CreateDirectoryConfig

Creates a Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.

Request Syntax

{
   "CertificateBasedAuthProperties": { 
      "CertificateAuthorityArn": "string",
      "Status": "string"
   },
   "DirectoryName": "string",
   "OrganizationalUnitDistinguishedNames": [ "string" ],
   "ServiceAccountCredentials": { 
      "AccountName": "string",
      "AccountPassword": "string"
   }
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

CertificateBasedAuthProperties

The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.

Type: CertificateBasedAuthProperties object

Required: No

DirectoryName

The fully qualified name of the directory (for example, corp.example.com).

Type: String

Required: Yes

OrganizationalUnitDistinguishedNames

The distinguished names of the organizational units for computer accounts.

Type: Array of strings

Length Constraints: Maximum length of 2000.

Required: Yes

ServiceAccountCredentials

The credentials for the service account used by the fleet or image builder to connect to the directory.

Type: ServiceAccountCredentials object

Required: No

Response Syntax

{
   "DirectoryConfig": { 
      "CertificateBasedAuthProperties": { 
         "CertificateAuthorityArn": "string",
         "Status": "string"
      },
      "CreatedTime": number,
      "DirectoryName": "string",
      "OrganizationalUnitDistinguishedNames": [ "string" ],
      "ServiceAccountCredentials": { 
         "AccountName": "string",
         "AccountPassword": "string"
      }
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

DirectoryConfig

Information about the directory configuration.

Type: DirectoryConfig object

Errors

For information about the errors that are common to all actions, see Common Errors.

InvalidAccountStatusException

The resource cannot be created because your AWS account is suspended. For assistance, contact AWS Support.

HTTP Status Code: 400

InvalidRoleException

The specified role is invalid.

HTTP Status Code: 400

LimitExceededException

The requested limit exceeds the permitted limit for an account.

HTTP Status Code: 400

OperationNotPermittedException

The attempted operation is not permitted.

HTTP Status Code: 400

ResourceAlreadyExistsException

The specified resource already exists.

HTTP Status Code: 400

ResourceNotFoundException

The specified resource was not found.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS Command Line Interface

• AWS SDK for .NET

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for JavaScript V3

• AWS SDK for PHP V3

• AWS SDK for Python

• AWS SDK for Ruby V3