feat(client-appstream): This release includes CertificateBasedAuthProperties in CreateDirectoryConfig and UpdateDirectoryConfig.

awstools · awstools · commit f6bd19e979de · 2022-10-28T18:31:41.000Z
diff --git a/clients/client-appstream/src/AppStream.ts b/clients/client-appstream/src/AppStream.ts
@@ -624,7 +624,7 @@ export class AppStream extends AppStreamClient {
   }
 
   /**
-   * <p>Creates a fleet. A fleet consists of streaming instances that run a specified image when using Always-On or On-Demand.</p>
+   * <p>Creates a fleet. A fleet consists of streaming instances that your users access for their applications and desktops.</p>
    */
   public createFleet(args: CreateFleetCommandInput, options?: __HttpHandlerOptions): Promise<CreateFleetCommandOutput>;
   public createFleet(args: CreateFleetCommandInput, cb: (err: any, data?: CreateFleetCommandOutput) => void): void;
diff --git a/clients/client-appstream/src/commands/CreateFleetCommand.ts b/clients/client-appstream/src/commands/CreateFleetCommand.ts
@@ -29,7 +29,7 @@ export interface CreateFleetCommandInput extends CreateFleetRequest {}
 export interface CreateFleetCommandOutput extends CreateFleetResult, __MetadataBearer {}
 
 /**
- * <p>Creates a fleet. A fleet consists of streaming instances that run a specified image when using Always-On or On-Demand.</p>
+ * <p>Creates a fleet. A fleet consists of streaming instances that your users access for their applications and desktops.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-appstream/src/models/models_0.ts b/clients/client-appstream/src/models/models_0.ts
@@ -118,7 +118,12 @@ export interface AppBlock {
   CreatedTime?: Date;
 }
 
-export type PlatformType = "AMAZON_LINUX2" | "WINDOWS" | "WINDOWS_SERVER_2016" | "WINDOWS_SERVER_2019";
+export enum PlatformType {
+  AMAZON_LINUX2 = "AMAZON_LINUX2",
+  WINDOWS = "WINDOWS",
+  WINDOWS_SERVER_2016 = "WINDOWS_SERVER_2016",
+  WINDOWS_SERVER_2019 = "WINDOWS_SERVER_2019",
+}
 
 /**
  * <p>Describes an application in the application catalog.</p>
@@ -509,6 +514,7 @@ export class InvalidAccountStatusException extends __BaseException {
 
 export enum AuthenticationType {
   API = "API",
+  AWS_AD = "AWS_AD",
   SAML = "SAML",
   USERPOOL = "USERPOOL",
 }
@@ -597,6 +603,33 @@ export interface BatchDisassociateUserStackResult {
   errors?: UserStackAssociationError[];
 }
 
+export enum CertificateBasedAuthStatus {
+  DISABLED = "DISABLED",
+  ENABLED = "ENABLED",
+  ENABLED_NO_DIRECTORY_LOGIN_FALLBACK = "ENABLED_NO_DIRECTORY_LOGIN_FALLBACK",
+}
+
+/**
+ * <p>The certificate-based authentication properties used to authenticate SAML 2.0 Identity
+ *             Provider (IdP) user identities to Active Directory domain-joined streaming instances.
+ *             Fallback is turned on by default when certificate-based authentication is <b>Enabled</b> . Fallback allows users to log in using their AD
+ *             domain password if certificate-based authentication is unsuccessful, or to unlock a
+ *             desktop lock screen. <b>Enabled_no_directory_login_fallback</b> enables certificate-based
+ *             authentication, but does not allow users to log in using their AD domain password. Users
+ *             will be disconnected to re-authenticate using certificates.</p>
+ */
+export interface CertificateBasedAuthProperties {
+  /**
+   * <p>The status of the certificate-based authentication properties.</p>
+   */
+  Status?: CertificateBasedAuthStatus | string;
+
+  /**
+   * <p>The ARN of the AWS Certificate Manager Private CA resource.</p>
+   */
+  CertificateAuthorityArn?: string;
+}
+
 /**
  * <p>Describes the capacity for a fleet.</p>
  */
@@ -845,6 +878,17 @@ export interface CreateDirectoryConfigRequest {
    * <p>The credentials for the service account used by the fleet or image builder to connect to the directory.</p>
    */
   ServiceAccountCredentials?: ServiceAccountCredentials;
+
+  /**
+   * <p>The certificate-based authentication properties used to authenticate SAML 2.0 Identity
+   *             Provider (IdP) user identities to Active Directory domain-joined streaming instances.
+   *             Fallback is turned on by default when certificate-based authentication is <b>Enabled</b> . Fallback allows users to log in using their AD
+   *             domain password if certificate-based authentication is unsuccessful, or to unlock a
+   *             desktop lock screen. <b>Enabled_no_directory_login_fallback</b> enables certificate-based
+   *             authentication, but does not allow users to log in using their AD domain password. Users
+   *             will be disconnected to re-authenticate using certificates.</p>
+   */
+  CertificateBasedAuthProperties?: CertificateBasedAuthProperties;
 }
 
 /**
@@ -870,6 +914,17 @@ export interface DirectoryConfig {
    * <p>The time the directory configuration was created.</p>
    */
   CreatedTime?: Date;
+
+  /**
+   * <p>The certificate-based authentication properties used to authenticate SAML 2.0 Identity
+   *             Provider (IdP) user identities to Active Directory domain-joined streaming instances.
+   *             Fallback is turned on by default when certificate-based authentication is <b>Enabled</b> . Fallback allows users to log in using their AD
+   *             domain password if certificate-based authentication is unsuccessful, or to unlock a
+   *             desktop lock screen. <b>Enabled_no_directory_login_fallback</b> enables certificate-based
+   *             authentication, but does not allow users to log in using their AD domain password. Users
+   *             will be disconnected to re-authenticate using certificates.</p>
+   */
+  CertificateBasedAuthProperties?: CertificateBasedAuthProperties;
 }
 
 export interface CreateDirectoryConfigResult {
@@ -1121,6 +1176,12 @@ export interface CreateFleetRequest {
    *                <p>stream.standard.large</p>
    *             </li>
    *             <li>
+   *                <p>stream.standard.xlarge</p>
+   *             </li>
+   *             <li>
+   *                <p>stream.standard.2xlarge</p>
+   *             </li>
+   *             <li>
    *                <p>stream.compute.large</p>
    *             </li>
    *             <li>
@@ -1219,6 +1280,15 @@ export interface CreateFleetRequest {
    *             <li>
    *                <p>stream.standard.medium</p>
    *             </li>
+   *             <li>
+   *                <p>stream.standard.large</p>
+   *             </li>
+   *             <li>
+   *                <p>stream.standard.xlarge</p>
+   *             </li>
+   *             <li>
+   *                <p>stream.standard.2xlarge</p>
+   *             </li>
    *          </ul>
    */
   InstanceType: string | undefined;
@@ -3873,6 +3943,17 @@ export interface UpdateDirectoryConfigRequest {
    * <p>The credentials for the service account used by the fleet or image builder to connect to the directory.</p>
    */
   ServiceAccountCredentials?: ServiceAccountCredentials;
+
+  /**
+   * <p>The certificate-based authentication properties used to authenticate SAML 2.0 Identity
+   *             Provider (IdP) user identities to Active Directory domain-joined streaming instances.
+   *             Fallback is turned on by default when certificate-based authentication is <b>Enabled</b> . Fallback allows users to log in using their AD
+   *             domain password if certificate-based authentication is unsuccessful, or to unlock a
+   *             desktop lock screen. <b>Enabled_no_directory_login_fallback</b> enables certificate-based
+   *             authentication, but does not allow users to log in using their AD domain password. Users
+   *             will be disconnected to re-authenticate using certificates.</p>
+   */
+  CertificateBasedAuthProperties?: CertificateBasedAuthProperties;
 }
 
 export interface UpdateDirectoryConfigResult {
@@ -3945,6 +4026,12 @@ export interface UpdateFleetRequest {
    *                <p>stream.standard.large</p>
    *             </li>
    *             <li>
+   *                <p>stream.standard.xlarge</p>
+   *             </li>
+   *             <li>
+   *                <p>stream.standard.2xlarge</p>
+   *             </li>
+   *             <li>
    *                <p>stream.compute.large</p>
    *             </li>
    *             <li>
@@ -4043,6 +4130,15 @@ export interface UpdateFleetRequest {
    *             <li>
    *                <p>stream.standard.medium</p>
    *             </li>
+   *             <li>
+   *                <p>stream.standard.large</p>
+   *             </li>
+   *             <li>
+   *                <p>stream.standard.xlarge</p>
+   *             </li>
+   *             <li>
+   *                <p>stream.standard.2xlarge</p>
+   *             </li>
    *          </ul>
    */
   InstanceType?: string;
@@ -4428,6 +4524,13 @@ export const BatchDisassociateUserStackResultFilterSensitiveLog = (obj: BatchDis
   ...(obj.errors && { errors: obj.errors.map((item) => UserStackAssociationErrorFilterSensitiveLog(item)) }),
 });
 
+/**
+ * @internal
+ */
+export const CertificateBasedAuthPropertiesFilterSensitiveLog = (obj: CertificateBasedAuthProperties): any => ({
+  ...obj,
+});
+
 /**
  * @internal
  */
diff --git a/clients/client-appstream/src/protocols/Aws_json1_1.ts b/clients/client-appstream/src/protocols/Aws_json1_1.ts
@@ -179,6 +179,7 @@ import {
   BatchAssociateUserStackResult,
   BatchDisassociateUserStackRequest,
   BatchDisassociateUserStackResult,
+  CertificateBasedAuthProperties,
   ComputeCapacity,
   ComputeCapacityStatus,
   ConcurrentModificationException,
@@ -4609,6 +4610,16 @@ const serializeAws_json1_1BatchDisassociateUserStackRequest = (
   };
 };
 
+const serializeAws_json1_1CertificateBasedAuthProperties = (
+  input: CertificateBasedAuthProperties,
+  context: __SerdeContext
+): any => {
+  return {
+    ...(input.CertificateAuthorityArn != null && { CertificateAuthorityArn: input.CertificateAuthorityArn }),
+    ...(input.Status != null && { Status: input.Status }),
+  };
+};
+
 const serializeAws_json1_1ComputeCapacity = (input: ComputeCapacity, context: __SerdeContext): any => {
   return {
     ...(input.DesiredInstances != null && { DesiredInstances: input.DesiredInstances }),
@@ -4669,6 +4680,12 @@ const serializeAws_json1_1CreateDirectoryConfigRequest = (
   context: __SerdeContext
 ): any => {
   return {
+    ...(input.CertificateBasedAuthProperties != null && {
+      CertificateBasedAuthProperties: serializeAws_json1_1CertificateBasedAuthProperties(
+        input.CertificateBasedAuthProperties,
+        context
+      ),
+    }),
     ...(input.DirectoryName != null && { DirectoryName: input.DirectoryName }),
     ...(input.OrganizationalUnitDistinguishedNames != null && {
       OrganizationalUnitDistinguishedNames: serializeAws_json1_1OrganizationalUnitDistinguishedNamesList(
@@ -5434,6 +5451,12 @@ const serializeAws_json1_1UpdateDirectoryConfigRequest = (
   context: __SerdeContext
 ): any => {
   return {
+    ...(input.CertificateBasedAuthProperties != null && {
+      CertificateBasedAuthProperties: serializeAws_json1_1CertificateBasedAuthProperties(
+        input.CertificateBasedAuthProperties,
+        context
+      ),
+    }),
     ...(input.DirectoryName != null && { DirectoryName: input.DirectoryName }),
     ...(input.OrganizationalUnitDistinguishedNames != null && {
       OrganizationalUnitDistinguishedNames: serializeAws_json1_1OrganizationalUnitDistinguishedNamesList(
@@ -5768,6 +5791,16 @@ const deserializeAws_json1_1BatchDisassociateUserStackResult = (
   } as any;
 };
 
+const deserializeAws_json1_1CertificateBasedAuthProperties = (
+  output: any,
+  context: __SerdeContext
+): CertificateBasedAuthProperties => {
+  return {
+    CertificateAuthorityArn: __expectString(output.CertificateAuthorityArn),
+    Status: __expectString(output.Status),
+  } as any;
+};
+
 const deserializeAws_json1_1ComputeCapacityStatus = (output: any, context: __SerdeContext): ComputeCapacityStatus => {
   return {
     Available: __expectInt32(output.Available),
@@ -6111,6 +6144,10 @@ const deserializeAws_json1_1DescribeUserStackAssociationsResult = (
 
 const deserializeAws_json1_1DirectoryConfig = (output: any, context: __SerdeContext): DirectoryConfig => {
   return {
+    CertificateBasedAuthProperties:
+      output.CertificateBasedAuthProperties != null
+        ? deserializeAws_json1_1CertificateBasedAuthProperties(output.CertificateBasedAuthProperties, context)
+        : undefined,
     CreatedTime:
       output.CreatedTime != null
         ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.CreatedTime)))
diff --git a/codegen/sdk-codegen/aws-models/appstream.json b/codegen/sdk-codegen/aws-models/appstream.json

Original file line number	Diff line number	Diff line change
`@@ -624,7 +624,7 @@ export class AppStream extends AppStreamClient {`
`624`	`624`	`}`
`625`	`625`
`626`	`626`	`/**`
`627`		`- * <p>Creates a fleet. A fleet consists of streaming instances that run a specified image when using Always-On or On-Demand.</p>`
	`627`	`+ * <p>Creates a fleet. A fleet consists of streaming instances that your users access for their applications and desktops.</p>`
`628`	`628`	`*/`
`629`	`629`	`public createFleet(args: CreateFleetCommandInput, options?: __HttpHandlerOptions): Promise<CreateFleetCommandOutput>;`
`630`	`630`	`public createFleet(args: CreateFleetCommandInput, cb: (err: any, data?: CreateFleetCommandOutput) => void): void;`