ds:*AWS AWS Directory Service IAM Actions
91 IAM actions for ds:*
Actions
91 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
ds:AcceptSharedDirectory | Write |
ds:AccessDSData | Read |
ds:AddIpRoutes | Write |
ds:AddRegion | Write |
ds:AddTagsToResource | Tagging |
ds:AuthorizeApplication | Read |
ds:CancelSchemaExtension | Write |
ds:CheckAlias | Read |
ds:ConnectDirectory | Read |
ds:CreateAlias | Write |
ds:CreateComputer | Write |
ds:CreateConditionalForwarder | Write |
ds:CreateDirectory | Write |
ds:CreateHybridAD | Write |
ds:CreateIdentityPoolDirectory | Write |
ds:CreateLogSubscription | Write |
ds:CreateMicrosoftAD | Write |
ds:CreateSnapshot | Write |
ds:CreateTrust | Write |
ds:DeleteADAssessment | Write |
ds:DeleteConditionalForwarder | Write |
ds:DeleteDirectory | Write |
ds:DeleteLogSubscription | Write |
ds:DeleteSnapshot | Write |
ds:DeleteTrust | Write |
ds:DeregisterCertificate | Write |
ds:DeregisterEventTopic | Write |
ds:DescribeADAssessment | Read |
ds:DescribeCAEnrollmentPolicy | Permissions |
ds:DescribeCertificate | Read |
ds:DescribeClientAuthenticationSettings | Read |
ds:DescribeConditionalForwarders | Read |
ds:DescribeDirectories | Read |
ds:DescribeDirectoryDataAccess | Read |
ds:DescribeDomainControllers | Read |
ds:DescribeEventTopics | Read |
ds:DescribeHybridADUpdate | Read |
ds:DescribeLDAPSSettings | Read |
ds:DescribeRegions | Read |
ds:DescribeSettings | Read |
ds:DescribeSharedDirectories | Read |
ds:DescribeSnapshots | Read |
ds:DescribeTrusts | Read |
ds:DescribeUpdateDirectory | Read |
ds:DisableCAEnrollmentPolicy | Permissions |
ds:DisableClientAuthentication | Write |
ds:DisableDirectoryDataAccess | Write |
ds:DisableLDAPS | Write |
ds:DisableRadius | Write |
ds:DisableRoleAccess | Permissions |
ds:DisableSso | Write |
ds:EnableCAEnrollmentPolicy | Permissions |
ds:EnableClientAuthentication | Write |
ds:EnableDirectoryDataAccess | Write |
ds:EnableLDAPS | Write |
ds:EnableRadius | Write |
ds:EnableRoleAccess | Permissions |
ds:EnableSso | Write |
ds:GetAuthorizedApplicationDetails | Read |
ds:GetDirectoryLimits | Read |
ds:GetSnapshotLimits | Read |
ds:ListADAssessments | List |
ds:ListAuthorizedApplications | List |
ds:ListCertificates | List |
ds:ListIpRoutes | List |
ds:ListLogSubscriptions | List |
ds:ListSchemaExtensions | List |
ds:ListTagsForResource | Tagging |
ds:RegisterCertificate | Write |
ds:RegisterEventTopic | Write |
ds:RejectSharedDirectory | Write |
ds:RemoveIpRoutes | Write |
ds:RemoveRegion | Write |
ds:RemoveTagsFromResource | Tagging |
ds:ResetUserPassword | Write |
ds:RestoreFromSnapshot | Write |
ds:ShareDirectory | Read |
ds:StartADAssessment | Write |
ds:StartSchemaExtension | Write |
ds:UnauthorizeApplication | Read |
ds:UnshareDirectory | Read |
ds:UpdateAuthorizedApplication | Write |
ds:UpdateConditionalForwarder | Write |
ds:UpdateDirectory | Write |
ds:UpdateDirectorySetup | Write |
ds:UpdateHybridAD | Write |
ds:UpdateNumberOfDomainControllers | Write |
ds:UpdateRadius | Write |
ds:UpdateSettings | Write |
ds:UpdateTrust | Write |
ds:VerifyTrust | Read |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${RelativeId} | arn:aws:ds:${Region}:${Account}:${RelativeId} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
Total Actions91
Prefix
dsResource Types1
Condition Keys3
Access Level Breakdown
Read27
Write50
List6
Permissions5
Tagging3