create_directory_config

create_directory_config(**kwargs)

Creates a Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.

See also: AWS API Documentation

Request Syntax

response = client.create_directory_config(
    DirectoryName='string',
    OrganizationalUnitDistinguishedNames=[
        'string',
    ],
    ServiceAccountCredentials={
        'AccountName': 'string',
        'AccountPassword': 'string'
    },
    CertificateBasedAuthProperties={
        'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
        'CertificateAuthorityArn': 'string'
    }
)
Parameters
  • DirectoryName (string) --

    [REQUIRED]

    The fully qualified name of the directory (for example, corp.example.com).

  • OrganizationalUnitDistinguishedNames (list) --

    [REQUIRED]

    The distinguished names of the organizational units for computer accounts.

    • (string) --
  • ServiceAccountCredentials (dict) --

    The credentials for the service account used by the fleet or image builder to connect to the directory.

    • AccountName (string) -- [REQUIRED]

      The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.

    • AccountPassword (string) -- [REQUIRED]

      The password for the account.

  • CertificateBasedAuthProperties (dict) --

    The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.

    • Status (string) --

      The status of the certificate-based authentication properties.

    • CertificateAuthorityArn (string) --

      The ARN of the AWS Certificate Manager Private CA resource.

Return type

dict

Returns

Response Syntax

{
    'DirectoryConfig': {
        'DirectoryName': 'string',
        'OrganizationalUnitDistinguishedNames': [
            'string',
        ],
        'ServiceAccountCredentials': {
            'AccountName': 'string',
            'AccountPassword': 'string'
        },
        'CreatedTime': datetime(2015, 1, 1),
        'CertificateBasedAuthProperties': {
            'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
            'CertificateAuthorityArn': 'string'
        }
    }
}

Response Structure

  • (dict) --

    • DirectoryConfig (dict) --

      Information about the directory configuration.

      • DirectoryName (string) --

        The fully qualified name of the directory (for example, corp.example.com).

      • OrganizationalUnitDistinguishedNames (list) --

        The distinguished names of the organizational units for computer accounts.

        • (string) --
      • ServiceAccountCredentials (dict) --

        The credentials for the service account used by the fleet or image builder to connect to the directory.

        • AccountName (string) --

          The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.

        • AccountPassword (string) --

          The password for the account.

      • CreatedTime (datetime) --

        The time the directory configuration was created.

      • CertificateBasedAuthProperties (dict) --

        The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.

        • Status (string) --

          The status of the certificate-based authentication properties.

        • CertificateAuthorityArn (string) --

          The ARN of the AWS Certificate Manager Private CA resource.

Exceptions

  • AppStream.Client.exceptions.ResourceNotFoundException
  • AppStream.Client.exceptions.ResourceAlreadyExistsException
  • AppStream.Client.exceptions.LimitExceededException
  • AppStream.Client.exceptions.InvalidAccountStatusException
  • AppStream.Client.exceptions.OperationNotPermittedException
  • AppStream.Client.exceptions.InvalidRoleException