From b6cf732410e067ab7fb32b305eae44fefbd58378 Mon Sep 17 00:00:00 2001 From: awstools Date: Wed, 23 Nov 2022 19:37:16 +0000 Subject: [PATCH] feat(client-grafana): This release includes support for configuring a Grafana workspace to connect to a datasource within a VPC as well as new APIs for configuring Grafana settings. --- clients/client-grafana/src/Grafana.ts | 140 +++- clients/client-grafana/src/GrafanaClient.ts | 16 +- .../src/commands/AssociateLicenseCommand.ts | 4 +- .../commands/CreateWorkspaceApiKeyCommand.ts | 8 +- .../src/commands/CreateWorkspaceCommand.ts | 8 +- .../commands/DeleteWorkspaceApiKeyCommand.ts | 2 +- .../DescribeWorkspaceConfigurationCommand.ts | 122 ++++ .../src/commands/ListPermissionsCommand.ts | 12 +- .../commands/ListTagsForResourceCommand.ts | 4 +- .../src/commands/ListWorkspacesCommand.ts | 2 +- .../src/commands/TagResourceCommand.ts | 8 +- .../src/commands/UntagResourceCommand.ts | 2 +- .../UpdateWorkspaceAuthenticationCommand.ts | 6 +- .../src/commands/UpdateWorkspaceCommand.ts | 10 +- .../UpdateWorkspaceConfigurationCommand.ts | 119 ++++ clients/client-grafana/src/commands/index.ts | 2 + clients/client-grafana/src/models/models_0.ts | 392 +++++++---- .../src/protocols/Aws_restJson1.ts | 231 +++++++ codegen/sdk-codegen/aws-models/grafana.json | 613 +++++++++++++----- 19 files changed, 1326 insertions(+), 375 deletions(-) create mode 100644 clients/client-grafana/src/commands/DescribeWorkspaceConfigurationCommand.ts create mode 100644 clients/client-grafana/src/commands/UpdateWorkspaceConfigurationCommand.ts diff --git a/clients/client-grafana/src/Grafana.ts b/clients/client-grafana/src/Grafana.ts index 3943b324643c..9415cb99def2 100644 --- a/clients/client-grafana/src/Grafana.ts +++ b/clients/client-grafana/src/Grafana.ts @@ -36,6 +36,11 @@ import { DescribeWorkspaceCommandInput, DescribeWorkspaceCommandOutput, } from "./commands/DescribeWorkspaceCommand"; +import { + DescribeWorkspaceConfigurationCommand, + DescribeWorkspaceConfigurationCommandInput, + DescribeWorkspaceConfigurationCommandOutput, +} from "./commands/DescribeWorkspaceConfigurationCommand"; import { DisassociateLicenseCommand, DisassociateLicenseCommandInput, @@ -77,6 +82,11 @@ import { UpdateWorkspaceCommandInput, UpdateWorkspaceCommandOutput, } from "./commands/UpdateWorkspaceCommand"; +import { + UpdateWorkspaceConfigurationCommand, + UpdateWorkspaceConfigurationCommandInput, + UpdateWorkspaceConfigurationCommandOutput, +} from "./commands/UpdateWorkspaceConfigurationCommand"; import { GrafanaClient } from "./GrafanaClient"; /** @@ -91,8 +101,8 @@ import { GrafanaClient } from "./GrafanaClient"; export class Grafana extends GrafanaClient { /** *

Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise - * incurs additional fees. For more information, see Upgrade a workspace to - * Grafana Enterprise.

+ * incurs additional fees. For more information, see Upgrade a workspace to + * Grafana Enterprise.

*/ public associateLicense( args: AssociateLicenseCommandInput, @@ -125,10 +135,10 @@ export class Grafana extends GrafanaClient { /** *

Creates a workspace. In a workspace, you can create Grafana - * dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to - * build, package, or deploy any hardware to run the Grafana server.

- *

Don't use CreateWorkspace to modify an existing workspace. Instead, - * use UpdateWorkspace.

+ * dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to + * build, package, or deploy any hardware to run the Grafana server.

+ *

Don't use CreateWorkspace to modify an existing workspace. Instead, + * use UpdateWorkspace.

*/ public createWorkspace( args: CreateWorkspaceCommandInput, @@ -160,10 +170,10 @@ export class Grafana extends GrafanaClient { } /** - *

Creates an API key for the workspace. This key can be used to authenticate - * requests sent to the workspace's HTTP API. See - * https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html - * for available APIs and example requests.

+ *

Creates a Grafana API key for the workspace. This key can be used to + * authenticate requests sent to the workspace's HTTP API. + * See https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html + * for available APIs and example requests.

*/ public createWorkspaceApiKey( args: CreateWorkspaceApiKeyCommandInput, @@ -227,7 +237,7 @@ export class Grafana extends GrafanaClient { } /** - *

Deletes an API key for a workspace.

+ *

Deletes a Grafana API key for the workspace.

*/ public deleteWorkspaceApiKey( args: DeleteWorkspaceApiKeyCommandInput, @@ -322,6 +332,38 @@ export class Grafana extends GrafanaClient { } } + /** + *

Gets the current configuration string for the given workspace.

+ */ + public describeWorkspaceConfiguration( + args: DescribeWorkspaceConfigurationCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public describeWorkspaceConfiguration( + args: DescribeWorkspaceConfigurationCommandInput, + cb: (err: any, data?: DescribeWorkspaceConfigurationCommandOutput) => void + ): void; + public describeWorkspaceConfiguration( + args: DescribeWorkspaceConfigurationCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeWorkspaceConfigurationCommandOutput) => void + ): void; + public describeWorkspaceConfiguration( + args: DescribeWorkspaceConfigurationCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DescribeWorkspaceConfigurationCommandOutput) => void), + cb?: (err: any, data?: DescribeWorkspaceConfigurationCommandOutput) => void + ): Promise | void { + const command = new DescribeWorkspaceConfigurationCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

Removes the Grafana Enterprise license from a workspace.

*/ @@ -356,12 +398,12 @@ export class Grafana extends GrafanaClient { /** *

Lists the users and groups who have the Grafana Admin and - * Editor roles in this workspace. If you use this - * operation without specifying userId or groupId, the operation returns - * the roles of all users - * and groups. If you specify a userId or a groupId, only the roles - * for that user or group are returned. If you do this, you can specify only one userId or - * one groupId.

+ * Editor roles in this workspace. If you use this + * operation without specifying userId or groupId, the operation returns + * the roles of all users + * and groups. If you specify a userId or a groupId, only the roles + * for that user or group are returned. If you do this, you can specify only one userId or + * one groupId.

*/ public listPermissions( args: ListPermissionsCommandInput, @@ -394,8 +436,8 @@ export class Grafana extends GrafanaClient { /** *

The ListTagsForResource operation returns the tags that - * are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. - * Currently, the only resource that can be tagged is a workspace.

+ * are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. + * Currently, the only resource that can be tagged is a workspace.

*/ public listTagsForResource( args: ListTagsForResourceCommandInput, @@ -428,7 +470,7 @@ export class Grafana extends GrafanaClient { /** *

Returns a list of Amazon Managed Grafana workspaces in the account, with some information - * about each workspace. For more complete information about one workspace, use DescribeWorkspace.

+ * about each workspace. For more complete information about one workspace, use DescribeWorkspace.

*/ public listWorkspaces( args: ListWorkspacesCommandInput, @@ -461,10 +503,10 @@ export class Grafana extends GrafanaClient { /** *

The TagResource operation associates tags with an Amazon Managed Grafana resource. - * Currently, the only resource that can be tagged is workspaces.

- *

If you specify a new tag key for the resource, this tag is appended to the list of tags associated - * with the resource. If you specify a tag key that is already associated with the resource, the new tag - * value that you specify replaces the previous value for that tag.

+ * Currently, the only resource that can be tagged is workspaces.

+ *

If you specify a new tag key for the resource, this tag is appended to the list of tags associated + * with the resource. If you specify a tag key that is already associated with the resource, the new tag + * value that you specify replaces the previous value for that tag.

*/ public tagResource(args: TagResourceCommandInput, options?: __HttpHandlerOptions): Promise; public tagResource(args: TagResourceCommandInput, cb: (err: any, data?: TagResourceCommandOutput) => void): void; @@ -491,7 +533,7 @@ export class Grafana extends GrafanaClient { /** *

The UntagResource operation removes the association of the tag with the Amazon Managed Grafana resource. - *

+ *

*/ public untagResource( args: UntagResourceCommandInput, @@ -556,11 +598,11 @@ export class Grafana extends GrafanaClient { /** *

Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any - * optional parameters, the existing values of those parameters are not changed.

- *

To modify the user authentication methods that the workspace uses, such as SAML or Amazon Web Services SSO, - * use UpdateWorkspaceAuthentication.

- *

To modify which users in the workspace have the Admin and Editor Grafana roles, - * use UpdatePermissions.

+ * optional parameters, the existing values of those parameters are not changed.

+ *

To modify the user authentication methods that the workspace uses, such as SAML or IAM Identity Center, + * use UpdateWorkspaceAuthentication.

+ *

To modify which users in the workspace have the Admin and Editor Grafana roles, + * use UpdatePermissions.

*/ public updateWorkspace( args: UpdateWorkspaceCommandInput, @@ -593,9 +635,9 @@ export class Grafana extends GrafanaClient { /** *

Use this operation to define the identity provider (IdP) that this workspace - * authenticates users from, using SAML. You can also map SAML assertion attributes to - * workspace user information and define which groups in the assertion attribute are to have - * the Admin and Editor roles in the workspace.

+ * authenticates users from, using SAML. You can also map SAML assertion attributes to + * workspace user information and define which groups in the assertion attribute are to have + * the Admin and Editor roles in the workspace.

*/ public updateWorkspaceAuthentication( args: UpdateWorkspaceAuthenticationCommandInput, @@ -625,4 +667,36 @@ export class Grafana extends GrafanaClient { return this.send(command, optionsOrCb); } } + + /** + *

Updates the configuration string for the given workspace

+ */ + public updateWorkspaceConfiguration( + args: UpdateWorkspaceConfigurationCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public updateWorkspaceConfiguration( + args: UpdateWorkspaceConfigurationCommandInput, + cb: (err: any, data?: UpdateWorkspaceConfigurationCommandOutput) => void + ): void; + public updateWorkspaceConfiguration( + args: UpdateWorkspaceConfigurationCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: UpdateWorkspaceConfigurationCommandOutput) => void + ): void; + public updateWorkspaceConfiguration( + args: UpdateWorkspaceConfigurationCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: UpdateWorkspaceConfigurationCommandOutput) => void), + cb?: (err: any, data?: UpdateWorkspaceConfigurationCommandOutput) => void + ): Promise | void { + const command = new UpdateWorkspaceConfigurationCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } } diff --git a/clients/client-grafana/src/GrafanaClient.ts b/clients/client-grafana/src/GrafanaClient.ts index e8b06acae893..4f97c19b6328 100644 --- a/clients/client-grafana/src/GrafanaClient.ts +++ b/clients/client-grafana/src/GrafanaClient.ts @@ -63,6 +63,10 @@ import { DescribeWorkspaceAuthenticationCommandOutput, } from "./commands/DescribeWorkspaceAuthenticationCommand"; import { DescribeWorkspaceCommandInput, DescribeWorkspaceCommandOutput } from "./commands/DescribeWorkspaceCommand"; +import { + DescribeWorkspaceConfigurationCommandInput, + DescribeWorkspaceConfigurationCommandOutput, +} from "./commands/DescribeWorkspaceConfigurationCommand"; import { DisassociateLicenseCommandInput, DisassociateLicenseCommandOutput, @@ -81,6 +85,10 @@ import { UpdateWorkspaceAuthenticationCommandOutput, } from "./commands/UpdateWorkspaceAuthenticationCommand"; import { UpdateWorkspaceCommandInput, UpdateWorkspaceCommandOutput } from "./commands/UpdateWorkspaceCommand"; +import { + UpdateWorkspaceConfigurationCommandInput, + UpdateWorkspaceConfigurationCommandOutput, +} from "./commands/UpdateWorkspaceConfigurationCommand"; import { ClientInputEndpointParameters, ClientResolvedEndpointParameters, @@ -97,6 +105,7 @@ export type ServiceInputTypes = | DeleteWorkspaceCommandInput | DescribeWorkspaceAuthenticationCommandInput | DescribeWorkspaceCommandInput + | DescribeWorkspaceConfigurationCommandInput | DisassociateLicenseCommandInput | ListPermissionsCommandInput | ListTagsForResourceCommandInput @@ -105,7 +114,8 @@ export type ServiceInputTypes = | UntagResourceCommandInput | UpdatePermissionsCommandInput | UpdateWorkspaceAuthenticationCommandInput - | UpdateWorkspaceCommandInput; + | UpdateWorkspaceCommandInput + | UpdateWorkspaceConfigurationCommandInput; export type ServiceOutputTypes = | AssociateLicenseCommandOutput @@ -115,6 +125,7 @@ export type ServiceOutputTypes = | DeleteWorkspaceCommandOutput | DescribeWorkspaceAuthenticationCommandOutput | DescribeWorkspaceCommandOutput + | DescribeWorkspaceConfigurationCommandOutput | DisassociateLicenseCommandOutput | ListPermissionsCommandOutput | ListTagsForResourceCommandOutput @@ -123,7 +134,8 @@ export type ServiceOutputTypes = | UntagResourceCommandOutput | UpdatePermissionsCommandOutput | UpdateWorkspaceAuthenticationCommandOutput - | UpdateWorkspaceCommandOutput; + | UpdateWorkspaceCommandOutput + | UpdateWorkspaceConfigurationCommandOutput; export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__HttpHandlerOptions>> { /** diff --git a/clients/client-grafana/src/commands/AssociateLicenseCommand.ts b/clients/client-grafana/src/commands/AssociateLicenseCommand.ts index eb68031b0612..7b8a61d4b923 100644 --- a/clients/client-grafana/src/commands/AssociateLicenseCommand.ts +++ b/clients/client-grafana/src/commands/AssociateLicenseCommand.ts @@ -30,8 +30,8 @@ export interface AssociateLicenseCommandOutput extends AssociateLicenseResponse, /** *

Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise - * incurs additional fees. For more information, see Upgrade a workspace to - * Grafana Enterprise.

+ * incurs additional fees. For more information, see Upgrade a workspace to + * Grafana Enterprise.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/CreateWorkspaceApiKeyCommand.ts b/clients/client-grafana/src/commands/CreateWorkspaceApiKeyCommand.ts index 47919039b3eb..4eb2ff0d3273 100644 --- a/clients/client-grafana/src/commands/CreateWorkspaceApiKeyCommand.ts +++ b/clients/client-grafana/src/commands/CreateWorkspaceApiKeyCommand.ts @@ -29,10 +29,10 @@ export interface CreateWorkspaceApiKeyCommandInput extends CreateWorkspaceApiKey export interface CreateWorkspaceApiKeyCommandOutput extends CreateWorkspaceApiKeyResponse, __MetadataBearer {} /** - *

Creates an API key for the workspace. This key can be used to authenticate - * requests sent to the workspace's HTTP API. See - * https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html - * for available APIs and example requests.

+ *

Creates a Grafana API key for the workspace. This key can be used to + * authenticate requests sent to the workspace's HTTP API. + * See https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html + * for available APIs and example requests.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts b/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts index ad0fbd7e2177..c737b6cb2d97 100644 --- a/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts +++ b/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts @@ -30,10 +30,10 @@ export interface CreateWorkspaceCommandOutput extends CreateWorkspaceResponse, _ /** *

Creates a workspace. In a workspace, you can create Grafana - * dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to - * build, package, or deploy any hardware to run the Grafana server.

- *

Don't use CreateWorkspace to modify an existing workspace. Instead, - * use UpdateWorkspace.

+ * dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to + * build, package, or deploy any hardware to run the Grafana server.

+ *

Don't use CreateWorkspace to modify an existing workspace. Instead, + * use UpdateWorkspace.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/DeleteWorkspaceApiKeyCommand.ts b/clients/client-grafana/src/commands/DeleteWorkspaceApiKeyCommand.ts index b8c95814749c..090feac107c9 100644 --- a/clients/client-grafana/src/commands/DeleteWorkspaceApiKeyCommand.ts +++ b/clients/client-grafana/src/commands/DeleteWorkspaceApiKeyCommand.ts @@ -29,7 +29,7 @@ export interface DeleteWorkspaceApiKeyCommandInput extends DeleteWorkspaceApiKey export interface DeleteWorkspaceApiKeyCommandOutput extends DeleteWorkspaceApiKeyResponse, __MetadataBearer {} /** - *

Deletes an API key for a workspace.

+ *

Deletes a Grafana API key for the workspace.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/DescribeWorkspaceConfigurationCommand.ts b/clients/client-grafana/src/commands/DescribeWorkspaceConfigurationCommand.ts new file mode 100644 index 000000000000..69145a9f37e8 --- /dev/null +++ b/clients/client-grafana/src/commands/DescribeWorkspaceConfigurationCommand.ts @@ -0,0 +1,122 @@ +// smithy-typescript generated code +import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint"; +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { + DescribeWorkspaceConfigurationRequest, + DescribeWorkspaceConfigurationRequestFilterSensitiveLog, + DescribeWorkspaceConfigurationResponse, + DescribeWorkspaceConfigurationResponseFilterSensitiveLog, +} from "../models/models_0"; +import { + deserializeAws_restJson1DescribeWorkspaceConfigurationCommand, + serializeAws_restJson1DescribeWorkspaceConfigurationCommand, +} from "../protocols/Aws_restJson1"; + +export interface DescribeWorkspaceConfigurationCommandInput extends DescribeWorkspaceConfigurationRequest {} +export interface DescribeWorkspaceConfigurationCommandOutput + extends DescribeWorkspaceConfigurationResponse, + __MetadataBearer {} + +/** + *

Gets the current configuration string for the given workspace.

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, DescribeWorkspaceConfigurationCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, DescribeWorkspaceConfigurationCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new DescribeWorkspaceConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeWorkspaceConfigurationCommandInput} for command's `input` shape. + * @see {@link DescribeWorkspaceConfigurationCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for GrafanaClient's `config` shape. + * + */ +export class DescribeWorkspaceConfigurationCommand extends $Command< + DescribeWorkspaceConfigurationCommandInput, + DescribeWorkspaceConfigurationCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: DescribeWorkspaceConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + this.middlewareStack.use( + getEndpointPlugin(configuration, DescribeWorkspaceConfigurationCommand.getEndpointParameterInstructions()) + ); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "DescribeWorkspaceConfigurationCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DescribeWorkspaceConfigurationRequestFilterSensitiveLog, + outputFilterSensitiveLog: DescribeWorkspaceConfigurationResponseFilterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: DescribeWorkspaceConfigurationCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_restJson1DescribeWorkspaceConfigurationCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1DescribeWorkspaceConfigurationCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/ListPermissionsCommand.ts b/clients/client-grafana/src/commands/ListPermissionsCommand.ts index 47469f205395..b18e03188377 100644 --- a/clients/client-grafana/src/commands/ListPermissionsCommand.ts +++ b/clients/client-grafana/src/commands/ListPermissionsCommand.ts @@ -30,12 +30,12 @@ export interface ListPermissionsCommandOutput extends ListPermissionsResponse, _ /** *

Lists the users and groups who have the Grafana Admin and - * Editor roles in this workspace. If you use this - * operation without specifying userId or groupId, the operation returns - * the roles of all users - * and groups. If you specify a userId or a groupId, only the roles - * for that user or group are returned. If you do this, you can specify only one userId or - * one groupId.

+ * Editor roles in this workspace. If you use this + * operation without specifying userId or groupId, the operation returns + * the roles of all users + * and groups. If you specify a userId or a groupId, only the roles + * for that user or group are returned. If you do this, you can specify only one userId or + * one groupId.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/ListTagsForResourceCommand.ts b/clients/client-grafana/src/commands/ListTagsForResourceCommand.ts index 3ded9e25ffa4..f76042a981d3 100644 --- a/clients/client-grafana/src/commands/ListTagsForResourceCommand.ts +++ b/clients/client-grafana/src/commands/ListTagsForResourceCommand.ts @@ -30,8 +30,8 @@ export interface ListTagsForResourceCommandOutput extends ListTagsForResourceRes /** *

The ListTagsForResource operation returns the tags that - * are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. - * Currently, the only resource that can be tagged is a workspace.

+ * are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. + * Currently, the only resource that can be tagged is a workspace.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/ListWorkspacesCommand.ts b/clients/client-grafana/src/commands/ListWorkspacesCommand.ts index 01aa46fb8bf6..d7e62d351fca 100644 --- a/clients/client-grafana/src/commands/ListWorkspacesCommand.ts +++ b/clients/client-grafana/src/commands/ListWorkspacesCommand.ts @@ -30,7 +30,7 @@ export interface ListWorkspacesCommandOutput extends ListWorkspacesResponse, __M /** *

Returns a list of Amazon Managed Grafana workspaces in the account, with some information - * about each workspace. For more complete information about one workspace, use DescribeWorkspace.

+ * about each workspace. For more complete information about one workspace, use DescribeWorkspace.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/TagResourceCommand.ts b/clients/client-grafana/src/commands/TagResourceCommand.ts index a03dfdfb7184..51a3acb2db82 100644 --- a/clients/client-grafana/src/commands/TagResourceCommand.ts +++ b/clients/client-grafana/src/commands/TagResourceCommand.ts @@ -30,10 +30,10 @@ export interface TagResourceCommandOutput extends TagResourceResponse, __Metadat /** *

The TagResource operation associates tags with an Amazon Managed Grafana resource. - * Currently, the only resource that can be tagged is workspaces.

- *

If you specify a new tag key for the resource, this tag is appended to the list of tags associated - * with the resource. If you specify a tag key that is already associated with the resource, the new tag - * value that you specify replaces the previous value for that tag.

+ * Currently, the only resource that can be tagged is workspaces.

+ *

If you specify a new tag key for the resource, this tag is appended to the list of tags associated + * with the resource. If you specify a tag key that is already associated with the resource, the new tag + * value that you specify replaces the previous value for that tag.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/UntagResourceCommand.ts b/clients/client-grafana/src/commands/UntagResourceCommand.ts index 5afc69016314..d1ec78ab7e0d 100644 --- a/clients/client-grafana/src/commands/UntagResourceCommand.ts +++ b/clients/client-grafana/src/commands/UntagResourceCommand.ts @@ -30,7 +30,7 @@ export interface UntagResourceCommandOutput extends UntagResourceResponse, __Met /** *

The UntagResource operation removes the association of the tag with the Amazon Managed Grafana resource. - *

+ *

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts b/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts index 39840400e387..abb1db51cdde 100644 --- a/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts +++ b/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts @@ -32,9 +32,9 @@ export interface UpdateWorkspaceAuthenticationCommandOutput /** *

Use this operation to define the identity provider (IdP) that this workspace - * authenticates users from, using SAML. You can also map SAML assertion attributes to - * workspace user information and define which groups in the assertion attribute are to have - * the Admin and Editor roles in the workspace.

+ * authenticates users from, using SAML. You can also map SAML assertion attributes to + * workspace user information and define which groups in the assertion attribute are to have + * the Admin and Editor roles in the workspace.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts b/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts index b90a789cef0e..4f084b550a79 100644 --- a/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts +++ b/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts @@ -30,11 +30,11 @@ export interface UpdateWorkspaceCommandOutput extends UpdateWorkspaceResponse, _ /** *

Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any - * optional parameters, the existing values of those parameters are not changed.

- *

To modify the user authentication methods that the workspace uses, such as SAML or Amazon Web Services SSO, - * use UpdateWorkspaceAuthentication.

- *

To modify which users in the workspace have the Admin and Editor Grafana roles, - * use UpdatePermissions.

+ * optional parameters, the existing values of those parameters are not changed.

+ *

To modify the user authentication methods that the workspace uses, such as SAML or IAM Identity Center, + * use UpdateWorkspaceAuthentication.

+ *

To modify which users in the workspace have the Admin and Editor Grafana roles, + * use UpdatePermissions.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-grafana/src/commands/UpdateWorkspaceConfigurationCommand.ts b/clients/client-grafana/src/commands/UpdateWorkspaceConfigurationCommand.ts new file mode 100644 index 000000000000..aad3793e3b93 --- /dev/null +++ b/clients/client-grafana/src/commands/UpdateWorkspaceConfigurationCommand.ts @@ -0,0 +1,119 @@ +// smithy-typescript generated code +import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint"; +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { + UpdateWorkspaceConfigurationRequest, + UpdateWorkspaceConfigurationRequestFilterSensitiveLog, + UpdateWorkspaceConfigurationResponse, + UpdateWorkspaceConfigurationResponseFilterSensitiveLog, +} from "../models/models_0"; +import { + deserializeAws_restJson1UpdateWorkspaceConfigurationCommand, + serializeAws_restJson1UpdateWorkspaceConfigurationCommand, +} from "../protocols/Aws_restJson1"; + +export interface UpdateWorkspaceConfigurationCommandInput extends UpdateWorkspaceConfigurationRequest {} +export interface UpdateWorkspaceConfigurationCommandOutput + extends UpdateWorkspaceConfigurationResponse, + __MetadataBearer {} + +/** + *

Updates the configuration string for the given workspace

+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, UpdateWorkspaceConfigurationCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, UpdateWorkspaceConfigurationCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new UpdateWorkspaceConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateWorkspaceConfigurationCommandInput} for command's `input` shape. + * @see {@link UpdateWorkspaceConfigurationCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for GrafanaClient's `config` shape. + * + */ +export class UpdateWorkspaceConfigurationCommand extends $Command< + UpdateWorkspaceConfigurationCommandInput, + UpdateWorkspaceConfigurationCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: UpdateWorkspaceConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + this.middlewareStack.use( + getEndpointPlugin(configuration, UpdateWorkspaceConfigurationCommand.getEndpointParameterInstructions()) + ); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "UpdateWorkspaceConfigurationCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: UpdateWorkspaceConfigurationRequestFilterSensitiveLog, + outputFilterSensitiveLog: UpdateWorkspaceConfigurationResponseFilterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: UpdateWorkspaceConfigurationCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1UpdateWorkspaceConfigurationCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1UpdateWorkspaceConfigurationCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/index.ts b/clients/client-grafana/src/commands/index.ts index ef580c6e7e68..4bff8b19a4c0 100644 --- a/clients/client-grafana/src/commands/index.ts +++ b/clients/client-grafana/src/commands/index.ts @@ -6,6 +6,7 @@ export * from "./DeleteWorkspaceApiKeyCommand"; export * from "./DeleteWorkspaceCommand"; export * from "./DescribeWorkspaceAuthenticationCommand"; export * from "./DescribeWorkspaceCommand"; +export * from "./DescribeWorkspaceConfigurationCommand"; export * from "./DisassociateLicenseCommand"; export * from "./ListPermissionsCommand"; export * from "./ListTagsForResourceCommand"; @@ -15,3 +16,4 @@ export * from "./UntagResourceCommand"; export * from "./UpdatePermissionsCommand"; export * from "./UpdateWorkspaceAuthenticationCommand"; export * from "./UpdateWorkspaceCommand"; +export * from "./UpdateWorkspaceConfigurationCommand"; diff --git a/clients/client-grafana/src/models/models_0.ts b/clients/client-grafana/src/models/models_0.ts index 5a180e4a75a3..cc57be13e450 100644 --- a/clients/client-grafana/src/models/models_0.ts +++ b/clients/client-grafana/src/models/models_0.ts @@ -1,5 +1,9 @@ // smithy-typescript generated code -import { ExceptionOptionType as __ExceptionOptionType, SENSITIVE_STRING } from "@aws-sdk/smithy-client"; +import { + ExceptionOptionType as __ExceptionOptionType, + LazyJsonString as __LazyJsonString, + SENSITIVE_STRING, +} from "@aws-sdk/smithy-client"; import { GrafanaServiceException as __BaseException } from "./GrafanaServiceException"; @@ -66,24 +70,24 @@ export class ConflictException extends __BaseException { export interface CreateWorkspaceApiKeyRequest { /** - *

Specifies the name of the key to create. Key names must be unique to the workspace.

+ *

Specifies the name of the key. Keynames must be unique to the workspace.

*/ keyName: string | undefined; /** *

Specifies the permission level of the key.

- *

Valid Values: VIEWER | EDITOR | ADMIN + *

Valid values: VIEWER|EDITOR|ADMIN *

*/ keyRole: string | undefined; /** - *

Specifies the time in seconds until the key expires. Keys can be valid for up to 30 days.

+ *

Specifies the time in seconds until the key expires. Keys can be valid for up to 30 days.

*/ secondsToLive: number | undefined; /** - *

The ID of the workspace in which to create an API key.

+ *

The ID of the workspace to create an API key.

*/ workspaceId: string | undefined; } @@ -95,8 +99,8 @@ export interface CreateWorkspaceApiKeyResponse { keyName: string | undefined; /** - *

The key token that was created. Use this value as a bearer token to - * authenticate HTTP requests to the workspace.

+ *

The key token. Use this value as a bearer token to + * authenticate HTTP requests to the workspace.

*/ key: string | undefined; @@ -311,7 +315,7 @@ export interface DeleteWorkspaceApiKeyRequest { export interface DeleteWorkspaceApiKeyResponse { /** - *

The name of the API key that was deleted.

+ *

The name of the key that was deleted.

*/ keyName: string | undefined; @@ -403,13 +407,14 @@ export enum SamlConfigurationStatus { } /** - *

A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods - * for user authentication, and whether that authentication is fully configured.

+ *

A structure that describes whether the workspace uses SAML, IAM Identity Center, or + * both methods for user authentication, and whether that authentication is fully + * configured.

*/ export interface AuthenticationSummary { /** - *

Specifies whether the workspace uses SAML, Amazon Web Services SSO, or both methods for user - * authentication.

+ *

Specifies whether the workspace uses SAML, IAM Identity Center, or both methods for user + * authentication.

*/ providers: (AuthenticationProviderTypes | string)[] | undefined; @@ -448,6 +453,10 @@ export enum DataSourceType { * Timestream */ TIMESTREAM = "TIMESTREAM", + /** + * IoT TwinMaker + */ + TWINMAKER = "TWINMAKER", /** * X-Ray */ @@ -519,15 +528,33 @@ export enum WorkspaceStatus { UPGRADING = "UPGRADING", } +/** + *

The configuration settings for an Amazon VPC that contains data sources + * for your Grafana workspace to connect to.

+ */ +export interface VpcConfiguration { + /** + *

The list of Amazon EC2 security group IDs attached to the Amazon VPC + * for your Grafana workspace to connect.

+ */ + securityGroupIds: string[] | undefined; + + /** + *

The list of Amazon EC2 subnet IDs created in the Amazon VPC for + * your Grafana workspace to connect.

+ */ + subnetIds: string[] | undefined; +} + /** *

A structure containing information about an Amazon Managed Grafana workspace in your account.

*/ export interface WorkspaceDescription { /** *

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in - * other accounts in the same organization. If this is ORGANIZATION, the + * other accounts in the same organization. If this is ORGANIZATION, the * workspaceOrganizationalUnits parameter specifies which organizational units - * the workspace can access.

+ * the workspace can access.

*/ accountAccessType?: AccountAccessType | string; @@ -538,8 +565,8 @@ export interface WorkspaceDescription { /** *

Specifies the Amazon Web Services data sources that have been configured to have IAM - * roles and permissions created to allow - * Amazon Managed Grafana to read data from these sources.

+ * roles and permissions created to allow + * Amazon Managed Grafana to read data from these sources.

*/ dataSources: (DataSourceType | string)[] | undefined; @@ -580,34 +607,34 @@ export interface WorkspaceDescription { /** *

The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM - * roles and permissions for, to allow - * Amazon Managed Grafana to use these channels.

+ * roles and permissions for, to allow + * Amazon Managed Grafana to use these channels.

*/ notificationDestinations?: (NotificationDestinationType | string)[]; /** *

Specifies the organizational units that this workspace is allowed to use data sources - * from, if this workspace is in an account that is part of an organization.

+ * from, if this workspace is in an account that is part of an organization.

*/ organizationalUnits?: string[]; /** *

If this is Service Managed, Amazon Managed Grafana automatically creates the IAM roles - * and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

- *

If this is CUSTOMER_MANAGED, you manage those roles and permissions - * yourself. If you are creating this workspace in a member account of an organization and that account is not a - * delegated administrator account, and - * you want the workspace to access data sources in other Amazon Web Services accounts in the - * organization, you must choose CUSTOMER_MANAGED.

- *

For more information, see Amazon Managed Grafana permissions and policies for - * Amazon Web Services data sources and notification channels + * and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

+ *

If this is CUSTOMER_MANAGED, you manage those roles and permissions + * yourself. If you are creating this workspace in a member account of an organization and that account is not a + * delegated administrator account, and + * you want the workspace to access data sources in other Amazon Web Services accounts in the + * organization, you must choose CUSTOMER_MANAGED.

+ *

For more information, see Amazon Managed Grafana permissions and policies for + * Amazon Web Services data sources and notification channels *

*/ permissionType?: PermissionType | string; /** *

The name of the CloudFormation stack set that is used to generate IAM roles - * to be used for this workspace.

+ * to be used for this workspace.

*/ stackSetName?: string; @@ -618,7 +645,7 @@ export interface WorkspaceDescription { /** *

The IAM role that grants permissions to the Amazon Web Services resources that the - * workspace will view data from. This role must already exist.

+ * workspace will view data from. This role must already exist.

*/ workspaceRoleArn?: string; @@ -634,19 +661,19 @@ export interface WorkspaceDescription { /** *

If this workspace has a full Grafana Enterprise license, this specifies when the license ends and - * will need to be renewed.

+ * will need to be renewed.

*/ licenseExpiration?: Date; /** *

If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies - * when that free trial ends.

+ * when that free trial ends.

*/ freeTrialExpiration?: Date; /** - *

A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods - * for user authentication.

+ *

A structure that describes whether the workspace uses SAML, IAM Identity Center, or both methods + * for user authentication.

*/ authentication: AuthenticationSummary | undefined; @@ -654,6 +681,12 @@ export interface WorkspaceDescription { *

The list of tags associated with the workspace.

*/ tags?: Record; + + /** + *

The configuration for connecting to data sources in a private VPC + * (Amazon Virtual Private Cloud).

+ */ + vpcConfiguration?: VpcConfiguration; } export interface AssociateLicenseResponse { @@ -672,26 +705,26 @@ export interface DescribeWorkspaceAuthenticationRequest { /** *

A structure containing information about how this workspace works with - * Amazon Web Services SSO.

+ * IAM Identity Center.

*/ export interface AwsSsoAuthentication { /** - *

The ID of the Amazon Web Services SSO-managed application that is created by Amazon Managed Grafana.

+ *

The ID of the IAM Identity Center-managed application that is created by Amazon Managed Grafana.

*/ ssoClientId?: string; } /** *

A structure containing the identity provider (IdP) metadata used to integrate the - * identity provider with this workspace. You can specify the metadata either by providing a - * URL to its location in the url parameter, or by specifying the full metadata - * in XML format in the xml parameter.

+ * identity provider with this workspace. You can specify the metadata either by providing a + * URL to its location in the url parameter, or by specifying the full metadata + * in XML format in the xml parameter. Specifying both will cause an error.

*/ export type IdpMetadata = IdpMetadata.UrlMember | IdpMetadata.XmlMember | IdpMetadata.$UnknownMember; export namespace IdpMetadata { /** - *

The URL of the location containing the metadata.

+ *

The URL of the location containing the IdP metadata.

*/ export interface UrlMember { url: string; @@ -700,7 +733,7 @@ export namespace IdpMetadata { } /** - *

The actual full metadata file, in XML format.

+ *

The full IdP metadata, in XML format.

*/ export interface XmlMember { url?: never; @@ -728,8 +761,11 @@ export namespace IdpMetadata { } /** - *

This structure defines which groups defined in the SAML assertion attribute are to be mapped - * to the Grafana Admin and Editor roles in the workspace.

+ *

This structure defines which groups defined in the SAML assertion attribute are to + * be mapped to the Grafana Admin and Editor roles in the + * workspace. SAML authenticated users not part of Admin or + * Editor role groups have Viewer permission over the + * workspace.

*/ export interface RoleValues { /** @@ -747,36 +783,36 @@ export interface RoleValues { /** *

A structure containing information about how this workspace works with - * SAML.

+ * SAML.

*/ export interface SamlConfiguration { /** *

A structure containing the identity provider (IdP) metadata used to integrate the - * identity provider with this workspace.

+ * identity provider with this workspace.

*/ idpMetadata: IdpMetadata | undefined; /** *

A structure that defines which attributes in the SAML assertion are to be used to define information about - * the users authenticated by that IdP to use the workspace.

+ * the users authenticated by that IdP to use the workspace.

*/ assertionAttributes?: AssertionAttributes; /** *

A structure containing arrays that map group names in the SAML assertion to the - * Grafana Admin and Editor roles in the workspace.

+ * Grafana Admin and Editor roles in the workspace.

*/ roleValues?: RoleValues; /** *

Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. - * If this is empty, all organizations in the assertion attribute have access.

+ * If this is empty, all organizations in the assertion attribute have access.

*/ allowedOrganizations?: string[]; /** *

How long a sign-on session by a SAML user is valid, before the user has to sign on - * again.

+ * again.

*/ loginValidityDuration?: number; } @@ -799,24 +835,27 @@ export interface SamlAuthentication { } /** - *

A structure containing information about the user authentication methods used by the workspace.

+ *

A structure containing information about the user authentication methods used by + * the workspace.

*/ export interface AuthenticationDescription { /** - *

Specifies whether this workspace uses Amazon Web Services SSO, SAML, or both methods to authenticate - * users to use the Grafana console in the Amazon Managed Grafana workspace.

+ *

Specifies whether this workspace uses IAM Identity Center, SAML, or both methods + * to authenticate users to use the Grafana console in the Amazon Managed Grafana + * workspace.

*/ providers: (AuthenticationProviderTypes | string)[] | undefined; /** *

A structure containing information about how this workspace works with - * SAML, including what attributes within the assertion are to be mapped to user information in the workspace.

+ * SAML, including what attributes within the assertion are to be mapped to + * user information in the workspace.

*/ saml?: SamlAuthentication; /** *

A structure containing information about how this workspace works with - * Amazon Web Services SSO.

+ * IAM Identity Center.

*/ awsSso?: AwsSsoAuthentication; } @@ -824,7 +863,7 @@ export interface AuthenticationDescription { export interface DescribeWorkspaceAuthenticationResponse { /** *

A structure containing information about the authentication methods used in - * the workspace.

+ * the workspace.

*/ authentication: AuthenticationDescription | undefined; } @@ -836,18 +875,18 @@ export interface UpdateWorkspaceAuthenticationRequest { workspaceId: string | undefined; /** - *

Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate - * users for using the Grafana console within a workspace. For more information, - * see User authentication in - * Amazon Managed Grafana.

+ *

Specifies whether this workspace uses SAML 2.0, IAM Identity Center (successor to Single Sign-On), or both to authenticate + * users for using the Grafana console within a workspace. For more information, + * see User authentication in + * Amazon Managed Grafana.

*/ authenticationProviders: (AuthenticationProviderTypes | string)[] | undefined; /** *

If the workspace uses SAML, use this structure to - * map SAML assertion attributes to workspace user information and - * define which groups in the assertion attribute are to have the Admin and Editor roles - * in the workspace.

+ * map SAML assertion attributes to workspace user information and + * define which groups in the assertion attribute are to have the Admin and Editor roles + * in the workspace.

*/ samlConfiguration?: SamlConfiguration; } @@ -859,6 +898,36 @@ export interface UpdateWorkspaceAuthenticationResponse { authentication: AuthenticationDescription | undefined; } +export interface DescribeWorkspaceConfigurationRequest { + /** + *

The ID of the workspace to get configuration information for.

+ */ + workspaceId: string | undefined; +} + +export interface DescribeWorkspaceConfigurationResponse { + /** + *

The configuration string for the workspace that you requested. For more information + * about the format and configuration options available, see Working in your Grafana workspace.

+ */ + configuration: __LazyJsonString | string | undefined; +} + +export interface UpdateWorkspaceConfigurationRequest { + /** + *

The new configuration string for the workspace. For more information + * about the format and configuration options available, see Working in your Grafana workspace.

+ */ + configuration: __LazyJsonString | string | undefined; + + /** + *

The ID of the workspace to update.

+ */ + workspaceId: string | undefined; +} + +export interface UpdateWorkspaceConfigurationResponse {} + export interface DisassociateLicenseRequest { /** *

The ID of the workspace to remove the Grafana Enterprise license from.

@@ -911,13 +980,13 @@ export interface ListPermissionsRequest { /** *

The token to use when requesting the next set of results. You received this token from a previous - * ListPermissions operation.

+ * ListPermissions operation.

*/ nextToken?: string; /** - *

(Optional) If you specify SSO_USER, then only the permissions of Amazon Web Services SSO users - * are returned. If you specify SSO_GROUP, only the permissions of Amazon Web Services SSO groups + *

(Optional) If you specify SSO_USER, then only the permissions of IAM Identity Center users + * are returned. If you specify SSO_GROUP, only the permissions of IAM Identity Center groups * are returned.

*/ userType?: UserType | string; @@ -959,7 +1028,7 @@ export enum Role { export interface User { /** *

The ID of the user or group.

- *

Pattern: ^([0-9a-fA-F]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ + *

Pattern: ^([0-9a-fA-F]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ *

*/ id: string | undefined; @@ -971,8 +1040,8 @@ export interface User { } /** - *

A structure containing the identity of one user or group and the Admin - * or Editor role that they have.

+ *

A structure containing the identity of one user or group and the Admin, + * Editor, or Viewer role that they have.

*/ export interface PermissionEntry { /** @@ -981,8 +1050,8 @@ export interface PermissionEntry { user: User | undefined; /** - *

Specifies whether the user or group has the Admin - * or Editor role.

+ *

Specifies whether the user or group has the Admin, + * Editor, or Viewer role.

*/ role: Role | string | undefined; } @@ -990,7 +1059,7 @@ export interface PermissionEntry { export interface ListPermissionsResponse { /** *

The token to use in a subsequent ListPermissions operation to return - * the next set of results.

+ * the next set of results.

*/ nextToken?: string; @@ -1013,7 +1082,7 @@ export enum UpdateAction { /** *

Contains the instructions for one Grafana role permission update in a - * UpdatePermissions operation.

+ * UpdatePermissions operation.

*/ export interface UpdateInstruction { /** @@ -1080,7 +1149,7 @@ export interface TagResourceRequest { /** *

The list of tag keys and values to associate with the resource. You can associate tag keys only, tags (key and values) only - * or a combination of tag keys and tags.

+ * or a combination of tag keys and tags.

*/ tags: Record | undefined; } @@ -1104,8 +1173,8 @@ export interface UntagResourceResponse {} export interface CreateWorkspaceRequest { /** *

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in - * other accounts in the same organization. If you specify ORGANIZATION, you must - * specify which organizational units the workspace can access in the + * other accounts in the same organization. If you specify ORGANIZATION, you must + * specify which organizational units the workspace can access in the * workspaceOrganizationalUnits parameter.

*/ accountAccessType: AccountAccessType | string | undefined; @@ -1117,44 +1186,45 @@ export interface CreateWorkspaceRequest { /** *

The name of an IAM role that already exists to use with Organizations to access Amazon Web Services - * data sources and notification channels in other accounts in an organization.

+ * data sources and notification channels in other accounts in an organization.

*/ organizationRoleName?: string; /** *

If you specify SERVICE_MANAGED on AWS Grafana console, Amazon Managed Grafana automatically creates - * the IAM roles and provisions the permissions that the workspace needs to use - * Amazon Web Services data sources and notification channels. In CLI mode, the permissionType SERVICE_MANAGED will not create the IAM role - * for you.

- *

If you specify CUSTOMER_MANAGED, you will manage those roles and - * permissions yourself. If you are creating this workspace in a member account of an - * organization that is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services - * accounts in the organization, you must choose CUSTOMER_MANAGED.

- *

For more information, see Amazon Managed Grafana permissions and policies for - * Amazon Web Services data sources and notification channels.

+ * the IAM roles and provisions the permissions that the workspace needs to use + * Amazon Web Services data sources and notification channels. In the CLI mode, the permissionType SERVICE_MANAGED will not create the IAM role + * for you. The ability for the Amazon Managed Grafana to create the IAM role on behalf of the user is supported only in the + * Amazon Managed Grafana AWS console. Use only the CUSTOMER_MANAGED permission type when creating a workspace in the CLI.

+ *

If you specify CUSTOMER_MANAGED, you will manage those roles and + * permissions yourself. If you are creating this workspace in a member account of an + * organization that is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services + * accounts in the organization, you must choose CUSTOMER_MANAGED.

+ *

For more information, see Amazon Managed Grafana permissions and policies for + * Amazon Web Services data sources and notification channels.

*/ permissionType: PermissionType | string | undefined; /** *

The name of the CloudFormation stack set to use to generate IAM roles - * to be used for this workspace.

+ * to be used for this workspace.

*/ stackSetName?: string; /** *

Specify the Amazon Web Services data sources that you want to be queried in this - * workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these - * sources. You must still add them as data sources in the Grafana console in the - * workspace.

- *

If you don't specify a data source here, you can still add it as a data source in the - * workspace console later. However, you will then have to manually configure permissions for - * it.

+ * workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these + * sources. You must still add them as data sources in the Grafana console in the + * workspace.

+ *

If you don't specify a data source here, you can still add it as a data source in the + * workspace console later. However, you will then have to manually configure permissions for + * it.

*/ workspaceDataSources?: (DataSourceType | string)[]; /** *

A description for the workspace. This is used only to help you identify this workspace.

- *

Pattern: ^[\\p{L}\\p{Z}\\p{N}\\p{P}]{0,2048}$ + *

Pattern: ^[\\p{L}\\p{Z}\\p{N}\\p{P}]{0,2048}$ *

*/ workspaceDescription?: string; @@ -1166,28 +1236,28 @@ export interface CreateWorkspaceRequest { /** *

Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these - * data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow - * Amazon Managed Grafana to use these channels.

+ * data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow + * Amazon Managed Grafana to use these channels.

*/ workspaceNotificationDestinations?: (NotificationDestinationType | string)[]; /** *

Specifies the organizational units that this workspace is allowed to use data sources - * from, if this workspace is in an account that is part of an organization.

+ * from, if this workspace is in an account that is part of an organization.

*/ workspaceOrganizationalUnits?: string[]; /** *

The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the - * workspace will view data from. If you already have a role that you want to use, specify it here. The permission type should be set to CUSTOMER_MANAGED.

+ * workspace will view data from. If you already have a role that you want to use, specify it here. The permission type should be set to CUSTOMER_MANAGED.

*/ workspaceRoleArn?: string; /** - *

Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate - * users for using the Grafana console within a workspace. For more information, - * see User authentication in - * Amazon Managed Grafana.

+ *

Specifies whether this workspace uses SAML 2.0, IAM Identity Center (successor to Single Sign-On), or both to authenticate + * users for using the Grafana console within a workspace. For more information, + * see User authentication in + * Amazon Managed Grafana.

*/ authenticationProviders: (AuthenticationProviderTypes | string)[] | undefined; @@ -1195,6 +1265,18 @@ export interface CreateWorkspaceRequest { *

The list of tags associated with the workspace.

*/ tags?: Record; + + /** + *

The configuration settings for an Amazon VPC that contains data sources + * for your Grafana workspace to connect to.

+ */ + vpcConfiguration?: VpcConfiguration; + + /** + *

The configuration string for the workspace that you create. For more information + * about the format and configuration options available, see Working in your Grafana workspace.

+ */ + configuration?: __LazyJsonString | string; } export interface CreateWorkspaceResponse { @@ -1240,7 +1322,7 @@ export interface ListWorkspacesRequest { /** *

The token for the next set of workspaces to return. (You receive this token from a - * previous ListWorkspaces operation.)

+ * previous ListWorkspaces operation.)

*/ nextToken?: string; } @@ -1286,8 +1368,8 @@ export interface WorkspaceSummary { /** *

The Amazon Web Services notification channels that Amazon Managed Grafana can automatically - * create IAM roles and permissions for, which allows Amazon Managed Grafana to use - * these channels.

+ * create IAM roles and permissions for, which allows Amazon Managed Grafana to use + * these channels.

*/ notificationDestinations?: (NotificationDestinationType | string)[]; @@ -1298,7 +1380,7 @@ export interface WorkspaceSummary { /** *

A structure containing information about the authentication methods used in - * the workspace.

+ * the workspace.

*/ authentication: AuthenticationSummary | undefined; @@ -1323,8 +1405,8 @@ export interface ListWorkspacesResponse { export interface UpdateWorkspaceRequest { /** *

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in - * other accounts in the same organization. If you specify ORGANIZATION, you must - * specify which organizational units the workspace can access in the + * other accounts in the same organization. If you specify ORGANIZATION, you must + * specify which organizational units the workspace can access in the * workspaceOrganizationalUnits parameter.

*/ accountAccessType?: AccountAccessType | string; @@ -1336,32 +1418,32 @@ export interface UpdateWorkspaceRequest { /** *

If you specify Service Managed, Amazon Managed Grafana automatically creates - * the IAM roles and provisions the permissions that the workspace needs to use + * the IAM roles and provisions the permissions that the workspace needs to use * Amazon Web Services data sources and notification channels.

- *

If you specify CUSTOMER_MANAGED, you will manage those roles and - * permissions yourself. If you are creating this workspace in a member account of an - * organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services - * accounts in the organization, you must choose CUSTOMER_MANAGED.

- *

For more information, see Amazon Managed Grafana permissions and policies for - * Amazon Web Services data sources and notification channels + *

If you specify CUSTOMER_MANAGED, you will manage those roles and + * permissions yourself. If you are creating this workspace in a member account of an + * organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services + * accounts in the organization, you must choose CUSTOMER_MANAGED.

+ *

For more information, see Amazon Managed Grafana permissions and policies for + * Amazon Web Services data sources and notification channels *

*/ permissionType?: PermissionType | string; /** *

The name of the CloudFormation stack set to use to generate IAM roles - * to be used for this workspace.

+ * to be used for this workspace.

*/ stackSetName?: string; /** *

Specify the Amazon Web Services data sources that you want to be queried in this - * workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these - * sources. You must still add them as data sources in the Grafana console in the - * workspace.

- *

If you don't specify a data source here, you can still add it as a data source later in - * the workspace console. However, you will then have to manually configure permissions for - * it.

+ * workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these + * sources. You must still add them as data sources in the Grafana console in the + * workspace.

+ *

If you don't specify a data source here, you can still add it as a data source later in + * the workspace console. However, you will then have to manually configure permissions for + * it.

*/ workspaceDataSources?: (DataSourceType | string)[]; @@ -1382,25 +1464,38 @@ export interface UpdateWorkspaceRequest { /** *

Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these - * data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow - * Amazon Managed Grafana to use these channels.

+ * data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow + * Amazon Managed Grafana to use these channels.

*/ workspaceNotificationDestinations?: (NotificationDestinationType | string)[]; /** *

Specifies the organizational units that this workspace is allowed to use data sources - * from, if this workspace is in an account that is part of an organization.

+ * from, if this workspace is in an account that is part of an organization.

*/ workspaceOrganizationalUnits?: string[]; /** *

The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the - * workspace will view data from. If you already have a role that you want to use, specify it here. If you omit - * this field and you specify some Amazon Web Services resources in workspaceDataSources or - * workspaceNotificationDestinations, a new IAM role with the necessary permissions is - * automatically created.

+ * workspace will view data from. If you already have a role that you want to use, specify it here. If you omit + * this field and you specify some Amazon Web Services resources in workspaceDataSources or + * workspaceNotificationDestinations, a new IAM role with the necessary permissions is + * automatically created.

*/ workspaceRoleArn?: string; + + /** + *

The configuration settings for an Amazon VPC that contains data sources + * for your Grafana workspace to connect to.

+ */ + vpcConfiguration?: VpcConfiguration; + + /** + *

Whether to remove the VPC configuration from the workspace.

+ *

Setting this to true and providing a vpcConfiguration to set + * will return an error.

+ */ + removeVpcConfiguration?: boolean; } export interface UpdateWorkspaceResponse { @@ -1467,6 +1562,13 @@ export const AuthenticationSummaryFilterSensitiveLog = (obj: AuthenticationSumma ...obj, }); +/** + * @internal + */ +export const VpcConfigurationFilterSensitiveLog = (obj: VpcConfiguration): any => ({ + ...obj, +}); + /** * @internal */ @@ -1573,6 +1675,42 @@ export const UpdateWorkspaceAuthenticationResponseFilterSensitiveLog = ( ...(obj.authentication && { authentication: AuthenticationDescriptionFilterSensitiveLog(obj.authentication) }), }); +/** + * @internal + */ +export const DescribeWorkspaceConfigurationRequestFilterSensitiveLog = ( + obj: DescribeWorkspaceConfigurationRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const DescribeWorkspaceConfigurationResponseFilterSensitiveLog = ( + obj: DescribeWorkspaceConfigurationResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateWorkspaceConfigurationRequestFilterSensitiveLog = ( + obj: UpdateWorkspaceConfigurationRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateWorkspaceConfigurationResponseFilterSensitiveLog = ( + obj: UpdateWorkspaceConfigurationResponse +): any => ({ + ...obj, +}); + /** * @internal */ diff --git a/clients/client-grafana/src/protocols/Aws_restJson1.ts b/clients/client-grafana/src/protocols/Aws_restJson1.ts index 0328b8f04ee0..ab753e9be473 100644 --- a/clients/client-grafana/src/protocols/Aws_restJson1.ts +++ b/clients/client-grafana/src/protocols/Aws_restJson1.ts @@ -10,6 +10,7 @@ import { expectString as __expectString, expectUnion as __expectUnion, extendedEncodeURIComponent as __extendedEncodeURIComponent, + LazyJsonString as __LazyJsonString, map as __map, parseEpochTimestamp as __parseEpochTimestamp, resolvedPath as __resolvedPath, @@ -39,6 +40,10 @@ import { DescribeWorkspaceAuthenticationCommandOutput, } from "../commands/DescribeWorkspaceAuthenticationCommand"; import { DescribeWorkspaceCommandInput, DescribeWorkspaceCommandOutput } from "../commands/DescribeWorkspaceCommand"; +import { + DescribeWorkspaceConfigurationCommandInput, + DescribeWorkspaceConfigurationCommandOutput, +} from "../commands/DescribeWorkspaceConfigurationCommand"; import { DisassociateLicenseCommandInput, DisassociateLicenseCommandOutput, @@ -57,6 +62,10 @@ import { UpdateWorkspaceAuthenticationCommandOutput, } from "../commands/UpdateWorkspaceAuthenticationCommand"; import { UpdateWorkspaceCommandInput, UpdateWorkspaceCommandOutput } from "../commands/UpdateWorkspaceCommand"; +import { + UpdateWorkspaceConfigurationCommandInput, + UpdateWorkspaceConfigurationCommandOutput, +} from "../commands/UpdateWorkspaceConfigurationCommand"; import { GrafanaServiceException as __BaseException } from "../models/GrafanaServiceException"; import { AccessDeniedException, @@ -82,6 +91,7 @@ import { User, ValidationException, ValidationExceptionField, + VpcConfiguration, WorkspaceDescription, WorkspaceSummary, } from "../models/models_0"; @@ -125,10 +135,14 @@ export const serializeAws_restJson1CreateWorkspaceCommand = async ( authenticationProviders: serializeAws_restJson1AuthenticationProviders(input.authenticationProviders, context), }), clientToken: input.clientToken ?? generateIdempotencyToken(), + ...(input.configuration != null && { configuration: __LazyJsonString.fromObject(input.configuration) }), ...(input.organizationRoleName != null && { organizationRoleName: input.organizationRoleName }), ...(input.permissionType != null && { permissionType: input.permissionType }), ...(input.stackSetName != null && { stackSetName: input.stackSetName }), ...(input.tags != null && { tags: serializeAws_restJson1TagMap(input.tags, context) }), + ...(input.vpcConfiguration != null && { + vpcConfiguration: serializeAws_restJson1VpcConfiguration(input.vpcConfiguration, context), + }), ...(input.workspaceDataSources != null && { workspaceDataSources: serializeAws_restJson1DataSourceTypesList(input.workspaceDataSources, context), }), @@ -273,6 +287,27 @@ export const serializeAws_restJson1DescribeWorkspaceAuthenticationCommand = asyn }); }; +export const serializeAws_restJson1DescribeWorkspaceConfigurationCommand = async ( + input: DescribeWorkspaceConfigurationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}/configuration"; + resolvedPath = __resolvedPath(resolvedPath, input, "workspaceId", () => input.workspaceId!, "{workspaceId}", false); + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + body, + }); +}; + export const serializeAws_restJson1DisassociateLicenseCommand = async ( input: DisassociateLicenseCommandInput, context: __SerdeContext @@ -462,7 +497,11 @@ export const serializeAws_restJson1UpdateWorkspaceCommand = async ( ...(input.accountAccessType != null && { accountAccessType: input.accountAccessType }), ...(input.organizationRoleName != null && { organizationRoleName: input.organizationRoleName }), ...(input.permissionType != null && { permissionType: input.permissionType }), + ...(input.removeVpcConfiguration != null && { removeVpcConfiguration: input.removeVpcConfiguration }), ...(input.stackSetName != null && { stackSetName: input.stackSetName }), + ...(input.vpcConfiguration != null && { + vpcConfiguration: serializeAws_restJson1VpcConfiguration(input.vpcConfiguration, context), + }), ...(input.workspaceDataSources != null && { workspaceDataSources: serializeAws_restJson1DataSourceTypesList(input.workspaceDataSources, context), }), @@ -524,6 +563,32 @@ export const serializeAws_restJson1UpdateWorkspaceAuthenticationCommand = async }); }; +export const serializeAws_restJson1UpdateWorkspaceConfigurationCommand = async ( + input: UpdateWorkspaceConfigurationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}/configuration"; + resolvedPath = __resolvedPath(resolvedPath, input, "workspaceId", () => input.workspaceId!, "{workspaceId}", false); + let body: any; + body = JSON.stringify({ + ...(input.configuration != null && { configuration: __LazyJsonString.fromObject(input.configuration) }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "PUT", + headers, + path: resolvedPath, + body, + }); +}; + export const deserializeAws_restJson1AssociateLicenseCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -919,6 +984,56 @@ const deserializeAws_restJson1DescribeWorkspaceAuthenticationCommandError = asyn } }; +export const deserializeAws_restJson1DescribeWorkspaceConfigurationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1DescribeWorkspaceConfigurationCommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.configuration != null) { + contents.configuration = new __LazyJsonString(data.configuration); + } + return contents; +}; + +const deserializeAws_restJson1DescribeWorkspaceConfigurationCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseErrorBody(output.body, context), + }; + const errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + throw await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context); + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + throw await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context); + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + throw await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + throw await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context); + default: + const parsedBody = parsedOutput.body; + throwDefaultError({ + output, + parsedBody, + exceptionCtor: __BaseException, + errorCode, + }); + } +}; + export const deserializeAws_restJson1DisassociateLicenseCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -1396,6 +1511,59 @@ const deserializeAws_restJson1UpdateWorkspaceAuthenticationCommandError = async } }; +export const deserializeAws_restJson1UpdateWorkspaceConfigurationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 202 && output.statusCode >= 300) { + return deserializeAws_restJson1UpdateWorkspaceConfigurationCommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + await collectBody(output.body, context); + return contents; +}; + +const deserializeAws_restJson1UpdateWorkspaceConfigurationCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseErrorBody(output.body, context), + }; + const errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + throw await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context); + case "ConflictException": + case "com.amazonaws.grafana#ConflictException": + throw await deserializeAws_restJson1ConflictExceptionResponse(parsedOutput, context); + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + throw await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context); + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + throw await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context); + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + throw await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context); + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + throw await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context); + default: + const parsedBody = parsedOutput.body; + throwDefaultError({ + output, + parsedBody, + exceptionCtor: __BaseException, + errorCode, + }); + } +}; + const map = __map; const deserializeAws_restJson1AccessDeniedExceptionResponse = async ( parsedOutput: any, @@ -1652,6 +1820,22 @@ const serializeAws_restJson1SamlConfiguration = (input: SamlConfiguration, conte }; }; +const serializeAws_restJson1SecurityGroupIds = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + return entry; + }); +}; + +const serializeAws_restJson1SubnetIds = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + return entry; + }); +}; + const serializeAws_restJson1TagMap = (input: Record, context: __SerdeContext): any => { return Object.entries(input).reduce((acc: Record, [key, value]: [string, any]) => { if (value === null) { @@ -1693,6 +1877,15 @@ const serializeAws_restJson1UserList = (input: User[], context: __SerdeContext): }); }; +const serializeAws_restJson1VpcConfiguration = (input: VpcConfiguration, context: __SerdeContext): any => { + return { + ...(input.securityGroupIds != null && { + securityGroupIds: serializeAws_restJson1SecurityGroupIds(input.securityGroupIds, context), + }), + ...(input.subnetIds != null && { subnetIds: serializeAws_restJson1SubnetIds(input.subnetIds, context) }), + }; +}; + const deserializeAws_restJson1AllowedOrganizations = (output: any, context: __SerdeContext): string[] => { const retVal = (output || []) .filter((e: any) => e != null) @@ -1876,6 +2069,30 @@ const deserializeAws_restJson1SamlConfiguration = (output: any, context: __Serde } as any; }; +const deserializeAws_restJson1SecurityGroupIds = (output: any, context: __SerdeContext): string[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); + return retVal; +}; + +const deserializeAws_restJson1SubnetIds = (output: any, context: __SerdeContext): string[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); + return retVal; +}; + const deserializeAws_restJson1TagMap = (output: any, context: __SerdeContext): Record => { return Object.entries(output).reduce((acc: Record, [key, value]: [string, any]) => { if (value === null) { @@ -1958,6 +2175,16 @@ const deserializeAws_restJson1ValidationExceptionFieldList = ( return retVal; }; +const deserializeAws_restJson1VpcConfiguration = (output: any, context: __SerdeContext): VpcConfiguration => { + return { + securityGroupIds: + output.securityGroupIds != null + ? deserializeAws_restJson1SecurityGroupIds(output.securityGroupIds, context) + : undefined, + subnetIds: output.subnetIds != null ? deserializeAws_restJson1SubnetIds(output.subnetIds, context) : undefined, + } as any; +}; + const deserializeAws_restJson1WorkspaceDescription = (output: any, context: __SerdeContext): WorkspaceDescription => { return { accountAccessType: __expectString(output.accountAccessType), @@ -1999,6 +2226,10 @@ const deserializeAws_restJson1WorkspaceDescription = (output: any, context: __Se stackSetName: __expectString(output.stackSetName), status: __expectString(output.status), tags: output.tags != null ? deserializeAws_restJson1TagMap(output.tags, context) : undefined, + vpcConfiguration: + output.vpcConfiguration != null + ? deserializeAws_restJson1VpcConfiguration(output.vpcConfiguration, context) + : undefined, workspaceRoleArn: __expectString(output.workspaceRoleArn), } as any; }; diff --git a/codegen/sdk-codegen/aws-models/grafana.json b/codegen/sdk-codegen/aws-models/grafana.json index a783df312055..3eb27b5d8b53 100644 --- a/codegen/sdk-codegen/aws-models/grafana.json +++ b/codegen/sdk-codegen/aws-models/grafana.json @@ -22,6 +22,9 @@ { "target": "com.amazonaws.grafana#Authentication" }, + { + "target": "com.amazonaws.grafana#Configuration" + }, { "target": "com.amazonaws.grafana#License" }, @@ -37,6 +40,7 @@ "aws.api#service": { "sdkId": "grafana", "arnNamespace": "grafana", + "cloudFormationName": "Grafana", "cloudTrailEventSource": "EVENT_SOURCE_VALUE" }, "aws.auth#sigv4": { @@ -389,9 +393,9 @@ } }, "params": { - "Region": "eu-central-1", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "eu-central-1" } }, { @@ -402,9 +406,9 @@ } }, "params": { - "Region": "eu-central-1", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "eu-central-1" } }, { @@ -415,9 +419,9 @@ } }, "params": { - "Region": "eu-central-1", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "eu-central-1" } }, { @@ -428,9 +432,9 @@ } }, "params": { - "Region": "eu-central-1", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "eu-central-1" } }, { @@ -441,9 +445,9 @@ } }, "params": { - "Region": "us-west-2", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "us-west-2" } }, { @@ -454,9 +458,9 @@ } }, "params": { - "Region": "us-west-2", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "us-west-2" } }, { @@ -467,9 +471,9 @@ } }, "params": { - "Region": "us-west-2", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "us-west-2" } }, { @@ -480,9 +484,9 @@ } }, "params": { - "Region": "us-west-2", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "us-west-2" } }, { @@ -493,9 +497,9 @@ } }, "params": { - "Region": "eu-west-2", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "eu-west-2" } }, { @@ -506,9 +510,9 @@ } }, "params": { - "Region": "eu-west-2", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "eu-west-2" } }, { @@ -519,9 +523,9 @@ } }, "params": { - "Region": "eu-west-2", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "eu-west-2" } }, { @@ -532,9 +536,9 @@ } }, "params": { - "Region": "eu-west-2", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "eu-west-2" } }, { @@ -545,9 +549,9 @@ } }, "params": { - "Region": "eu-west-1", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "eu-west-1" } }, { @@ -558,9 +562,9 @@ } }, "params": { - "Region": "eu-west-1", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "eu-west-1" } }, { @@ -571,9 +575,9 @@ } }, "params": { - "Region": "eu-west-1", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "eu-west-1" } }, { @@ -584,9 +588,9 @@ } }, "params": { - "Region": "eu-west-1", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "eu-west-1" } }, { @@ -597,9 +601,9 @@ } }, "params": { - "Region": "ap-northeast-2", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-northeast-2" } }, { @@ -610,9 +614,9 @@ } }, "params": { - "Region": "ap-northeast-2", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-northeast-2" } }, { @@ -623,9 +627,9 @@ } }, "params": { - "Region": "ap-northeast-2", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-northeast-2" } }, { @@ -636,9 +640,9 @@ } }, "params": { - "Region": "ap-northeast-2", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-northeast-2" } }, { @@ -649,9 +653,9 @@ } }, "params": { - "Region": "ap-northeast-1", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-northeast-1" } }, { @@ -662,9 +666,9 @@ } }, "params": { - "Region": "ap-northeast-1", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-northeast-1" } }, { @@ -675,9 +679,9 @@ } }, "params": { - "Region": "ap-northeast-1", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-northeast-1" } }, { @@ -688,9 +692,9 @@ } }, "params": { - "Region": "ap-northeast-1", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-northeast-1" } }, { @@ -701,9 +705,9 @@ } }, "params": { - "Region": "ap-southeast-1", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-southeast-1" } }, { @@ -714,9 +718,9 @@ } }, "params": { - "Region": "ap-southeast-1", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-southeast-1" } }, { @@ -727,9 +731,9 @@ } }, "params": { - "Region": "ap-southeast-1", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-southeast-1" } }, { @@ -740,9 +744,9 @@ } }, "params": { - "Region": "ap-southeast-1", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-southeast-1" } }, { @@ -753,9 +757,9 @@ } }, "params": { - "Region": "ap-southeast-2", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-southeast-2" } }, { @@ -766,9 +770,9 @@ } }, "params": { - "Region": "ap-southeast-2", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "ap-southeast-2" } }, { @@ -779,9 +783,9 @@ } }, "params": { - "Region": "ap-southeast-2", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-southeast-2" } }, { @@ -792,9 +796,9 @@ } }, "params": { - "Region": "ap-southeast-2", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "ap-southeast-2" } }, { @@ -805,9 +809,9 @@ } }, "params": { - "Region": "us-east-1", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "us-east-1" } }, { @@ -818,9 +822,9 @@ } }, "params": { - "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "us-east-1" } }, { @@ -831,9 +835,9 @@ } }, "params": { - "Region": "us-east-1", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "us-east-1" } }, { @@ -844,9 +848,9 @@ } }, "params": { - "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "us-east-1" } }, { @@ -857,9 +861,9 @@ } }, "params": { - "Region": "us-east-2", "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "Region": "us-east-2" } }, { @@ -870,9 +874,9 @@ } }, "params": { - "Region": "us-east-2", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "Region": "us-east-2" } }, { @@ -883,9 +887,9 @@ } }, "params": { - "Region": "us-east-2", "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "Region": "us-east-2" } }, { @@ -896,9 +900,9 @@ } }, "params": { - "Region": "us-east-2", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Region": "us-east-2" } }, { @@ -909,9 +913,9 @@ } }, "params": { - "Region": "us-east-1", "UseDualStack": false, "UseFIPS": false, + "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -921,9 +925,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "Region": "us-east-1", "UseDualStack": false, "UseFIPS": true, + "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -933,9 +937,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "Region": "us-east-1", "UseDualStack": true, "UseFIPS": false, + "Region": "us-east-1", "Endpoint": "https://example.com" } } @@ -1107,7 +1111,7 @@ } ], "traits": { - "smithy.api#documentation": "

Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise\n incurs additional fees. For more information, see Upgrade a workspace to\n Grafana Enterprise.

", + "smithy.api#documentation": "

Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise\n incurs additional fees. For more information, see Upgrade a workspace to\n Grafana Enterprise.

", "smithy.api#http": { "code": 202, "method": "POST", @@ -1155,18 +1159,17 @@ "target": "com.amazonaws.grafana#WorkspaceId" } }, - "operations": [ - { - "target": "com.amazonaws.grafana#DescribeWorkspaceAuthentication" - }, - { - "target": "com.amazonaws.grafana#UpdateWorkspaceAuthentication" - } - ], + "read": { + "target": "com.amazonaws.grafana#DescribeWorkspaceAuthentication" + }, + "update": { + "target": "com.amazonaws.grafana#UpdateWorkspaceAuthentication" + }, "traits": { "aws.api#arn": { "template": "workspaces/{workspaceId}/authentication" - } + }, + "aws.cloudformation#cfnResource": {} } }, "com.amazonaws.grafana#AuthenticationDescription": { @@ -1175,25 +1178,25 @@ "providers": { "target": "com.amazonaws.grafana#AuthenticationProviders", "traits": { - "smithy.api#documentation": "

Specifies whether this workspace uses Amazon Web Services SSO, SAML, or both methods to authenticate\n users to use the Grafana console in the Amazon Managed Grafana workspace.

", + "smithy.api#documentation": "

Specifies whether this workspace uses IAM Identity Center, SAML, or both methods \n to authenticate users to use the Grafana console in the Amazon Managed Grafana \n workspace.

", "smithy.api#required": {} } }, "saml": { "target": "com.amazonaws.grafana#SamlAuthentication", "traits": { - "smithy.api#documentation": "

A structure containing information about how this workspace works with \n SAML, including what attributes within the assertion are to be mapped to user information in the workspace.

" + "smithy.api#documentation": "

A structure containing information about how this workspace works with \n SAML, including what attributes within the assertion are to be mapped to \n user information in the workspace.

" } }, "awsSso": { "target": "com.amazonaws.grafana#AwsSsoAuthentication", "traits": { - "smithy.api#documentation": "

A structure containing information about how this workspace works with \n Amazon Web Services SSO.

" + "smithy.api#documentation": "

A structure containing information about how this workspace works with \n IAM Identity Center.

" } } }, "traits": { - "smithy.api#documentation": "

A structure containing information about the user authentication methods used by the workspace.

" + "smithy.api#documentation": "

A structure containing information about the user authentication methods used by \n the workspace.

" } }, "com.amazonaws.grafana#AuthenticationProviderTypes": { @@ -1225,7 +1228,7 @@ "providers": { "target": "com.amazonaws.grafana#AuthenticationProviders", "traits": { - "smithy.api#documentation": "

Specifies whether the workspace uses SAML, Amazon Web Services SSO, or both methods for user\n authentication.

", + "smithy.api#documentation": "

Specifies whether the workspace uses SAML, IAM Identity Center, or both methods for user\n authentication.

", "smithy.api#required": {} } }, @@ -1237,7 +1240,7 @@ } }, "traits": { - "smithy.api#documentation": "

A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods\n for user authentication, and whether that authentication is fully configured.

" + "smithy.api#documentation": "

A structure that describes whether the workspace uses SAML, IAM Identity Center, or \n both methods for user authentication, and whether that authentication is fully \n configured.

" } }, "com.amazonaws.grafana#AwsSsoAuthentication": { @@ -1246,12 +1249,12 @@ "ssoClientId": { "target": "com.amazonaws.grafana#SSOClientId", "traits": { - "smithy.api#documentation": "

The ID of the Amazon Web Services SSO-managed application that is created by Amazon Managed Grafana.

" + "smithy.api#documentation": "

The ID of the IAM Identity Center-managed application that is created by Amazon Managed Grafana.

" } } }, "traits": { - "smithy.api#documentation": "

A structure containing information about how this workspace works with \n Amazon Web Services SSO.

" + "smithy.api#documentation": "

A structure containing information about how this workspace works with \n IAM Identity Center.

" } }, "com.amazonaws.grafana#ClientToken": { @@ -1260,6 +1263,27 @@ "smithy.api#pattern": "^[!-~]{1,64}$" } }, + "com.amazonaws.grafana#Configuration": { + "type": "resource", + "identifiers": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId" + } + }, + "operations": [ + { + "target": "com.amazonaws.grafana#DescribeWorkspaceConfiguration" + }, + { + "target": "com.amazonaws.grafana#UpdateWorkspaceConfiguration" + } + ], + "traits": { + "aws.api#arn": { + "template": "workspaces/{workspaceId}/configuration" + } + } + }, "com.amazonaws.grafana#ConflictException": { "type": "structure", "members": { @@ -1320,7 +1344,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a workspace. In a workspace, you can create Grafana\n dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to\n build, package, or deploy any hardware to run the Grafana server.

\n

Don't use CreateWorkspace to modify an existing workspace. Instead, \n use UpdateWorkspace.

", + "smithy.api#documentation": "

Creates a workspace. In a workspace, you can create Grafana\n dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to\n build, package, or deploy any hardware to run the Grafana server.

\n

Don't use CreateWorkspace to modify an existing workspace. Instead, \n use UpdateWorkspace.

", "smithy.api#http": { "code": 202, "method": "POST", @@ -1361,7 +1385,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an API key for the workspace. This key can be used to authenticate \n requests sent to the workspace's HTTP API. See \n https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html \n for available APIs and example requests.

", + "smithy.api#documentation": "

Creates a Grafana API key for the workspace. This key can be used to \n authenticate requests sent to the workspace's HTTP API.\n See https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html\n for available APIs and example requests.

", "smithy.api#http": { "code": 200, "method": "POST", @@ -1375,21 +1399,21 @@ "keyName": { "target": "com.amazonaws.grafana#ApiKeyName", "traits": { - "smithy.api#documentation": "

Specifies the name of the key to create. Key names must be unique to the workspace.

", + "smithy.api#documentation": "

Specifies the name of the key. Keynames must be unique to the workspace.

", "smithy.api#required": {} } }, "keyRole": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

Specifies the permission level of the key.

\n

Valid Values: VIEWER | EDITOR | ADMIN\n

", + "smithy.api#documentation": "

Specifies the permission level of the key.

\n

Valid values: VIEWER|EDITOR|ADMIN\n

", "smithy.api#required": {} } }, "secondsToLive": { "target": "smithy.api#Integer", "traits": { - "smithy.api#documentation": "

Specifies the time in seconds until the key expires. Keys can be valid for up to 30 days.

", + "smithy.api#documentation": "

Specifies the time in seconds until the key expires. Keys can be valid for up to 30 days.

", "smithy.api#range": { "min": 1, "max": 2592000 @@ -1400,7 +1424,7 @@ "workspaceId": { "target": "com.amazonaws.grafana#WorkspaceId", "traits": { - "smithy.api#documentation": "

The ID of the workspace in which to create an API key.

", + "smithy.api#documentation": "

The ID of the workspace to create an API key.

", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1420,7 +1444,7 @@ "key": { "target": "com.amazonaws.grafana#ApiKeyToken", "traits": { - "smithy.api#documentation": "

The key token that was created. Use this value as a bearer token to \n authenticate HTTP requests to the workspace.

", + "smithy.api#documentation": "

The key token. Use this value as a bearer token to \n authenticate HTTP requests to the workspace.

", "smithy.api#required": {} } }, @@ -1439,7 +1463,7 @@ "accountAccessType": { "target": "com.amazonaws.grafana#AccountAccessType", "traits": { - "smithy.api#documentation": "

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If you specify ORGANIZATION, you must\n specify which organizational units the workspace can access in the\n workspaceOrganizationalUnits parameter.

", + "smithy.api#documentation": "

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If you specify ORGANIZATION, you must\n specify which organizational units the workspace can access in the\n workspaceOrganizationalUnits parameter.

", "smithy.api#required": {} } }, @@ -1453,32 +1477,32 @@ "organizationRoleName": { "target": "com.amazonaws.grafana#OrganizationRoleName", "traits": { - "smithy.api#documentation": "

The name of an IAM role that already exists to use with Organizations to access Amazon Web Services\n data sources and notification channels in other accounts in an organization.

" + "smithy.api#documentation": "

The name of an IAM role that already exists to use with Organizations to access Amazon Web Services\n data sources and notification channels in other accounts in an organization.

" } }, "permissionType": { "target": "com.amazonaws.grafana#PermissionType", "traits": { - "smithy.api#documentation": "

If you specify SERVICE_MANAGED on AWS Grafana console, Amazon Managed Grafana automatically creates\n the IAM roles and provisions the permissions that the workspace needs to use\n Amazon Web Services data sources and notification channels. In CLI mode, the permissionType SERVICE_MANAGED will not create the IAM role \n for you.

\n

If you specify CUSTOMER_MANAGED, you will manage those roles and\n permissions yourself. If you are creating this workspace in a member account of an\n organization that is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services\n accounts in the organization, you must choose CUSTOMER_MANAGED.

\n

For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels.

", + "smithy.api#documentation": "

If you specify SERVICE_MANAGED on AWS Grafana console, Amazon Managed Grafana automatically creates\n the IAM roles and provisions the permissions that the workspace needs to use\n Amazon Web Services data sources and notification channels. In the CLI mode, the permissionType SERVICE_MANAGED will not create the IAM role \n for you. The ability for the Amazon Managed Grafana to create the IAM role on behalf of the user is supported only in the \n Amazon Managed Grafana AWS console. Use only the CUSTOMER_MANAGED permission type when creating a workspace in the CLI.

\n

If you specify CUSTOMER_MANAGED, you will manage those roles and\n permissions yourself. If you are creating this workspace in a member account of an\n organization that is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services\n accounts in the organization, you must choose CUSTOMER_MANAGED.

\n

For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels.

", "smithy.api#required": {} } }, "stackSetName": { "target": "com.amazonaws.grafana#StackSetName", "traits": { - "smithy.api#documentation": "

The name of the CloudFormation stack set to use to generate IAM roles\n to be used for this workspace.

" + "smithy.api#documentation": "

The name of the CloudFormation stack set to use to generate IAM roles\n to be used for this workspace.

" } }, "workspaceDataSources": { "target": "com.amazonaws.grafana#DataSourceTypesList", "traits": { - "smithy.api#documentation": "

Specify the Amazon Web Services data sources that you want to be queried in this\n workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these\n sources. You must still add them as data sources in the Grafana console in the\n workspace.

\n

If you don't specify a data source here, you can still add it as a data source in the\n workspace console later. However, you will then have to manually configure permissions for\n it.

" + "smithy.api#documentation": "

Specify the Amazon Web Services data sources that you want to be queried in this\n workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these\n sources. You must still add them as data sources in the Grafana console in the\n workspace.

\n

If you don't specify a data source here, you can still add it as a data source in the\n workspace console later. However, you will then have to manually configure permissions for\n it.

" } }, "workspaceDescription": { "target": "com.amazonaws.grafana#Description", "traits": { - "smithy.api#documentation": "

A description for the workspace. This is used only to help you identify this workspace.

\n

Pattern: ^[\\\\p{L}\\\\p{Z}\\\\p{N}\\\\p{P}]{0,2048}$\n

" + "smithy.api#documentation": "

A description for the workspace. This is used only to help you identify this workspace.

\n

Pattern: ^[\\\\p{L}\\\\p{Z}\\\\p{N}\\\\p{P}]{0,2048}$\n

" } }, "workspaceName": { @@ -1490,25 +1514,25 @@ "workspaceNotificationDestinations": { "target": "com.amazonaws.grafana#NotificationDestinationsList", "traits": { - "smithy.api#documentation": "

Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these \n data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow \n Amazon Managed Grafana to use these channels.

" + "smithy.api#documentation": "

Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these \n data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow \n Amazon Managed Grafana to use these channels.

" } }, "workspaceOrganizationalUnits": { "target": "com.amazonaws.grafana#OrganizationalUnitList", "traits": { - "smithy.api#documentation": "

Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

" + "smithy.api#documentation": "

Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

" } }, "workspaceRoleArn": { "target": "com.amazonaws.grafana#IamRoleArn", "traits": { - "smithy.api#documentation": "

The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. If you already have a role that you want to use, specify it here. The permission type should be set to CUSTOMER_MANAGED.

" + "smithy.api#documentation": "

The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. If you already have a role that you want to use, specify it here. The permission type should be set to CUSTOMER_MANAGED.

" } }, "authenticationProviders": { "target": "com.amazonaws.grafana#AuthenticationProviders", "traits": { - "smithy.api#documentation": "

Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate \n users for using the Grafana console within a workspace. For more information, \n see User authentication in \n Amazon Managed Grafana.

", + "smithy.api#documentation": "

Specifies whether this workspace uses SAML 2.0, IAM Identity Center (successor to Single Sign-On), or both to authenticate \n users for using the Grafana console within a workspace. For more information, \n see User authentication in \n Amazon Managed Grafana.

", "smithy.api#required": {} } }, @@ -1517,6 +1541,18 @@ "traits": { "smithy.api#documentation": "

The list of tags associated with the workspace.

" } + }, + "vpcConfiguration": { + "target": "com.amazonaws.grafana#VpcConfiguration", + "traits": { + "smithy.api#documentation": "

The configuration settings for an Amazon VPC that contains data sources\n for your Grafana workspace to connect to.

" + } + }, + "configuration": { + "target": "com.amazonaws.grafana#OverridableConfigurationJson", + "traits": { + "smithy.api#documentation": "

The configuration string for the workspace that you create. For more information \n about the format and configuration options available, see Working in your Grafana workspace.

" + } } } }, @@ -1575,6 +1611,11 @@ "name": "REDSHIFT", "value": "REDSHIFT", "documentation": "Redshift" + }, + { + "name": "TWINMAKER", + "value": "TWINMAKER", + "documentation": "IoT TwinMaker" } ] } @@ -1652,7 +1693,7 @@ } ], "traits": { - "smithy.api#documentation": "

Deletes an API key for a workspace.

", + "smithy.api#documentation": "

Deletes a Grafana API key for the workspace.

", "smithy.api#http": { "code": 200, "method": "DELETE", @@ -1687,7 +1728,7 @@ "keyName": { "target": "com.amazonaws.grafana#ApiKeyName", "traits": { - "smithy.api#documentation": "

The name of the API key that was deleted.

", + "smithy.api#documentation": "

The name of the key that was deleted.

", "smithy.api#required": {} } }, @@ -1814,7 +1855,63 @@ "authentication": { "target": "com.amazonaws.grafana#AuthenticationDescription", "traits": { - "smithy.api#documentation": "

A structure containing information about the authentication methods used in \n the workspace.

", + "smithy.api#documentation": "

A structure containing information about the authentication methods used in \n the workspace.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DescribeWorkspaceConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#DescribeWorkspaceConfigurationRequest" + }, + "output": { + "target": "com.amazonaws.grafana#DescribeWorkspaceConfigurationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "

Gets the current configuration string for the given workspace.

", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/workspaces/{workspaceId}/configuration" + } + } + }, + "com.amazonaws.grafana#DescribeWorkspaceConfigurationRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

The ID of the workspace to get configuration information for.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DescribeWorkspaceConfigurationResponse": { + "type": "structure", + "members": { + "configuration": { + "target": "com.amazonaws.grafana#OverridableConfigurationJson", + "traits": { + "smithy.api#documentation": "

The configuration string for the workspace that you requested. For more information \n about the format and configuration options available, see Working in your Grafana workspace.

", "smithy.api#required": {} } } @@ -1959,18 +2056,18 @@ "url": { "target": "com.amazonaws.grafana#IdpMetadataUrl", "traits": { - "smithy.api#documentation": "

The URL of the location containing the metadata.

" + "smithy.api#documentation": "

The URL of the location containing the IdP metadata.

" } }, "xml": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

The actual full metadata file, in XML format.

" + "smithy.api#documentation": "

The full IdP metadata, in XML format.

" } } }, "traits": { - "smithy.api#documentation": "

A structure containing the identity provider (IdP) metadata used to integrate the\n identity provider with this workspace. You can specify the metadata either by providing a\n URL to its location in the url parameter, or by specifying the full metadata\n in XML format in the xml parameter.

" + "smithy.api#documentation": "

A structure containing the identity provider (IdP) metadata used to integrate the\n identity provider with this workspace. You can specify the metadata either by providing a\n URL to its location in the url parameter, or by specifying the full metadata\n in XML format in the xml parameter. Specifying both will cause an error.

" } }, "com.amazonaws.grafana#IdpMetadataUrl": { @@ -2074,7 +2171,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lists the users and groups who have the Grafana Admin and \n Editor roles in this workspace. If you use this \n operation without specifying userId or groupId, the operation returns\n the roles of all users\n and groups. If you specify a userId or a groupId, only the roles\n for that user or group are returned. If you do this, you can specify only one userId or \n one groupId.

", + "smithy.api#documentation": "

Lists the users and groups who have the Grafana Admin and \n Editor roles in this workspace. If you use this \n operation without specifying userId or groupId, the operation returns\n the roles of all users\n and groups. If you specify a userId or a groupId, only the roles\n for that user or group are returned. If you do this, you can specify only one userId or \n one groupId.

", "smithy.api#http": { "code": 200, "method": "GET", @@ -2106,14 +2203,15 @@ "nextToken": { "target": "com.amazonaws.grafana#PaginationToken", "traits": { - "smithy.api#documentation": "

The token to use when requesting the next set of results. You received this token from a previous \n ListPermissions operation.

", + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "

The token to use when requesting the next set of results. You received this token from a previous \n ListPermissions operation.

", "smithy.api#httpQuery": "nextToken" } }, "userType": { "target": "com.amazonaws.grafana#UserType", "traits": { - "smithy.api#documentation": "

(Optional) If you specify SSO_USER, then only the permissions of Amazon Web Services SSO users\n are returned. If you specify SSO_GROUP, only the permissions of Amazon Web Services SSO groups\n are returned.

", + "smithy.api#documentation": "

(Optional) If you specify SSO_USER, then only the permissions of IAM Identity Center users\n are returned. If you specify SSO_GROUP, only the permissions of IAM Identity Center groups\n are returned.

", "smithy.api#httpQuery": "userType" } }, @@ -2147,7 +2245,8 @@ "nextToken": { "target": "com.amazonaws.grafana#PaginationToken", "traits": { - "smithy.api#documentation": "

The token to use in a subsequent ListPermissions operation to return\n the next set of results.

" + "aws.cloudformation#cfnExcludeProperty": {}, + "smithy.api#documentation": "

The token to use in a subsequent ListPermissions operation to return\n the next set of results.

" } }, "permissions": { @@ -2185,7 +2284,7 @@ } ], "traits": { - "smithy.api#documentation": "

The ListTagsForResource operation returns the tags that \n are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. \n Currently, the only resource that can be tagged is a workspace.

", + "smithy.api#documentation": "

The ListTagsForResource operation returns the tags that \n are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. \n Currently, the only resource that can be tagged is a workspace.

", "smithy.api#http": { "method": "GET", "uri": "/tags/{resourceArn}" @@ -2237,7 +2336,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of Amazon Managed Grafana workspaces in the account, with some information\n about each workspace. For more complete information about one workspace, use DescribeWorkspace.

", + "smithy.api#documentation": "

Returns a list of Amazon Managed Grafana workspaces in the account, with some information\n about each workspace. For more complete information about one workspace, use DescribeWorkspace.

", "smithy.api#http": { "code": 200, "method": "GET", @@ -2269,7 +2368,7 @@ "nextToken": { "target": "com.amazonaws.grafana#PaginationToken", "traits": { - "smithy.api#documentation": "

The token for the next set of workspaces to return. (You receive this token from a\n previous ListWorkspaces operation.)

", + "smithy.api#documentation": "

The token for the next set of workspaces to return. (You receive this token from a\n previous ListWorkspaces operation.)

", "smithy.api#httpQuery": "nextToken" } } @@ -2339,30 +2438,39 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.grafana#OverridableConfigurationJson": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 2, + "max": 65536 + }, + "smithy.api#mediaType": "application/json" + } + }, "com.amazonaws.grafana#PaginationToken": { "type": "string" }, "com.amazonaws.grafana#Permission": { "type": "resource", "identifiers": { - "permissionId": { - "target": "smithy.api#String" - }, "workspaceId": { "target": "com.amazonaws.grafana#WorkspaceId" } }, - "list": { + "read": { "target": "com.amazonaws.grafana#ListPermissions" }, - "collectionOperations": [ - { - "target": "com.amazonaws.grafana#UpdatePermissions" - } - ], + "update": { + "target": "com.amazonaws.grafana#UpdatePermissions" + }, "traits": { "aws.api#arn": { - "template": "workspaces/{workspaceId}/permissions/{permissionId}" + "template": "workspaces/{workspaceId}/permissions" + }, + "aws.cloudformation#cfnResource": { + "name": "Permission", + "additionalSchemas": ["com.amazonaws.grafana#UpdatePermissionsResponse"] } } }, @@ -2379,13 +2487,13 @@ "role": { "target": "com.amazonaws.grafana#Role", "traits": { - "smithy.api#documentation": "

Specifies whether the user or group has the Admin\n or Editor role.

", + "smithy.api#documentation": "

Specifies whether the user or group has the Admin,\n Editor, or Viewer role.

", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "

A structure containing the identity of one user or group and the Admin\n or Editor role that they have.

" + "smithy.api#documentation": "

A structure containing the identity of one user or group and the Admin,\n Editor, or Viewer role that they have.

" } }, "com.amazonaws.grafana#PermissionEntryList": { @@ -2496,7 +2604,7 @@ } }, "traits": { - "smithy.api#documentation": "

This structure defines which groups defined in the SAML assertion attribute are to be mapped \n to the Grafana Admin and Editor roles in the workspace.

" + "smithy.api#documentation": "

This structure defines which groups defined in the SAML assertion attribute are to \n be mapped to the Grafana Admin and Editor roles in the \n workspace. SAML authenticated users not part of Admin or \n Editor role groups have Viewer permission over the\n workspace.

" } }, "com.amazonaws.grafana#SSOClientId": { @@ -2529,38 +2637,38 @@ "idpMetadata": { "target": "com.amazonaws.grafana#IdpMetadata", "traits": { - "smithy.api#documentation": "

A structure containing the identity provider (IdP) metadata used to integrate the\n identity provider with this workspace.

", + "smithy.api#documentation": "

A structure containing the identity provider (IdP) metadata used to integrate the\n identity provider with this workspace.

", "smithy.api#required": {} } }, "assertionAttributes": { "target": "com.amazonaws.grafana#AssertionAttributes", "traits": { - "smithy.api#documentation": "

A structure that defines which attributes in the SAML assertion are to be used to define information about\n the users authenticated by that IdP to use the workspace.

" + "smithy.api#documentation": "

A structure that defines which attributes in the SAML assertion are to be used to define information about\n the users authenticated by that IdP to use the workspace.

" } }, "roleValues": { "target": "com.amazonaws.grafana#RoleValues", "traits": { - "smithy.api#documentation": "

A structure containing arrays that map group names in the SAML assertion to the \n Grafana Admin and Editor roles in the workspace.

" + "smithy.api#documentation": "

A structure containing arrays that map group names in the SAML assertion to the \n Grafana Admin and Editor roles in the workspace.

" } }, "allowedOrganizations": { "target": "com.amazonaws.grafana#AllowedOrganizations", "traits": { - "smithy.api#documentation": "

Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace.\n If this is empty, all organizations in the assertion attribute have access.

" + "smithy.api#documentation": "

Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace.\n If this is empty, all organizations in the assertion attribute have access.

" } }, "loginValidityDuration": { "target": "com.amazonaws.grafana#LoginValidityDuration", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "

How long a sign-on session by a SAML user is valid, before the user has to sign on\n again.

" + "smithy.api#documentation": "

How long a sign-on session by a SAML user is valid, before the user has to sign on\n again.

" } } }, "traits": { - "smithy.api#documentation": "

A structure containing information about how this workspace works with \n SAML.

" + "smithy.api#documentation": "

A structure containing information about how this workspace works with \n SAML.

" } }, "com.amazonaws.grafana#SamlConfigurationStatus": { @@ -2580,6 +2688,27 @@ ] } }, + "com.amazonaws.grafana#SecurityGroupId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 255 + } + } + }, + "com.amazonaws.grafana#SecurityGroupIds": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#SecurityGroupId" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + } + } + }, "com.amazonaws.grafana#ServiceQuotaExceededException": { "type": "structure", "members": { @@ -2637,6 +2766,27 @@ "com.amazonaws.grafana#StackSetName": { "type": "string" }, + "com.amazonaws.grafana#SubnetId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 255 + } + } + }, + "com.amazonaws.grafana#SubnetIds": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#SubnetId" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 100 + } + } + }, "com.amazonaws.grafana#TagKey": { "type": "string", "traits": { @@ -2692,7 +2842,7 @@ } ], "traits": { - "smithy.api#documentation": "

The TagResource operation associates tags with an Amazon Managed Grafana resource. \n Currently, the only resource that can be tagged is workspaces.

\n

If you specify a new tag key for the resource, this tag is appended to the list of tags associated\n with the resource. If you specify a tag key that is already associated with the resource, the new tag \n value that you specify replaces the previous value for that tag.

", + "smithy.api#documentation": "

The TagResource operation associates tags with an Amazon Managed Grafana resource. \n Currently, the only resource that can be tagged is workspaces.

\n

If you specify a new tag key for the resource, this tag is appended to the list of tags associated\n with the resource. If you specify a tag key that is already associated with the resource, the new tag \n value that you specify replaces the previous value for that tag.

", "smithy.api#http": { "method": "POST", "uri": "/tags/{resourceArn}" @@ -2713,7 +2863,7 @@ "tags": { "target": "com.amazonaws.grafana#TagMap", "traits": { - "smithy.api#documentation": "

The list of tag keys and values to associate with the resource. You can associate tag keys only, tags (key and values) only\n or a combination of tag keys and tags.

", + "smithy.api#documentation": "

The list of tag keys and values to associate with the resource. You can associate tag keys only, tags (key and values) only\n or a combination of tag keys and tags.

", "smithy.api#required": {} } } @@ -2795,7 +2945,7 @@ } ], "traits": { - "smithy.api#documentation": "

The UntagResource operation removes the association of the tag with the Amazon Managed Grafana resource. \n

", + "smithy.api#documentation": "

The UntagResource operation removes the association of the tag with the Amazon Managed Grafana resource. \n

", "smithy.api#http": { "method": "DELETE", "uri": "/tags/{resourceArn}" @@ -2910,7 +3060,7 @@ } }, "traits": { - "smithy.api#documentation": "

Contains the instructions for one Grafana role permission update in a\n UpdatePermissions operation.

" + "smithy.api#documentation": "

Contains the instructions for one Grafana role permission update in a\n UpdatePermissions operation.

" } }, "com.amazonaws.grafana#UpdateInstructionBatch": { @@ -2985,6 +3135,7 @@ "errors": { "target": "com.amazonaws.grafana#UpdateErrorList", "traits": { + "aws.cloudformation#cfnMutability": "read", "smithy.api#documentation": "

An array of structures that contain the errors from the operation, if any.

", "smithy.api#required": {} } @@ -3020,7 +3171,7 @@ } ], "traits": { - "smithy.api#documentation": "

Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any \n optional parameters, the existing values of those parameters are not changed.

\n

To modify the user authentication methods that the workspace uses, such as SAML or Amazon Web Services SSO, \n use UpdateWorkspaceAuthentication.

\n

To modify which users in the workspace have the Admin and Editor Grafana roles, \n use UpdatePermissions.

", + "smithy.api#documentation": "

Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any \n optional parameters, the existing values of those parameters are not changed.

\n

To modify the user authentication methods that the workspace uses, such as SAML or IAM Identity Center, \n use UpdateWorkspaceAuthentication.

\n

To modify which users in the workspace have the Admin and Editor Grafana roles, \n use UpdatePermissions.

", "smithy.api#http": { "code": 202, "method": "PUT", @@ -3057,7 +3208,7 @@ } ], "traits": { - "smithy.api#documentation": "

Use this operation to define the identity provider (IdP) that this workspace\n authenticates users from, using SAML. You can also map SAML assertion attributes to\n workspace user information and define which groups in the assertion attribute are to have\n the Admin and Editor roles in the workspace.

", + "smithy.api#documentation": "

Use this operation to define the identity provider (IdP) that this workspace\n authenticates users from, using SAML. You can also map SAML assertion attributes to\n workspace user information and define which groups in the assertion attribute are to have\n the Admin and Editor roles in the workspace.

", "smithy.api#http": { "code": 200, "method": "POST", @@ -3079,14 +3230,14 @@ "authenticationProviders": { "target": "com.amazonaws.grafana#AuthenticationProviders", "traits": { - "smithy.api#documentation": "

Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate \n users for using the Grafana console within a workspace. For more information, \n see User authentication in \n Amazon Managed Grafana.

", + "smithy.api#documentation": "

Specifies whether this workspace uses SAML 2.0, IAM Identity Center (successor to Single Sign-On), or both to authenticate \n users for using the Grafana console within a workspace. For more information, \n see User authentication in \n Amazon Managed Grafana.

", "smithy.api#required": {} } }, "samlConfiguration": { "target": "com.amazonaws.grafana#SamlConfiguration", "traits": { - "smithy.api#documentation": "

If the workspace uses SAML, use this structure to\n map SAML assertion attributes to workspace user information and \n define which groups in the assertion attribute are to have the Admin and Editor roles\n in the workspace.

" + "smithy.api#documentation": "

If the workspace uses SAML, use this structure to\n map SAML assertion attributes to workspace user information and \n define which groups in the assertion attribute are to have the Admin and Editor roles\n in the workspace.

" } } } @@ -3103,13 +3254,74 @@ } } }, + "com.amazonaws.grafana#UpdateWorkspaceConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#UpdateWorkspaceConfigurationRequest" + }, + "output": { + "target": "com.amazonaws.grafana#UpdateWorkspaceConfigurationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#ConflictException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Updates the configuration string for the given workspace

", + "smithy.api#http": { + "code": 202, + "method": "PUT", + "uri": "/workspaces/{workspaceId}/configuration" + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceConfigurationRequest": { + "type": "structure", + "members": { + "configuration": { + "target": "com.amazonaws.grafana#OverridableConfigurationJson", + "traits": { + "smithy.api#documentation": "

The new configuration string for the workspace. For more information \n about the format and configuration options available, see Working in your Grafana workspace.

", + "smithy.api#required": {} + } + }, + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

The ID of the workspace to update.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceConfigurationResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.grafana#UpdateWorkspaceRequest": { "type": "structure", "members": { "accountAccessType": { "target": "com.amazonaws.grafana#AccountAccessType", "traits": { - "smithy.api#documentation": "

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If you specify ORGANIZATION, you must\n specify which organizational units the workspace can access in the\n workspaceOrganizationalUnits parameter.

" + "smithy.api#documentation": "

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If you specify ORGANIZATION, you must\n specify which organizational units the workspace can access in the\n workspaceOrganizationalUnits parameter.

" } }, "organizationRoleName": { @@ -3121,19 +3333,19 @@ "permissionType": { "target": "com.amazonaws.grafana#PermissionType", "traits": { - "smithy.api#documentation": "

If you specify Service Managed, Amazon Managed Grafana automatically creates\n the IAM roles and provisions the permissions that the workspace needs to use\n Amazon Web Services data sources and notification channels.

\n

If you specify CUSTOMER_MANAGED, you will manage those roles and\n permissions yourself. If you are creating this workspace in a member account of an\n organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services\n accounts in the organization, you must choose CUSTOMER_MANAGED.

\n

For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

" + "smithy.api#documentation": "

If you specify Service Managed, Amazon Managed Grafana automatically creates\n the IAM roles and provisions the permissions that the workspace needs to use\n Amazon Web Services data sources and notification channels.

\n

If you specify CUSTOMER_MANAGED, you will manage those roles and\n permissions yourself. If you are creating this workspace in a member account of an\n organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services\n accounts in the organization, you must choose CUSTOMER_MANAGED.

\n

For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

" } }, "stackSetName": { "target": "com.amazonaws.grafana#StackSetName", "traits": { - "smithy.api#documentation": "

The name of the CloudFormation stack set to use to generate IAM roles\n to be used for this workspace.

" + "smithy.api#documentation": "

The name of the CloudFormation stack set to use to generate IAM roles\n to be used for this workspace.

" } }, "workspaceDataSources": { "target": "com.amazonaws.grafana#DataSourceTypesList", "traits": { - "smithy.api#documentation": "

Specify the Amazon Web Services data sources that you want to be queried in this\n workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these\n sources. You must still add them as data sources in the Grafana console in the\n workspace.

\n

If you don't specify a data source here, you can still add it as a data source later in\n the workspace console. However, you will then have to manually configure permissions for\n it.

" + "smithy.api#documentation": "

Specify the Amazon Web Services data sources that you want to be queried in this\n workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these\n sources. You must still add them as data sources in the Grafana console in the\n workspace.

\n

If you don't specify a data source here, you can still add it as a data source later in\n the workspace console. However, you will then have to manually configure permissions for\n it.

" } }, "workspaceDescription": { @@ -3159,19 +3371,31 @@ "workspaceNotificationDestinations": { "target": "com.amazonaws.grafana#NotificationDestinationsList", "traits": { - "smithy.api#documentation": "

Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these \n data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow \n Amazon Managed Grafana to use these channels.

" + "smithy.api#documentation": "

Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these \n data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow \n Amazon Managed Grafana to use these channels.

" } }, "workspaceOrganizationalUnits": { "target": "com.amazonaws.grafana#OrganizationalUnitList", "traits": { - "smithy.api#documentation": "

Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

" + "smithy.api#documentation": "

Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

" } }, "workspaceRoleArn": { "target": "com.amazonaws.grafana#IamRoleArn", "traits": { - "smithy.api#documentation": "

The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. If you already have a role that you want to use, specify it here. If you omit\n this field and you specify some Amazon Web Services resources in workspaceDataSources or\n workspaceNotificationDestinations, a new IAM role with the necessary permissions is \n automatically created.

" + "smithy.api#documentation": "

The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. If you already have a role that you want to use, specify it here. If you omit\n this field and you specify some Amazon Web Services resources in workspaceDataSources or\n workspaceNotificationDestinations, a new IAM role with the necessary permissions is \n automatically created.

" + } + }, + "vpcConfiguration": { + "target": "com.amazonaws.grafana#VpcConfiguration", + "traits": { + "smithy.api#documentation": "

The configuration settings for an Amazon VPC that contains data sources\n for your Grafana workspace to connect to.

" + } + }, + "removeVpcConfiguration": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Whether to remove the VPC configuration from the workspace.

\n

Setting this to true and providing a vpcConfiguration to set \n will return an error.

" } } } @@ -3194,7 +3418,7 @@ "id": { "target": "com.amazonaws.grafana#SsoId", "traits": { - "smithy.api#documentation": "

The ID of the user or group.

\n

Pattern: ^([0-9a-fA-F]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$\n

", + "smithy.api#documentation": "

The ID of the user or group.

\n

Pattern: ^([0-9a-fA-F]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$\n

", "smithy.api#required": {} } }, @@ -3314,6 +3538,28 @@ ] } }, + "com.amazonaws.grafana#VpcConfiguration": { + "type": "structure", + "members": { + "securityGroupIds": { + "target": "com.amazonaws.grafana#SecurityGroupIds", + "traits": { + "smithy.api#documentation": "

The list of Amazon EC2 security group IDs attached to the Amazon VPC\n for your Grafana workspace to connect.

", + "smithy.api#required": {} + } + }, + "subnetIds": { + "target": "com.amazonaws.grafana#SubnetIds", + "traits": { + "smithy.api#documentation": "

The list of Amazon EC2 subnet IDs created in the Amazon VPC for \n your Grafana workspace to connect.

", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

The configuration settings for an Amazon VPC that contains data sources\n for your Grafana workspace to connect to.

" + } + }, "com.amazonaws.grafana#Workspace": { "type": "resource", "identifiers": { @@ -3339,7 +3585,8 @@ "traits": { "aws.api#arn": { "template": "workspaces/{workspaceId}" - } + }, + "aws.cloudformation#cfnResource": {} } }, "com.amazonaws.grafana#WorkspaceDescription": { @@ -3348,7 +3595,7 @@ "accountAccessType": { "target": "com.amazonaws.grafana#AccountAccessType", "traits": { - "smithy.api#documentation": "

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If this is ORGANIZATION, the\n workspaceOrganizationalUnits parameter specifies which organizational units\n the workspace can access.

" + "smithy.api#documentation": "

Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If this is ORGANIZATION, the\n workspaceOrganizationalUnits parameter specifies which organizational units\n the workspace can access.

" } }, "created": { @@ -3361,7 +3608,7 @@ "dataSources": { "target": "com.amazonaws.grafana#DataSourceTypesList", "traits": { - "smithy.api#documentation": "

Specifies the Amazon Web Services data sources that have been configured to have IAM \n roles and permissions created to allow \n Amazon Managed Grafana to read data from these sources.

", + "smithy.api#documentation": "

Specifies the Amazon Web Services data sources that have been configured to have IAM \n roles and permissions created to allow \n Amazon Managed Grafana to read data from these sources.

", "smithy.api#required": {} } }, @@ -3414,25 +3661,25 @@ "notificationDestinations": { "target": "com.amazonaws.grafana#NotificationDestinationsList", "traits": { - "smithy.api#documentation": "

The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM \n roles and permissions for, to allow \n Amazon Managed Grafana to use these channels.

" + "smithy.api#documentation": "

The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM \n roles and permissions for, to allow \n Amazon Managed Grafana to use these channels.

" } }, "organizationalUnits": { "target": "com.amazonaws.grafana#OrganizationalUnitList", "traits": { - "smithy.api#documentation": "

Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

" + "smithy.api#documentation": "

Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

" } }, "permissionType": { "target": "com.amazonaws.grafana#PermissionType", "traits": { - "smithy.api#documentation": "

If this is Service Managed, Amazon Managed Grafana automatically creates the IAM roles \n and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

\n

If this is CUSTOMER_MANAGED, you manage those roles and permissions\n yourself. If you are creating this workspace in a member account of an organization and that account is not a\n delegated administrator account, and\n you want the workspace to access data sources in other Amazon Web Services accounts in the\n organization, you must choose CUSTOMER_MANAGED.

\n

For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

" + "smithy.api#documentation": "

If this is Service Managed, Amazon Managed Grafana automatically creates the IAM roles \n and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

\n

If this is CUSTOMER_MANAGED, you manage those roles and permissions\n yourself. If you are creating this workspace in a member account of an organization and that account is not a\n delegated administrator account, and\n you want the workspace to access data sources in other Amazon Web Services accounts in the\n organization, you must choose CUSTOMER_MANAGED.

\n

For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

" } }, "stackSetName": { "target": "com.amazonaws.grafana#StackSetName", "traits": { - "smithy.api#documentation": "

The name of the CloudFormation stack set that is used to generate IAM roles\n to be used for this workspace.

" + "smithy.api#documentation": "

The name of the CloudFormation stack set that is used to generate IAM roles\n to be used for this workspace.

" } }, "status": { @@ -3445,7 +3692,7 @@ "workspaceRoleArn": { "target": "com.amazonaws.grafana#IamRoleArn", "traits": { - "smithy.api#documentation": "

The IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. This role must already exist.

" + "smithy.api#documentation": "

The IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. This role must already exist.

" } }, "licenseType": { @@ -3463,19 +3710,19 @@ "licenseExpiration": { "target": "smithy.api#Timestamp", "traits": { - "smithy.api#documentation": "

If this workspace has a full Grafana Enterprise license, this specifies when the license ends and\n will need to be renewed.

" + "smithy.api#documentation": "

If this workspace has a full Grafana Enterprise license, this specifies when the license ends and\n will need to be renewed.

" } }, "freeTrialExpiration": { "target": "smithy.api#Timestamp", "traits": { - "smithy.api#documentation": "

If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies\n when that free trial ends.

" + "smithy.api#documentation": "

If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies\n when that free trial ends.

" } }, "authentication": { "target": "com.amazonaws.grafana#AuthenticationSummary", "traits": { - "smithy.api#documentation": "

A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods\n for user authentication.

", + "smithy.api#documentation": "

A structure that describes whether the workspace uses SAML, IAM Identity Center, or both methods\n for user authentication.

", "smithy.api#required": {} } }, @@ -3484,6 +3731,12 @@ "traits": { "smithy.api#documentation": "

The list of tags associated with the workspace.

" } + }, + "vpcConfiguration": { + "target": "com.amazonaws.grafana#VpcConfiguration", + "traits": { + "smithy.api#documentation": "

The configuration for connecting to data sources in a private VPC \n (Amazon Virtual Private Cloud).

" + } } }, "traits": { @@ -3624,7 +3877,7 @@ "notificationDestinations": { "target": "com.amazonaws.grafana#NotificationDestinationsList", "traits": { - "smithy.api#documentation": "

The Amazon Web Services notification channels that Amazon Managed Grafana can automatically\n create IAM roles and permissions for, which allows Amazon Managed Grafana to use\n these channels.

" + "smithy.api#documentation": "

The Amazon Web Services notification channels that Amazon Managed Grafana can automatically\n create IAM roles and permissions for, which allows Amazon Managed Grafana to use\n these channels.

" } }, "status": { @@ -3637,7 +3890,7 @@ "authentication": { "target": "com.amazonaws.grafana#AuthenticationSummary", "traits": { - "smithy.api#documentation": "

A structure containing information about the authentication methods used in \n the workspace.

", + "smithy.api#documentation": "

A structure containing information about the authentication methods used in \n the workspace.

", "smithy.api#required": {} } }, @@ -3653,4 +3906,4 @@ } } } -} \ No newline at end of file +}