AWS v6.73.0, Mar 19 25

AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi

aws.directoryservice.Trust

Explore with Pulumi AI

AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi

pulumi/pulumi-aws

Example Usage

Two-Way Trust

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const oneDirectory = new aws.directoryservice.Directory("one", {
    name: "one.example.com",
    type: "MicrosoftAD",
});
const twoDirectory = new aws.directoryservice.Directory("two", {
    name: "two.example.com",
    type: "MicrosoftAD",
});
const one = new aws.directoryservice.Trust("one", {
    directoryId: oneDirectory.id,
    remoteDomainName: twoDirectory.name,
    trustDirection: "Two-Way",
    trustPassword: "Some0therPassword",
    conditionalForwarderIpAddrs: twoDirectory.dnsIpAddresses,
});
const two = new aws.directoryservice.Trust("two", {
    directoryId: twoDirectory.id,
    remoteDomainName: oneDirectory.name,
    trustDirection: "Two-Way",
    trustPassword: "Some0therPassword",
    conditionalForwarderIpAddrs: oneDirectory.dnsIpAddresses,
});

import pulumi
import pulumi_aws as aws

one_directory = aws.directoryservice.Directory("one",
    name="one.example.com",
    type="MicrosoftAD")
two_directory = aws.directoryservice.Directory("two",
    name="two.example.com",
    type="MicrosoftAD")
one = aws.directoryservice.Trust("one",
    directory_id=one_directory.id,
    remote_domain_name=two_directory.name,
    trust_direction="Two-Way",
    trust_password="Some0therPassword",
    conditional_forwarder_ip_addrs=two_directory.dns_ip_addresses)
two = aws.directoryservice.Trust("two",
    directory_id=two_directory.id,
    remote_domain_name=one_directory.name,
    trust_direction="Two-Way",
    trust_password="Some0therPassword",
    conditional_forwarder_ip_addrs=one_directory.dns_ip_addresses)

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		oneDirectory, err := directoryservice.NewDirectory(ctx, "one", &directoryservice.DirectoryArgs{
			Name: pulumi.String("one.example.com"),
			Type: pulumi.String("MicrosoftAD"),
		})
		if err != nil {
			return err
		}
		twoDirectory, err := directoryservice.NewDirectory(ctx, "two", &directoryservice.DirectoryArgs{
			Name: pulumi.String("two.example.com"),
			Type: pulumi.String("MicrosoftAD"),
		})
		if err != nil {
			return err
		}
		_, err = directoryservice.NewTrust(ctx, "one", &directoryservice.TrustArgs{
			DirectoryId:                 oneDirectory.ID(),
			RemoteDomainName:            twoDirectory.Name,
			TrustDirection:              pulumi.String("Two-Way"),
			TrustPassword:               pulumi.String("Some0therPassword"),
			ConditionalForwarderIpAddrs: twoDirectory.DnsIpAddresses,
		})
		if err != nil {
			return err
		}
		_, err = directoryservice.NewTrust(ctx, "two", &directoryservice.TrustArgs{
			DirectoryId:                 twoDirectory.ID(),
			RemoteDomainName:            oneDirectory.Name,
			TrustDirection:              pulumi.String("Two-Way"),
			TrustPassword:               pulumi.String("Some0therPassword"),
			ConditionalForwarderIpAddrs: oneDirectory.DnsIpAddresses,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var oneDirectory = new Aws.DirectoryService.Directory("one", new()
    {
        Name = "one.example.com",
        Type = "MicrosoftAD",
    });

    var twoDirectory = new Aws.DirectoryService.Directory("two", new()
    {
        Name = "two.example.com",
        Type = "MicrosoftAD",
    });

    var one = new Aws.DirectoryService.Trust("one", new()
    {
        DirectoryId = oneDirectory.Id,
        RemoteDomainName = twoDirectory.Name,
        TrustDirection = "Two-Way",
        TrustPassword = "Some0therPassword",
        ConditionalForwarderIpAddrs = twoDirectory.DnsIpAddresses,
    });

    var two = new Aws.DirectoryService.Trust("two", new()
    {
        DirectoryId = twoDirectory.Id,
        RemoteDomainName = oneDirectory.Name,
        TrustDirection = "Two-Way",
        TrustPassword = "Some0therPassword",
        ConditionalForwarderIpAddrs = oneDirectory.DnsIpAddresses,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.directoryservice.Directory;
import com.pulumi.aws.directoryservice.DirectoryArgs;
import com.pulumi.aws.directoryservice.Trust;
import com.pulumi.aws.directoryservice.TrustArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var oneDirectory = new Directory("oneDirectory", DirectoryArgs.builder()
            .name("one.example.com")
            .type("MicrosoftAD")
            .build());

        var twoDirectory = new Directory("twoDirectory", DirectoryArgs.builder()
            .name("two.example.com")
            .type("MicrosoftAD")
            .build());

        var one = new Trust("one", TrustArgs.builder()
            .directoryId(oneDirectory.id())
            .remoteDomainName(twoDirectory.name())
            .trustDirection("Two-Way")
            .trustPassword("Some0therPassword")
            .conditionalForwarderIpAddrs(twoDirectory.dnsIpAddresses())
            .build());

        var two = new Trust("two", TrustArgs.builder()
            .directoryId(twoDirectory.id())
            .remoteDomainName(oneDirectory.name())
            .trustDirection("Two-Way")
            .trustPassword("Some0therPassword")
            .conditionalForwarderIpAddrs(oneDirectory.dnsIpAddresses())
            .build());

    }
}

resources:
  one:
    type: aws:directoryservice:Trust
    properties:
      directoryId: ${oneDirectory.id}
      remoteDomainName: ${twoDirectory.name}
      trustDirection: Two-Way
      trustPassword: Some0therPassword
      conditionalForwarderIpAddrs: ${twoDirectory.dnsIpAddresses}
  two:
    type: aws:directoryservice:Trust
    properties:
      directoryId: ${twoDirectory.id}
      remoteDomainName: ${oneDirectory.name}
      trustDirection: Two-Way
      trustPassword: Some0therPassword
      conditionalForwarderIpAddrs: ${oneDirectory.dnsIpAddresses}
  oneDirectory:
    type: aws:directoryservice:Directory
    name: one
    properties:
      name: one.example.com
      type: MicrosoftAD
  twoDirectory:
    type: aws:directoryservice:Directory
    name: two
    properties:
      name: two.example.com
      type: MicrosoftAD

One-Way Trust

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const oneDirectory = new aws.directoryservice.Directory("one", {
    name: "one.example.com",
    type: "MicrosoftAD",
});
const twoDirectory = new aws.directoryservice.Directory("two", {
    name: "two.example.com",
    type: "MicrosoftAD",
});
const one = new aws.directoryservice.Trust("one", {
    directoryId: oneDirectory.id,
    remoteDomainName: twoDirectory.name,
    trustDirection: "One-Way: Incoming",
    trustPassword: "Some0therPassword",
    conditionalForwarderIpAddrs: twoDirectory.dnsIpAddresses,
});
const two = new aws.directoryservice.Trust("two", {
    directoryId: twoDirectory.id,
    remoteDomainName: oneDirectory.name,
    trustDirection: "One-Way: Outgoing",
    trustPassword: "Some0therPassword",
    conditionalForwarderIpAddrs: oneDirectory.dnsIpAddresses,
});

import pulumi
import pulumi_aws as aws

one_directory = aws.directoryservice.Directory("one",
    name="one.example.com",
    type="MicrosoftAD")
two_directory = aws.directoryservice.Directory("two",
    name="two.example.com",
    type="MicrosoftAD")
one = aws.directoryservice.Trust("one",
    directory_id=one_directory.id,
    remote_domain_name=two_directory.name,
    trust_direction="One-Way: Incoming",
    trust_password="Some0therPassword",
    conditional_forwarder_ip_addrs=two_directory.dns_ip_addresses)
two = aws.directoryservice.Trust("two",
    directory_id=two_directory.id,
    remote_domain_name=one_directory.name,
    trust_direction="One-Way: Outgoing",
    trust_password="Some0therPassword",
    conditional_forwarder_ip_addrs=one_directory.dns_ip_addresses)

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		oneDirectory, err := directoryservice.NewDirectory(ctx, "one", &directoryservice.DirectoryArgs{
			Name: pulumi.String("one.example.com"),
			Type: pulumi.String("MicrosoftAD"),
		})
		if err != nil {
			return err
		}
		twoDirectory, err := directoryservice.NewDirectory(ctx, "two", &directoryservice.DirectoryArgs{
			Name: pulumi.String("two.example.com"),
			Type: pulumi.String("MicrosoftAD"),
		})
		if err != nil {
			return err
		}
		_, err = directoryservice.NewTrust(ctx, "one", &directoryservice.TrustArgs{
			DirectoryId:                 oneDirectory.ID(),
			RemoteDomainName:            twoDirectory.Name,
			TrustDirection:              pulumi.String("One-Way: Incoming"),
			TrustPassword:               pulumi.String("Some0therPassword"),
			ConditionalForwarderIpAddrs: twoDirectory.DnsIpAddresses,
		})
		if err != nil {
			return err
		}
		_, err = directoryservice.NewTrust(ctx, "two", &directoryservice.TrustArgs{
			DirectoryId:                 twoDirectory.ID(),
			RemoteDomainName:            oneDirectory.Name,
			TrustDirection:              pulumi.String("One-Way: Outgoing"),
			TrustPassword:               pulumi.String("Some0therPassword"),
			ConditionalForwarderIpAddrs: oneDirectory.DnsIpAddresses,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var oneDirectory = new Aws.DirectoryService.Directory("one", new()
    {
        Name = "one.example.com",
        Type = "MicrosoftAD",
    });

    var twoDirectory = new Aws.DirectoryService.Directory("two", new()
    {
        Name = "two.example.com",
        Type = "MicrosoftAD",
    });

    var one = new Aws.DirectoryService.Trust("one", new()
    {
        DirectoryId = oneDirectory.Id,
        RemoteDomainName = twoDirectory.Name,
        TrustDirection = "One-Way: Incoming",
        TrustPassword = "Some0therPassword",
        ConditionalForwarderIpAddrs = twoDirectory.DnsIpAddresses,
    });

    var two = new Aws.DirectoryService.Trust("two", new()
    {
        DirectoryId = twoDirectory.Id,
        RemoteDomainName = oneDirectory.Name,
        TrustDirection = "One-Way: Outgoing",
        TrustPassword = "Some0therPassword",
        ConditionalForwarderIpAddrs = oneDirectory.DnsIpAddresses,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.directoryservice.Directory;
import com.pulumi.aws.directoryservice.DirectoryArgs;
import com.pulumi.aws.directoryservice.Trust;
import com.pulumi.aws.directoryservice.TrustArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var oneDirectory = new Directory("oneDirectory", DirectoryArgs.builder()
            .name("one.example.com")
            .type("MicrosoftAD")
            .build());

        var twoDirectory = new Directory("twoDirectory", DirectoryArgs.builder()
            .name("two.example.com")
            .type("MicrosoftAD")
            .build());

        var one = new Trust("one", TrustArgs.builder()
            .directoryId(oneDirectory.id())
            .remoteDomainName(twoDirectory.name())
            .trustDirection("One-Way: Incoming")
            .trustPassword("Some0therPassword")
            .conditionalForwarderIpAddrs(twoDirectory.dnsIpAddresses())
            .build());

        var two = new Trust("two", TrustArgs.builder()
            .directoryId(twoDirectory.id())
            .remoteDomainName(oneDirectory.name())
            .trustDirection("One-Way: Outgoing")
            .trustPassword("Some0therPassword")
            .conditionalForwarderIpAddrs(oneDirectory.dnsIpAddresses())
            .build());

    }
}

resources:
  one:
    type: aws:directoryservice:Trust
    properties:
      directoryId: ${oneDirectory.id}
      remoteDomainName: ${twoDirectory.name}
      trustDirection: 'One-Way: Incoming'
      trustPassword: Some0therPassword
      conditionalForwarderIpAddrs: ${twoDirectory.dnsIpAddresses}
  two:
    type: aws:directoryservice:Trust
    properties:
      directoryId: ${twoDirectory.id}
      remoteDomainName: ${oneDirectory.name}
      trustDirection: 'One-Way: Outgoing'
      trustPassword: Some0therPassword
      conditionalForwarderIpAddrs: ${oneDirectory.dnsIpAddresses}
  oneDirectory:
    type: aws:directoryservice:Directory
    name: one
    properties:
      name: one.example.com
      type: MicrosoftAD
  twoDirectory:
    type: aws:directoryservice:Directory
    name: two
    properties:
      name: two.example.com
      type: MicrosoftAD

Create Trust Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Trust(name: string, args: TrustArgs, opts?: CustomResourceOptions);

@overload
def Trust(resource_name: str,
          args: TrustArgs,
          opts: Optional[ResourceOptions] = None)

@overload
def Trust(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          directory_id: Optional[str] = None,
          remote_domain_name: Optional[str] = None,
          trust_direction: Optional[str] = None,
          trust_password: Optional[str] = None,
          conditional_forwarder_ip_addrs: Optional[Sequence[str]] = None,
          delete_associated_conditional_forwarder: Optional[bool] = None,
          selective_auth: Optional[str] = None,
          trust_type: Optional[str] = None)

func NewTrust(ctx *Context, name string, args TrustArgs, opts ...ResourceOption) (*Trust, error)

public Trust(string name, TrustArgs args, CustomResourceOptions? opts = null)

public Trust(String name, TrustArgs args)
public Trust(String name, TrustArgs args, CustomResourceOptions options)

type: aws:directoryservice:Trust
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args TrustArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args TrustArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args TrustArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args TrustArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args TrustArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var trustResource = new Aws.DirectoryService.Trust("trustResource", new()
{
    DirectoryId = "string",
    RemoteDomainName = "string",
    TrustDirection = "string",
    TrustPassword = "string",
    ConditionalForwarderIpAddrs = new[]
    {
        "string",
    },
    DeleteAssociatedConditionalForwarder = false,
    SelectiveAuth = "string",
    TrustType = "string",
});

example, err := directoryservice.NewTrust(ctx, "trustResource", &directoryservice.TrustArgs{
	DirectoryId:      pulumi.String("string"),
	RemoteDomainName: pulumi.String("string"),
	TrustDirection:   pulumi.String("string"),
	TrustPassword:    pulumi.String("string"),
	ConditionalForwarderIpAddrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	DeleteAssociatedConditionalForwarder: pulumi.Bool(false),
	SelectiveAuth:                        pulumi.String("string"),
	TrustType:                            pulumi.String("string"),
})

var trustResource = new Trust("trustResource", TrustArgs.builder()
    .directoryId("string")
    .remoteDomainName("string")
    .trustDirection("string")
    .trustPassword("string")
    .conditionalForwarderIpAddrs("string")
    .deleteAssociatedConditionalForwarder(false)
    .selectiveAuth("string")
    .trustType("string")
    .build());

trust_resource = aws.directoryservice.Trust("trustResource",
    directory_id="string",
    remote_domain_name="string",
    trust_direction="string",
    trust_password="string",
    conditional_forwarder_ip_addrs=["string"],
    delete_associated_conditional_forwarder=False,
    selective_auth="string",
    trust_type="string")

const trustResource = new aws.directoryservice.Trust("trustResource", {
    directoryId: "string",
    remoteDomainName: "string",
    trustDirection: "string",
    trustPassword: "string",
    conditionalForwarderIpAddrs: ["string"],
    deleteAssociatedConditionalForwarder: false,
    selectiveAuth: "string",
    trustType: "string",
});

type: aws:directoryservice:Trust
properties:
    conditionalForwarderIpAddrs:
        - string
    deleteAssociatedConditionalForwarder: false
    directoryId: string
    remoteDomainName: string
    selectiveAuth: string
    trustDirection: string
    trustPassword: string
    trustType: string

Trust Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Trust resource accepts the following input properties:

DirectoryId string: ID of the Directory.
RemoteDomainName string: Fully qualified domain name of the remote Directory.
TrustDirection string: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
TrustPassword string: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
ConditionalForwarderIpAddrs List<string>: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
DeleteAssociatedConditionalForwarder bool: Whether to delete the conditional forwarder when deleting the Trust relationship.
SelectiveAuth string: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
TrustType string: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

DirectoryId string: ID of the Directory.
RemoteDomainName string: Fully qualified domain name of the remote Directory.
TrustDirection string: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
TrustPassword string: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
ConditionalForwarderIpAddrs []string: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
DeleteAssociatedConditionalForwarder bool: Whether to delete the conditional forwarder when deleting the Trust relationship.
SelectiveAuth string: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
TrustType string: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

directoryId String: ID of the Directory.
remoteDomainName String: Fully qualified domain name of the remote Directory.
trustDirection String: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trustPassword String: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
conditionalForwarderIpAddrs List<String>: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
deleteAssociatedConditionalForwarder Boolean: Whether to delete the conditional forwarder when deleting the Trust relationship.
selectiveAuth String: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
trustType String: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

directoryId string: ID of the Directory.
remoteDomainName string: Fully qualified domain name of the remote Directory.
trustDirection string: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trustPassword string: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
conditionalForwarderIpAddrs string[]: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
deleteAssociatedConditionalForwarder boolean: Whether to delete the conditional forwarder when deleting the Trust relationship.
selectiveAuth string: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
trustType string: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

directory_id str: ID of the Directory.
remote_domain_name str: Fully qualified domain name of the remote Directory.
trust_direction str: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trust_password str: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
conditional_forwarder_ip_addrs Sequence[str]: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
delete_associated_conditional_forwarder bool: Whether to delete the conditional forwarder when deleting the Trust relationship.
selective_auth str: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
trust_type str: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

directoryId String: ID of the Directory.
remoteDomainName String: Fully qualified domain name of the remote Directory.
trustDirection String: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trustPassword String: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
conditionalForwarderIpAddrs List<String>: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
deleteAssociatedConditionalForwarder Boolean: Whether to delete the conditional forwarder when deleting the Trust relationship.
selectiveAuth String: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
trustType String: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

Outputs

All input properties are implicitly available as output properties. Additionally, the Trust resource produces the following output properties:

CreatedDateTime string: Date and time when the Trust was created.
Id string: The provider-assigned unique ID for this managed resource.
LastUpdatedDateTime string: Date and time when the Trust was last updated.
StateLastUpdatedDateTime string: Date and time when the Trust state in trust_state was last updated.
TrustStateReason string: Reason for the Trust state set in trust_state.
Truststate string: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.

CreatedDateTime string: Date and time when the Trust was created.
Id string: The provider-assigned unique ID for this managed resource.
LastUpdatedDateTime string: Date and time when the Trust was last updated.
StateLastUpdatedDateTime string: Date and time when the Trust state in trust_state was last updated.
TrustState string: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
TrustStateReason string: Reason for the Trust state set in trust_state.

createdDateTime String: Date and time when the Trust was created.
id String: The provider-assigned unique ID for this managed resource.
lastUpdatedDateTime String: Date and time when the Trust was last updated.
stateLastUpdatedDateTime String: Date and time when the Trust state in trust_state was last updated.
trustState String: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trustStateReason String: Reason for the Trust state set in trust_state.

createdDateTime string: Date and time when the Trust was created.
id string: The provider-assigned unique ID for this managed resource.
lastUpdatedDateTime string: Date and time when the Trust was last updated.
stateLastUpdatedDateTime string: Date and time when the Trust state in trust_state was last updated.
trustState string: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trustStateReason string: Reason for the Trust state set in trust_state.

created_date_time str: Date and time when the Trust was created.
id str: The provider-assigned unique ID for this managed resource.
last_updated_date_time str: Date and time when the Trust was last updated.
state_last_updated_date_time str: Date and time when the Trust state in trust_state was last updated.
trust_state str: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trust_state_reason str: Reason for the Trust state set in trust_state.

createdDateTime String: Date and time when the Trust was created.
id String: The provider-assigned unique ID for this managed resource.
lastUpdatedDateTime String: Date and time when the Trust was last updated.
stateLastUpdatedDateTime String: Date and time when the Trust state in trust_state was last updated.
trustState String: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trustStateReason String: Reason for the Trust state set in trust_state.

Look up Existing Trust Resource

Get an existing Trust resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: TrustState, opts?: CustomResourceOptions): Trust

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        conditional_forwarder_ip_addrs: Optional[Sequence[str]] = None,
        created_date_time: Optional[str] = None,
        delete_associated_conditional_forwarder: Optional[bool] = None,
        directory_id: Optional[str] = None,
        last_updated_date_time: Optional[str] = None,
        remote_domain_name: Optional[str] = None,
        selective_auth: Optional[str] = None,
        state_last_updated_date_time: Optional[str] = None,
        trust_direction: Optional[str] = None,
        trust_password: Optional[str] = None,
        trust_state: Optional[str] = None,
        trust_state_reason: Optional[str] = None,
        trust_type: Optional[str] = None) -> Trust

func GetTrust(ctx *Context, name string, id IDInput, state *TrustState, opts ...ResourceOption) (*Trust, error)

public static Trust Get(string name, Input<string> id, TrustState? state, CustomResourceOptions? opts = null)

public static Trust get(String name, Output<String> id, TrustState state, CustomResourceOptions options)

resources:  _:    type: aws:directoryservice:Trust    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ConditionalForwarderIpAddrs List<string>: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
CreatedDateTime string: Date and time when the Trust was created.
DeleteAssociatedConditionalForwarder bool: Whether to delete the conditional forwarder when deleting the Trust relationship.
DirectoryId string: ID of the Directory.
LastUpdatedDateTime string: Date and time when the Trust was last updated.
RemoteDomainName string: Fully qualified domain name of the remote Directory.
SelectiveAuth string: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
StateLastUpdatedDateTime string: Date and time when the Trust state in trust_state was last updated.
TrustDirection string: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
TrustPassword string: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
TrustStateReason string: Reason for the Trust state set in trust_state.
TrustType string: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.
Truststate string: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.

ConditionalForwarderIpAddrs []string: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
CreatedDateTime string: Date and time when the Trust was created.
DeleteAssociatedConditionalForwarder bool: Whether to delete the conditional forwarder when deleting the Trust relationship.
DirectoryId string: ID of the Directory.
LastUpdatedDateTime string: Date and time when the Trust was last updated.
RemoteDomainName string: Fully qualified domain name of the remote Directory.
SelectiveAuth string: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
StateLastUpdatedDateTime string: Date and time when the Trust state in trust_state was last updated.
TrustDirection string: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
TrustPassword string: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
TrustState string: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
TrustStateReason string: Reason for the Trust state set in trust_state.
TrustType string: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

conditionalForwarderIpAddrs List<String>: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
createdDateTime String: Date and time when the Trust was created.
deleteAssociatedConditionalForwarder Boolean: Whether to delete the conditional forwarder when deleting the Trust relationship.
directoryId String: ID of the Directory.
lastUpdatedDateTime String: Date and time when the Trust was last updated.
remoteDomainName String: Fully qualified domain name of the remote Directory.
selectiveAuth String: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
stateLastUpdatedDateTime String: Date and time when the Trust state in trust_state was last updated.
trustDirection String: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trustPassword String: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
trustState String: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trustStateReason String: Reason for the Trust state set in trust_state.
trustType String: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

conditionalForwarderIpAddrs string[]: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
createdDateTime string: Date and time when the Trust was created.
deleteAssociatedConditionalForwarder boolean: Whether to delete the conditional forwarder when deleting the Trust relationship.
directoryId string: ID of the Directory.
lastUpdatedDateTime string: Date and time when the Trust was last updated.
remoteDomainName string: Fully qualified domain name of the remote Directory.
selectiveAuth string: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
stateLastUpdatedDateTime string: Date and time when the Trust state in trust_state was last updated.
trustDirection string: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trustPassword string: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
trustState string: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trustStateReason string: Reason for the Trust state set in trust_state.
trustType string: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

conditional_forwarder_ip_addrs Sequence[str]: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
created_date_time str: Date and time when the Trust was created.
delete_associated_conditional_forwarder bool: Whether to delete the conditional forwarder when deleting the Trust relationship.
directory_id str: ID of the Directory.
last_updated_date_time str: Date and time when the Trust was last updated.
remote_domain_name str: Fully qualified domain name of the remote Directory.
selective_auth str: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
state_last_updated_date_time str: Date and time when the Trust state in trust_state was last updated.
trust_direction str: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trust_password str: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
trust_state str: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trust_state_reason str: Reason for the Trust state set in trust_state.
trust_type str: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

conditionalForwarderIpAddrs List<String>: Set of IPv4 addresses for the DNS server associated with the remote Directory. Can contain between 1 and 4 values.
createdDateTime String: Date and time when the Trust was created.
deleteAssociatedConditionalForwarder Boolean: Whether to delete the conditional forwarder when deleting the Trust relationship.
directoryId String: ID of the Directory.
lastUpdatedDateTime String: Date and time when the Trust was last updated.
remoteDomainName String: Fully qualified domain name of the remote Directory.
selectiveAuth String: Whether to enable selective authentication. Valid values are Enabled and Disabled. Default value is Disabled.
stateLastUpdatedDateTime String: Date and time when the Trust state in trust_state was last updated.
trustDirection String: The direction of the Trust relationship. Valid values are One-Way: Outgoing, One-Way: Incoming, and Two-Way.
trustPassword String: Password for the Trust. Does not need to match the passwords for either Directory. Can contain upper- and lower-case letters, numbers, and punctuation characters. May be up to 128 characters long.
trustState String: State of the Trust relationship. One of Created, VerifyFailed,Verified, UpdateFailed,Updated,Deleted, or Failed.
trustStateReason String: Reason for the Trust state set in trust_state.
trustType String: Type of the Trust relationship. Valid values are Forest and External. Default value is Forest.

Import

Using pulumi import, import the Trust relationship using the directory ID and remote domain name, separated by a /. For example:

$ pulumi import aws:directoryservice/trust:Trust example d-926724cf57/directory.example.com

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi

pulumi/pulumi-aws

aws.directoryservice.Trust

On this page

On this page

Example Usage

Two-Way Trust

One-Way Trust

Create Trust Resource

Constructor syntax

Parameters

Constructor example

Trust Resource Properties

Inputs

Outputs

Look up Existing Trust Resource

Import

Package Details

On this page

On this page