Class: AWSCDK::Grafana::CfnWorkspaceProps
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::Grafana::CfnWorkspaceProps
- Defined in:
- grafana/cfn_workspace_props.rb
Overview
Properties for defining a CfnWorkspace.
Instance Attribute Summary collapse
-
#account_access_type ⇒ String
readonly
Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization.
-
#authentication_providers ⇒ Array<String>
readonly
Specifies whether this workspace uses SAML 2.0, SSOlong , or both to authenticate users for using the Grafana console within a workspace.
-
#client_token ⇒ String?
readonly
A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.
-
#data_sources ⇒ Array<String>?
readonly
Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.
-
#description ⇒ String?
readonly
The user-defined description of the workspace.
-
#grafana_version ⇒ String?
readonly
Specifies the version of Grafana to support in the workspace.
-
#name ⇒ String?
readonly
The name of the workspace.
-
#network_access_control ⇒ AWSCDK::IResolvable, ...
readonly
The configuration settings for network access to your workspace.
-
#notification_destinations ⇒ Array<String>?
readonly
The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.
-
#organization_role_name ⇒ String?
readonly
The name of the IAM role that is used to access resources through Organizations.
-
#organizational_units ⇒ Array<String>?
readonly
Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.
-
#permission_type ⇒ String
readonly
If this is
SERVICE_MANAGED, and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels. -
#plugin_admin_enabled ⇒ Boolean, ...
readonly
Whether plugin administration is enabled in the workspace.
-
#role_arn ⇒ String, ...
readonly
The IAM role that grants permissions to the AWS resources that the workspace will view data from.
-
#saml_configuration ⇒ AWSCDK::IResolvable, ...
readonly
If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the
AdminandEditorroles in the workspace. -
#stack_set_name ⇒ String?
readonly
The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.
-
#vpc_configuration ⇒ AWSCDK::IResolvable, ...
readonly
The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(account_access_type:, authentication_providers:, permission_type:, client_token: nil, data_sources: nil, description: nil, grafana_version: nil, name: nil, network_access_control: nil, notification_destinations: nil, organizational_units: nil, organization_role_name: nil, plugin_admin_enabled: nil, role_arn: nil, saml_configuration: nil, stack_set_name: nil, vpc_configuration: nil) ⇒ CfnWorkspaceProps
constructor
A new instance of CfnWorkspaceProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(account_access_type:, authentication_providers:, permission_type:, client_token: nil, data_sources: nil, description: nil, grafana_version: nil, name: nil, network_access_control: nil, notification_destinations: nil, organizational_units: nil, organization_role_name: nil, plugin_admin_enabled: nil, role_arn: nil, saml_configuration: nil, stack_set_name: nil, vpc_configuration: nil) ⇒ CfnWorkspaceProps
Returns a new instance of CfnWorkspaceProps.
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'grafana/cfn_workspace_props.rb', line 26 def initialize(account_access_type:, authentication_providers:, permission_type:, client_token: nil, data_sources: nil, description: nil, grafana_version: nil, name: nil, network_access_control: nil, notification_destinations: nil, organizational_units: nil, organization_role_name: nil, plugin_admin_enabled: nil, role_arn: nil, saml_configuration: nil, stack_set_name: nil, vpc_configuration: nil) @account_access_type = account_access_type Jsii::Type.check_type(@account_access_type, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "accountAccessType") @authentication_providers = authentication_providers Jsii::Type.check_type(@authentication_providers, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "authenticationProviders") @permission_type = Jsii::Type.check_type(@permission_type, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "permissionType") @client_token = client_token Jsii::Type.check_type(@client_token, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "clientToken") unless @client_token.nil? @data_sources = data_sources Jsii::Type.check_type(@data_sources, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "dataSources") unless @data_sources.nil? @description = description Jsii::Type.check_type(@description, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "description") unless @description.nil? @grafana_version = grafana_version Jsii::Type.check_type(@grafana_version, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "grafanaVersion") unless @grafana_version.nil? @name = name Jsii::Type.check_type(@name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "name") unless @name.nil? @network_access_control = network_access_control.is_a?(Hash) ? ::AWSCDK::Grafana::CfnWorkspace::NetworkAccessControlProperty.new(**network_access_control.transform_keys(&:to_sym)) : network_access_control Jsii::Type.check_type(@network_access_control, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19ncmFmYW5hLkNmbldvcmtzcGFjZS5OZXR3b3JrQWNjZXNzQ29udHJvbFByb3BlcnR5In1dfX0=")), "networkAccessControl") unless @network_access_control.nil? @notification_destinations = notification_destinations Jsii::Type.check_type(@notification_destinations, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "notificationDestinations") unless @notification_destinations.nil? @organizational_units = organizational_units Jsii::Type.check_type(@organizational_units, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "organizationalUnits") unless @organizational_units.nil? @organization_role_name = organization_role_name Jsii::Type.check_type(@organization_role_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "organizationRoleName") unless @organization_role_name.nil? @plugin_admin_enabled = plugin_admin_enabled Jsii::Type.check_type(@plugin_admin_enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "pluginAdminEnabled") unless @plugin_admin_enabled.nil? @role_arn = role_arn Jsii::Type.check_type(@role_arn, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19pYW0uSVJvbGVSZWYifV19fQ==")), "roleArn") unless @role_arn.nil? @saml_configuration = saml_configuration.is_a?(Hash) ? ::AWSCDK::Grafana::CfnWorkspace::SamlConfigurationProperty.new(**saml_configuration.transform_keys(&:to_sym)) : saml_configuration Jsii::Type.check_type(@saml_configuration, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19ncmFmYW5hLkNmbldvcmtzcGFjZS5TYW1sQ29uZmlndXJhdGlvblByb3BlcnR5In1dfX0=")), "samlConfiguration") unless @saml_configuration.nil? @stack_set_name = stack_set_name Jsii::Type.check_type(@stack_set_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "stackSetName") unless @stack_set_name.nil? @vpc_configuration = vpc_configuration.is_a?(Hash) ? ::AWSCDK::Grafana::CfnWorkspace::VPCConfigurationProperty.new(**vpc_configuration.transform_keys(&:to_sym)) : vpc_configuration Jsii::Type.check_type(@vpc_configuration, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19ncmFmYW5hLkNmbldvcmtzcGFjZS5WcGNDb25maWd1cmF0aW9uUHJvcGVydHkifV19fQ==")), "vpcConfiguration") unless @vpc_configuration.nil? end |
Instance Attribute Details
#account_access_type ⇒ String (readonly)
Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization.
If this is ORGANIZATION , the OrganizationalUnits parameter specifies which organizational units the workspace can access.
69 70 71 |
# File 'grafana/cfn_workspace_props.rb', line 69 def account_access_type @account_access_type end |
#authentication_providers ⇒ Array<String> (readonly)
Specifies whether this workspace uses SAML 2.0, SSOlong , or both to authenticate users for using the Grafana console within a workspace. For more information, see User authentication in Amazon Managed Grafana .
Allowed Values : AWS_SSO | SAML
76 77 78 |
# File 'grafana/cfn_workspace_props.rb', line 76 def authentication_providers @authentication_providers end |
#client_token ⇒ String? (readonly)
A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.
92 93 94 |
# File 'grafana/cfn_workspace_props.rb', line 92 def client_token @client_token end |
#data_sources ⇒ Array<String>? (readonly)
Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.
This list is only used when the workspace was created through the AWS console, and the permission_type is SERVICE_MANAGED .
99 100 101 |
# File 'grafana/cfn_workspace_props.rb', line 99 def data_sources @data_sources end |
#description ⇒ String? (readonly)
The user-defined description of the workspace.
104 105 106 |
# File 'grafana/cfn_workspace_props.rb', line 104 def description @description end |
#grafana_version ⇒ String? (readonly)
Specifies the version of Grafana to support in the workspace.
Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.
Can only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).
To know what versions are available to upgrade to for a specific workspace, see the ListVersions operation.
115 116 117 |
# File 'grafana/cfn_workspace_props.rb', line 115 def grafana_version @grafana_version end |
#name ⇒ String? (readonly)
The name of the workspace.
120 121 122 |
# File 'grafana/cfn_workspace_props.rb', line 120 def name @name end |
#network_access_control ⇒ AWSCDK::IResolvable, ... (readonly)
The configuration settings for network access to your workspace.
125 126 127 |
# File 'grafana/cfn_workspace_props.rb', line 125 def network_access_control @network_access_control end |
#notification_destinations ⇒ Array<String>? (readonly)
The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.
AllowedValues : SNS
132 133 134 |
# File 'grafana/cfn_workspace_props.rb', line 132 def notification_destinations @notification_destinations end |
#organization_role_name ⇒ String? (readonly)
The name of the IAM role that is used to access resources through Organizations.
142 143 144 |
# File 'grafana/cfn_workspace_props.rb', line 142 def organization_role_name @organization_role_name end |
#organizational_units ⇒ Array<String>? (readonly)
Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.
137 138 139 |
# File 'grafana/cfn_workspace_props.rb', line 137 def organizational_units @organizational_units end |
#permission_type ⇒ String (readonly)
If this is SERVICE_MANAGED , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.
If this is CUSTOMER_MANAGED , you must manage those roles and permissions yourself.
If you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to CUSTOMER_MANAGED .
For more information about converting between customer and service managed, see Managing permissions for data sources and notification channels . For more information about the roles and permissions that must be managed for customer managed workspaces, see Amazon Managed Grafana permissions and policies for AWS data sources and notification channels
87 88 89 |
# File 'grafana/cfn_workspace_props.rb', line 87 def @permission_type end |
#plugin_admin_enabled ⇒ Boolean, ... (readonly)
Whether plugin administration is enabled in the workspace.
Setting to true allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.
This option is only valid for workspaces that support Grafana version 9 or newer.
151 152 153 |
# File 'grafana/cfn_workspace_props.rb', line 151 def plugin_admin_enabled @plugin_admin_enabled end |
#role_arn ⇒ String, ... (readonly)
The IAM role that grants permissions to the AWS resources that the workspace will view data from.
This role must already exist.
158 159 160 |
# File 'grafana/cfn_workspace_props.rb', line 158 def role_arn @role_arn end |
#saml_configuration ⇒ AWSCDK::IResolvable, ... (readonly)
If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the Admin and Editor roles in the workspace.
163 164 165 |
# File 'grafana/cfn_workspace_props.rb', line 163 def saml_configuration @saml_configuration end |
#stack_set_name ⇒ String? (readonly)
The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.
168 169 170 |
# File 'grafana/cfn_workspace_props.rb', line 168 def stack_set_name @stack_set_name end |
#vpc_configuration ⇒ AWSCDK::IResolvable, ... (readonly)
The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.
Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).
175 176 177 |
# File 'grafana/cfn_workspace_props.rb', line 175 def vpc_configuration @vpc_configuration end |
Class Method Details
.jsii_properties ⇒ Object
177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 |
# File 'grafana/cfn_workspace_props.rb', line 177 def self.jsii_properties { :account_access_type => "accountAccessType", :authentication_providers => "authenticationProviders", :permission_type => "permissionType", :client_token => "clientToken", :data_sources => "dataSources", :description => "description", :grafana_version => "grafanaVersion", :name => "name", :network_access_control => "networkAccessControl", :notification_destinations => "notificationDestinations", :organizational_units => "organizationalUnits", :organization_role_name => "organizationRoleName", :plugin_admin_enabled => "pluginAdminEnabled", :role_arn => "roleArn", :saml_configuration => "samlConfiguration", :stack_set_name => "stackSetName", :vpc_configuration => "vpcConfiguration", } end |
Instance Method Details
#to_jsii ⇒ Object
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 |
# File 'grafana/cfn_workspace_props.rb', line 199 def to_jsii result = {} result.merge!({ "accountAccessType" => @account_access_type, "authenticationProviders" => @authentication_providers, "permissionType" => @permission_type, "clientToken" => @client_token, "dataSources" => @data_sources, "description" => @description, "grafanaVersion" => @grafana_version, "name" => @name, "networkAccessControl" => @network_access_control, "notificationDestinations" => @notification_destinations, "organizationalUnits" => @organizational_units, "organizationRoleName" => @organization_role_name, "pluginAdminEnabled" => @plugin_admin_enabled, "roleArn" => @role_arn, "samlConfiguration" => @saml_configuration, "stackSetName" => @stack_set_name, "vpcConfiguration" => @vpc_configuration, }) result.compact end |