"; +import { DEFAULT_MAX_ATTEMPTS, DEFAULT_RETRY_MODE } from "@smithy/util-retry"; +import { DirectoryServiceDataClientConfig } from "./DirectoryServiceDataClient"; +import { getRuntimeConfig as getSharedRuntimeConfig } from "./runtimeConfig.shared"; +import { loadConfigsForDefaultMode } from "@smithy/smithy-client"; +import { resolveDefaultsModeConfig } from "@smithy/util-defaults-mode-browser"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: DirectoryServiceDataClientConfig) => { + const defaultsMode = resolveDefaultsModeConfig(config); + const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode); + const clientSharedValues = getSharedRuntimeConfig(config); + return { + ...clientSharedValues, + ...config, + runtime: "browser", + defaultsMode, + bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength, + credentialDefaultProvider: + config?.credentialDefaultProvider ?? ((_: unknown) => () => Promise.reject(new Error("Credential is missing"))), + defaultUserAgentProvider: + config?.defaultUserAgentProvider ?? + defaultUserAgent({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }), + maxAttempts: config?.maxAttempts ?? DEFAULT_MAX_ATTEMPTS, + region: config?.region ?? invalidProvider("Region is missing"), + requestHandler: RequestHandler.create(config?.requestHandler ?? defaultConfigProvider), + retryMode: config?.retryMode ?? (async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE), + sha256: config?.sha256 ?? Sha256, + streamCollector: config?.streamCollector ?? streamCollector, + useDualstackEndpoint: config?.useDualstackEndpoint ?? (() => Promise.resolve(DEFAULT_USE_DUALSTACK_ENDPOINT)), + useFipsEndpoint: config?.useFipsEndpoint ?? (() => Promise.resolve(DEFAULT_USE_FIPS_ENDPOINT)), + }; +}; diff --git a/clients/client-directory-service-data/src/runtimeConfig.native.ts b/clients/client-directory-service-data/src/runtimeConfig.native.ts new file mode 100644 index 000000000000..2291e84ab4e9 --- /dev/null +++ b/clients/client-directory-service-data/src/runtimeConfig.native.ts @@ -0,0 +1,18 @@ +// smithy-typescript generated code +import { Sha256 } from "@aws-crypto/sha256-js"; + +import { DirectoryServiceDataClientConfig } from "./DirectoryServiceDataClient"; +import { getRuntimeConfig as getBrowserRuntimeConfig } from "./runtimeConfig.browser"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: DirectoryServiceDataClientConfig) => { + const browserDefaults = getBrowserRuntimeConfig(config); + return { + ...browserDefaults, + ...config, + runtime: "react-native", + sha256: config?.sha256 ?? Sha256, + }; +}; diff --git a/clients/client-directory-service-data/src/runtimeConfig.shared.ts b/clients/client-directory-service-data/src/runtimeConfig.shared.ts new file mode 100644 index 000000000000..2ec2370c4b3d --- /dev/null +++ b/clients/client-directory-service-data/src/runtimeConfig.shared.ts @@ -0,0 +1,38 @@ +// smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; +import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; +import { parseUrl } from "@smithy/url-parser"; +import { fromBase64, toBase64 } from "@smithy/util-base64"; +import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; + +import { defaultDirectoryServiceDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; +import { DirectoryServiceDataClientConfig } from "./DirectoryServiceDataClient"; +import { defaultEndpointResolver } from "./endpoint/endpointResolver"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: DirectoryServiceDataClientConfig) => { + return { + apiVersion: "2023-05-31", + base64Decoder: config?.base64Decoder ?? fromBase64, + base64Encoder: config?.base64Encoder ?? toBase64, + disableHostPrefix: config?.disableHostPrefix ?? false, + endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, + extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDirectoryServiceDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], + logger: config?.logger ?? new NoOpLogger(), + serviceId: config?.serviceId ?? "Directory Service Data", + urlParser: config?.urlParser ?? parseUrl, + utf8Decoder: config?.utf8Decoder ?? fromUtf8, + utf8Encoder: config?.utf8Encoder ?? toUtf8, + }; +}; diff --git a/clients/client-directory-service-data/src/runtimeConfig.ts b/clients/client-directory-service-data/src/runtimeConfig.ts new file mode 100644 index 000000000000..43b5ea84df9b --- /dev/null +++ b/clients/client-directory-service-data/src/runtimeConfig.ts @@ -0,0 +1,59 @@ +// smithy-typescript generated code +// @ts-ignore: package.json will be imported from dist folders +import packageInfo from "../package.json"; // eslint-disable-line + +import { emitWarningIfUnsupportedVersion as awsCheckVersion } from "@aws-sdk/core"; +import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node"; +import { defaultUserAgent } from "@aws-sdk/util-user-agent-node"; +import { + NODE_REGION_CONFIG_FILE_OPTIONS, + NODE_REGION_CONFIG_OPTIONS, + NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, + NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, +} from "@smithy/config-resolver"; +import { Hash } from "@smithy/hash-node"; +import { NODE_MAX_ATTEMPT_CONFIG_OPTIONS, NODE_RETRY_MODE_CONFIG_OPTIONS } from "@smithy/middleware-retry"; +import { loadConfig as loadNodeConfig } from "@smithy/node-config-provider"; +import { NodeHttpHandler as RequestHandler, streamCollector } from "@smithy/node-http-handler"; +import { calculateBodyLength } from "@smithy/util-body-length-node"; +import { DEFAULT_RETRY_MODE } from "@smithy/util-retry"; +import { DirectoryServiceDataClientConfig } from "./DirectoryServiceDataClient"; +import { getRuntimeConfig as getSharedRuntimeConfig } from "./runtimeConfig.shared"; +import { loadConfigsForDefaultMode } from "@smithy/smithy-client"; +import { resolveDefaultsModeConfig } from "@smithy/util-defaults-mode-node"; +import { emitWarningIfUnsupportedVersion } from "@smithy/smithy-client"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: DirectoryServiceDataClientConfig) => { + emitWarningIfUnsupportedVersion(process.version); + const defaultsMode = resolveDefaultsModeConfig(config); + const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode); + const clientSharedValues = getSharedRuntimeConfig(config); + awsCheckVersion(process.version); + return { + ...clientSharedValues, + ...config, + runtime: "node", + defaultsMode, + bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength, + credentialDefaultProvider: config?.credentialDefaultProvider ?? credentialDefaultProvider, + defaultUserAgentProvider: + config?.defaultUserAgentProvider ?? + defaultUserAgent({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }), + maxAttempts: config?.maxAttempts ?? loadNodeConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS), + region: config?.region ?? loadNodeConfig(NODE_REGION_CONFIG_OPTIONS, NODE_REGION_CONFIG_FILE_OPTIONS), + requestHandler: RequestHandler.create(config?.requestHandler ?? defaultConfigProvider), + retryMode: + config?.retryMode ?? + loadNodeConfig({ + ...NODE_RETRY_MODE_CONFIG_OPTIONS, + default: async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE, + }), + sha256: config?.sha256 ?? Hash.bind(null, "sha256"), + streamCollector: config?.streamCollector ?? streamCollector, + useDualstackEndpoint: config?.useDualstackEndpoint ?? loadNodeConfig(NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS), + useFipsEndpoint: config?.useFipsEndpoint ?? loadNodeConfig(NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS), + }; +}; diff --git a/clients/client-directory-service-data/src/runtimeExtensions.ts b/clients/client-directory-service-data/src/runtimeExtensions.ts new file mode 100644 index 000000000000..ade466242fa9 --- /dev/null +++ b/clients/client-directory-service-data/src/runtimeExtensions.ts @@ -0,0 +1,48 @@ +// smithy-typescript generated code +import { + getAwsRegionExtensionConfiguration, + resolveAwsRegionExtensionConfiguration, +} from "@aws-sdk/region-config-resolver"; +import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; +import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; + +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; +import { DirectoryServiceDataExtensionConfiguration } from "./extensionConfiguration"; + +/** + * @public + */ +export interface RuntimeExtension { + configure(extensionConfiguration: DirectoryServiceDataExtensionConfiguration): void; +} + +/** + * @public + */ +export interface RuntimeExtensionsConfig { + extensions: RuntimeExtension[]; +} + +const asPartial = >(t: T) => t; + +/** + * @internal + */ +export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: RuntimeExtension[]) => { + const extensionConfiguration: DirectoryServiceDataExtensionConfiguration = { + ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), + ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), + }; + + extensions.forEach((extension) => extension.configure(extensionConfiguration)); + + return { + ...runtimeConfig, + ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), + ...resolveDefaultRuntimeConfig(extensionConfiguration), + ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), + }; +}; diff --git a/clients/client-directory-service-data/tsconfig.cjs.json b/clients/client-directory-service-data/tsconfig.cjs.json new file mode 100644 index 000000000000..3567d85ba846 --- /dev/null +++ b/clients/client-directory-service-data/tsconfig.cjs.json @@ -0,0 +1,6 @@ +{ + "extends": "./tsconfig", + "compilerOptions": { + "outDir": "dist-cjs" + } +} diff --git a/clients/client-directory-service-data/tsconfig.es.json b/clients/client-directory-service-data/tsconfig.es.json new file mode 100644 index 000000000000..809f57bde65e --- /dev/null +++ b/clients/client-directory-service-data/tsconfig.es.json @@ -0,0 +1,8 @@ +{ + "extends": "./tsconfig", + "compilerOptions": { + "lib": ["dom"], + "module": "esnext", + "outDir": "dist-es" + } +} diff --git a/clients/client-directory-service-data/tsconfig.json b/clients/client-directory-service-data/tsconfig.json new file mode 100644 index 000000000000..e7f5ec56b742 --- /dev/null +++ b/clients/client-directory-service-data/tsconfig.json @@ -0,0 +1,13 @@ +{ + "extends": "@tsconfig/node16/tsconfig.json", + "compilerOptions": { + "downlevelIteration": true, + "importHelpers": true, + "incremental": true, + "removeComments": true, + "resolveJsonModule": true, + "rootDir": "src", + "useUnknownInCatchVariables": false + }, + "exclude": ["test/"] +} diff --git a/clients/client-directory-service-data/tsconfig.types.json b/clients/client-directory-service-data/tsconfig.types.json new file mode 100644 index 000000000000..4c3dfa7b3d25 --- /dev/null +++ b/clients/client-directory-service-data/tsconfig.types.json @@ -0,0 +1,10 @@ +{ + "extends": "./tsconfig", + "compilerOptions": { + "removeComments": false, + "declaration": true, + "declarationDir": "dist-types", + "emitDeclarationOnly": true + }, + "exclude": ["test/**/*", "dist-types/**/*"] +} diff --git a/codegen/sdk-codegen/aws-models/directory-service-data.json b/codegen/sdk-codegen/aws-models/directory-service-data.json new file mode 100644 index 000000000000..90fd3affcfc8 --- /dev/null +++ b/codegen/sdk-codegen/aws-models/directory-service-data.json @@ -0,0 +1,3464 @@ +{ + "smithy": "2.0", + "shapes": { + "com.amazonaws.directoryservicedata#AccessDeniedException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage" + }, + "Reason": { + "target": "com.amazonaws.directoryservicedata#AccessDeniedReason", + "traits": { + "smithy.api#documentation": "

Reason the request was unauthorized.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

You don't have permission to perform the request or access the directory. It can also\n occur when the DirectoryId doesn't exist or the user, member, or group might be\n outside of your organizational unit (OU).

\n

Make sure that you have the authentication and authorization to perform the action.\n Review the directory information in the request, and make sure that the object isn't outside\n of your OU.

", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, + "com.amazonaws.directoryservicedata#AccessDeniedReason": { + "type": "enum", + "members": { + "IAM_AUTH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IAM_AUTH" + } + }, + "DIRECTORY_AUTH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DIRECTORY_AUTH" + } + }, + "DATA_DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DATA_DISABLED" + } + } + } + }, + "com.amazonaws.directoryservicedata#AddGroupMember": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#AddGroupMemberRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#AddGroupMemberResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Adds an existing user, group, or computer as a group member.

", + "smithy.api#http": { + "uri": "/GroupMemberships/AddGroupMember", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#AddGroupMemberRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "GroupName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "MemberName": { + "target": "com.amazonaws.directoryservicedata#MemberName", + "traits": { + "smithy.api#documentation": "

The SAMAccountName of the user, group, or computer to add as a group member.\n

", + "smithy.api#required": {} + } + }, + "MemberRealm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group member. This parameter is required only\n when adding a member outside of your Managed Microsoft AD domain to a group inside of your\n Managed Microsoft AD domain. This parameter defaults to the Managed Microsoft AD domain.

\n \n

This parameter is case insensitive.

\n
" + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#AddGroupMemberResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#AttributeValue": { + "type": "union", + "members": { + "S": { + "target": "com.amazonaws.directoryservicedata#StringAttributeValue", + "traits": { + "smithy.api#documentation": "

Indicates that the attribute type value is a string. For example:

\n

\n \"S\": \"S Group\"\n

" + } + }, + "N": { + "target": "com.amazonaws.directoryservicedata#NumberAttributeValue", + "traits": { + "smithy.api#documentation": "

Indicates that the attribute type value is a number. For example:

\n

\n \"N\": \"16\"\n

" + } + }, + "BOOL": { + "target": "com.amazonaws.directoryservicedata#BooleanAttributeValue", + "traits": { + "smithy.api#documentation": "

Indicates that the attribute type value is a boolean. For example:

\n

\n \"BOOL\": true\n

" + } + }, + "SS": { + "target": "com.amazonaws.directoryservicedata#StringSetAttributeValue", + "traits": { + "smithy.api#documentation": "

Indicates that the attribute type value is a string set. For example:

\n

\n \"SS\": [\"sample_service_class/host.sample.com:1234/sample_service_name_1\",\n \"sample_service_class/host.sample.com:1234/sample_service_name_2\"]\n

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The data type for an attribute. Each attribute value is described as a name-value pair.\n The name is the AD schema name, and the value is the data itself. For a list of supported\n attributes, see Directory Service Data Attributes.\n

" + } + }, + "com.amazonaws.directoryservicedata#Attributes": { + "type": "map", + "key": { + "target": "com.amazonaws.directoryservicedata#LdapDisplayName" + }, + "value": { + "target": "com.amazonaws.directoryservicedata#AttributeValue" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 25 + } + } + }, + "com.amazonaws.directoryservicedata#BooleanAttributeValue": { + "type": "boolean", + "traits": { + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#ClientToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, + "smithy.api#pattern": "^[\\x00-\\x7F]+$" + } + }, + "com.amazonaws.directoryservicedata#ConflictException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage" + } + }, + "traits": { + "smithy.api#documentation": "

This error will occur when you try to create a resource that conflicts with an existing\n object. It can also occur when adding a member to a group that the member is already\n in.

\n

This error can be caused by a request sent within the 8-hour idempotency window with the\n same client token but different input parameters. Client tokens should not be re-used across\n different requests. After 8 hours, any request with the same client token is treated as a new\n request.

", + "smithy.api#error": "client", + "smithy.api#httpError": 409 + } + }, + "com.amazonaws.directoryservicedata#CreateGroup": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#CreateGroupRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#CreateGroupResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Creates a new group.

", + "smithy.api#http": { + "uri": "/Groups/CreateGroup", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#CreateGroupRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "GroupType": { + "target": "com.amazonaws.directoryservicedata#GroupType", + "traits": { + "smithy.api#documentation": "

The AD group type. For details, see Active Directory security group type.

" + } + }, + "GroupScope": { + "target": "com.amazonaws.directoryservicedata#GroupScope", + "traits": { + "smithy.api#documentation": "

The scope of the AD group. For details, see Active Directory security group scope.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

An expression that defines one or more attributes with the data type and value of each\n attribute.

" + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#CreateGroupResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

" + } + }, + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the group.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#CreateUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#CreateUserRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#CreateUserResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Creates a new user.

", + "smithy.api#http": { + "uri": "/Users/CreateUser", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#CreateUserRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that’s associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "EmailAddress": { + "target": "com.amazonaws.directoryservicedata#EmailAddress", + "traits": { + "smithy.api#documentation": "

The email address of the user.

" + } + }, + "GivenName": { + "target": "com.amazonaws.directoryservicedata#GivenName", + "traits": { + "smithy.api#documentation": "

The first name of the user.

" + } + }, + "Surname": { + "target": "com.amazonaws.directoryservicedata#Surname", + "traits": { + "smithy.api#documentation": "

The last name of the user.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

An expression that defines one or more attribute names with the data type and value of\n each attribute. A key is an attribute name, and the value is a list of maps. For a list of\n supported attributes, see Directory Service Data Attributes.

\n \n

Attribute names are case insensitive.

\n
" + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#CreateUserResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory where the address block is added.

" + } + }, + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the user.

" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#DeleteGroup": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#DeleteGroupRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#DeleteGroupResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Deletes a group.

", + "smithy.api#http": { + "uri": "/Groups/DeleteGroup", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#DeleteGroupRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#DeleteGroupResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#DeleteUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#DeleteUserRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#DeleteUserResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Deletes a user.

", + "smithy.api#http": { + "uri": "/Users/DeleteUser", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#DeleteUserRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#DeleteUserResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#DescribeGroup": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#DescribeGroupRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#DescribeGroupResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Returns information about a specific group.

", + "smithy.api#http": { + "uri": "/Groups/DescribeGroup", + "method": "POST" + }, + "smithy.api#readonly": {}, + "smithy.test#smokeTests": [ + { + "id": "DescribeGroupFailure", + "params": { + "DirectoryId": "d-1111111111", + "SAMAccountName": "test-group" + }, + "expect": { + "failure": { + "errorId": "com.amazonaws.directoryservicedata#AccessDeniedException" + } + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "vendorParams": { + "region": "us-west-2" + } + } + ] + } + }, + "com.amazonaws.directoryservicedata#DescribeGroupRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The Identifier (ID) of the directory associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group.

\n \n

This parameter is optional, so you can return groups outside of your Managed Microsoft AD\n domain. When no value is defined, only your Managed Microsoft AD groups are returned.

\n

This value is case insensitive.

\n
" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#LdapDisplayNameList", + "traits": { + "smithy.api#documentation": "

One or more attributes to be returned for the group. For a list of supported attributes,\n see Directory Service Data Attributes.\n

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#DescribeGroupResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group.

" + } + }, + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the group.

" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

" + } + }, + "DistinguishedName": { + "target": "com.amazonaws.directoryservicedata#DistinguishedName", + "traits": { + "smithy.api#documentation": "

The distinguished name of the object.

" + } + }, + "GroupType": { + "target": "com.amazonaws.directoryservicedata#GroupType", + "traits": { + "smithy.api#documentation": "

The AD group type. For details, see Active Directory security group type.

" + } + }, + "GroupScope": { + "target": "com.amazonaws.directoryservicedata#GroupScope", + "traits": { + "smithy.api#documentation": "

The scope of the AD group. For details, see Active Directory security groups.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

The attribute values that are returned for the attribute names that are included in the\n request.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#DescribeUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#DescribeUserRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#DescribeUserResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Returns information about a specific user.

", + "smithy.api#http": { + "uri": "/Users/DescribeUser", + "method": "POST" + }, + "smithy.api#readonly": {}, + "smithy.test#smokeTests": [ + { + "id": "DescribeUserFailure", + "params": { + "DirectoryId": "d-1111111111", + "SAMAccountName": "test-user" + }, + "expect": { + "failure": { + "errorId": "com.amazonaws.directoryservicedata#AccessDeniedException" + } + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "vendorParams": { + "region": "us-west-2" + } + } + ] + } + }, + "com.amazonaws.directoryservicedata#DescribeUserRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#LdapDisplayNameList", + "traits": { + "smithy.api#documentation": "

One or more attribute names to be returned for the user. A key is an attribute name, and\n the value is a list of maps. For a list of supported attributes, see Directory Service Data Attributes.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the user.

\n \n

This parameter is optional, so you can return users outside your Managed Microsoft AD domain.\n When no value is defined, only your Managed Microsoft AD users are returned.

\n

This value is case insensitive.

\n
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#DescribeUserResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the user.

" + } + }, + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the user.

" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

" + } + }, + "DistinguishedName": { + "target": "com.amazonaws.directoryservicedata#DistinguishedName", + "traits": { + "smithy.api#documentation": "

The distinguished name of the object.

" + } + }, + "UserPrincipalName": { + "target": "com.amazonaws.directoryservicedata#UserPrincipalName", + "traits": { + "smithy.api#documentation": "

The UPN that is an Internet-style login name for a user and is based on the Internet\n standard RFC 822. The UPN is shorter\n than the distinguished name and easier to remember.

" + } + }, + "EmailAddress": { + "target": "com.amazonaws.directoryservicedata#EmailAddress", + "traits": { + "smithy.api#documentation": "

The email address of the user.

" + } + }, + "GivenName": { + "target": "com.amazonaws.directoryservicedata#GivenName", + "traits": { + "smithy.api#documentation": "

The first name of the user.

" + } + }, + "Surname": { + "target": "com.amazonaws.directoryservicedata#Surname", + "traits": { + "smithy.api#documentation": "

The last name of the user.

" + } + }, + "Enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the user account is active.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

The attribute values that are returned for the attribute names that are included in the\n request.

\n \n

Attribute names are case insensitive.

\n
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#DirectoryId": { + "type": "string", + "traits": { + "smithy.api#pattern": "^d-[0-9a-f]{10}$" + } + }, + "com.amazonaws.directoryservicedata#DirectoryServiceData": { + "type": "service", + "version": "2023-05-31", + "operations": [ + { + "target": "com.amazonaws.directoryservicedata#AddGroupMember" + }, + { + "target": "com.amazonaws.directoryservicedata#CreateGroup" + }, + { + "target": "com.amazonaws.directoryservicedata#CreateUser" + }, + { + "target": "com.amazonaws.directoryservicedata#DeleteGroup" + }, + { + "target": "com.amazonaws.directoryservicedata#DeleteUser" + }, + { + "target": "com.amazonaws.directoryservicedata#DescribeGroup" + }, + { + "target": "com.amazonaws.directoryservicedata#DescribeUser" + }, + { + "target": "com.amazonaws.directoryservicedata#DisableUser" + }, + { + "target": "com.amazonaws.directoryservicedata#ListGroupMembers" + }, + { + "target": "com.amazonaws.directoryservicedata#ListGroups" + }, + { + "target": "com.amazonaws.directoryservicedata#ListGroupsForMember" + }, + { + "target": "com.amazonaws.directoryservicedata#ListUsers" + }, + { + "target": "com.amazonaws.directoryservicedata#RemoveGroupMember" + }, + { + "target": "com.amazonaws.directoryservicedata#SearchGroups" + }, + { + "target": "com.amazonaws.directoryservicedata#SearchUsers" + }, + { + "target": "com.amazonaws.directoryservicedata#UpdateGroup" + }, + { + "target": "com.amazonaws.directoryservicedata#UpdateUser" + } + ], + "traits": { + "aws.api#service": { + "sdkId": "Directory Service Data", + "arnNamespace": "ds", + "cloudFormationName": "DirectoryServiceData", + "cloudTrailEventSource": "ds.amazonaws.com", + "endpointPrefix": "ds-data" + }, + "aws.auth#sigv4": { + "name": "ds-data" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "

Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information\n about Directory Service Data operations and object types.

\n

With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from\n your Managed Microsoft AD without additional costs and without deploying dedicated management\n instances. You can also perform built-in object management tasks across directories without\n direct network connectivity, which simplifies provisioning and access management to achieve\n fully automated deployments. Directory Service Data supports user and group write operations, such as\n CreateUser and CreateGroup, within the organizational unit (OU) of\n your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers and\n ListGroups, on all users, groups, and group memberships within your\n Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in\n your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles\n and permissions. For more information, see Manage users and\n groups in the Directory Service Administration Guide.

\n \n

Directory management operations and configuration changes made against the Directory Service\n API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay\n between management changes, such as adding a new directory trust and calling the Directory Service Data API\n for the newly created trusted realm.

\n
\n

Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on\n underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain\n controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data\n uses an available domain controller. As a result, you might notice eventual consistency while\n objects replicate from one domain controller to another domain controller. For more\n information, see What\n gets created in the Directory Service Administration Guide.\n Directory limits vary by Managed Microsoft AD edition:

\n
    \n
  • \n

    \n Standard edition – Supports 8 transactions per\n second (TPS) for read operations and 4 TPS for write operations per directory. There's a\n concurrency limit of 10 concurrent requests.

    \n
  • \n
  • \n

    \n Enterprise edition – Supports 16 transactions per\n second (TPS) for read operations and 8 TPS for write operations per directory. There's a\n concurrency limit of 10 concurrent requests.

    \n
  • \n
  • \n

    \n Amazon Web Services Account - Supports a total of 100 TPS for\n Directory Service Data operations across all directories.

    \n
  • \n
\n

Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary\n Amazon Web Services Region. For more information, see Managed Microsoft AD\n and Primary vs additional Regions in the Directory Service Administration\n Guide.

", + "smithy.api#title": "AWS Directory Service Data", + "smithy.api#xmlNamespace": { + "uri": "http://directoryservicedata.amazonaws.com/doc/2023-05-31/" + }, + "smithy.rules#endpointRuleSet": { + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "rules": [ + { + "conditions": [], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://ds-data-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + }, + true + ] + } + ], + "rules": [ + { + "conditions": [], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://ds-data-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "rules": [ + { + "conditions": [], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://ds-data.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://ds-data.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ], + "type": "tree" + } + ] + }, + "smithy.rules#endpointTests": { + "testCases": [ + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.us-east-1.api.aws" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://ds-data.us-east-1.api.aws" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://ds-data.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://ds-data.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://ds-data.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } + } + ], + "version": "1.0" + } + } + }, + "com.amazonaws.directoryservicedata#DirectoryUnavailableException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage" + }, + "Reason": { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableReason", + "traits": { + "smithy.api#documentation": "

Reason the request failed for the specified directory.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The request could not be completed due to a problem in the configuration or current state\n of the specified directory.

", + "smithy.api#error": "client", + "smithy.api#httpError": 400, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.directoryservicedata#DirectoryUnavailableReason": { + "type": "enum", + "members": { + "INVALID_DIRECTORY_STATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_DIRECTORY_STATE" + } + }, + "DIRECTORY_TIMEOUT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DIRECTORY_TIMEOUT" + } + }, + "DIRECTORY_RESOURCES_EXCEEDED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DIRECTORY_RESOURCES_EXCEEDED" + } + }, + "NO_DISK_SPACE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NO_DISK_SPACE" + } + }, + "TRUST_AUTH_FAILURE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TRUST_AUTH_FAILURE" + } + } + } + }, + "com.amazonaws.directoryservicedata#DisableUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#DisableUserRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#DisableUserResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Deactivates an active user account. For information about how to enable an inactive user\n account, see ResetUserPassword\n in the Directory Service API Reference.

", + "smithy.api#http": { + "uri": "/Users/DisableUser", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#DisableUserRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#DisableUserResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#DistinguishedName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#EmailAddress": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#ExceptionMessage": { + "type": "string" + }, + "com.amazonaws.directoryservicedata#GivenName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#Group": { + "type": "structure", + "members": { + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the group.

" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "DistinguishedName": { + "target": "com.amazonaws.directoryservicedata#DistinguishedName", + "traits": { + "smithy.api#documentation": "

The distinguished name of the object.

" + } + }, + "GroupType": { + "target": "com.amazonaws.directoryservicedata#GroupType", + "traits": { + "smithy.api#documentation": "

The AD group type. For details, see Active Directory security group type.

" + } + }, + "GroupScope": { + "target": "com.amazonaws.directoryservicedata#GroupScope", + "traits": { + "smithy.api#documentation": "

The scope of the AD group. For details, see Active Directory security groups\n

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

An expression of one or more attributes, data types, and the values of a group.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A group object that contains identifying information and attributes for a specified\n group.

" + } + }, + "com.amazonaws.directoryservicedata#GroupList": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#Group" + } + }, + "com.amazonaws.directoryservicedata#GroupName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#pattern": "^[^:;|=+\"*?<>/\\\\,\\[\\]@]+$" + } + }, + "com.amazonaws.directoryservicedata#GroupScope": { + "type": "enum", + "members": { + "DOMAIN_LOCAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DomainLocal" + } + }, + "GLOBAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Global" + } + }, + "UNIVERSAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Universal" + } + }, + "BUILTIN_LOCAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BuiltinLocal" + } + } + } + }, + "com.amazonaws.directoryservicedata#GroupSummary": { + "type": "structure", + "members": { + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the group.

", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "GroupType": { + "target": "com.amazonaws.directoryservicedata#GroupType", + "traits": { + "smithy.api#documentation": "

The AD group type. For details, see Active Directory security group type.

", + "smithy.api#required": {} + } + }, + "GroupScope": { + "target": "com.amazonaws.directoryservicedata#GroupScope", + "traits": { + "smithy.api#documentation": "

The scope of the AD group. For details, see Active Directory security groups.

", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

A structure containing a subset of fields of a group object from a directory.

" + } + }, + "com.amazonaws.directoryservicedata#GroupSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#GroupSummary" + } + }, + "com.amazonaws.directoryservicedata#GroupType": { + "type": "enum", + "members": { + "DISTRIBUTION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Distribution" + } + }, + "SECURITY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Security" + } + } + } + }, + "com.amazonaws.directoryservicedata#InternalServerException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage" + } + }, + "traits": { + "smithy.api#documentation": "

The operation didn't succeed because an internal error occurred. Try again later.

", + "smithy.api#error": "server", + "smithy.api#httpError": 500, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.directoryservicedata#LdapDisplayName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 63 + }, + "smithy.api#pattern": "^[A-Za-z*][A-Za-z-*]*$" + } + }, + "com.amazonaws.directoryservicedata#LdapDisplayNameList": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#LdapDisplayName" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 25 + } + } + }, + "com.amazonaws.directoryservicedata#ListGroupMembers": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#ListGroupMembersRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#ListGroupMembersResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Returns member information for the specified group.

\n

This operation supports pagination with the use of the NextToken request and\n response parameters. If more results are available, the\n ListGroupMembers.NextToken member contains a token that you pass in the next\n call to ListGroupMembers. This retrieves the next set of items.

\n

You can also specify a maximum number of return results with the MaxResults\n parameter.

", + "smithy.api#http": { + "uri": "/GroupMemberships/ListGroupMembers", + "method": "POST" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "Members" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupMembersRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group.

\n \n

This parameter is optional, so you can return members from a group outside of your\n Managed Microsoft AD domain. When no value is defined, only members of your Managed Microsoft AD groups are\n returned.

\n

This value is case insensitive.

\n
" + } + }, + "MemberRealm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group member. This parameter defaults to the\n Managed Microsoft AD domain.

\n \n

This parameter is optional and case insensitive.

\n
" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + }, + "MaxResults": { + "target": "com.amazonaws.directoryservicedata#MaxResults", + "traits": { + "smithy.api#documentation": "

The maximum number of results to be returned per request.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupMembersResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

Identifier (ID) of the directory associated with the group.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group.

" + } + }, + "MemberRealm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the member.

" + } + }, + "Members": { + "target": "com.amazonaws.directoryservicedata#MemberList", + "traits": { + "smithy.api#documentation": "

The member information that the request returns.

" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroups": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#ListGroupsRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#ListGroupsResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Returns group information for the specified directory.

\n

This operation supports pagination with the use of the NextToken request and\n response parameters. If more results are available, the ListGroups.NextToken\n member contains a token that you pass in the next call to ListGroups. This\n retrieves the next set of items.

\n

You can also specify a maximum number of return results with the MaxResults\n parameter.

", + "smithy.api#http": { + "uri": "/Groups/ListGroups", + "method": "POST" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "Groups" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupsForMember": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#ListGroupsForMemberRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#ListGroupsForMemberResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Returns group information for the specified member.

\n

This operation supports pagination with the use of the NextToken request and\n response parameters. If more results are available, the\n ListGroupsForMember.NextToken member contains a token that you pass in the next\n call to ListGroupsForMember. This retrieves the next set of items.

\n

You can also specify a maximum number of return results with the MaxResults\n parameter.

", + "smithy.api#http": { + "uri": "/GroupMemberships/ListGroupsForMember", + "method": "POST" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "Groups" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupsForMemberRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the member.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group.

\n \n

This parameter is optional, so you can return groups outside of your Managed Microsoft AD\n domain. When no value is defined, only your Managed Microsoft AD groups are returned.

\n

This value is case insensitive and defaults to your Managed Microsoft AD domain.

\n
" + } + }, + "MemberRealm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group member.

\n \n

This parameter is optional, so you can limit your results to the group members in a\n specific domain.

\n

This parameter is case insensitive and defaults to Realm\n

\n
" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#MemberName", + "traits": { + "smithy.api#documentation": "

The SAMAccountName of the user, group, or computer that's a member of the\n group.

", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + }, + "MaxResults": { + "target": "com.amazonaws.directoryservicedata#MaxResults", + "traits": { + "smithy.api#documentation": "

The maximum number of results to be returned per request.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupsForMemberResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the member.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain that's associated with the group.

" + } + }, + "MemberRealm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain that's associated with the member.

" + } + }, + "Groups": { + "target": "com.amazonaws.directoryservicedata#GroupSummaryList", + "traits": { + "smithy.api#documentation": "

The group information that the request returns.

" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupsRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name associated with the directory.

\n \n

This parameter is optional, so you can return groups outside of your Managed Microsoft AD\n domain. When no value is defined, only your Managed Microsoft AD groups are returned.

\n

This value is case insensitive.

\n
" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + }, + "MaxResults": { + "target": "com.amazonaws.directoryservicedata#MaxResults", + "traits": { + "smithy.api#documentation": "

The maximum number of results to be returned per request.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#ListGroupsResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name associated with the group.

" + } + }, + "Groups": { + "target": "com.amazonaws.directoryservicedata#GroupSummaryList", + "traits": { + "smithy.api#documentation": "

The group information that the request returns.

" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#ListUsers": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#ListUsersRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#ListUsersResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Returns user information for the specified directory.

\n

This operation supports pagination with the use of the NextToken request and\n response parameters. If more results are available, the ListUsers.NextToken\n member contains a token that you pass in the next call to ListUsers. This\n retrieves the next set of items.

\n

You can also specify a maximum number of return results with the MaxResults\n parameter.

", + "smithy.api#http": { + "uri": "/Users/ListUsers", + "method": "POST" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "Users" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.directoryservicedata#ListUsersRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the user.

\n \n

This parameter is optional, so you can return users outside of your Managed Microsoft AD\n domain. When no value is defined, only your Managed Microsoft AD users are returned.

\n

This value is case insensitive.

\n
" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + }, + "MaxResults": { + "target": "com.amazonaws.directoryservicedata#MaxResults", + "traits": { + "smithy.api#documentation": "

The maximum number of results to be returned per request.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#ListUsersResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain that's associated with the user.

" + } + }, + "Users": { + "target": "com.amazonaws.directoryservicedata#UserSummaryList", + "traits": { + "smithy.api#documentation": "

The user information that the request returns.

" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#MaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 250 + } + } + }, + "com.amazonaws.directoryservicedata#Member": { + "type": "structure", + "members": { + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the group member.

", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#MemberName", + "traits": { + "smithy.api#documentation": "

The name of the group member.

", + "smithy.api#required": {} + } + }, + "MemberType": { + "target": "com.amazonaws.directoryservicedata#MemberType", + "traits": { + "smithy.api#documentation": "

The AD type of the member object.

", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

A member object that contains identifying information for a specified member.

" + } + }, + "com.amazonaws.directoryservicedata#MemberList": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#Member" + } + }, + "com.amazonaws.directoryservicedata#MemberName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 63 + }, + "smithy.api#pattern": "^[^:;|=+\"*?<>/\\\\,\\[\\]@]+$" + } + }, + "com.amazonaws.directoryservicedata#MemberType": { + "type": "enum", + "members": { + "USER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "USER" + } + }, + "GROUP": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GROUP" + } + }, + "COMPUTER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COMPUTER" + } + } + } + }, + "com.amazonaws.directoryservicedata#NextToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 6144 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#NumberAttributeValue": { + "type": "long", + "traits": { + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#Realm": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 255 + }, + "smithy.api#pattern": "^([a-zA-Z0-9]+[\\\\.-])+([a-zA-Z0-9])+[.]?$" + } + }, + "com.amazonaws.directoryservicedata#RemoveGroupMember": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#RemoveGroupMemberRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#RemoveGroupMemberResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Removes a member from a group.

", + "smithy.api#http": { + "uri": "/GroupMemberships/RemoveGroupMember", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#RemoveGroupMemberRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the member.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "GroupName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "MemberName": { + "target": "com.amazonaws.directoryservicedata#MemberName", + "traits": { + "smithy.api#documentation": "

The SAMAccountName of the user, group, or computer to remove from the group.\n

", + "smithy.api#required": {} + } + }, + "MemberRealm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group member. This parameter defaults to the\n Managed Microsoft AD domain.

\n \n

This parameter is optional and case insensitive.

\n
" + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#RemoveGroupMemberResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#ResourceNotFoundException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage" + } + }, + "traits": { + "smithy.api#documentation": "

The resource couldn't be found.

", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.directoryservicedata#SID": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + } + } + }, + "com.amazonaws.directoryservicedata#SearchGroups": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#SearchGroupsRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#SearchGroupsResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Searches the specified directory for a group. You can find groups that match the\n SearchString parameter with the value of their attributes included in the\n SearchString parameter.

\n

This operation supports pagination with the use of the NextToken request and\n response parameters. If more results are available, the SearchGroups.NextToken\n member contains a token that you pass in the next call to SearchGroups. This\n retrieves the next set of items.

\n

You can also specify a maximum number of return results with the MaxResults\n parameter.

", + "smithy.api#http": { + "uri": "/Groups/SearchGroups", + "method": "POST" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "Groups" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.directoryservicedata#SearchGroupsRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SearchString": { + "target": "com.amazonaws.directoryservicedata#SearchString", + "traits": { + "smithy.api#documentation": "

The attribute value that you want to search for.

\n \n

Wildcard (*) searches aren't supported. For a list of supported\n attributes, see Directory Service Data\n Attributes.

\n
", + "smithy.api#required": {} + } + }, + "SearchAttributes": { + "target": "com.amazonaws.directoryservicedata#LdapDisplayNameList", + "traits": { + "smithy.api#documentation": "

One or more data attributes that are used to search for a group. For a list of supported\n attributes, see Directory Service Data Attributes.\n

", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the group.

\n \n

This parameter is optional, so you can return groups outside of your Managed Microsoft AD\n domain. When no value is defined, only your Managed Microsoft AD groups are returned.

\n

This value is case insensitive.

\n
" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + }, + "MaxResults": { + "target": "com.amazonaws.directoryservicedata#MaxResults", + "traits": { + "smithy.api#documentation": "

The maximum number of results to be returned per request.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#SearchGroupsResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain that's associated with the group.

" + } + }, + "Groups": { + "target": "com.amazonaws.directoryservicedata#GroupList", + "traits": { + "smithy.api#documentation": "

The group information that the request returns.

" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#SearchString": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#SearchUsers": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#SearchUsersRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#SearchUsersResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Searches the specified directory for a user. You can find users that match the\n SearchString parameter with the value of their attributes included in the\n SearchString parameter.

\n

This operation supports pagination with the use of the NextToken request and\n response parameters. If more results are available, the SearchUsers.NextToken\n member contains a token that you pass in the next call to SearchUsers. This\n retrieves the next set of items.

\n

You can also specify a maximum number of return results with the MaxResults\n parameter.

", + "smithy.api#http": { + "uri": "/Users/SearchUsers", + "method": "POST" + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "pageSize": "MaxResults", + "items": "Users" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.directoryservicedata#SearchUsersRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain name that's associated with the user.

\n \n

This parameter is optional, so you can return users outside of your Managed Microsoft AD\n domain. When no value is defined, only your Managed Microsoft AD users are returned.

\n

This value is case insensitive.

\n
" + } + }, + "SearchString": { + "target": "com.amazonaws.directoryservicedata#SearchString", + "traits": { + "smithy.api#documentation": "

The attribute value that you want to search for.

\n \n

Wildcard (*) searches aren't supported. For a list of supported\n attributes, see Directory Service Data\n Attributes.

\n
", + "smithy.api#required": {} + } + }, + "SearchAttributes": { + "target": "com.amazonaws.directoryservicedata#LdapDisplayNameList", + "traits": { + "smithy.api#documentation": "

One or more data attributes that are used to search for a user. For a list of supported\n attributes, see Directory Service Data Attributes.\n

", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + }, + "MaxResults": { + "target": "com.amazonaws.directoryservicedata#MaxResults", + "traits": { + "smithy.api#documentation": "

The maximum number of results to be returned per request.

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#SearchUsersResult": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory where the address block is added.

" + } + }, + "Realm": { + "target": "com.amazonaws.directoryservicedata#Realm", + "traits": { + "smithy.api#documentation": "

The domain that's associated with the user.

" + } + }, + "Users": { + "target": "com.amazonaws.directoryservicedata#UserList", + "traits": { + "smithy.api#documentation": "

The user information that the request returns.

" + } + }, + "NextToken": { + "target": "com.amazonaws.directoryservicedata#NextToken", + "traits": { + "smithy.api#documentation": "

An encoded paging token for paginated calls that can be passed back to retrieve the next\n page.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#StringAttributeValue": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#StringSetAttributeValue": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#StringAttributeValue" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 25 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#Surname": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#ThrottlingException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage", + "traits": { + "smithy.api#required": {} + } + }, + "RetryAfterSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

The recommended amount of seconds to retry after a throttling exception.

", + "smithy.api#httpHeader": "Retry-After" + } + } + }, + "traits": { + "smithy.api#documentation": "

The limit on the number of requests per second has been exceeded.

", + "smithy.api#error": "client", + "smithy.api#httpError": 429, + "smithy.api#retryable": { + "throttling": true + } + } + }, + "com.amazonaws.directoryservicedata#UpdateGroup": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#UpdateGroupRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#UpdateGroupResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Updates group information.

", + "smithy.api#http": { + "uri": "/Groups/UpdateGroup", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#UpdateGroupRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the group.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#GroupName", + "traits": { + "smithy.api#documentation": "

The name of the group.

", + "smithy.api#required": {} + } + }, + "GroupType": { + "target": "com.amazonaws.directoryservicedata#GroupType", + "traits": { + "smithy.api#documentation": "

The AD group type. For details, see Active Directory security group type.

" + } + }, + "GroupScope": { + "target": "com.amazonaws.directoryservicedata#GroupScope", + "traits": { + "smithy.api#documentation": "

The scope of the AD group. For details, see Active Directory security groups.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

An expression that defines one or more attributes with the data type and the value of\n each attribute.

" + } + }, + "UpdateType": { + "target": "com.amazonaws.directoryservicedata#UpdateType", + "traits": { + "smithy.api#documentation": "

The type of update to be performed. If no value exists for the attribute, use\n ADD. Otherwise, use REPLACE to change an attribute value or\n REMOVE to clear the attribute value.

" + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#UpdateGroupResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#UpdateType": { + "type": "enum", + "members": { + "ADD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ADD" + } + }, + "REPLACE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REPLACE" + } + }, + "REMOVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REMOVE" + } + } + } + }, + "com.amazonaws.directoryservicedata#UpdateUser": { + "type": "operation", + "input": { + "target": "com.amazonaws.directoryservicedata#UpdateUserRequest" + }, + "output": { + "target": "com.amazonaws.directoryservicedata#UpdateUserResult" + }, + "errors": [ + { + "target": "com.amazonaws.directoryservicedata#AccessDeniedException" + }, + { + "target": "com.amazonaws.directoryservicedata#ConflictException" + }, + { + "target": "com.amazonaws.directoryservicedata#DirectoryUnavailableException" + }, + { + "target": "com.amazonaws.directoryservicedata#InternalServerException" + }, + { + "target": "com.amazonaws.directoryservicedata#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.directoryservicedata#ThrottlingException" + }, + { + "target": "com.amazonaws.directoryservicedata#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Updates user information.

", + "smithy.api#http": { + "uri": "/Users/UpdateUser", + "method": "POST" + } + } + }, + "com.amazonaws.directoryservicedata#UpdateUserRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "target": "com.amazonaws.directoryservicedata#DirectoryId", + "traits": { + "smithy.api#documentation": "

The identifier (ID) of the directory that's associated with the user.

", + "smithy.api#httpQuery": "DirectoryId", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "EmailAddress": { + "target": "com.amazonaws.directoryservicedata#EmailAddress", + "traits": { + "smithy.api#documentation": "

The email address of the user.

" + } + }, + "GivenName": { + "target": "com.amazonaws.directoryservicedata#GivenName", + "traits": { + "smithy.api#documentation": "

The first name of the user.

" + } + }, + "Surname": { + "target": "com.amazonaws.directoryservicedata#Surname", + "traits": { + "smithy.api#documentation": "

The last name of the user.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

An expression that defines one or more attribute names with the data type and value of\n each attribute. A key is an attribute name, and the value is a list of maps. For a list of\n supported attributes, see Directory Service Data Attributes.

\n \n

Attribute names are case insensitive.

\n
" + } + }, + "UpdateType": { + "target": "com.amazonaws.directoryservicedata#UpdateType", + "traits": { + "smithy.api#documentation": "

The type of update to be performed. If no value exists for the attribute, use\n ADD. Otherwise, use REPLACE to change an attribute value or\n REMOVE to clear the attribute value.

" + } + }, + "ClientToken": { + "target": "com.amazonaws.directoryservicedata#ClientToken", + "traits": { + "smithy.api#documentation": "

A unique and case-sensitive identifier that you provide to make sure the idempotency of\n the request, so multiple identical calls have the same effect as one single call.

\n

A client token is valid for 8 hours after the first request that uses it completes. After\n 8 hours, any request with the same client token is treated as a new request. If the request\n succeeds, any future uses of that token will be idempotent for another 8 hours.

\n

If you submit a request with the same client token but change one of the other parameters\n within the 8-hour idempotency window, Directory Service Data returns an ConflictException.

\n \n

This parameter is optional when using the CLI or SDK.

\n
", + "smithy.api#idempotencyToken": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.directoryservicedata#UpdateUserResult": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.directoryservicedata#User": { + "type": "structure", + "members": { + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the user.

" + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "DistinguishedName": { + "target": "com.amazonaws.directoryservicedata#DistinguishedName", + "traits": { + "smithy.api#documentation": "

The distinguished name of the object.

" + } + }, + "UserPrincipalName": { + "target": "com.amazonaws.directoryservicedata#UserPrincipalName", + "traits": { + "smithy.api#documentation": "

The UPN that is an internet-style login name for a user and based on the internet\n standard RFC 822. The UPN is shorter\n than the distinguished name and easier to remember.

" + } + }, + "EmailAddress": { + "target": "com.amazonaws.directoryservicedata#EmailAddress", + "traits": { + "smithy.api#documentation": "

The email address of the user.

" + } + }, + "GivenName": { + "target": "com.amazonaws.directoryservicedata#GivenName", + "traits": { + "smithy.api#documentation": "

The first name of the user.

" + } + }, + "Surname": { + "target": "com.amazonaws.directoryservicedata#Surname", + "traits": { + "smithy.api#documentation": "

The last name of the user.

" + } + }, + "Enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the user account is active.

" + } + }, + "OtherAttributes": { + "target": "com.amazonaws.directoryservicedata#Attributes", + "traits": { + "smithy.api#documentation": "

An expression that includes one or more attributes, data types, and values of a\n user.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A user object that contains identifying information and attributes for a specified user.\n

" + } + }, + "com.amazonaws.directoryservicedata#UserList": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#User" + } + }, + "com.amazonaws.directoryservicedata#UserName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 20 + }, + "smithy.api#pattern": "^[\\w\\-.]+$" + } + }, + "com.amazonaws.directoryservicedata#UserPrincipalName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.directoryservicedata#UserSummary": { + "type": "structure", + "members": { + "SID": { + "target": "com.amazonaws.directoryservicedata#SID", + "traits": { + "smithy.api#documentation": "

The unique security identifier (SID) of the user.

", + "smithy.api#required": {} + } + }, + "SAMAccountName": { + "target": "com.amazonaws.directoryservicedata#UserName", + "traits": { + "smithy.api#documentation": "

The name of the user.

", + "smithy.api#required": {} + } + }, + "GivenName": { + "target": "com.amazonaws.directoryservicedata#GivenName", + "traits": { + "smithy.api#documentation": "

The first name of the user.

" + } + }, + "Surname": { + "target": "com.amazonaws.directoryservicedata#Surname", + "traits": { + "smithy.api#documentation": "

The last name of the user.

" + } + }, + "Enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the user account is active.

", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

A structure containing a subset of the fields of a user object from a directory.

" + } + }, + "com.amazonaws.directoryservicedata#UserSummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.directoryservicedata#UserSummary" + } + }, + "com.amazonaws.directoryservicedata#ValidationException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.directoryservicedata#ExceptionMessage" + }, + "Reason": { + "target": "com.amazonaws.directoryservicedata#ValidationExceptionReason", + "traits": { + "smithy.api#documentation": "

Reason the request failed validation.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The request isn't valid. Review the details in the error message to update the invalid\n parameters or values in your request.

", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + }, + "com.amazonaws.directoryservicedata#ValidationExceptionReason": { + "type": "enum", + "members": { + "INVALID_REALM": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_REALM" + } + }, + "INVALID_DIRECTORY_TYPE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_DIRECTORY_TYPE" + } + }, + "INVALID_SECONDARY_REGION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_SECONDARY_REGION" + } + }, + "INVALID_NEXT_TOKEN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_NEXT_TOKEN" + } + }, + "INVALID_ATTRIBUTE_VALUE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ATTRIBUTE_VALUE" + } + }, + "INVALID_ATTRIBUTE_NAME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ATTRIBUTE_NAME" + } + }, + "INVALID_ATTRIBUTE_FOR_USER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ATTRIBUTE_FOR_USER" + } + }, + "INVALID_ATTRIBUTE_FOR_GROUP": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ATTRIBUTE_FOR_GROUP" + } + }, + "INVALID_ATTRIBUTE_FOR_SEARCH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ATTRIBUTE_FOR_SEARCH" + } + }, + "INVALID_ATTRIBUTE_FOR_MODIFY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ATTRIBUTE_FOR_MODIFY" + } + }, + "DUPLICATE_ATTRIBUTE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DUPLICATE_ATTRIBUTE" + } + }, + "MISSING_ATTRIBUTE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MISSING_ATTRIBUTE" + } + }, + "ATTRIBUTE_EXISTS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ATTRIBUTE_EXISTS" + } + }, + "LDAP_SIZE_LIMIT_EXCEEDED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LDAP_SIZE_LIMIT_EXCEEDED" + } + }, + "LDAP_UNSUPPORTED_OPERATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LDAP_UNSUPPORTED_OPERATION" + } + } + } + } + } +}