aws-sdk-appstream 1.67.0 → 1.68.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3f7f10f7b03e0c2776ebdd4a67681c9c46b97c45f27afbe10719e2e357007e06
-  data.tar.gz: 5ee38a75e48978ae2e673a7392edcfe50304cd2b6e61faae9ad070d6a1c1908c
+  metadata.gz: 8bb1ca00eb2ec143caf5c85954990cdaa5dbfecb475a5a7175888da11e2a2071
+  data.tar.gz: ecd57a38a5126c94f309dbb753ef480114e7ef05c4eb6f5e4116020720d4e872
 SHA512:
-  metadata.gz: a84ffe7a90eb821c4bf4c7f79ca88bf08de780a230ff406aff50d8e6b8cb702628315e35f4fc370909b81cf0b48210fe2870dd6dc016a318fdfb1b7140221896
-  data.tar.gz: 67265670dadde954fc2aa9c28ec64ec88807bc5abd4a1994738cc0efd29b6316bb2881154e325bbe19126f43bc4099c8fc09e150d81e3788e3508e4425ed75ba
+  metadata.gz: 4a09a3fdd921c1725cd18c81ce021dff1155acb66b059632cf3b836a0f0e34bd78375e7452d9e7c4540a37e107f08f4526a019de2b26678548ef2c8cf7a3c561
+  data.tar.gz: 4ff28979bcc76c618b60fcc18030a88a139e3c9b7bf5855e8d0425d431f4bd0ff064ba04c0594f7942d9ccf03239aa4ec4bb11f84d99ba2d1218ae9b37b5fa73

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.68.0 (2022-10-28)
+------------------
+
+* Feature - This release includes CertificateBasedAuthProperties in CreateDirectoryConfig and UpdateDirectoryConfig.
+
 1.67.0 (2022-10-25)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.67.0
+1.68.0

data/lib/aws-sdk-appstream/client.rb

@@ -486,7 +486,7 @@ module Aws::AppStream
     #       {
     #         stack_name: "String", # required
     #         user_name: "Username", # required
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #         send_email_notification: false,
     #       },
     #     ],
@@ -497,7 +497,7 @@ module Aws::AppStream
     #   resp.errors #=> Array
     #   resp.errors[0].user_stack_association.stack_name #=> String
     #   resp.errors[0].user_stack_association.user_name #=> String
-    #   resp.errors[0].user_stack_association.authentication_type #=> String, one of "API", "SAML", "USERPOOL"
+    #   resp.errors[0].user_stack_association.authentication_type #=> String, one of "API", "SAML", "USERPOOL", "AWS_AD"
     #   resp.errors[0].user_stack_association.send_email_notification #=> Boolean
     #   resp.errors[0].error_code #=> String, one of "STACK_NOT_FOUND", "USER_NAME_NOT_FOUND", "DIRECTORY_NOT_FOUND", "INTERNAL_ERROR"
     #   resp.errors[0].error_message #=> String
@@ -527,7 +527,7 @@ module Aws::AppStream
     #       {
     #         stack_name: "String", # required
     #         user_name: "Username", # required
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #         send_email_notification: false,
     #       },
     #     ],
@@ -538,7 +538,7 @@ module Aws::AppStream
     #   resp.errors #=> Array
     #   resp.errors[0].user_stack_association.stack_name #=> String
     #   resp.errors[0].user_stack_association.user_name #=> String
-    #   resp.errors[0].user_stack_association.authentication_type #=> String, one of "API", "SAML", "USERPOOL"
+    #   resp.errors[0].user_stack_association.authentication_type #=> String, one of "API", "SAML", "USERPOOL", "AWS_AD"
     #   resp.errors[0].user_stack_association.send_email_notification #=> Boolean
     #   resp.errors[0].error_code #=> String, one of "STACK_NOT_FOUND", "USER_NAME_NOT_FOUND", "DIRECTORY_NOT_FOUND", "INTERNAL_ERROR"
     #   resp.errors[0].error_message #=> String
@@ -799,6 +799,18 @@ module Aws::AppStream
     #   The credentials for the service account used by the fleet or image
     #   builder to connect to the directory.
     #
+    # @option params [Types::CertificateBasedAuthProperties] :certificate_based_auth_properties
+    #   The certificate-based authentication properties used to authenticate
+    #   SAML 2.0 Identity Provider (IdP) user identities to Active Directory
+    #   domain-joined streaming instances. Fallback is turned on by default
+    #   when certificate-based authentication is **Enabled** . Fallback allows
+    #   users to log in using their AD domain password if certificate-based
+    #   authentication is unsuccessful, or to unlock a desktop lock screen.
+    #   **Enabled\_no\_directory\_login\_fallback** enables certificate-based
+    #   authentication, but does not allow users to log in using their AD
+    #   domain password. Users will be disconnected to re-authenticate using
+    #   certificates.
+    #
     # @return [Types::CreateDirectoryConfigResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDirectoryConfigResult#directory_config #directory_config} => Types::DirectoryConfig
@@ -812,6 +824,10 @@ module Aws::AppStream
     #       account_name: "AccountName", # required
     #       account_password: "AccountPassword", # required
     #     },
+    #     certificate_based_auth_properties: {
+    #       status: "DISABLED", # accepts DISABLED, ENABLED, ENABLED_NO_DIRECTORY_LOGIN_FALLBACK
+    #       certificate_authority_arn: "Arn",
+    #     },
     #   })
     #
     # @example Response structure
@@ -822,6 +838,8 @@ module Aws::AppStream
     #   resp.directory_config.service_account_credentials.account_name #=> String
     #   resp.directory_config.service_account_credentials.account_password #=> String
     #   resp.directory_config.created_time #=> Time
+    #   resp.directory_config.certificate_based_auth_properties.status #=> String, one of "DISABLED", "ENABLED", "ENABLED_NO_DIRECTORY_LOGIN_FALLBACK"
+    #   resp.directory_config.certificate_based_auth_properties.certificate_authority_arn #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/CreateDirectoryConfig AWS API Documentation
     #
@@ -895,8 +913,8 @@ module Aws::AppStream
       req.send_request(options)
     end
 
-    # Creates a fleet. A fleet consists of streaming instances that run a
-    # specified image when using Always-On or On-Demand.
+    # Creates a fleet. A fleet consists of streaming instances that your
+    # users access for their applications and desktops.
     #
     # @option params [required, String] :name
     #   A unique name for the fleet.
@@ -917,6 +935,10 @@ module Aws::AppStream
     #
     #   * stream.standard.large
     #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
+    #
     #   * stream.compute.large
     #
     #   * stream.compute.xlarge
@@ -983,6 +1005,12 @@ module Aws::AppStream
     #
     #   * stream.standard.medium
     #
+    #   * stream.standard.large
+    #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
+    #
     # @option params [String] :fleet_type
     #   The fleet type.
     #
@@ -1878,7 +1906,7 @@ module Aws::AppStream
     #     message_action: "SUPPRESS", # accepts SUPPRESS, RESEND
     #     first_name: "UserAttributeValue",
     #     last_name: "UserAttributeValue",
-    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/CreateUser AWS API Documentation
@@ -2217,7 +2245,7 @@ module Aws::AppStream
     #
     #   resp = client.delete_user({
     #     user_name: "Username", # required
-    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DeleteUser AWS API Documentation
@@ -2426,6 +2454,8 @@ module Aws::AppStream
     #   resp.directory_configs[0].service_account_credentials.account_name #=> String
     #   resp.directory_configs[0].service_account_credentials.account_password #=> String
     #   resp.directory_configs[0].created_time #=> Time
+    #   resp.directory_configs[0].certificate_based_auth_properties.status #=> String, one of "DISABLED", "ENABLED", "ENABLED_NO_DIRECTORY_LOGIN_FALLBACK"
+    #   resp.directory_configs[0].certificate_based_auth_properties.certificate_authority_arn #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeDirectoryConfigs AWS API Documentation
@@ -2824,7 +2854,7 @@ module Aws::AppStream
     #     user_id: "UserId",
     #     next_token: "String",
     #     limit: 1,
-    #     authentication_type: "API", # accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # accepts API, SAML, USERPOOL, AWS_AD
     #   })
     #
     # @example Response structure
@@ -2838,7 +2868,7 @@ module Aws::AppStream
     #   resp.sessions[0].connection_state #=> String, one of "CONNECTED", "NOT_CONNECTED"
     #   resp.sessions[0].start_time #=> Time
     #   resp.sessions[0].max_expiration_time #=> Time
-    #   resp.sessions[0].authentication_type #=> String, one of "API", "SAML", "USERPOOL"
+    #   resp.sessions[0].authentication_type #=> String, one of "API", "SAML", "USERPOOL", "AWS_AD"
     #   resp.sessions[0].network_access_configuration.eni_private_ip_address #=> String
     #   resp.sessions[0].network_access_configuration.eni_id #=> String
     #   resp.next_token #=> String
@@ -2997,7 +3027,7 @@ module Aws::AppStream
     #   resp = client.describe_user_stack_associations({
     #     stack_name: "String",
     #     user_name: "Username",
-    #     authentication_type: "API", # accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # accepts API, SAML, USERPOOL, AWS_AD
     #     max_results: 1,
     #     next_token: "String",
     #   })
@@ -3007,7 +3037,7 @@ module Aws::AppStream
     #   resp.user_stack_associations #=> Array
     #   resp.user_stack_associations[0].stack_name #=> String
     #   resp.user_stack_associations[0].user_name #=> String
-    #   resp.user_stack_associations[0].authentication_type #=> String, one of "API", "SAML", "USERPOOL"
+    #   resp.user_stack_associations[0].authentication_type #=> String, one of "API", "SAML", "USERPOOL", "AWS_AD"
     #   resp.user_stack_associations[0].send_email_notification #=> Boolean
     #   resp.next_token #=> String
     #
@@ -3042,7 +3072,7 @@ module Aws::AppStream
     # @example Request syntax with placeholder values
     #
     #   resp = client.describe_users({
-    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #     max_results: 1,
     #     next_token: "String",
     #   })
@@ -3057,7 +3087,7 @@ module Aws::AppStream
     #   resp.users[0].first_name #=> String
     #   resp.users[0].last_name #=> String
     #   resp.users[0].created_time #=> Time
-    #   resp.users[0].authentication_type #=> String, one of "API", "SAML", "USERPOOL"
+    #   resp.users[0].authentication_type #=> String, one of "API", "SAML", "USERPOOL", "AWS_AD"
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeUsers AWS API Documentation
@@ -3089,7 +3119,7 @@ module Aws::AppStream
     #
     #   resp = client.disable_user({
     #     user_name: "Username", # required
-    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DisableUser AWS API Documentation
@@ -3206,7 +3236,7 @@ module Aws::AppStream
     #
     #   resp = client.enable_user({
     #     user_name: "Username", # required
-    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #     authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/EnableUser AWS API Documentation
@@ -3743,6 +3773,18 @@ module Aws::AppStream
     #   The credentials for the service account used by the fleet or image
     #   builder to connect to the directory.
     #
+    # @option params [Types::CertificateBasedAuthProperties] :certificate_based_auth_properties
+    #   The certificate-based authentication properties used to authenticate
+    #   SAML 2.0 Identity Provider (IdP) user identities to Active Directory
+    #   domain-joined streaming instances. Fallback is turned on by default
+    #   when certificate-based authentication is **Enabled** . Fallback allows
+    #   users to log in using their AD domain password if certificate-based
+    #   authentication is unsuccessful, or to unlock a desktop lock screen.
+    #   **Enabled\_no\_directory\_login\_fallback** enables certificate-based
+    #   authentication, but does not allow users to log in using their AD
+    #   domain password. Users will be disconnected to re-authenticate using
+    #   certificates.
+    #
     # @return [Types::UpdateDirectoryConfigResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateDirectoryConfigResult#directory_config #directory_config} => Types::DirectoryConfig
@@ -3756,6 +3798,10 @@ module Aws::AppStream
     #       account_name: "AccountName", # required
     #       account_password: "AccountPassword", # required
     #     },
+    #     certificate_based_auth_properties: {
+    #       status: "DISABLED", # accepts DISABLED, ENABLED, ENABLED_NO_DIRECTORY_LOGIN_FALLBACK
+    #       certificate_authority_arn: "Arn",
+    #     },
     #   })
     #
     # @example Response structure
@@ -3766,6 +3812,8 @@ module Aws::AppStream
     #   resp.directory_config.service_account_credentials.account_name #=> String
     #   resp.directory_config.service_account_credentials.account_password #=> String
     #   resp.directory_config.created_time #=> Time
+    #   resp.directory_config.certificate_based_auth_properties.status #=> String, one of "DISABLED", "ENABLED", "ENABLED_NO_DIRECTORY_LOGIN_FALLBACK"
+    #   resp.directory_config.certificate_based_auth_properties.certificate_authority_arn #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/UpdateDirectoryConfig AWS API Documentation
     #
@@ -3875,6 +3923,10 @@ module Aws::AppStream
     #
     #   * stream.standard.large
     #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
+    #
     #   * stream.compute.large
     #
     #   * stream.compute.xlarge
@@ -3941,6 +3993,12 @@ module Aws::AppStream
     #
     #   * stream.standard.medium
     #
+    #   * stream.standard.large
+    #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
+    #
     # @option params [Types::ComputeCapacity] :compute_capacity
     #   The desired capacity for the fleet. This is not allowed for Elastic
     #   fleets.
@@ -4326,7 +4384,7 @@ module Aws::AppStream
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-appstream'
-      context[:gem_version] = '1.67.0'
+      context[:gem_version] = '1.68.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-appstream/client_api.rb

@@ -48,6 +48,8 @@ module Aws::AppStream
     BatchDisassociateUserStackResult = Shapes::StructureShape.new(name: 'BatchDisassociateUserStackResult')
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     BooleanObject = Shapes::BooleanShape.new(name: 'BooleanObject')
+    CertificateBasedAuthProperties = Shapes::StructureShape.new(name: 'CertificateBasedAuthProperties')
+    CertificateBasedAuthStatus = Shapes::StringShape.new(name: 'CertificateBasedAuthStatus')
     ComputeCapacity = Shapes::StructureShape.new(name: 'ComputeCapacity')
     ComputeCapacityStatus = Shapes::StructureShape.new(name: 'ComputeCapacityStatus')
     ConcurrentModificationException = Shapes::StructureShape.new(name: 'ConcurrentModificationException')
@@ -388,6 +390,10 @@ module Aws::AppStream
     BatchDisassociateUserStackResult.add_member(:errors, Shapes::ShapeRef.new(shape: UserStackAssociationErrorList, location_name: "errors"))
     BatchDisassociateUserStackResult.struct_class = Types::BatchDisassociateUserStackResult
 
+    CertificateBasedAuthProperties.add_member(:status, Shapes::ShapeRef.new(shape: CertificateBasedAuthStatus, location_name: "Status"))
+    CertificateBasedAuthProperties.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
+    CertificateBasedAuthProperties.struct_class = Types::CertificateBasedAuthProperties
+
     ComputeCapacity.add_member(:desired_instances, Shapes::ShapeRef.new(shape: Integer, required: true, location_name: "DesiredInstances"))
     ComputeCapacity.struct_class = Types::ComputeCapacity
 
@@ -439,6 +445,7 @@ module Aws::AppStream
     CreateDirectoryConfigRequest.add_member(:directory_name, Shapes::ShapeRef.new(shape: DirectoryName, required: true, location_name: "DirectoryName"))
     CreateDirectoryConfigRequest.add_member(:organizational_unit_distinguished_names, Shapes::ShapeRef.new(shape: OrganizationalUnitDistinguishedNamesList, required: true, location_name: "OrganizationalUnitDistinguishedNames"))
     CreateDirectoryConfigRequest.add_member(:service_account_credentials, Shapes::ShapeRef.new(shape: ServiceAccountCredentials, location_name: "ServiceAccountCredentials"))
+    CreateDirectoryConfigRequest.add_member(:certificate_based_auth_properties, Shapes::ShapeRef.new(shape: CertificateBasedAuthProperties, location_name: "CertificateBasedAuthProperties"))
     CreateDirectoryConfigRequest.struct_class = Types::CreateDirectoryConfigRequest
 
     CreateDirectoryConfigResult.add_member(:directory_config, Shapes::ShapeRef.new(shape: DirectoryConfig, location_name: "DirectoryConfig"))
@@ -759,6 +766,7 @@ module Aws::AppStream
     DirectoryConfig.add_member(:organizational_unit_distinguished_names, Shapes::ShapeRef.new(shape: OrganizationalUnitDistinguishedNamesList, location_name: "OrganizationalUnitDistinguishedNames"))
     DirectoryConfig.add_member(:service_account_credentials, Shapes::ShapeRef.new(shape: ServiceAccountCredentials, location_name: "ServiceAccountCredentials"))
     DirectoryConfig.add_member(:created_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "CreatedTime"))
+    DirectoryConfig.add_member(:certificate_based_auth_properties, Shapes::ShapeRef.new(shape: CertificateBasedAuthProperties, location_name: "CertificateBasedAuthProperties"))
     DirectoryConfig.struct_class = Types::DirectoryConfig
 
     DirectoryConfigList.member = Shapes::ShapeRef.new(shape: DirectoryConfig)
@@ -1150,6 +1158,7 @@ module Aws::AppStream
     UpdateDirectoryConfigRequest.add_member(:directory_name, Shapes::ShapeRef.new(shape: DirectoryName, required: true, location_name: "DirectoryName"))
     UpdateDirectoryConfigRequest.add_member(:organizational_unit_distinguished_names, Shapes::ShapeRef.new(shape: OrganizationalUnitDistinguishedNamesList, location_name: "OrganizationalUnitDistinguishedNames"))
     UpdateDirectoryConfigRequest.add_member(:service_account_credentials, Shapes::ShapeRef.new(shape: ServiceAccountCredentials, location_name: "ServiceAccountCredentials"))
+    UpdateDirectoryConfigRequest.add_member(:certificate_based_auth_properties, Shapes::ShapeRef.new(shape: CertificateBasedAuthProperties, location_name: "CertificateBasedAuthProperties"))
     UpdateDirectoryConfigRequest.struct_class = Types::UpdateDirectoryConfigRequest
 
     UpdateDirectoryConfigResult.add_member(:directory_config, Shapes::ShapeRef.new(shape: DirectoryConfig, location_name: "DirectoryConfig"))

data/lib/aws-sdk-appstream/types.rb

@@ -372,7 +372,7 @@ module Aws::AppStream
     #           {
     #             stack_name: "String", # required
     #             user_name: "Username", # required
-    #             authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #             authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #             send_email_notification: false,
     #           },
     #         ],
@@ -410,7 +410,7 @@ module Aws::AppStream
     #           {
     #             stack_name: "String", # required
     #             user_name: "Username", # required
-    #             authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #             authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #             send_email_notification: false,
     #           },
     #         ],
@@ -440,6 +440,42 @@ module Aws::AppStream
       include Aws::Structure
     end
 
+    # The certificate-based authentication properties used to authenticate
+    # SAML 2.0 Identity Provider (IdP) user identities to Active Directory
+    # domain-joined streaming instances. Fallback is turned on by default
+    # when certificate-based authentication is **Enabled** . Fallback allows
+    # users to log in using their AD domain password if certificate-based
+    # authentication is unsuccessful, or to unlock a desktop lock screen.
+    # **Enabled\_no\_directory\_login\_fallback** enables certificate-based
+    # authentication, but does not allow users to log in using their AD
+    # domain password. Users will be disconnected to re-authenticate using
+    # certificates.
+    #
+    # @note When making an API call, you may pass CertificateBasedAuthProperties
+    #   data as a hash:
+    #
+    #       {
+    #         status: "DISABLED", # accepts DISABLED, ENABLED, ENABLED_NO_DIRECTORY_LOGIN_FALLBACK
+    #         certificate_authority_arn: "Arn",
+    #       }
+    #
+    # @!attribute [rw] status
+    #   The status of the certificate-based authentication properties.
+    #   @return [String]
+    #
+    # @!attribute [rw] certificate_authority_arn
+    #   The ARN of the AWS Certificate Manager Private CA resource.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/CertificateBasedAuthProperties AWS API Documentation
+    #
+    class CertificateBasedAuthProperties < Struct.new(
+      :status,
+      :certificate_authority_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Describes the capacity for a fleet.
     #
     # @note When making an API call, you may pass ComputeCapacity
@@ -744,6 +780,10 @@ module Aws::AppStream
     #           account_name: "AccountName", # required
     #           account_password: "AccountPassword", # required
     #         },
+    #         certificate_based_auth_properties: {
+    #           status: "DISABLED", # accepts DISABLED, ENABLED, ENABLED_NO_DIRECTORY_LOGIN_FALLBACK
+    #           certificate_authority_arn: "Arn",
+    #         },
     #       }
     #
     # @!attribute [rw] directory_name
@@ -761,12 +801,26 @@ module Aws::AppStream
     #   builder to connect to the directory.
     #   @return [Types::ServiceAccountCredentials]
     #
+    # @!attribute [rw] certificate_based_auth_properties
+    #   The certificate-based authentication properties used to authenticate
+    #   SAML 2.0 Identity Provider (IdP) user identities to Active Directory
+    #   domain-joined streaming instances. Fallback is turned on by default
+    #   when certificate-based authentication is **Enabled** . Fallback
+    #   allows users to log in using their AD domain password if
+    #   certificate-based authentication is unsuccessful, or to unlock a
+    #   desktop lock screen. **Enabled\_no\_directory\_login\_fallback**
+    #   enables certificate-based authentication, but does not allow users
+    #   to log in using their AD domain password. Users will be disconnected
+    #   to re-authenticate using certificates.
+    #   @return [Types::CertificateBasedAuthProperties]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/CreateDirectoryConfigRequest AWS API Documentation
     #
     class CreateDirectoryConfigRequest < Struct.new(
       :directory_name,
       :organizational_unit_distinguished_names,
-      :service_account_credentials)
+      :service_account_credentials,
+      :certificate_based_auth_properties)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -905,6 +959,10 @@ module Aws::AppStream
     #
     #   * stream.standard.large
     #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
+    #
     #   * stream.compute.large
     #
     #   * stream.compute.xlarge
@@ -970,6 +1028,12 @@ module Aws::AppStream
     #   * stream.standard.small
     #
     #   * stream.standard.medium
+    #
+    #   * stream.standard.large
+    #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
     #   @return [String]
     #
     # @!attribute [rw] fleet_type
@@ -1798,7 +1862,7 @@ module Aws::AppStream
     #         message_action: "SUPPRESS", # accepts SUPPRESS, RESEND
     #         first_name: "UserAttributeValue",
     #         last_name: "UserAttributeValue",
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #       }
     #
     # @!attribute [rw] user_name
@@ -2105,7 +2169,7 @@ module Aws::AppStream
     #
     #       {
     #         user_name: "Username", # required
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #       }
     #
     # @!attribute [rw] user_name
@@ -2625,7 +2689,7 @@ module Aws::AppStream
     #         user_id: "UserId",
     #         next_token: "String",
     #         limit: 1,
-    #         authentication_type: "API", # accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # accepts API, SAML, USERPOOL, AWS_AD
     #       }
     #
     # @!attribute [rw] stack_name
@@ -2782,7 +2846,7 @@ module Aws::AppStream
     #       {
     #         stack_name: "String",
     #         user_name: "Username",
-    #         authentication_type: "API", # accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # accepts API, SAML, USERPOOL, AWS_AD
     #         max_results: 1,
     #         next_token: "String",
     #       }
@@ -2847,7 +2911,7 @@ module Aws::AppStream
     #   data as a hash:
     #
     #       {
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #         max_results: 1,
     #         next_token: "String",
     #       }
@@ -2916,13 +2980,27 @@ module Aws::AppStream
     #   The time the directory configuration was created.
     #   @return [Time]
     #
+    # @!attribute [rw] certificate_based_auth_properties
+    #   The certificate-based authentication properties used to authenticate
+    #   SAML 2.0 Identity Provider (IdP) user identities to Active Directory
+    #   domain-joined streaming instances. Fallback is turned on by default
+    #   when certificate-based authentication is **Enabled** . Fallback
+    #   allows users to log in using their AD domain password if
+    #   certificate-based authentication is unsuccessful, or to unlock a
+    #   desktop lock screen. **Enabled\_no\_directory\_login\_fallback**
+    #   enables certificate-based authentication, but does not allow users
+    #   to log in using their AD domain password. Users will be disconnected
+    #   to re-authenticate using certificates.
+    #   @return [Types::CertificateBasedAuthProperties]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DirectoryConfig AWS API Documentation
     #
     class DirectoryConfig < Struct.new(
       :directory_name,
       :organizational_unit_distinguished_names,
       :service_account_credentials,
-      :created_time)
+      :created_time,
+      :certificate_based_auth_properties)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2932,7 +3010,7 @@ module Aws::AppStream
     #
     #       {
     #         user_name: "Username", # required
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #       }
     #
     # @!attribute [rw] user_name
@@ -3088,7 +3166,7 @@ module Aws::AppStream
     #
     #       {
     #         user_name: "Username", # required
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #       }
     #
     # @!attribute [rw] user_name
@@ -4957,6 +5035,10 @@ module Aws::AppStream
     #           account_name: "AccountName", # required
     #           account_password: "AccountPassword", # required
     #         },
+    #         certificate_based_auth_properties: {
+    #           status: "DISABLED", # accepts DISABLED, ENABLED, ENABLED_NO_DIRECTORY_LOGIN_FALLBACK
+    #           certificate_authority_arn: "Arn",
+    #         },
     #       }
     #
     # @!attribute [rw] directory_name
@@ -4973,12 +5055,26 @@ module Aws::AppStream
     #   builder to connect to the directory.
     #   @return [Types::ServiceAccountCredentials]
     #
+    # @!attribute [rw] certificate_based_auth_properties
+    #   The certificate-based authentication properties used to authenticate
+    #   SAML 2.0 Identity Provider (IdP) user identities to Active Directory
+    #   domain-joined streaming instances. Fallback is turned on by default
+    #   when certificate-based authentication is **Enabled** . Fallback
+    #   allows users to log in using their AD domain password if
+    #   certificate-based authentication is unsuccessful, or to unlock a
+    #   desktop lock screen. **Enabled\_no\_directory\_login\_fallback**
+    #   enables certificate-based authentication, but does not allow users
+    #   to log in using their AD domain password. Users will be disconnected
+    #   to re-authenticate using certificates.
+    #   @return [Types::CertificateBasedAuthProperties]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/UpdateDirectoryConfigRequest AWS API Documentation
     #
     class UpdateDirectoryConfigRequest < Struct.new(
       :directory_name,
       :organizational_unit_distinguished_names,
-      :service_account_credentials)
+      :service_account_credentials,
+      :certificate_based_auth_properties)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5115,6 +5211,10 @@ module Aws::AppStream
     #
     #   * stream.standard.large
     #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
+    #
     #   * stream.compute.large
     #
     #   * stream.compute.xlarge
@@ -5180,6 +5280,12 @@ module Aws::AppStream
     #   * stream.standard.small
     #
     #   * stream.standard.medium
+    #
+    #   * stream.standard.large
+    #
+    #   * stream.standard.xlarge
+    #
+    #   * stream.standard.2xlarge
     #   @return [String]
     #
     # @!attribute [rw] compute_capacity
@@ -5673,7 +5779,7 @@ module Aws::AppStream
     #       {
     #         stack_name: "String", # required
     #         user_name: "Username", # required
-    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL
+    #         authentication_type: "API", # required, accepts API, SAML, USERPOOL, AWS_AD
     #         send_email_notification: false,
     #       }
     #

data/lib/aws-sdk-appstream.rb

@@ -53,6 +53,6 @@ require_relative 'aws-sdk-appstream/customizations'
 # @!group service
 module Aws::AppStream
 
-  GEM_VERSION = '1.67.0'
+  GEM_VERSION = '1.68.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-appstream
 version: !ruby/object:Gem::Version
-  version: 1.67.0
+  version: 1.68.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-10-25 00:00:00.000000000 Z
+date: 2022-10-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core