ShareDirectory - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


Shares a specified directory (DirectoryId) in your Amazon Web Services account (directory owner) with another Amazon Web Services account (directory consumer). With this operation you can use your directory from any Amazon Web Services account and from any Amazon VPC within an Amazon Region.

When you share your Amazon Managed Microsoft AD directory, Amazon Directory Service creates a shared directory in the directory consumer account. This shared directory contains the metadata to provide access to the directory within the directory owner account. The shared directory is visible in all VPCs in the directory consumer account.

The ShareMethod parameter determines whether the specified directory can be shared between Amazon Web Services accounts inside the same Amazon organization (ORGANIZATIONS). It also determines whether you can share the directory with any other Amazon Web Services account either inside or outside of the organization (HANDSHAKE).

The ShareNotes parameter is only used when HANDSHAKE is called, which sends a directory sharing request to the directory consumer.

Request Syntax

{ "DirectoryId": "string", "ShareMethod": "string", "ShareNotes": "string", "ShareTarget": { "Id": "string", "Type": "string" } }

Request Parameters

The request accepts the following data in JSON format.


Identifier of the Amazon Managed Microsoft AD directory that you want to share with other Amazon Web Services accounts.

Type: String

Pattern: ^d-[0-9a-f]{10}$

Required: Yes


The method used when sharing a directory to determine whether the directory should be shared within your Amazon organization (ORGANIZATIONS) or with any Amazon Web Services account by sending a directory sharing request (HANDSHAKE).

Type: String


Required: Yes


A directory share request that is sent by the directory owner to the directory consumer. The request includes a typed message to help the directory consumer administrator determine whether to approve or reject the share invitation.

Type: String

Length Constraints: Maximum length of 1024.

Required: No


Identifier for the directory consumer account with whom the directory is to be shared.

Type: ShareTarget object

Required: Yes

Response Syntax

{ "SharedDirectoryId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


Identifier of the directory that is stored in the directory consumer account that is shared from the specified directory (DirectoryId).

Type: String

Pattern: ^d-[0-9a-f]{10}$


For information about the errors that are common to all actions, see Common Errors.


Client authentication is not available in this region at this time.

HTTP Status Code: 400


A client exception has occurred.

HTTP Status Code: 400


The specified directory has already been shared with this Amazon Web Services account.

HTTP Status Code: 400


The specified entity could not be found.

HTTP Status Code: 400


One or more parameters are not valid.

HTTP Status Code: 400


The specified shared target is not valid.

HTTP Status Code: 400


Exception encountered while trying to access your Amazon organization.

HTTP Status Code: 400


An exception has occurred in Amazon Directory Service.

HTTP Status Code: 500


The maximum number of Amazon Web Services accounts that you can share with this directory has been reached.

HTTP Status Code: 400


The operation is not supported.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: