2022/10/28 - Amazon AppStream - 12 updated api methods
Changes This release includes CertificateBasedAuthProperties in CreateDirectoryConfig and UpdateDirectoryConfig.
{'UserStackAssociations': {'AuthenticationType': {'AWS_AD'}}}
Response {'errors': {'UserStackAssociation': {'AuthenticationType': {'AWS_AD'}}}}
Associates the specified users with the specified stacks. Users in a user pool cannot be assigned to stacks with fleets that are joined to an Active Directory domain.
See also: AWS API Documentation
Request Syntax
client.batch_associate_user_stack(
UserStackAssociations=[
{
'StackName': 'string',
'UserName': 'string',
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD',
'SendEmailNotification': True|False
},
]
)
list
[REQUIRED]
The list of UserStackAssociation objects.
(dict) --
Describes a user in the user pool and the associated stack.
StackName (string) -- [REQUIRED]
The name of the stack that is associated with the user.
UserName (string) -- [REQUIRED]
The email address of the user who is associated with the stack.
AuthenticationType (string) -- [REQUIRED]
The authentication type for the user.
SendEmailNotification (boolean) --
Specifies whether a welcome email is sent to a user after the user is created in the user pool.
dict
Response Syntax
{
'errors': [
{
'UserStackAssociation': {
'StackName': 'string',
'UserName': 'string',
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD',
'SendEmailNotification': True|False
},
'ErrorCode': 'STACK_NOT_FOUND'|'USER_NAME_NOT_FOUND'|'DIRECTORY_NOT_FOUND'|'INTERNAL_ERROR',
'ErrorMessage': 'string'
},
]
}
Response Structure
(dict) --
errors (list) --
The list of UserStackAssociationError objects.
(dict) --
Describes the error that is returned when a user can’t be associated with or disassociated from a stack.
UserStackAssociation (dict) --
Information about the user and associated stack.
StackName (string) --
The name of the stack that is associated with the user.
UserName (string) --
The email address of the user who is associated with the stack.
AuthenticationType (string) --
The authentication type for the user.
SendEmailNotification (boolean) --
Specifies whether a welcome email is sent to a user after the user is created in the user pool.
ErrorCode (string) --
The error code for the error that is returned when a user can’t be associated with or disassociated from a stack.
ErrorMessage (string) --
The error message for the error that is returned when a user can’t be associated with or disassociated from a stack.
{'UserStackAssociations': {'AuthenticationType': {'AWS_AD'}}}
Response {'errors': {'UserStackAssociation': {'AuthenticationType': {'AWS_AD'}}}}
Disassociates the specified users from the specified stacks.
See also: AWS API Documentation
Request Syntax
client.batch_disassociate_user_stack(
UserStackAssociations=[
{
'StackName': 'string',
'UserName': 'string',
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD',
'SendEmailNotification': True|False
},
]
)
list
[REQUIRED]
The list of UserStackAssociation objects.
(dict) --
Describes a user in the user pool and the associated stack.
StackName (string) -- [REQUIRED]
The name of the stack that is associated with the user.
UserName (string) -- [REQUIRED]
The email address of the user who is associated with the stack.
AuthenticationType (string) -- [REQUIRED]
The authentication type for the user.
SendEmailNotification (boolean) --
Specifies whether a welcome email is sent to a user after the user is created in the user pool.
dict
Response Syntax
{
'errors': [
{
'UserStackAssociation': {
'StackName': 'string',
'UserName': 'string',
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD',
'SendEmailNotification': True|False
},
'ErrorCode': 'STACK_NOT_FOUND'|'USER_NAME_NOT_FOUND'|'DIRECTORY_NOT_FOUND'|'INTERNAL_ERROR',
'ErrorMessage': 'string'
},
]
}
Response Structure
(dict) --
errors (list) --
The list of UserStackAssociationError objects.
(dict) --
Describes the error that is returned when a user can’t be associated with or disassociated from a stack.
UserStackAssociation (dict) --
Information about the user and associated stack.
StackName (string) --
The name of the stack that is associated with the user.
UserName (string) --
The email address of the user who is associated with the stack.
AuthenticationType (string) --
The authentication type for the user.
SendEmailNotification (boolean) --
Specifies whether a welcome email is sent to a user after the user is created in the user pool.
ErrorCode (string) --
The error code for the error that is returned when a user can’t be associated with or disassociated from a stack.
ErrorMessage (string) --
The error message for the error that is returned when a user can’t be associated with or disassociated from a stack.
{'CertificateBasedAuthProperties': {'CertificateAuthorityArn': 'string',
'Status': 'DISABLED | ENABLED | '
'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK'}}
Response {'DirectoryConfig': {'CertificateBasedAuthProperties': {'CertificateAuthorityArn': 'string',
'Status': 'DISABLED | '
'ENABLED | '
'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK'}}}
Creates a Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
See also: AWS API Documentation
Request Syntax
client.create_directory_config(
DirectoryName='string',
OrganizationalUnitDistinguishedNames=[
'string',
],
ServiceAccountCredentials={
'AccountName': 'string',
'AccountPassword': 'string'
},
CertificateBasedAuthProperties={
'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
'CertificateAuthorityArn': 'string'
}
)
string
[REQUIRED]
The fully qualified name of the directory (for example, corp.example.com).
list
[REQUIRED]
The distinguished names of the organizational units for computer accounts.
(string) --
dict
The credentials for the service account used by the fleet or image builder to connect to the directory.
AccountName (string) -- [REQUIRED]
The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
AccountPassword (string) -- [REQUIRED]
The password for the account.
dict
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
Status (string) --
The status of the certificate-based authentication properties.
CertificateAuthorityArn (string) --
The ARN of the AWS Certificate Manager Private CA resource.
dict
Response Syntax
{
'DirectoryConfig': {
'DirectoryName': 'string',
'OrganizationalUnitDistinguishedNames': [
'string',
],
'ServiceAccountCredentials': {
'AccountName': 'string',
'AccountPassword': 'string'
},
'CreatedTime': datetime(2015, 1, 1),
'CertificateBasedAuthProperties': {
'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
'CertificateAuthorityArn': 'string'
}
}
}
Response Structure
(dict) --
DirectoryConfig (dict) --
Information about the directory configuration.
DirectoryName (string) --
The fully qualified name of the directory (for example, corp.example.com).
OrganizationalUnitDistinguishedNames (list) --
The distinguished names of the organizational units for computer accounts.
(string) --
ServiceAccountCredentials (dict) --
The credentials for the service account used by the fleet or image builder to connect to the directory.
AccountName (string) --
The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
AccountPassword (string) --
The password for the account.
CreatedTime (datetime) --
The time the directory configuration was created.
CertificateBasedAuthProperties (dict) --
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
Status (string) --
The status of the certificate-based authentication properties.
CertificateAuthorityArn (string) --
The ARN of the AWS Certificate Manager Private CA resource.
{'AuthenticationType': {'AWS_AD'}}
Creates a new user in the user pool.
See also: AWS API Documentation
Request Syntax
client.create_user(
UserName='string',
MessageAction='SUPPRESS'|'RESEND',
FirstName='string',
LastName='string',
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD'
)
string
[REQUIRED]
The email address of the user.
string
The action to take for the welcome email that is sent to a user after the user is created in the user pool. If you specify SUPPRESS, no email is sent. If you specify RESEND, do not specify the first name or last name of the user. If the value is null, the email is sent.
string
The first name, or given name, of the user.
string
The last name, or surname, of the user.
string
[REQUIRED]
The authentication type for the user. You must specify USERPOOL.
dict
Response Syntax
{}
Response Structure
(dict) --
{'AuthenticationType': {'AWS_AD'}}
Deletes a user from the user pool.
See also: AWS API Documentation
Request Syntax
client.delete_user(
UserName='string',
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD'
)
string
[REQUIRED]
The email address of the user.
string
[REQUIRED]
The authentication type for the user. You must specify USERPOOL.
dict
Response Syntax
{}
Response Structure
(dict) --
{'DirectoryConfigs': {'CertificateBasedAuthProperties': {'CertificateAuthorityArn': 'string',
'Status': 'DISABLED | '
'ENABLED | '
'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK'}}}
Retrieves a list that describes one or more specified Directory Config objects for AppStream 2.0, if the names for these objects are provided. Otherwise, all Directory Config objects in the account are described. These objects include the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
Although the response syntax in this topic includes the account password, this password is not returned in the actual response.
See also: AWS API Documentation
Request Syntax
client.describe_directory_configs(
DirectoryNames=[
'string',
],
MaxResults=123,
NextToken='string'
)
list
The directory names.
(string) --
integer
The maximum size of each page of results.
string
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
dict
Response Syntax
{
'DirectoryConfigs': [
{
'DirectoryName': 'string',
'OrganizationalUnitDistinguishedNames': [
'string',
],
'ServiceAccountCredentials': {
'AccountName': 'string',
'AccountPassword': 'string'
},
'CreatedTime': datetime(2015, 1, 1),
'CertificateBasedAuthProperties': {
'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
'CertificateAuthorityArn': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
DirectoryConfigs (list) --
Information about the directory configurations. Note that although the response syntax in this topic includes the account password, this password is not returned in the actual response.
(dict) --
Describes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
DirectoryName (string) --
The fully qualified name of the directory (for example, corp.example.com).
OrganizationalUnitDistinguishedNames (list) --
The distinguished names of the organizational units for computer accounts.
(string) --
ServiceAccountCredentials (dict) --
The credentials for the service account used by the fleet or image builder to connect to the directory.
AccountName (string) --
The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
AccountPassword (string) --
The password for the account.
CreatedTime (datetime) --
The time the directory configuration was created.
CertificateBasedAuthProperties (dict) --
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
Status (string) --
The status of the certificate-based authentication properties.
CertificateAuthorityArn (string) --
The ARN of the AWS Certificate Manager Private CA resource.
NextToken (string) --
The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
{'AuthenticationType': {'AWS_AD'}}
Response {'Sessions': {'AuthenticationType': {'AWS_AD'}}}
Retrieves a list that describes the streaming sessions for a specified stack and fleet. If a UserId is provided for the stack and fleet, only streaming sessions for that user are described. If an authentication type is not provided, the default is to authenticate users using a streaming URL.
See also: AWS API Documentation
Request Syntax
client.describe_sessions(
StackName='string',
FleetName='string',
UserId='string',
NextToken='string',
Limit=123,
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD'
)
string
[REQUIRED]
The name of the stack. This value is case-sensitive.
string
[REQUIRED]
The name of the fleet. This value is case-sensitive.
string
The user identifier (ID). If you specify a user ID, you must also specify the authentication type.
string
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
integer
The size of each page of results. The default value is 20 and the maximum value is 50.
string
The authentication method. Specify API for a user authenticated using a streaming URL or SAML for a SAML federated user. The default is to authenticate users using a streaming URL.
dict
Response Syntax
{
'Sessions': [
{
'Id': 'string',
'UserId': 'string',
'StackName': 'string',
'FleetName': 'string',
'State': 'ACTIVE'|'PENDING'|'EXPIRED',
'ConnectionState': 'CONNECTED'|'NOT_CONNECTED',
'StartTime': datetime(2015, 1, 1),
'MaxExpirationTime': datetime(2015, 1, 1),
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD',
'NetworkAccessConfiguration': {
'EniPrivateIpAddress': 'string',
'EniId': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Sessions (list) --
Information about the streaming sessions.
(dict) --
Describes a streaming session.
Id (string) --
The identifier of the streaming session.
UserId (string) --
The identifier of the user for whom the session was created.
StackName (string) --
The name of the stack for the streaming session.
FleetName (string) --
The name of the fleet for the streaming session.
State (string) --
The current state of the streaming session.
ConnectionState (string) --
Specifies whether a user is connected to the streaming session.
StartTime (datetime) --
The time when a streaming instance is dedicated for the user.
MaxExpirationTime (datetime) --
The time when the streaming session is set to expire. This time is based on the MaxUserDurationinSeconds value, which determines the maximum length of time that a streaming session can run. A streaming session might end earlier than the time specified in SessionMaxExpirationTime, when the DisconnectTimeOutInSeconds elapses or the user chooses to end his or her session. If the DisconnectTimeOutInSeconds elapses, or the user chooses to end his or her session, the streaming instance is terminated and the streaming session ends.
AuthenticationType (string) --
The authentication method. The user is authenticated using a streaming URL ( API) or SAML 2.0 federation ( SAML).
NetworkAccessConfiguration (dict) --
The network details for the streaming session.
EniPrivateIpAddress (string) --
The private IP address of the elastic network interface that is attached to instances in your VPC.
EniId (string) --
The resource identifier of the elastic network interface that is attached to instances in your VPC. All network interfaces have the eni-xxxxxxxx resource identifier.
NextToken (string) --
The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
{'AuthenticationType': {'AWS_AD'}}
Response {'UserStackAssociations': {'AuthenticationType': {'AWS_AD'}}}
Retrieves a list that describes the UserStackAssociation objects. You must specify either or both of the following:
The stack name
The user name (email address of the user associated with the stack) and the authentication type for the user
See also: AWS API Documentation
Request Syntax
client.describe_user_stack_associations(
StackName='string',
UserName='string',
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD',
MaxResults=123,
NextToken='string'
)
string
The name of the stack that is associated with the user.
string
The email address of the user who is associated with the stack.
string
The authentication type for the user who is associated with the stack. You must specify USERPOOL.
integer
The maximum size of each page of results.
string
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
dict
Response Syntax
{
'UserStackAssociations': [
{
'StackName': 'string',
'UserName': 'string',
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD',
'SendEmailNotification': True|False
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
UserStackAssociations (list) --
The UserStackAssociation objects.
(dict) --
Describes a user in the user pool and the associated stack.
StackName (string) --
The name of the stack that is associated with the user.
UserName (string) --
The email address of the user who is associated with the stack.
AuthenticationType (string) --
The authentication type for the user.
SendEmailNotification (boolean) --
Specifies whether a welcome email is sent to a user after the user is created in the user pool.
NextToken (string) --
The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
{'AuthenticationType': {'AWS_AD'}}
Response {'Users': {'AuthenticationType': {'AWS_AD'}}}
Retrieves a list that describes one or more specified users in the user pool.
See also: AWS API Documentation
Request Syntax
client.describe_users(
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD',
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
The authentication type for the users in the user pool to describe. You must specify USERPOOL.
integer
The maximum size of each page of results.
string
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
dict
Response Syntax
{
'Users': [
{
'Arn': 'string',
'UserName': 'string',
'Enabled': True|False,
'Status': 'string',
'FirstName': 'string',
'LastName': 'string',
'CreatedTime': datetime(2015, 1, 1),
'AuthenticationType': 'API'|'SAML'|'USERPOOL'|'AWS_AD'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Users (list) --
Information about users in the user pool.
(dict) --
Describes a user in the user pool.
Arn (string) --
The ARN of the user.
UserName (string) --
The email address of the user.
Enabled (boolean) --
Specifies whether the user in the user pool is enabled.
Status (string) --
The status of the user in the user pool. The status can be one of the following:
UNCONFIRMED – The user is created but not confirmed.
CONFIRMED – The user is confirmed.
ARCHIVED – The user is no longer active.
COMPROMISED – The user is disabled because of a potential security threat.
UNKNOWN – The user status is not known.
FirstName (string) --
The first name, or given name, of the user.
LastName (string) --
The last name, or surname, of the user.
CreatedTime (datetime) --
The date and time the user was created in the user pool.
AuthenticationType (string) --
The authentication type for the user.
NextToken (string) --
The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
{'AuthenticationType': {'AWS_AD'}}
Disables the specified user in the user pool. Users can't sign in to AppStream 2.0 until they are re-enabled. This action does not delete the user.
See also: AWS API Documentation
Request Syntax
client.disable_user(
UserName='string',
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD'
)
string
[REQUIRED]
The email address of the user.
string
[REQUIRED]
The authentication type for the user. You must specify USERPOOL.
dict
Response Syntax
{}
Response Structure
(dict) --
{'AuthenticationType': {'AWS_AD'}}
Enables a user in the user pool. After being enabled, users can sign in to AppStream 2.0 and open applications from the stacks to which they are assigned.
See also: AWS API Documentation
Request Syntax
client.enable_user(
UserName='string',
AuthenticationType='API'|'SAML'|'USERPOOL'|'AWS_AD'
)
string
[REQUIRED]
The email address of the user.
string
[REQUIRED]
The authentication type for the user. You must specify USERPOOL.
dict
Response Syntax
{}
Response Structure
(dict) --
{'CertificateBasedAuthProperties': {'CertificateAuthorityArn': 'string',
'Status': 'DISABLED | ENABLED | '
'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK'}}
Response {'DirectoryConfig': {'CertificateBasedAuthProperties': {'CertificateAuthorityArn': 'string',
'Status': 'DISABLED | '
'ENABLED | '
'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK'}}}
Updates the specified Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
See also: AWS API Documentation
Request Syntax
client.update_directory_config(
DirectoryName='string',
OrganizationalUnitDistinguishedNames=[
'string',
],
ServiceAccountCredentials={
'AccountName': 'string',
'AccountPassword': 'string'
},
CertificateBasedAuthProperties={
'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
'CertificateAuthorityArn': 'string'
}
)
string
[REQUIRED]
The name of the Directory Config object.
list
The distinguished names of the organizational units for computer accounts.
(string) --
dict
The credentials for the service account used by the fleet or image builder to connect to the directory.
AccountName (string) -- [REQUIRED]
The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
AccountPassword (string) -- [REQUIRED]
The password for the account.
dict
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
Status (string) --
The status of the certificate-based authentication properties.
CertificateAuthorityArn (string) --
The ARN of the AWS Certificate Manager Private CA resource.
dict
Response Syntax
{
'DirectoryConfig': {
'DirectoryName': 'string',
'OrganizationalUnitDistinguishedNames': [
'string',
],
'ServiceAccountCredentials': {
'AccountName': 'string',
'AccountPassword': 'string'
},
'CreatedTime': datetime(2015, 1, 1),
'CertificateBasedAuthProperties': {
'Status': 'DISABLED'|'ENABLED'|'ENABLED_NO_DIRECTORY_LOGIN_FALLBACK',
'CertificateAuthorityArn': 'string'
}
}
}
Response Structure
(dict) --
DirectoryConfig (dict) --
Information about the Directory Config object.
DirectoryName (string) --
The fully qualified name of the directory (for example, corp.example.com).
OrganizationalUnitDistinguishedNames (list) --
The distinguished names of the organizational units for computer accounts.
(string) --
ServiceAccountCredentials (dict) --
The credentials for the service account used by the fleet or image builder to connect to the directory.
AccountName (string) --
The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
AccountPassword (string) --
The password for the account.
CreatedTime (datetime) --
The time the directory configuration was created.
CertificateBasedAuthProperties (dict) --
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
Status (string) --
The status of the certificate-based authentication properties.
CertificateAuthorityArn (string) --
The ARN of the AWS Certificate Manager Private CA resource.