KopiCloud AD API

The API for Microsoft Active Directory and DNS with Terraform Provider

  Integrate Microsoft AD and DNS with your applications or scripts.

  Use our Terraform Provider in your CI/CD pipelines without credentials.

  Manage AD Users, AD Groups, AD OUs, and AD Computers.

  Manage DNS Records.

  Compatible with AWS, Azure, GCP, and OCI VMs running AD DCs.

  Compatible with AWS, Azure, and GCP Active Directory Managed Services.

Get Started  

Current version: 1.10 Provence Build 2024.05.20 (May 2024)  

Manage Microsoft Active Directory and DNS with our Secure API

Manage AD Users

Create, delete, and rename users. List users. Reset the password, enable and disable users, configure profile settings, and much more!

Learn More
  Manage AD Groups

Create, delete, and rename Distribution and Security Groups. List groups, check if a group exists, and more!

Learn More
  Manage AD OUs

Create, delete, and rename Organization Units (OUs). List OUs, check if the OU exists, and more!

Learn More
  Manage AD Computers

Register, remove, and rename computers. Remove multiple computers using a wildcard, list computers, clean up inactive computers, and much more!

Learn More

  Manage DNS A Records

Create and delete DNS A Records. List DNS A records with several filters.

Learn More
  Manage DNS CNAME Records

Create and delete DNS CNAME Records. List DNS CNAME records with several filters.

Learn More
  Manage DNS AAAA Records

Create and delete DNS AAAA Records. List DNS AAAA records with several filters.

Learn More
  Manage DNS Zones Records

Create and delete DNS Lookup Zones and DNS Reverse Lookup Zones. List All DNS Zones.

Learn More

We deliver Active Directory as Code

  Use KopiCloud AD API Terraform Provider to automate your Active Directory and Microsoft DNS tasks in the public cloud (AWS, Azure, GCP).

  Create CI/CD pipelines to interact with AD and Microsoft DNS in minutes!

  Work with AD DCs running on VMs or managed AD services, such as Azure AD DS, AWS Directory Service, or GCP Managed Service for Microsoft Active Directory.

  Use Tokens to authenticate to AD instead of usernames and passwords.

Set up the Terraform Provider

  Login to the KopiCloud AD API Terraform Provider management website and generate a token.

  Configure the kopicloud provider with the hostname of your API server and the authentication token.
terraform {
     required_providers {
         kopicloud = {
             source = "kopicloud-ad-api/ad"

provider "kopicloud" {
     host   = "https://api.kopicloud.local"
     token = "Basic b3NjYWI8UzFsdkyQMVsuD70"

resource "kopicloud_dns_a_record" "test" {
     hostname = "computer70"
     ip_address = ""
     zone_name = "kopicloud.local"

output "dns_a_record" {
     description = "Created DNS A Record"
     value = resource.kopicloud_dns_a_record.test

Example: Create a DNS A Record in Microsoft DNS

Create a DNS A Record, take five lines of Terraform code, and take less than 1 second to execute.

  Provide the Hostname, IP Address, and Zone Name to create the DNS A Record.

Discover more examples on Docs.


Manage Active Directory Everywhere

We tested KopiCloud AD API in virtual machines running Active Directory Domain Controllers (DCs) in different cloud providers (AWS, Azure, GCP, OCI) and their managed Active Directory Services. Also, we tested the API in VMware vSphere and Microsoft Hyper-V virtual machines in the datacenter.

Microsoft Azure
Virtual Machines

Amazon Web Services (AWS) Virtual Machines

Google Cloud Platform (GCP) Virtual Machines

Oracle Cloud Infrastructure (OCI) Virtual Machines

Azure Active Directory Domain Services (Azure AD DS)

Amazon Web Services (AWS) Directory Service

GCP Managed Service for Microsoft Active Directory

VMware vSphere
Virtual Machines

Why KopiCloud AD API?

A few reasons to choose KopiCloud AD API to automate your Active Directory deployments:

  No official Microsoft API

There is no official Microsoft API, so if you want to automate access to the Active Directory or DNS, you must write your own API or execute PowerShell commands.

  It is secure

Instead of using usernames and passwords to access Active Directory or DNS, we use authentication tokens. These tokens can be used for a limited time or forever.

  We keep a log of everything

Every task or action executed is written in a log, so you know who and when they call any API method. Coming soon, you will be able to forward events to several SIEMs.

  Automate AD with our Terraform Provider

Create service accounts in AD, create DNS records, create AD Users, create AD Groups, create AD Organization Unit, reset AD User passwords, and more.

  Designed for all kinds of companies

We have plenty of pre-configured security access groups. The API provides many options if you are a small company or a large enterprise with a dedicated security team.

  Production or Test Environment?

Both. If you are in production, every call is secured using a token, and everything is logged. Or you can disable the token authentication if running in a test environment.

Next steps - Start with the KopiCloud AD API

   Download the KopiCloud Active Directory API or deploy a virtual machine using a public cloud marketplace.

   Get a Trial License and try KopiCloud Active Directory API (No credit card required).

   Check the detailed API documentation.

   Start writing your integration in any development or scripting language that supports a REST API:

Microsoft .NET





Microsoft PowerShell





   If you are busy or need help with the integration between your applications and KopiCloud AD API, get in touch with our Consulting Services.