workspace
Gets an individual workspace resource
Overview
| Name | workspace |
| Type | Resource |
| Description | workspace |
| Id | awscc.grafana.workspace |
Fields
| Name | Datatype | Description |
|---|---|---|
authentication_providers | array | List of authentication providers to enable. |
sso_client_id | string | The client ID of the AWS SSO Managed Application. |
saml_configuration | object | |
network_access_control | object | |
vpc_configuration | object | |
saml_configuration_status | string | |
client_token | string | A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request. |
status | string | |
creation_timestamp | string | Timestamp when the workspace was created. |
modification_timestamp | string | Timestamp when the workspace was last modified |
grafana_version | string | The version of Grafana to support in your workspace. |
endpoint | string | Endpoint for the Grafana workspace. |
account_access_type | string | |
organization_role_name | string | The name of an IAM role that already exists to use with AWS Organizations to access AWS data sources and notification channels in other accounts in an organization. |
permission_type | string | |
stack_set_name | string | The name of the AWS CloudFormation stack set to use to generate IAM roles to be used for this workspace. |
data_sources | array | List of data sources on the service managed IAM role. |
description | string | Description of a workspace. |
id | string | The id that uniquely identifies a Grafana workspace. |
name | string | The user friendly name of a workspace. |
notification_destinations | array | List of notification destinations on the customers service managed IAM role that the Grafana workspace can query. |
organizational_units | array | List of Organizational Units containing AWS accounts the Grafana workspace can pull data from. |
role_arn | string | IAM Role that will be used to grant the Grafana workspace access to a customers AWS resources. |
plugin_admin_enabled | boolean | Allow workspace admins to install plugins |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
authentication_providers,
sso_client_id,
saml_configuration,
network_access_control,
vpc_configuration,
saml_configuration_status,
client_token,
status,
creation_timestamp,
modification_timestamp,
grafana_version,
endpoint,
account_access_type,
organization_role_name,
permission_type,
stack_set_name,
data_sources,
description,
id,
name,
notification_destinations,
organizational_units,
role_arn,
plugin_admin_enabled
FROM awscc.grafana.workspace
WHERE data__Identifier = '<Id>';
Permissions
To operate on the workspace resource, the following permissions are required:
Read
grafana:DescribeWorkspace,
grafana:DescribeWorkspaceAuthentication,
grafana:DescribeWorkspaceConfiguration
Update
grafana:DescribeWorkspace,
grafana:DescribeWorkspaceAuthentication,
grafana:DescribeWorkspaceConfiguration,
grafana:UpdateWorkspace,
grafana:UpdateWorkspaceAuthentication,
grafana:UpdateWorkspaceConfiguration,
sso:DescribeRegisteredRegions,
sso:CreateManagedApplicationInstance,
ec2:GetManagedPrefixListEntries,
iam:PassRole,
ec2:DescribeSecurityGroups,
ec2:DescribeSubnets,
ec2:DescribeVpcs,
iam:CreateServiceLinkedRole,
sso:ListApplicationInstances,
sso:GetApplicationInstance
Delete
grafana:DeleteWorkspace,
grafana:DescribeWorkspace,
grafana:DescribeWorkspaceAuthentication,
grafana:DescribeWorkspaceConfiguration,
sso:DeleteManagedApplicationInstance,
sso:DescribeRegisteredRegions