feat(client-workspaces-web): This release adds support for a new port…

…al authentication type: AWS IAM Identity Center (successor to AWS Single Sign-On).
aws · Jan 9, 2023 · 8b7c2eb · 8b7c2eb
1 parent 5949102
commit 8b7c2eb
Show file tree

Hide file tree

Showing 4 changed files with 219 additions and 113 deletions.
diff --git a/clients/client-workspaces-web/src/endpoint/ruleset.ts b/clients/client-workspaces-web/src/endpoint/ruleset.ts
@@ -6,9 +6,9 @@ import { RuleSetObject } from "@aws-sdk/util-endpoints";
    or see "smithy.rules#endpointRuleSet"
    in codegen/sdk-codegen/aws-models/workspaces-web.json */
 
-const r="fn",
-s="argv",
-t="ref";
+const q="fn",
+r="argv",
+s="ref";
 const a=true,
 b=false,
 c="String",
@@ -17,14 +17,13 @@ e="tree",
 f="error",
 g="endpoint",
 h={"required":true,"default":false,"type":"Boolean"},
-i={[t]:"Endpoint"},
-j={[r]:"booleanEquals",[s]:[{[t]:"UseFIPS"},true]},
-k={[r]:"booleanEquals",[s]:[{[t]:"UseDualStack"},true]},
+i={[s]:"Endpoint"},
+j={[q]:"booleanEquals",[r]:[{[s]:"UseFIPS"},true]},
+k={[q]:"booleanEquals",[r]:[{[s]:"UseDualStack"},true]},
 l={},
-m={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:d},"supportsFIPS"]}]},
-n={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:d},"supportsDualStack"]}]},
-o=[i],
-p=[j],
-q=[k];
-const _data={version:"1.0",parameters:{Region:{required:a,type:c},UseDualStack:h,UseFIPS:h,Endpoint:{required:b,type:c}},rules:[{conditions:[{[r]:"aws.partition",[s]:[{[t]:"Region"}],assign:d}],type:e,rules:[{conditions:[{[r]:"isSet",[s]:o},{[r]:"parseURL",[s]:o,assign:"url"}],type:e,rules:[{conditions:p,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:f},{type:e,rules:[{conditions:q,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:f},{endpoint:{url:i,properties:l,headers:l},type:g}]}]},{conditions:[j,k],type:e,rules:[{conditions:[m,n],type:e,rules:[{endpoint:{url:"https://workspaces-web-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:f}]},{conditions:p,type:e,rules:[{conditions:[m],type:e,rules:[{type:e,rules:[{endpoint:{url:"https://workspaces-web-fips.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:f}]},{conditions:q,type:e,rules:[{conditions:[n],type:e,rules:[{endpoint:{url:"https://workspaces-web.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"DualStack is enabled but this partition does not support DualStack",type:f}]},{endpoint:{url:"https://workspaces-web.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]};
+m={[q]:"booleanEquals",[r]:[true,{[q]:"getAttr",[r]:[{[s]:d},"supportsFIPS"]}]},
+n={[q]:"booleanEquals",[r]:[true,{[q]:"getAttr",[r]:[{[s]:d},"supportsDualStack"]}]},
+o=[j],
+p=[k];
+const _data={version:"1.0",parameters:{Region:{required:a,type:c},UseDualStack:h,UseFIPS:h,Endpoint:{required:b,type:c}},rules:[{conditions:[{[q]:"aws.partition",[r]:[{[s]:"Region"}],assign:d}],type:e,rules:[{conditions:[{[q]:"isSet",[r]:[i]}],type:e,rules:[{conditions:o,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:f},{type:e,rules:[{conditions:p,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:f},{endpoint:{url:i,properties:l,headers:l},type:g}]}]},{conditions:[j,k],type:e,rules:[{conditions:[m,n],type:e,rules:[{endpoint:{url:"https://workspaces-web-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:f}]},{conditions:o,type:e,rules:[{conditions:[m],type:e,rules:[{type:e,rules:[{endpoint:{url:"https://workspaces-web-fips.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:f}]},{conditions:p,type:e,rules:[{conditions:[n],type:e,rules:[{endpoint:{url:"https://workspaces-web.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:g}]},{error:"DualStack is enabled but this partition does not support DualStack",type:f}]},{endpoint:{url:"https://workspaces-web.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:g}]}]};
 export const ruleSet: RuleSetObject = _data;
diff --git a/clients/client-workspaces-web/src/models/models_0.ts b/clients/client-workspaces-web/src/models/models_0.ts
@@ -319,6 +319,11 @@ export interface AssociateUserSettingsResponse {
   userSettingsArn: string | undefined;
 }
 
+export enum AuthenticationType {
+  IAM_IDENTITY_CENTER = "IAM_Identity_Center",
+  STANDARD = "Standard",
+}
+
 /**
  * <p>The tag.</p>
  */
@@ -685,6 +690,23 @@ export interface CreatePortalRequest {
    *          SDK.</p>
    */
   clientToken?: string;
+
+  /**
+   * <p>The type of authentication integration points used when signing into the web portal.
+   *          Defaults to <code>Standard</code>.</p>
+   *          <p>
+   *             <code>Standard</code> web portals are authenticated directly through your identity
+   *          provider. You need to call <code>CreateIdentityProvider</code> to integrate your identity
+   *          provider with your web portal. User and group access to your web portal is controlled
+   *          through your identity provider.</p>
+   *          <p>
+   *             <code>IAM_Identity_Center</code> web portals are authenticated through AWS IAM Identity
+   *          Center (successor to AWS Single Sign-On). They provide additional features, such as
+   *          IdP-initiated authentication. Identity sources (including external identity provider
+   *          integration), plus user and group access to your web portal, can be configured in the IAM
+   *          Identity Center.</p>
+   */
+  authenticationType?: AuthenticationType | string;
 }
 
 export interface CreatePortalResponse {
@@ -1297,6 +1319,23 @@ export interface Portal {
    * <p>The ARN of the user access logging settings that is associated with the web portal.</p>
    */
   userAccessLoggingSettingsArn?: string;
+
+  /**
+   * <p>The type of authentication integration points used when signing into the web portal.
+   *          Defaults to <code>Standard</code>.</p>
+   *          <p>
+   *             <code>Standard</code> web portals are authenticated directly through your identity
+   *          provider. You need to call <code>CreateIdentityProvider</code> to integrate your identity
+   *          provider with your web portal. User and group access to your web portal is controlled
+   *          through your identity provider.</p>
+   *          <p>
+   *             <code>IAM_Identity_Center</code> web portals are authenticated through AWS IAM Identity
+   *          Center (successor to AWS Single Sign-On). They provide additional features, such as
+   *          IdP-initiated authentication. Identity sources (including external identity provider
+   *          integration), plus user and group access to your web portal, can be configured in the IAM
+   *          Identity Center.</p>
+   */
+  authenticationType?: AuthenticationType | string;
 }
 
 export interface GetPortalResponse {
@@ -1719,6 +1758,23 @@ export interface PortalSummary {
    * <p>The ARN of the user access logging settings that is associated with the web portal.</p>
    */
   userAccessLoggingSettingsArn?: string;
+
+  /**
+   * <p>The type of authentication integration points used when signing into the web portal.
+   *          Defaults to <code>Standard</code>.</p>
+   *          <p>
+   *             <code>Standard</code> web portals are authenticated directly through your identity
+   *          provider. You need to call <code>CreateIdentityProvider</code> to integrate your identity
+   *          provider with your web portal. User and group access to your web portal is controlled
+   *          through your identity provider.</p>
+   *          <p>
+   *             <code>IAM_Identity_Center</code> web portals are authenticated through AWS IAM Identity
+   *          Center (successor to AWS Single Sign-On). They provide additional features, such as
+   *          IdP-initiated authentication. Identity sources (including external identity provider
+   *          integration), plus user and group access to your web portal, can be configured in the IAM
+   *          Identity Center.</p>
+   */
+  authenticationType?: AuthenticationType | string;
 }
 
 export interface ListPortalsResponse {
@@ -2290,6 +2346,23 @@ export interface UpdatePortalRequest {
    * <p>The name of the web portal. This is not visible to users who log into the web portal.</p>
    */
   displayName?: string;
+
+  /**
+   * <p>The type of authentication integration points used when signing into the web portal.
+   *          Defaults to <code>Standard</code>.</p>
+   *          <p>
+   *             <code>Standard</code> web portals are authenticated directly through your identity
+   *          provider. You need to call <code>CreateIdentityProvider</code> to integrate your identity
+   *          provider with your web portal. User and group access to your web portal is controlled
+   *          through your identity provider.</p>
+   *          <p>
+   *             <code>IAM_Identity_Center</code> web portals are authenticated through AWS IAM Identity
+   *          Center (successor to AWS Single Sign-On). They provide additional features, such as
+   *          IdP-initiated authentication. Identity sources (including external identity provider
+   *          integration), plus user and group access to your web portal, can be configured in the IAM
+   *          Identity Center.</p>
+   */
+  authenticationType?: AuthenticationType | string;
 }
 
 export interface UpdatePortalResponse {

diff --git a/clients/client-workspaces-web/src/protocols/Aws_restJson1.ts b/clients/client-workspaces-web/src/protocols/Aws_restJson1.ts
@@ -437,6 +437,7 @@ export const serializeAws_restJson1CreatePortalCommand = async (
         context
       ),
     }),
+    ...(input.authenticationType != null && { authenticationType: input.authenticationType }),
     clientToken: input.clientToken ?? generateIdempotencyToken(),
     ...(input.customerManagedKey != null && { customerManagedKey: input.customerManagedKey }),
     ...(input.displayName != null && { displayName: input.displayName }),
@@ -1478,6 +1479,7 @@ export const serializeAws_restJson1UpdatePortalCommand = async (
   resolvedPath = __resolvedPath(resolvedPath, input, "portalArn", () => input.portalArn!, "{portalArn+}", true);
   let body: any;
   body = JSON.stringify({
+    ...(input.authenticationType != null && { authenticationType: input.authenticationType }),
     ...(input.displayName != null && { displayName: input.displayName }),
   });
   return new __HttpRequest({
@@ -4786,6 +4788,7 @@ const deserializeAws_restJson1NetworkSettingsSummary = (
 
 const deserializeAws_restJson1Portal = (output: any, context: __SerdeContext): Portal => {
   return {
+    authenticationType: __expectString(output.authenticationType),
     browserSettingsArn: __expectString(output.browserSettingsArn),
     browserType: __expectString(output.browserType),
     creationDate:
@@ -4819,6 +4822,7 @@ const deserializeAws_restJson1PortalList = (output: any, context: __SerdeContext
 
 const deserializeAws_restJson1PortalSummary = (output: any, context: __SerdeContext): PortalSummary => {
   return {
+    authenticationType: __expectString(output.authenticationType),
     browserSettingsArn: __expectString(output.browserSettingsArn),
     browserType: __expectString(output.browserType),
     creationDate: