MANAGING AWS SECURITY STRATEGIES CLOUDTRAIL AND CLOUDWATCH

aws-senior.com
www.aws-senior.com
www.aws-senior.com


www.aws-senior.com
www.aws-senior.com
aws-senior.com --share-target "Id=${WORKLOAD_ACCOUNT},Type=ACCOUNT" \ --share-method HANDSHAKE I n the above example: DIRECTORY_ID â€" This is the Managed AD directory id that is in the shared services account WORKLOAD_ACCOUNT â€" This is the AWS account number of the workload account to which you are sharing the Managed AD share-method â€" Since we are specifically sharing with another account, use HANDSHAKE as the method The following is the output of the above command, which displays the shared directory id. { "SharedDirectoryId": "d-444efg5555" } 2. View Current Managed AD Shares â€" AWS CLI Once you’ve shared a directory, you can view the current status of the sharing, and also to get a list of all the existing shares as shown below. DIRECTORY_ID=d-123abc4567 aws ds describe-shared-directories \ --owner-directory-id ${DIRECTORY_ID} The following is an example output: { "SharedDirectories": [ { "OwnerDirectoryId": "d-123abc4567", "ShareNotes": "AD Directory for workload accounts", "ShareMethod": "HANDSHAKE", "CreatedDateTime": 1558566663.171, "SharedAccountId": "222222222222", "SharedDirectoryId": "d-444efg5555", "ShareStatus": "PendingAcceptance", "OwnerAccountId": "111111111111", "LastUpdatedDateTime": 1558566663.171 } ] } Note: In the above output, the ShareStatus is PendingAcceptance. This will change to “Shared” once the workload account accept the share request. 3. Accept Directory Sharing â€" AWS CLI Use the workload account credentials to accept the directory sharing as shown below. aws ds accept-shared-directory \ --shared-directory-id d-444efg5555 In the above example, d-444efg5555 is the shared directory id (not the directory id of the Managed AD in the shared services account). Few ways to get the shared directory id: You’ll get this as an output from this CLI: aws ds share-directory Login to the workload account, and get the directory id from the console Use aws ds describe-shared-directories on the workload account, to get this id 4. Unshare Directory â€" AWS CLI First, set the source directory id, and the destination AWS workload account number.
www.aws-senior.com
www.aws-senior.com

https://russie-foot-2018.blogspot.com
http://workdcup-2018.blogspot.com
https://orange-tunisie.blogspot.com
https://cccamserver2013.blogspot.com
https://support-for-oracle-applications.blogspot.com
https://oracle-support-2018.blogspot.com
https://watch-live2018.blogspot.com
https://oracle-support-maintenance.blogspot.com
http://russie-foot-2018.blogspot.com
http://oracle-support-maintenance.blogspot.com
https://my-oracle-support.blogspot.com
https://swtools-spark.blogspot.com
http://support-for-oracle-applications.blogspot.com
https://workdcup-2018.blogspot.com
https://high-oracle.blogspot.com
www.aws-senior.com
www.aws-senior.com

Commentaires