API for AWS Directory Service Data¶
ABAP Package | /AWS1/API_DSD_IMPL |
---|---|
ABAP SDK "TLA" | DSD |
ABAP Interface | /AWS1/IF_DSD |
The "TLA" is a Three Letter Abbreviation that appears in ABAP class names, data dictionary
objects and other ABAP objects throughout the AWS SDK for SAP ABAP. The TLA for AWS Directory Service Data is DSD
.
This TLA helps squeeze ABAP objects into the 30-character length limit of the ABAP data dictionary.
Installation¶
To install the AWS SDK for SAP ABAP, import the Core transport, along with the transport for the Directory Service Data module and other API modules you are interested in. A few modules are included in the Core transport itself. For more information, see the Developer Guide guide.
About The Service¶
Amazon Web Services Directory Service Data is an extension of Directory Service. This API reference provides detailed information about Directory Service Data operations and object types.
With Directory Service Data, you can create, read, update, and delete users, groups, and memberships from
your Managed Microsoft AD without additional costs and without deploying dedicated management
instances. You can also perform built-in object management tasks across directories without
direct network connectivity, which simplifies provisioning and access management to achieve
fully automated deployments. Directory Service Data supports user and group write operations, such as
CreateUser
and CreateGroup
, within the organizational unit (OU) of
your Managed Microsoft AD. Directory Service Data supports read operations, such as ListUsers
and
ListGroups
, on all users, groups, and group memberships within your
Managed Microsoft AD and across trusted realms. Directory Service Data supports adding and removing group members in
your OU and the Amazon Web Services Delegated Groups OU, so you can grant and deny access to specific roles
and permissions. For more information, see Manage users and
groups in the Directory Service Administration Guide.
Directory management operations and configuration changes made against the Directory Service API will also reflect in Directory Service Data API with eventual consistency. You can expect a short delay between management changes, such as adding a new directory trust and calling the Directory Service Data API for the newly created trusted realm.
Directory Service Data connects to your Managed Microsoft AD domain controllers and performs operations on underlying directory objects. When you create your Managed Microsoft AD, you choose subnets for domain controllers that Directory Service creates on your behalf. If a domain controller is unavailable, Directory Service Data uses an available domain controller. As a result, you might notice eventual consistency while objects replicate from one domain controller to another domain controller. For more information, see What gets created in the Directory Service Administration Guide. Directory limits vary by Managed Microsoft AD edition:
-
Standard edition – Supports 8 transactions per second (TPS) for read operations and 4 TPS for write operations per directory. There's a concurrency limit of 10 concurrent requests.
-
Enterprise edition – Supports 16 transactions per second (TPS) for read operations and 8 TPS for write operations per directory. There's a concurrency limit of 10 concurrent requests.
-
Amazon Web Services Account - Supports a total of 100 TPS for Directory Service Data operations across all directories.
Directory Service Data only supports the Managed Microsoft AD directory type and is only available in the primary Amazon Web Services Region. For more information, see Managed Microsoft AD and Primary vs additional Regions in the Directory Service Administration Guide.
Using the SDK¶
In your code, create a client using the SDK module for AWS Directory Service Data, which is created with
factory method /AWS1/CL_DSD_FACTORY
=>create()
.
In this example we will assume you have configured
an SDK profile in transaction /AWS1/IMG
called ZFINANCE
.
DATA(go_session) = /aws1/cl_rt_session_aws=>create( 'ZFINANCE' ).
DATA(go_dsd) = /aws1/cl_dsd_factory=>create( go_session ).
Your variable go_dsd
is an instance of /AWS1/IF_DSD
,
and all of the operations
in the AWS Directory Service Data service are accessed by calling methods in /AWS1/IF_DSD
.
API Operations¶
For an overview of ABAP method calls corresponding to API operations in AWS Directory Service Data, see the Operation List.
Factory Method¶
/AWS1/CL_DSD_FACTORY=>create( )
¶
Creates an object of type /AWS1/IF_DSD
.
IMPORTING¶
Optional arguments:¶
IV_PROTOCOL
TYPE /AWS1/RT_PROTOCOL
/AWS1/RT_PROTOCOL
¶
IO_SESSION
TYPE REF TO /AWS1/CL_RT_SESSION_BASE
/AWS1/CL_RT_SESSION_BASE
¶
IV_REGION
TYPE /AWS1/RT_REGION_ID
/AWS1/RT_REGION_ID
¶
IV_CUSTOM_ENDPOINT
TYPE /AWS1/RT_ENDPOINT
/AWS1/RT_ENDPOINT
¶
RETURNING¶
OO_CLIENT
TYPE REF TO /AWS1/IF_DSD
/AWS1/IF_DSD
¶
/AWS1/IF_DSD
represents the ABAP client for the Directory Service Data service, representing each operation as a method call. For more information see the API Page page.
Configuring Programmatically¶
DATA(lo_config) = DATA(go_dsd)->get_config( ).
lo_config
is a variable of type /AWS1/CL_DSD_CONFIG
. See the documentation for /AWS1/CL_DSD_CONFIG
for
details on the settings that can be configured.
Paginators¶
Paginators for AWS Directory Service Data can be created via get_paginator()
which returns a paginator object of type /AWS1/IF_DSD_PAGINATOR
. The operation method that is being paginated is called using the paginator object, which accepts any necessary parameters to provide to the underlying API operation. This returns an iterator object which can be used to iterate over paginated results using has_next()
and get_next()
methods.
Details about the paginator methods available for service AWS Directory Service Data can be found in interface /AWS1/IF_DSD_PAGINATOR
.