Broker configuration file

The Broker configuration file (/etc/dcv-session-manager-broker/session-manager-broker.properties) includes parameters that can be configured to customize the Session Manager functionality. You can edit the configuration file using your preferred text editor.

Note

The /etc/dcv-session-manager-broker/session-manager-broker.properties file contains sensitive data. By default, its write access is restricted to root and its read access is restricted to root and to the user running the Broker. By default, this is the dcvsmbroker user. The Broker checks at startup that the file has the expected permissions.

The following table lists the parameters in the Broker configuration file.

Parameter name	Required	Default value	Description
`broker-java-home`	No		Specifies the path to the Java home directory the Broker will use instead of the system default one. If set, the Broker will use `<broker-java-home>/bin/java` at startup. Tip: the Broker requires Java Runtime Environment 11 and it is installed if missing as a dependency upon successfull installation. If version 11 is not set as default Java environment, its home directory can be grabbed using the following command: `$ sudo alternatives --display java`
`session-screenshot-max-width`	No	`160`	Specifies the maximum width, in pixels, of session screenshots taken using the GetSessionScreenshots API.
`session-screenshot-max-height`	No	`100`	Specifies the maximum height, in pixels, of session screenshots taken using the GetSessionScreenshots API.
`session-screenshot-format`	No	`png`	The image file format of session screenshots taken using the GetSessionScreenshots API.
`create-sessions-queue-max-size`	No	`1000`	The maximum number of unfulfilled CreateSessions API requests that can be queued. When the queue is full, new unfulfilled requests are rejected.
`create-sessions-queue-max-time-seconds`	No	`1800`	The maximum of time, in seconds, that an unfulfilled CreateSessions API request can remain in the queue. If the request cannot be fulfilled within the specified amount of time, it fails.
`session-manager-working-path`	Yes	`/tmp`	Specifies the path to the directory where the Broker writes the files needed to operate. This directory must be accessible only to the Broker.
`enable-authorization-server`	Yes	`true`	Specifies whether the broker is the authentication server used to generate OAuth 2.0 access tokens for client APIs.
`enable-authorization`	Yes	`true`	Enables or disables client authorization. if you enable client authorization, the client API must provide an access token when making API requests. If you disable client authorization, client APIs can make requests without access tokens.
`enable-agent-authorization`	Yes	`true`	Enables or disables Agent authorization. If you enable Agent authorization, the Agent must provide an access token when communicating with the Broker.
`delete-session-duration-hours`	No	`1`	Specifies the number of hours after which deleted sessions become invisible and are no longer returned by `DescribeSession` API calls.
`connect-session-token-duration-minutes`	No	`60`	Specifies the number of minutes for which the ConnectSession token remains valid.
`client-to-broker-connector-https-port`	Yes	`8443`	Specifies the HTTPS port where the Broker listens for client connections.
`client-to-broker-connector-bind-host`	No	`0.0.0.0`	Specifies the IP address of the host where the Broker binds for client connections.
`client-to-broker-connector-key-store-file`	Yes		Specifies the key store used for TLS client connections.
`client-to-broker-connector-key-store-pass`	Yes		Specifies the key store pass.
`agent-to-broker-connector-https-port`	Yes	`8445`	Specifies the HTTPS port where the Broker listens for Agent connections.
`agent-to-broker-connector-bind-host`	No	`0.0.0.0`	Specifies the IP address of the host where the Broker binds for Agent connections.
`agent-to-broker-connector-key-store-file`	Yes		Specifies the key store used for TLS Agent connections.
`agent-to-broker-connector-key-store-pass`	Yes		Specifies the key store pass.
`broker-to-broker-port`	Yes	`47100`	Specifies the port used for Broker-to-Broker connections.
`broker-to-broker-bind-host`	No	`0.0.0.0`	Specifies the IP address of the host where the Broker binds for Broker-to-Broker connections.
`broker-to-broker-discovery-port`	Yes	`47500`	Specifies the port used by Brokers to discover each other.
`broker-to-broker-discovery-addresses`	No		Specifies the IP addresses and ports of the other brokers in the fleet in the `ip_address`:`port` format. If there are multiple Brokers, separate the values with a comma. If you specify `broker-to-broker-discovery-multicast-group`, `broker-to-broker-discovery-multicast-port`, `broker-to-broker-discovery-Amazon-region`, or `broker-to-broker-discovery-Amazon-alb-target-group-arn`, omit this parameter.
`broker-to-broker-discovery-multicast-group`	No		Specifies the multicast group for Broker-to-roker discovery. If you specify `broker-to-broker-discovery-addresses`, `broker-to-broker-discovery-aws-region`, or `broker-to-broker-discovery-Amazon-alb-target-group-arn`, omit this parameter.
`broker-to-broker-discovery-multicast-port`	No		Specifies the multicast port for Broker-o-oker discovery. If you specify `broker-to-broker-discovery-addresses`, `broker-to-broker-discovery-Amazon-region`, or `broker-to-broker-discovery-Amazon-alb-target-group-arn`, omit this parameter.
`broker-to-broker-discovery-Amazon-region`	No		Specifies the Amazon Region of the application load balancer used for Broker to Broker discovery. If you specify `broker-to-broker-discovery-multicast-group`, `broker-to-broker-discovery-multicast-port`, or `broker-to-broker-discovery-addresses`, omit this parameter.
`broker-to-broker-discovery-Amazon-alb-target-group-arn`	No		The ARN of the application load balancer target group user for Broker-to-Broker discovery. If you specify `broker-to-broker-discovery-multicast-group`, `broker-to-broker-discovery-multicast-port`, or `broker-to-broker-discovery-addresses`, omit this parameter.
`broker-to-broker-distributed-memory-max-size-mb`	No	`4096`	Specifies the maximum amount of off -heap memory to be used by a single Broker to store NICE DCV session data.
`broker-to-broker-key-store-file`	Yes		Specifies the key store used for TLS Broker connections.
`broker-to-broker-key-store-pass`	Yes		Specifies the key store pass.
`enable-cloud-watch-metrics`	No	`false`	Enables or disables Amazon CloudWatch metrics. If you enable CloudWatch Metrics, you might need to specify a value for `cloud-watch-region`.
`cloud-watch-region`	No	Only required if `enable-cloud-watch-metrics` is set to `true`. If the Broker is installed on an Amazon EC2 instance, the region is retrieved from the IMDS.	The Amazon region where the CloudWatch metrics are posted.
max-api-requests-per-second	No	`1000`	Specifies the maximum number of requests that the Broker api can process each second before being throttled.
`enable-throttling-forwarded-for-header`	No	`false`	If set to `true` the throttling retrieves the caller ip from the X-Forwared-For header if present.
`create-sessions-number-of-retries-on-failure`	No	`2`	Specifies the maximum number of retries to be performed after a create session request fails on a NICE DCV server host. Set to 0 to never perform retries on failures.
`autorun-file-arguments-max-size`	No	`50`	Specifies the maximum number of arguments that can be passed to the autorun file.
`autorun-file-arguments-max-argument-length`	No	`150`	Specifies the maximum length in chars of each autorun file argument.
`enable-persistence`	Yes	`false`	If set to `true`, the broker status data is persisted on an external database.
`persistence-db`	No	Only required if `enable-persistence` is set to `true`.	Specifies which database is used for persistence. The only supported values are: `dynamodb` and `mysql`.
`dynamodb-region`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `dynamodb`.	Specifies the region where the DynamoDB tables are created and accessed.
`dynamodb-table-rcu`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `dynamodb`.	Specifies the Read Capacity Units (RCU) for each DynamoDB table For more information on RCU, see Pricing for Provisioned Capacity.
`dynamodb-table-wcu`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `dynamodb`.	Specifies the Write Capacity Units (WCU) for each DynamoDB table. For more information on WCU, see Pricing for Provisioned Capacity.
`dynamodb-table-name-prefix`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `dynamodb`.	Specifies the prefix that is added to each DynamoDB table (useful to distinguish multiple broker clusters using the same Amazon account). Only alphanumeric characters, dot, dash and underscore are allowed.
`jdbc-connection-url`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `mysql`.	Specifies the connection URL to the MariaDB/MySQL database; it contains the endpoint and the database name. The url should have this format: `jdbc:mysql://<db_endpoint>:<db_port>/<db_name>?createDatabaseIfNotExist=true` Where `<db_endpoint>` is the MariaDB/MySQL database endpoint, `<db_port>` is the database port and `<db_name>` is the database name.
`jdbc-user`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `mysql`.	Specifies the name of the user that has access to the MariaDB/MySQL database.
`jdbc-password`	No	Only required if `enable-persistence` is set to `true` and `persistence-db` is set to `mysql`.	Specifies the password of the user that has access to the MariaDB/MySQL database.
`seconds-before-deleting-unreachable-dcv-server`	No	`1800`	Specifies the amount of seconds after which an unreachable server is deleted from the system.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Configuration File Reference

Agent configuration file