aws-sdk-directoryservice 1.33.0 → 1.38.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7337be39fd2dfb64a8e9a65c8525a7527e6a33993f7e4504f5928cc87c8ee19f
-  data.tar.gz: ddd2eee1fa7084deb16c745d44929da30034a1f974b09ab6354a73d192e63fd0
+  metadata.gz: 9962a2f44348b33e61d9d4ec8c4ee08aa16dd5d2cc844cca82eee44d761968de
+  data.tar.gz: b27309ffd4766deb4af4e6f2466402427a38e94ba6b0791fbde5f3b0c2b8f427
 SHA512:
-  metadata.gz: e2783f474abfe90d66fe9a10020033abd357463d0637fa58b35e7e24a3c7827a9167b8733def7cbbb7b8d8ca4bc015cd70715e3dfcf02e6e568b041f119138d3
-  data.tar.gz: b5e1c43f118464b169fe21cbe6c4e321b74af15fd4a634f033c3eae0a6eab35b7aefb6ffe81f89ccc69ce02ca8e32adb1c98bbd117dc382177ebb87d9cd8ff9c
+  metadata.gz: 78bb297916d512a0ad05bbcbef83794973620190f132130a1511e1b75955d382a40a1df7b4e26ce6f614079611d7af7e60dd67e96a4b6cba0a6fd496789fb57d
+  data.tar.gz: 65d15eb8ea0edd7e7364e320fc6772c3a341cdfa8ae1824d1d28da96d623ba66e72f11144ba3553a2ed7ba98f5fbee8f4cbf8c84b8a97786ba659ae9783ca486

data/lib/aws-sdk-directoryservice.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-directoryservice/customizations'
 # @!group service
 module Aws::DirectoryService
 
-  GEM_VERSION = '1.33.0'
+  GEM_VERSION = '1.38.0'
 
 end

data/lib/aws-sdk-directoryservice/client.rb

@@ -478,6 +478,43 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
+    # Adds two domain controllers in the specified Region for the specified
+    # directory.
+    #
+    # @option params [required, String] :directory_id
+    #   The identifier of the directory to which you want to add Region
+    #   replication.
+    #
+    # @option params [required, String] :region_name
+    #   The name of the Region where you want to add domain controllers for
+    #   replication. For example, `us-east-1`.
+    #
+    # @option params [required, Types::DirectoryVpcSettings] :vpc_settings
+    #   Contains VPC information for the CreateDirectory or CreateMicrosoftAD
+    #   operation.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.add_region({
+    #     directory_id: "DirectoryId", # required
+    #     region_name: "RegionName", # required
+    #     vpc_settings: { # required
+    #       vpc_id: "VpcId", # required
+    #       subnet_ids: ["SubnetId"], # required
+    #     },
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/AddRegion AWS API Documentation
+    #
+    # @overload add_region(params = {})
+    # @param [Hash] params ({})
+    def add_region(params = {}, options = {})
+      req = build_request(:add_region, params)
+      req.send_request(options)
+    end
+
     # Adds or overwrites one or more tags for the specified directory. Each
     # directory can have a maximum of 50 tags. Each tag consists of a key
     # and optional value. Tag keys must be unique to each resource.
@@ -659,8 +696,8 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
-    # Creates a computer account in the specified directory, and joins the
-    # computer to the directory.
+    # Creates an Active Directory computer object in the specified
+    # directory.
     #
     # @option params [required, String] :directory_id
     #   The identifier of the directory in which to create the computer
@@ -783,6 +820,36 @@ module Aws::DirectoryService
     #   If you need to change the password for the administrator account, you
     #   can use the ResetUserPassword API call.
     #
+    #   The regex pattern for this string is made up of the following
+    #   conditions:
+    #
+    #   * Length (?=^.\\\{8,64\\}$) – Must be between 8 and 64 characters
+    #
+    #   ^
+    #
+    #   AND any 3 of the following password complexity rules required by
+    #   Active Directory:
+    #
+    #   * Numbers and upper case and lowercase
+    #     (?=.*\\d)(?=.*\[A-Z\])(?=.*\[a-z\])
+    #
+    #   * Numbers and special characters and lower case
+    #     (?=.*\\d)(?=.*\[^A-Za-z0-9\\s\])(?=.*\[a-z\])
+    #
+    #   * Special characters and upper case and lower case
+    #     (?=.*\[^A-Za-z0-9\\s\])(?=.*\[A-Z\])(?=.*\[a-z\])
+    #
+    #   * Numbers and upper case and special characters
+    #     (?=.*\\d)(?=.*\[A-Z\])(?=.*\[^A-Za-z0-9\\s\])
+    #
+    #   For additional information about how Active Directory passwords are
+    #   enforced, see [Password must meet complexity requirements][1] on the
+    #   Microsoft website.
+    #
+    #
+    #
+    #   [1]: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements
+    #
     # @option params [String] :description
     #   A description for the directory.
     #
@@ -1199,8 +1266,8 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
-    # Deletes from the system the certificate that was registered for a
-    # secured LDAP connection.
+    # Deletes from the system the certificate that was registered for secure
+    # LDAP or client certificate authentication.
     #
     # @option params [required, String] :directory_id
     #   The identifier of the directory.
@@ -1255,8 +1322,8 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
-    # Displays information about the certificate registered for a secured
-    # LDAP connection.
+    # Displays information about the certificate registered for secure LDAP
+    # or client certificate authentication.
     #
     # @option params [required, String] :directory_id
     #   The identifier of the directory.
@@ -1283,6 +1350,8 @@ module Aws::DirectoryService
     #   resp.certificate.common_name #=> String
     #   resp.certificate.registered_date_time #=> Time
     #   resp.certificate.expiry_date_time #=> Time
+    #   resp.certificate.type #=> String, one of "ClientCertAuth", "ClientLDAPS"
+    #   resp.certificate.client_cert_auth_settings.ocsp_url #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/DescribeCertificate AWS API Documentation
     #
@@ -1448,6 +1517,9 @@ module Aws::DirectoryService
     #   resp.directory_descriptions[0].owner_directory_description.radius_settings.display_label #=> String
     #   resp.directory_descriptions[0].owner_directory_description.radius_settings.use_same_username #=> Boolean
     #   resp.directory_descriptions[0].owner_directory_description.radius_status #=> String, one of "Creating", "Completed", "Failed"
+    #   resp.directory_descriptions[0].regions_info.primary_region #=> String
+    #   resp.directory_descriptions[0].regions_info.additional_regions #=> Array
+    #   resp.directory_descriptions[0].regions_info.additional_regions[0] #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/DescribeDirectories AWS API Documentation
@@ -1609,6 +1681,57 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
+    # Provides information about the Regions that are configured for
+    # multi-Region replication.
+    #
+    # @option params [required, String] :directory_id
+    #   The identifier of the directory.
+    #
+    # @option params [String] :region_name
+    #   The name of the Region. For example, `us-east-1`.
+    #
+    # @option params [String] :next_token
+    #   The `DescribeRegionsResult.NextToken` value from a previous call to
+    #   DescribeRegions. Pass null if this is the first call.
+    #
+    # @return [Types::DescribeRegionsResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DescribeRegionsResult#regions_description #regions_description} => Array<Types::RegionDescription>
+    #   * {Types::DescribeRegionsResult#next_token #next_token} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.describe_regions({
+    #     directory_id: "DirectoryId", # required
+    #     region_name: "RegionName",
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.regions_description #=> Array
+    #   resp.regions_description[0].directory_id #=> String
+    #   resp.regions_description[0].region_name #=> String
+    #   resp.regions_description[0].region_type #=> String, one of "Primary", "Additional"
+    #   resp.regions_description[0].status #=> String, one of "Requested", "Creating", "Created", "Active", "Inoperable", "Impaired", "Restoring", "RestoreFailed", "Deleting", "Deleted", "Failed"
+    #   resp.regions_description[0].vpc_settings.vpc_id #=> String
+    #   resp.regions_description[0].vpc_settings.subnet_ids #=> Array
+    #   resp.regions_description[0].vpc_settings.subnet_ids[0] #=> String
+    #   resp.regions_description[0].desired_number_of_domain_controllers #=> Integer
+    #   resp.regions_description[0].launch_time #=> Time
+    #   resp.regions_description[0].status_last_updated_date_time #=> Time
+    #   resp.regions_description[0].last_updated_date_time #=> Time
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/DescribeRegions AWS API Documentation
+    #
+    # @overload describe_regions(params = {})
+    # @param [Hash] params ({})
+    def describe_regions(params = {}, options = {})
+      req = build_request(:describe_regions, params)
+      req.send_request(options)
+    end
+
     # Returns the shared directories in your account.
     #
     # @option params [required, String] :owner_directory_id
@@ -1787,6 +1910,34 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
+    # Disables alternative client authentication methods for the specified
+    # directory.
+    #
+    # @option params [required, String] :directory_id
+    #   The identifier of the directory
+    #
+    # @option params [required, String] :type
+    #   The type of client authentication to disable. Currently, only the
+    #   parameter, `SmartCard` is supported.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.disable_client_authentication({
+    #     directory_id: "DirectoryId", # required
+    #     type: "SmartCard", # required, accepts SmartCard
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/DisableClientAuthentication AWS API Documentation
+    #
+    # @overload disable_client_authentication(params = {})
+    # @param [Hash] params ({})
+    def disable_client_authentication(params = {}, options = {})
+      req = build_request(:disable_client_authentication, params)
+      req.send_request(options)
+    end
+
     # Deactivates LDAP secure calls for the specified directory.
     #
     # @option params [required, String] :directory_id
@@ -1878,6 +2029,36 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
+    # Enables alternative client authentication methods for the specified
+    # directory.
+    #
+    # @option params [required, String] :directory_id
+    #   The identifier of the specified directory.
+    #
+    # @option params [required, String] :type
+    #   The type of client authentication to enable. Currently only the value
+    #   `SmartCard` is supported. Smart card authentication in AD Connector
+    #   requires that you enable Kerberos Constrained Delegation for the
+    #   Service User to the LDAP service in the on-premises AD.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.enable_client_authentication({
+    #     directory_id: "DirectoryId", # required
+    #     type: "SmartCard", # required, accepts SmartCard
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/EnableClientAuthentication AWS API Documentation
+    #
+    # @overload enable_client_authentication(params = {})
+    # @param [Hash] params ({})
+    def enable_client_authentication(params = {}, options = {})
+      req = build_request(:enable_client_authentication, params)
+      req.send_request(options)
+    end
+
     # Activates the switch for the specific directory to always use LDAP
     # secure calls.
     #
@@ -2044,7 +2225,7 @@ module Aws::DirectoryService
     end
 
     # For the specified directory, lists all the certificates registered for
-    # a secured LDAP connection.
+    # a secure LDAP or client certificate authentication.
     #
     # @option params [required, String] :directory_id
     #   The identifier of the directory.
@@ -2079,6 +2260,7 @@ module Aws::DirectoryService
     #   resp.certificates_info[0].common_name #=> String
     #   resp.certificates_info[0].state #=> String, one of "Registering", "Registered", "RegisterFailed", "Deregistering", "Deregistered", "DeregisterFailed"
     #   resp.certificates_info[0].expiry_date_time #=> Time
+    #   resp.certificates_info[0].type #=> String, one of "ClientCertAuth", "ClientLDAPS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/ListCertificates AWS API Documentation
     #
@@ -2268,7 +2450,8 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
-    # Registers a certificate for secured LDAP connection.
+    # Registers a certificate for a secure LDAP or client certificate
+    # authentication.
     #
     # @option params [required, String] :directory_id
     #   The identifier of the directory.
@@ -2276,6 +2459,15 @@ module Aws::DirectoryService
     # @option params [required, String] :certificate_data
     #   The certificate PEM string that needs to be registered.
     #
+    # @option params [String] :type
+    #   The function that the registered certificate performs. Valid values
+    #   include `ClientLDAPS` or `ClientCertAuth`. The default value is
+    #   `ClientLDAPS`.
+    #
+    # @option params [Types::ClientCertAuthSettings] :client_cert_auth_settings
+    #   A `ClientCertAuthSettings` object that contains client certificate
+    #   authentication settings.
+    #
     # @return [Types::RegisterCertificateResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RegisterCertificateResult#certificate_id #certificate_id} => String
@@ -2285,6 +2477,10 @@ module Aws::DirectoryService
     #   resp = client.register_certificate({
     #     directory_id: "DirectoryId", # required
     #     certificate_data: "CertificateData", # required
+    #     type: "ClientCertAuth", # accepts ClientCertAuth, ClientLDAPS
+    #     client_cert_auth_settings: {
+    #       ocsp_url: "OCSPUrl",
+    #     },
     #   })
     #
     # @example Response structure
@@ -2390,6 +2586,31 @@ module Aws::DirectoryService
       req.send_request(options)
     end
 
+    # Stops all replication and removes the domain controllers from the
+    # specified Region. You cannot remove the primary Region with this
+    # operation. Instead, use the `DeleteDirectory` API.
+    #
+    # @option params [required, String] :directory_id
+    #   The identifier of the directory for which you want to remove Region
+    #   replication.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.remove_region({
+    #     directory_id: "DirectoryId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/RemoveRegion AWS API Documentation
+    #
+    # @overload remove_region(params = {})
+    # @param [Hash] params ({})
+    def remove_region(params = {}, options = {})
+      req = build_request(:remove_region, params)
+      req.send_request(options)
+    end
+
     # Removes tags from a directory.
     #
     # @option params [required, String] :resource_id
@@ -2834,7 +3055,7 @@ module Aws::DirectoryService
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-directoryservice'
-      context[:gem_version] = '1.33.0'
+      context[:gem_version] = '1.38.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-directoryservice/client_api.rb

@@ -19,9 +19,12 @@ module Aws::DirectoryService
     AccessUrl = Shapes::StringShape.new(name: 'AccessUrl')
     AddIpRoutesRequest = Shapes::StructureShape.new(name: 'AddIpRoutesRequest')
     AddIpRoutesResult = Shapes::StructureShape.new(name: 'AddIpRoutesResult')
+    AddRegionRequest = Shapes::StructureShape.new(name: 'AddRegionRequest')
+    AddRegionResult = Shapes::StructureShape.new(name: 'AddRegionResult')
     AddTagsToResourceRequest = Shapes::StructureShape.new(name: 'AddTagsToResourceRequest')
     AddTagsToResourceResult = Shapes::StructureShape.new(name: 'AddTagsToResourceResult')
     AddedDateTime = Shapes::TimestampShape.new(name: 'AddedDateTime')
+    AdditionalRegions = Shapes::ListShape.new(name: 'AdditionalRegions')
     AliasName = Shapes::StringShape.new(name: 'AliasName')
     Attribute = Shapes::StructureShape.new(name: 'Attribute')
     AttributeName = Shapes::StringShape.new(name: 'AttributeName')
@@ -45,9 +48,12 @@ module Aws::DirectoryService
     CertificateRegisteredDateTime = Shapes::TimestampShape.new(name: 'CertificateRegisteredDateTime')
     CertificateState = Shapes::StringShape.new(name: 'CertificateState')
     CertificateStateReason = Shapes::StringShape.new(name: 'CertificateStateReason')
+    CertificateType = Shapes::StringShape.new(name: 'CertificateType')
     CertificatesInfo = Shapes::ListShape.new(name: 'CertificatesInfo')
     CidrIp = Shapes::StringShape.new(name: 'CidrIp')
     CidrIps = Shapes::ListShape.new(name: 'CidrIps')
+    ClientAuthenticationType = Shapes::StringShape.new(name: 'ClientAuthenticationType')
+    ClientCertAuthSettings = Shapes::StructureShape.new(name: 'ClientCertAuthSettings')
     ClientException = Shapes::StructureShape.new(name: 'ClientException')
     CloudOnlyDirectoriesLimitReached = Shapes::BooleanShape.new(name: 'CloudOnlyDirectoriesLimitReached')
     Computer = Shapes::StructureShape.new(name: 'Computer')
@@ -106,6 +112,8 @@ module Aws::DirectoryService
     DescribeEventTopicsResult = Shapes::StructureShape.new(name: 'DescribeEventTopicsResult')
     DescribeLDAPSSettingsRequest = Shapes::StructureShape.new(name: 'DescribeLDAPSSettingsRequest')
     DescribeLDAPSSettingsResult = Shapes::StructureShape.new(name: 'DescribeLDAPSSettingsResult')
+    DescribeRegionsRequest = Shapes::StructureShape.new(name: 'DescribeRegionsRequest')
+    DescribeRegionsResult = Shapes::StructureShape.new(name: 'DescribeRegionsResult')
     DescribeSharedDirectoriesRequest = Shapes::StructureShape.new(name: 'DescribeSharedDirectoriesRequest')
     DescribeSharedDirectoriesResult = Shapes::StructureShape.new(name: 'DescribeSharedDirectoriesResult')
     DescribeSnapshotsRequest = Shapes::StructureShape.new(name: 'DescribeSnapshotsRequest')
@@ -114,6 +122,7 @@ module Aws::DirectoryService
     DescribeTrustsResult = Shapes::StructureShape.new(name: 'DescribeTrustsResult')
     Description = Shapes::StringShape.new(name: 'Description')
     DesiredNumberOfDomainControllers = Shapes::IntegerShape.new(name: 'DesiredNumberOfDomainControllers')
+    DirectoryAlreadyInRegionException = Shapes::StructureShape.new(name: 'DirectoryAlreadyInRegionException')
     DirectoryAlreadySharedException = Shapes::StructureShape.new(name: 'DirectoryAlreadySharedException')
     DirectoryConnectSettings = Shapes::StructureShape.new(name: 'DirectoryConnectSettings')
     DirectoryConnectSettingsDescription = Shapes::StructureShape.new(name: 'DirectoryConnectSettingsDescription')
@@ -134,6 +143,8 @@ module Aws::DirectoryService
     DirectoryUnavailableException = Shapes::StructureShape.new(name: 'DirectoryUnavailableException')
     DirectoryVpcSettings = Shapes::StructureShape.new(name: 'DirectoryVpcSettings')
     DirectoryVpcSettingsDescription = Shapes::StructureShape.new(name: 'DirectoryVpcSettingsDescription')
+    DisableClientAuthenticationRequest = Shapes::StructureShape.new(name: 'DisableClientAuthenticationRequest')
+    DisableClientAuthenticationResult = Shapes::StructureShape.new(name: 'DisableClientAuthenticationResult')
     DisableLDAPSRequest = Shapes::StructureShape.new(name: 'DisableLDAPSRequest')
     DisableLDAPSResult = Shapes::StructureShape.new(name: 'DisableLDAPSResult')
     DisableRadiusRequest = Shapes::StructureShape.new(name: 'DisableRadiusRequest')
@@ -148,6 +159,8 @@ module Aws::DirectoryService
     DomainControllerStatus = Shapes::StringShape.new(name: 'DomainControllerStatus')
     DomainControllerStatusReason = Shapes::StringShape.new(name: 'DomainControllerStatusReason')
     DomainControllers = Shapes::ListShape.new(name: 'DomainControllers')
+    EnableClientAuthenticationRequest = Shapes::StructureShape.new(name: 'EnableClientAuthenticationRequest')
+    EnableClientAuthenticationResult = Shapes::StructureShape.new(name: 'EnableClientAuthenticationResult')
     EnableLDAPSRequest = Shapes::StructureShape.new(name: 'EnableLDAPSRequest')
     EnableLDAPSResult = Shapes::StructureShape.new(name: 'EnableLDAPSResult')
     EnableRadiusRequest = Shapes::StructureShape.new(name: 'EnableRadiusRequest')
@@ -166,6 +179,7 @@ module Aws::DirectoryService
     GetSnapshotLimitsResult = Shapes::StructureShape.new(name: 'GetSnapshotLimitsResult')
     InsufficientPermissionsException = Shapes::StructureShape.new(name: 'InsufficientPermissionsException')
     InvalidCertificateException = Shapes::StructureShape.new(name: 'InvalidCertificateException')
+    InvalidClientAuthStatusException = Shapes::StructureShape.new(name: 'InvalidClientAuthStatusException')
     InvalidLDAPSStatusException = Shapes::StructureShape.new(name: 'InvalidLDAPSStatusException')
     InvalidNextTokenException = Shapes::StructureShape.new(name: 'InvalidNextTokenException')
     InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
@@ -206,6 +220,7 @@ module Aws::DirectoryService
     NextToken = Shapes::StringShape.new(name: 'NextToken')
     NoAvailableCertificateException = Shapes::StructureShape.new(name: 'NoAvailableCertificateException')
     Notes = Shapes::StringShape.new(name: 'Notes')
+    OCSPUrl = Shapes::StringShape.new(name: 'OCSPUrl')
     OrganizationalUnitDN = Shapes::StringShape.new(name: 'OrganizationalUnitDN')
     OrganizationsException = Shapes::StructureShape.new(name: 'OrganizationsException')
     OwnerDirectoryDescription = Shapes::StructureShape.new(name: 'OwnerDirectoryDescription')
@@ -219,6 +234,12 @@ module Aws::DirectoryService
     RadiusSharedSecret = Shapes::StringShape.new(name: 'RadiusSharedSecret')
     RadiusStatus = Shapes::StringShape.new(name: 'RadiusStatus')
     RadiusTimeout = Shapes::IntegerShape.new(name: 'RadiusTimeout')
+    RegionDescription = Shapes::StructureShape.new(name: 'RegionDescription')
+    RegionLimitExceededException = Shapes::StructureShape.new(name: 'RegionLimitExceededException')
+    RegionName = Shapes::StringShape.new(name: 'RegionName')
+    RegionType = Shapes::StringShape.new(name: 'RegionType')
+    RegionsDescription = Shapes::ListShape.new(name: 'RegionsDescription')
+    RegionsInfo = Shapes::StructureShape.new(name: 'RegionsInfo')
     RegisterCertificateRequest = Shapes::StructureShape.new(name: 'RegisterCertificateRequest')
     RegisterCertificateResult = Shapes::StructureShape.new(name: 'RegisterCertificateResult')
     RegisterEventTopicRequest = Shapes::StructureShape.new(name: 'RegisterEventTopicRequest')
@@ -229,6 +250,8 @@ module Aws::DirectoryService
     RemoteDomainNames = Shapes::ListShape.new(name: 'RemoteDomainNames')
     RemoveIpRoutesRequest = Shapes::StructureShape.new(name: 'RemoveIpRoutesRequest')
     RemoveIpRoutesResult = Shapes::StructureShape.new(name: 'RemoveIpRoutesResult')
+    RemoveRegionRequest = Shapes::StructureShape.new(name: 'RemoveRegionRequest')
+    RemoveRegionResult = Shapes::StructureShape.new(name: 'RemoveRegionResult')
     RemoveTagsFromResourceRequest = Shapes::StructureShape.new(name: 'RemoveTagsFromResourceRequest')
     RemoveTagsFromResourceResult = Shapes::StructureShape.new(name: 'RemoveTagsFromResourceResult')
     ReplicationScope = Shapes::StringShape.new(name: 'ReplicationScope')
@@ -335,12 +358,21 @@ module Aws::DirectoryService
 
     AddIpRoutesResult.struct_class = Types::AddIpRoutesResult
 
+    AddRegionRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
+    AddRegionRequest.add_member(:region_name, Shapes::ShapeRef.new(shape: RegionName, required: true, location_name: "RegionName"))
+    AddRegionRequest.add_member(:vpc_settings, Shapes::ShapeRef.new(shape: DirectoryVpcSettings, required: true, location_name: "VPCSettings"))
+    AddRegionRequest.struct_class = Types::AddRegionRequest
+
+    AddRegionResult.struct_class = Types::AddRegionResult
+
     AddTagsToResourceRequest.add_member(:resource_id, Shapes::ShapeRef.new(shape: ResourceId, required: true, location_name: "ResourceId"))
     AddTagsToResourceRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, required: true, location_name: "Tags"))
     AddTagsToResourceRequest.struct_class = Types::AddTagsToResourceRequest
 
     AddTagsToResourceResult.struct_class = Types::AddTagsToResourceResult
 
+    AdditionalRegions.member = Shapes::ShapeRef.new(shape: RegionName)
+
     Attribute.add_member(:name, Shapes::ShapeRef.new(shape: AttributeName, location_name: "Name"))
     Attribute.add_member(:value, Shapes::ShapeRef.new(shape: AttributeValue, location_name: "Value"))
     Attribute.struct_class = Types::Attribute
@@ -365,6 +397,8 @@ module Aws::DirectoryService
     Certificate.add_member(:common_name, Shapes::ShapeRef.new(shape: CertificateCN, location_name: "CommonName"))
     Certificate.add_member(:registered_date_time, Shapes::ShapeRef.new(shape: CertificateRegisteredDateTime, location_name: "RegisteredDateTime"))
     Certificate.add_member(:expiry_date_time, Shapes::ShapeRef.new(shape: CertificateExpiryDateTime, location_name: "ExpiryDateTime"))
+    Certificate.add_member(:type, Shapes::ShapeRef.new(shape: CertificateType, location_name: "Type"))
+    Certificate.add_member(:client_cert_auth_settings, Shapes::ShapeRef.new(shape: ClientCertAuthSettings, location_name: "ClientCertAuthSettings"))
     Certificate.struct_class = Types::Certificate
 
     CertificateAlreadyExistsException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
@@ -383,6 +417,7 @@ module Aws::DirectoryService
     CertificateInfo.add_member(:common_name, Shapes::ShapeRef.new(shape: CertificateCN, location_name: "CommonName"))
     CertificateInfo.add_member(:state, Shapes::ShapeRef.new(shape: CertificateState, location_name: "State"))
     CertificateInfo.add_member(:expiry_date_time, Shapes::ShapeRef.new(shape: CertificateExpiryDateTime, location_name: "ExpiryDateTime"))
+    CertificateInfo.add_member(:type, Shapes::ShapeRef.new(shape: CertificateType, location_name: "Type"))
     CertificateInfo.struct_class = Types::CertificateInfo
 
     CertificateLimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
@@ -393,6 +428,9 @@ module Aws::DirectoryService
 
     CidrIps.member = Shapes::ShapeRef.new(shape: CidrIp)
 
+    ClientCertAuthSettings.add_member(:ocsp_url, Shapes::ShapeRef.new(shape: OCSPUrl, location_name: "OCSPUrl"))
+    ClientCertAuthSettings.struct_class = Types::ClientCertAuthSettings
+
     ClientException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
     ClientException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
     ClientException.struct_class = Types::ClientException
@@ -587,6 +625,15 @@ module Aws::DirectoryService
     DescribeLDAPSSettingsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     DescribeLDAPSSettingsResult.struct_class = Types::DescribeLDAPSSettingsResult
 
+    DescribeRegionsRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
+    DescribeRegionsRequest.add_member(:region_name, Shapes::ShapeRef.new(shape: RegionName, location_name: "RegionName"))
+    DescribeRegionsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    DescribeRegionsRequest.struct_class = Types::DescribeRegionsRequest
+
+    DescribeRegionsResult.add_member(:regions_description, Shapes::ShapeRef.new(shape: RegionsDescription, location_name: "RegionsDescription"))
+    DescribeRegionsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    DescribeRegionsResult.struct_class = Types::DescribeRegionsResult
+
     DescribeSharedDirectoriesRequest.add_member(:owner_directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "OwnerDirectoryId"))
     DescribeSharedDirectoriesRequest.add_member(:shared_directory_ids, Shapes::ShapeRef.new(shape: DirectoryIds, location_name: "SharedDirectoryIds"))
     DescribeSharedDirectoriesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
@@ -617,6 +664,10 @@ module Aws::DirectoryService
     DescribeTrustsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     DescribeTrustsResult.struct_class = Types::DescribeTrustsResult
 
+    DirectoryAlreadyInRegionException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
+    DirectoryAlreadyInRegionException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
+    DirectoryAlreadyInRegionException.struct_class = Types::DirectoryAlreadyInRegionException
+
     DirectoryAlreadySharedException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
     DirectoryAlreadySharedException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
     DirectoryAlreadySharedException.struct_class = Types::DirectoryAlreadySharedException
@@ -659,6 +710,7 @@ module Aws::DirectoryService
     DirectoryDescription.add_member(:sso_enabled, Shapes::ShapeRef.new(shape: SsoEnabled, location_name: "SsoEnabled"))
     DirectoryDescription.add_member(:desired_number_of_domain_controllers, Shapes::ShapeRef.new(shape: DesiredNumberOfDomainControllers, location_name: "DesiredNumberOfDomainControllers"))
     DirectoryDescription.add_member(:owner_directory_description, Shapes::ShapeRef.new(shape: OwnerDirectoryDescription, location_name: "OwnerDirectoryDescription"))
+    DirectoryDescription.add_member(:regions_info, Shapes::ShapeRef.new(shape: RegionsInfo, location_name: "RegionsInfo"))
     DirectoryDescription.struct_class = Types::DirectoryDescription
 
     DirectoryDescriptions.member = Shapes::ShapeRef.new(shape: DirectoryDescription)
@@ -702,6 +754,12 @@ module Aws::DirectoryService
     DirectoryVpcSettingsDescription.add_member(:availability_zones, Shapes::ShapeRef.new(shape: AvailabilityZones, location_name: "AvailabilityZones"))
     DirectoryVpcSettingsDescription.struct_class = Types::DirectoryVpcSettingsDescription
 
+    DisableClientAuthenticationRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
+    DisableClientAuthenticationRequest.add_member(:type, Shapes::ShapeRef.new(shape: ClientAuthenticationType, required: true, location_name: "Type"))
+    DisableClientAuthenticationRequest.struct_class = Types::DisableClientAuthenticationRequest
+
+    DisableClientAuthenticationResult.struct_class = Types::DisableClientAuthenticationResult
+
     DisableLDAPSRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
     DisableLDAPSRequest.add_member(:type, Shapes::ShapeRef.new(shape: LDAPSType, required: true, location_name: "Type"))
     DisableLDAPSRequest.struct_class = Types::DisableLDAPSRequest
@@ -742,6 +800,12 @@ module Aws::DirectoryService
 
     DomainControllers.member = Shapes::ShapeRef.new(shape: DomainController)
 
+    EnableClientAuthenticationRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
+    EnableClientAuthenticationRequest.add_member(:type, Shapes::ShapeRef.new(shape: ClientAuthenticationType, required: true, location_name: "Type"))
+    EnableClientAuthenticationRequest.struct_class = Types::EnableClientAuthenticationRequest
+
+    EnableClientAuthenticationResult.struct_class = Types::EnableClientAuthenticationResult
+
     EnableLDAPSRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
     EnableLDAPSRequest.add_member(:type, Shapes::ShapeRef.new(shape: LDAPSType, required: true, location_name: "Type"))
     EnableLDAPSRequest.struct_class = Types::EnableLDAPSRequest
@@ -797,6 +861,10 @@ module Aws::DirectoryService
     InvalidCertificateException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
     InvalidCertificateException.struct_class = Types::InvalidCertificateException
 
+    InvalidClientAuthStatusException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
+    InvalidClientAuthStatusException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
+    InvalidClientAuthStatusException.struct_class = Types::InvalidClientAuthStatusException
+
     InvalidLDAPSStatusException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
     InvalidLDAPSStatusException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
     InvalidLDAPSStatusException.struct_class = Types::InvalidLDAPSStatusException
@@ -924,8 +992,31 @@ module Aws::DirectoryService
     RadiusSettings.add_member(:use_same_username, Shapes::ShapeRef.new(shape: UseSameUsername, location_name: "UseSameUsername"))
     RadiusSettings.struct_class = Types::RadiusSettings
 
+    RegionDescription.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, location_name: "DirectoryId"))
+    RegionDescription.add_member(:region_name, Shapes::ShapeRef.new(shape: RegionName, location_name: "RegionName"))
+    RegionDescription.add_member(:region_type, Shapes::ShapeRef.new(shape: RegionType, location_name: "RegionType"))
+    RegionDescription.add_member(:status, Shapes::ShapeRef.new(shape: DirectoryStage, location_name: "Status"))
+    RegionDescription.add_member(:vpc_settings, Shapes::ShapeRef.new(shape: DirectoryVpcSettings, location_name: "VpcSettings"))
+    RegionDescription.add_member(:desired_number_of_domain_controllers, Shapes::ShapeRef.new(shape: DesiredNumberOfDomainControllers, location_name: "DesiredNumberOfDomainControllers"))
+    RegionDescription.add_member(:launch_time, Shapes::ShapeRef.new(shape: LaunchTime, location_name: "LaunchTime"))
+    RegionDescription.add_member(:status_last_updated_date_time, Shapes::ShapeRef.new(shape: StateLastUpdatedDateTime, location_name: "StatusLastUpdatedDateTime"))
+    RegionDescription.add_member(:last_updated_date_time, Shapes::ShapeRef.new(shape: LastUpdatedDateTime, location_name: "LastUpdatedDateTime"))
+    RegionDescription.struct_class = Types::RegionDescription
+
+    RegionLimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
+    RegionLimitExceededException.add_member(:request_id, Shapes::ShapeRef.new(shape: RequestId, location_name: "RequestId"))
+    RegionLimitExceededException.struct_class = Types::RegionLimitExceededException
+
+    RegionsDescription.member = Shapes::ShapeRef.new(shape: RegionDescription)
+
+    RegionsInfo.add_member(:primary_region, Shapes::ShapeRef.new(shape: RegionName, location_name: "PrimaryRegion"))
+    RegionsInfo.add_member(:additional_regions, Shapes::ShapeRef.new(shape: AdditionalRegions, location_name: "AdditionalRegions"))
+    RegionsInfo.struct_class = Types::RegionsInfo
+
     RegisterCertificateRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
     RegisterCertificateRequest.add_member(:certificate_data, Shapes::ShapeRef.new(shape: CertificateData, required: true, location_name: "CertificateData"))
+    RegisterCertificateRequest.add_member(:type, Shapes::ShapeRef.new(shape: CertificateType, location_name: "Type"))
+    RegisterCertificateRequest.add_member(:client_cert_auth_settings, Shapes::ShapeRef.new(shape: ClientCertAuthSettings, location_name: "ClientCertAuthSettings"))
     RegisterCertificateRequest.struct_class = Types::RegisterCertificateRequest
 
     RegisterCertificateResult.add_member(:certificate_id, Shapes::ShapeRef.new(shape: CertificateId, location_name: "CertificateId"))
@@ -951,6 +1042,11 @@ module Aws::DirectoryService
 
     RemoveIpRoutesResult.struct_class = Types::RemoveIpRoutesResult
 
+    RemoveRegionRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, required: true, location_name: "DirectoryId"))
+    RemoveRegionRequest.struct_class = Types::RemoveRegionRequest
+
+    RemoveRegionResult.struct_class = Types::RemoveRegionResult
+
     RemoveTagsFromResourceRequest.add_member(:resource_id, Shapes::ShapeRef.new(shape: ResourceId, required: true, location_name: "ResourceId"))
     RemoveTagsFromResourceRequest.add_member(:tag_keys, Shapes::ShapeRef.new(shape: TagKeys, required: true, location_name: "TagKeys"))
     RemoveTagsFromResourceRequest.struct_class = Types::RemoveTagsFromResourceRequest
@@ -1178,6 +1274,24 @@ module Aws::DirectoryService
         o.errors << Shapes::ShapeRef.new(shape: ServiceException)
       end)
 
+      api.add_operation(:add_region, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "AddRegion"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: AddRegionRequest)
+        o.output = Shapes::ShapeRef.new(shape: AddRegionResult)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryUnavailableException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: EntityDoesNotExistException)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryAlreadyInRegionException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryDoesNotExistException)
+        o.errors << Shapes::ShapeRef.new(shape: RegionLimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ClientException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+      end)
+
       api.add_operation(:add_tags_to_resource, Seahorse::Model::Operation.new.tap do |o|
         o.name = "AddTagsToResource"
         o.http_method = "POST"
@@ -1501,6 +1615,21 @@ module Aws::DirectoryService
         o.errors << Shapes::ShapeRef.new(shape: ServiceException)
       end)
 
+      api.add_operation(:describe_regions, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DescribeRegions"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DescribeRegionsRequest)
+        o.output = Shapes::ShapeRef.new(shape: DescribeRegionsResult)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryDoesNotExistException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidNextTokenException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ClientException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+      end)
+
       api.add_operation(:describe_shared_directories, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DescribeSharedDirectories"
         o.http_method = "POST"
@@ -1542,6 +1671,20 @@ module Aws::DirectoryService
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
       end)
 
+      api.add_operation(:disable_client_authentication, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DisableClientAuthentication"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DisableClientAuthenticationRequest)
+        o.output = Shapes::ShapeRef.new(shape: DisableClientAuthenticationResult)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryDoesNotExistException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidClientAuthStatusException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ClientException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+      end)
+
       api.add_operation(:disable_ldaps, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DisableLDAPS"
         o.http_method = "POST"
@@ -1581,6 +1724,21 @@ module Aws::DirectoryService
         o.errors << Shapes::ShapeRef.new(shape: ServiceException)
       end)
 
+      api.add_operation(:enable_client_authentication, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "EnableClientAuthentication"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: EnableClientAuthenticationRequest)
+        o.output = Shapes::ShapeRef.new(shape: EnableClientAuthenticationResult)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryDoesNotExistException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidClientAuthStatusException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: NoAvailableCertificateException)
+        o.errors << Shapes::ShapeRef.new(shape: ClientException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+      end)
+
       api.add_operation(:enable_ldaps, Seahorse::Model::Operation.new.tap do |o|
         o.name = "EnableLDAPS"
         o.http_method = "POST"
@@ -1764,6 +1922,20 @@ module Aws::DirectoryService
         o.errors << Shapes::ShapeRef.new(shape: ServiceException)
       end)
 
+      api.add_operation(:remove_region, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "RemoveRegion"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: RemoveRegionRequest)
+        o.output = Shapes::ShapeRef.new(shape: RemoveRegionResult)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryUnavailableException)
+        o.errors << Shapes::ShapeRef.new(shape: DirectoryDoesNotExistException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ClientException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+      end)
+
       api.add_operation(:remove_tags_from_resource, Seahorse::Model::Operation.new.tap do |o|
         o.name = "RemoveTagsFromResource"
         o.http_method = "POST"