AWS::AppStream::DirectoryConfig CertificateBasedAuthProperties - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::AppStream::DirectoryConfig CertificateBasedAuthProperties

The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "CertificateAuthorityArn" : String,
  "Status" : String
}

YAML

  CertificateAuthorityArn: String
  Status: String

Properties

CertificateAuthorityArn

The ARN of the AWS Certificate Manager Private CA resource.

Required: No

Type: String

Pattern: ^arn:aws(?:\-cn|\-iso\-b|\-iso|\-us\-gov)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.\\-]{0,1023}$

Update requires: No interruption

Status

The status of the certificate-based authentication properties. Fallback is turned on by default when certificate-based authentication is Enabled. Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.

Required: No

Type: String

Allowed values: DISABLED | ENABLED | ENABLED_NO_DIRECTORY_LOGIN_FALLBACK

Update requires: No interruption