Amazon AppStream 2.0
Administration Guide

Allowed Domains

For AppStream 2.0 users to access streaming instances, you must allow the following domain on the network from which users initiate access to the streaming instances.

  • Session Gateway: *.amazonappstream.com

One or more of the following domains must be allowed to enable user authentication. You must allow the domains that correspond to the Regions where AppStream 2.0 is deployed.

Region Domain
N. Virginia appstream2.us-east-1.aws.amazon.com
Oregon appstream2.us-west-2.aws.amazon.com
Tokyo appstream2.ap-northeast-1.aws.amazon.com
Seoul appstream2.ap-northeast-2.aws.amazon.com
Singapore appstream2.ap-southeast-1.aws.amazon.com
Sydney appstream2.ap-southeast-2.aws.amazon.com
Frankfurt appstream2.eu-central-1.aws.amazon.com
Ireland appstream2.eu-west-1.aws.amazon.com

Amazon Web Services (AWS) publishes its current IP address ranges, including the ranges that the Session Gateway and CloudFront domains may resolve to, in JSON format. For information about how to download the .json file and view the current ranges, see AWS IP Address Ranges in the Amazon Web Services General Reference. Or, if you are using AWS Tools for Windows PowerShell, you can access the same information by using the Get-AWSPublicIpAddressRange cmdlet. For more information, see Querying the Public IP Address Ranges for AWS.