aws-sdk-managedgrafana 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,1211 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/signature_v4.rb'
31
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
32
+
33
+ Aws::Plugins::GlobalConfiguration.add_identifier(:managedgrafana)
34
+
35
+ module Aws::ManagedGrafana
36
+ # An API client for ManagedGrafana. To construct a client, you need to configure a `:region` and `:credentials`.
37
+ #
38
+ # client = Aws::ManagedGrafana::Client.new(
39
+ # region: region_name,
40
+ # credentials: credentials,
41
+ # # ...
42
+ # )
43
+ #
44
+ # For details on configuring region and credentials see
45
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
46
+ #
47
+ # See {#initialize} for a full list of supported configuration options.
48
+ class Client < Seahorse::Client::Base
49
+
50
+ include Aws::ClientStubs
51
+
52
+ @identifier = :managedgrafana
53
+
54
+ set_api(ClientApi::API)
55
+
56
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
57
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
58
+ add_plugin(Aws::Plugins::Logging)
59
+ add_plugin(Aws::Plugins::ParamConverter)
60
+ add_plugin(Aws::Plugins::ParamValidator)
61
+ add_plugin(Aws::Plugins::UserAgent)
62
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
63
+ add_plugin(Aws::Plugins::RetryErrors)
64
+ add_plugin(Aws::Plugins::GlobalConfiguration)
65
+ add_plugin(Aws::Plugins::RegionalEndpoint)
66
+ add_plugin(Aws::Plugins::EndpointDiscovery)
67
+ add_plugin(Aws::Plugins::EndpointPattern)
68
+ add_plugin(Aws::Plugins::ResponsePaging)
69
+ add_plugin(Aws::Plugins::StubResponses)
70
+ add_plugin(Aws::Plugins::IdempotencyToken)
71
+ add_plugin(Aws::Plugins::JsonvalueConverter)
72
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
73
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
74
+ add_plugin(Aws::Plugins::TransferEncoding)
75
+ add_plugin(Aws::Plugins::HttpChecksum)
76
+ add_plugin(Aws::Plugins::SignatureV4)
77
+ add_plugin(Aws::Plugins::Protocols::RestJson)
78
+
79
+ # @overload initialize(options)
80
+ # @param [Hash] options
81
+ # @option options [required, Aws::CredentialProvider] :credentials
82
+ # Your AWS credentials. This can be an instance of any one of the
83
+ # following classes:
84
+ #
85
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
86
+ # credentials.
87
+ #
88
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
89
+ # shared file, such as `~/.aws/config`.
90
+ #
91
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
92
+ #
93
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
94
+ # assume a role after providing credentials via the web.
95
+ #
96
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
97
+ # access token generated from `aws login`.
98
+ #
99
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
100
+ # process that outputs to stdout.
101
+ #
102
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
103
+ # from an EC2 IMDS on an EC2 instance.
104
+ #
105
+ # * `Aws::ECSCredentials` - Used for loading credentials from
106
+ # instances running in ECS.
107
+ #
108
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
109
+ # from the Cognito Identity service.
110
+ #
111
+ # When `:credentials` are not configured directly, the following
112
+ # locations will be searched for credentials:
113
+ #
114
+ # * `Aws.config[:credentials]`
115
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
116
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
117
+ # * `~/.aws/credentials`
118
+ # * `~/.aws/config`
119
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
120
+ # are very aggressive. Construct and pass an instance of
121
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
122
+ # enable retries and extended timeouts.
123
+ #
124
+ # @option options [required, String] :region
125
+ # The AWS region to connect to. The configured `:region` is
126
+ # used to determine the service `:endpoint`. When not passed,
127
+ # a default `:region` is searched for in the following locations:
128
+ #
129
+ # * `Aws.config[:region]`
130
+ # * `ENV['AWS_REGION']`
131
+ # * `ENV['AMAZON_REGION']`
132
+ # * `ENV['AWS_DEFAULT_REGION']`
133
+ # * `~/.aws/credentials`
134
+ # * `~/.aws/config`
135
+ #
136
+ # @option options [String] :access_key_id
137
+ #
138
+ # @option options [Boolean] :active_endpoint_cache (false)
139
+ # When set to `true`, a thread polling for endpoints will be running in
140
+ # the background every 60 secs (default). Defaults to `false`.
141
+ #
142
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
143
+ # Used only in `adaptive` retry mode. When true, the request will sleep
144
+ # until there is sufficent client side capacity to retry the request.
145
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
146
+ # not retry instead of sleeping.
147
+ #
148
+ # @option options [Boolean] :client_side_monitoring (false)
149
+ # When `true`, client-side metrics will be collected for all API requests from
150
+ # this client.
151
+ #
152
+ # @option options [String] :client_side_monitoring_client_id ("")
153
+ # Allows you to provide an identifier for this client which will be attached to
154
+ # all generated client side metrics. Defaults to an empty string.
155
+ #
156
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
157
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
158
+ # side monitoring agent is running on, where client metrics will be published via UDP.
159
+ #
160
+ # @option options [Integer] :client_side_monitoring_port (31000)
161
+ # Required for publishing client metrics. The port that the client side monitoring
162
+ # agent is running on, where client metrics will be published via UDP.
163
+ #
164
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
165
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
166
+ # will use the Client Side Monitoring Agent Publisher.
167
+ #
168
+ # @option options [Boolean] :convert_params (true)
169
+ # When `true`, an attempt is made to coerce request parameters into
170
+ # the required types.
171
+ #
172
+ # @option options [Boolean] :correct_clock_skew (true)
173
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
174
+ # a clock skew correction and retry requests with skewed client clocks.
175
+ #
176
+ # @option options [Boolean] :disable_host_prefix_injection (false)
177
+ # Set to true to disable SDK automatically adding host prefix
178
+ # to default service endpoint when available.
179
+ #
180
+ # @option options [String] :endpoint
181
+ # The client endpoint is normally constructed from the `:region`
182
+ # option. You should only configure an `:endpoint` when connecting
183
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
184
+ #
185
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
186
+ # Used for the maximum size limit of the LRU cache storing endpoints data
187
+ # for endpoint discovery enabled operations. Defaults to 1000.
188
+ #
189
+ # @option options [Integer] :endpoint_cache_max_threads (10)
190
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
191
+ #
192
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
193
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
194
+ # Use this option to config the time interval in seconds for making
195
+ # requests fetching endpoints information. Defaults to 60 sec.
196
+ #
197
+ # @option options [Boolean] :endpoint_discovery (false)
198
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
199
+ #
200
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
201
+ # The log formatter.
202
+ #
203
+ # @option options [Symbol] :log_level (:info)
204
+ # The log level to send messages to the `:logger` at.
205
+ #
206
+ # @option options [Logger] :logger
207
+ # The Logger instance to send log messages to. If this option
208
+ # is not set, logging will be disabled.
209
+ #
210
+ # @option options [Integer] :max_attempts (3)
211
+ # An integer representing the maximum number attempts that will be made for
212
+ # a single request, including the initial attempt. For example,
213
+ # setting this value to 5 will result in a request being retried up to
214
+ # 4 times. Used in `standard` and `adaptive` retry modes.
215
+ #
216
+ # @option options [String] :profile ("default")
217
+ # Used when loading credentials from the shared credentials file
218
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
219
+ #
220
+ # @option options [Proc] :retry_backoff
221
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
222
+ # This option is only used in the `legacy` retry mode.
223
+ #
224
+ # @option options [Float] :retry_base_delay (0.3)
225
+ # The base delay in seconds used by the default backoff function. This option
226
+ # is only used in the `legacy` retry mode.
227
+ #
228
+ # @option options [Symbol] :retry_jitter (:none)
229
+ # A delay randomiser function used by the default backoff function.
230
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
231
+ # otherwise a Proc that takes and returns a number. This option is only used
232
+ # in the `legacy` retry mode.
233
+ #
234
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
235
+ #
236
+ # @option options [Integer] :retry_limit (3)
237
+ # The maximum number of times to retry failed requests. Only
238
+ # ~ 500 level server errors and certain ~ 400 level client errors
239
+ # are retried. Generally, these are throttling errors, data
240
+ # checksum errors, networking errors, timeout errors, auth errors,
241
+ # endpoint discovery, and errors from expired credentials.
242
+ # This option is only used in the `legacy` retry mode.
243
+ #
244
+ # @option options [Integer] :retry_max_delay (0)
245
+ # The maximum number of seconds to delay between retries (0 for no limit)
246
+ # used by the default backoff function. This option is only used in the
247
+ # `legacy` retry mode.
248
+ #
249
+ # @option options [String] :retry_mode ("legacy")
250
+ # Specifies which retry algorithm to use. Values are:
251
+ #
252
+ # * `legacy` - The pre-existing retry behavior. This is default value if
253
+ # no retry mode is provided.
254
+ #
255
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
256
+ # This includes support for retry quotas, which limit the number of
257
+ # unsuccessful retries a client can make.
258
+ #
259
+ # * `adaptive` - An experimental retry mode that includes all the
260
+ # functionality of `standard` mode along with automatic client side
261
+ # throttling. This is a provisional mode that may change behavior
262
+ # in the future.
263
+ #
264
+ #
265
+ # @option options [String] :secret_access_key
266
+ #
267
+ # @option options [String] :session_token
268
+ #
269
+ # @option options [Boolean] :stub_responses (false)
270
+ # Causes the client to return stubbed responses. By default
271
+ # fake responses are generated and returned. You can specify
272
+ # the response data to return or errors to raise by calling
273
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
274
+ #
275
+ # ** Please note ** When response stubbing is enabled, no HTTP
276
+ # requests are made, and retries are disabled.
277
+ #
278
+ # @option options [Boolean] :validate_params (true)
279
+ # When `true`, request parameters are validated before
280
+ # sending the request.
281
+ #
282
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
283
+ # requests through. Formatted like 'http://proxy.com:123'.
284
+ #
285
+ # @option options [Float] :http_open_timeout (15) The number of
286
+ # seconds to wait when opening a HTTP session before raising a
287
+ # `Timeout::Error`.
288
+ #
289
+ # @option options [Integer] :http_read_timeout (60) The default
290
+ # number of seconds to wait for response data. This value can
291
+ # safely be set per-request on the session.
292
+ #
293
+ # @option options [Float] :http_idle_timeout (5) The number of
294
+ # seconds a connection is allowed to sit idle before it is
295
+ # considered stale. Stale connections are closed and removed
296
+ # from the pool before making a request.
297
+ #
298
+ # @option options [Float] :http_continue_timeout (1) The number of
299
+ # seconds to wait for a 100-continue response before sending the
300
+ # request body. This option has no effect unless the request has
301
+ # "Expect" header set to "100-continue". Defaults to `nil` which
302
+ # disables this behaviour. This value can safely be set per
303
+ # request on the session.
304
+ #
305
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
306
+ # HTTP debug output will be sent to the `:logger`.
307
+ #
308
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
309
+ # SSL peer certificates are verified when establishing a
310
+ # connection.
311
+ #
312
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
313
+ # certificate authority bundle file that should be used when
314
+ # verifying peer certificates. If you do not pass
315
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
316
+ # will be used if available.
317
+ #
318
+ # @option options [String] :ssl_ca_directory Full path of the
319
+ # directory that contains the unbundled SSL certificate
320
+ # authority files for verifying peer certificates. If you do
321
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
322
+ # system default will be used if available.
323
+ #
324
+ def initialize(*args)
325
+ super
326
+ end
327
+
328
+ # @!group API Operations
329
+
330
+ # Assigns a Grafana Enterprise license to a workspace. Upgrading to
331
+ # Grafana Enterprise incurs additional fees. For more information, see
332
+ # [Upgrade a workspace to Grafana Enterprise][1].
333
+ #
334
+ #
335
+ #
336
+ # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html
337
+ #
338
+ # @option params [required, String] :license_type
339
+ # The type of license to associate with the workspace.
340
+ #
341
+ # @option params [required, String] :workspace_id
342
+ # The ID of the workspace to associate the license with.
343
+ #
344
+ # @return [Types::AssociateLicenseResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
345
+ #
346
+ # * {Types::AssociateLicenseResponse#workspace #workspace} => Types::WorkspaceDescription
347
+ #
348
+ # @example Request syntax with placeholder values
349
+ #
350
+ # resp = client.associate_license({
351
+ # license_type: "ENTERPRISE", # required, accepts ENTERPRISE, ENTERPRISE_FREE_TRIAL
352
+ # workspace_id: "WorkspaceId", # required
353
+ # })
354
+ #
355
+ # @example Response structure
356
+ #
357
+ # resp.workspace.account_access_type #=> String, one of "CURRENT_ACCOUNT", "ORGANIZATION"
358
+ # resp.workspace.authentication.providers #=> Array
359
+ # resp.workspace.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
360
+ # resp.workspace.authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
361
+ # resp.workspace.created #=> Time
362
+ # resp.workspace.data_sources #=> Array
363
+ # resp.workspace.data_sources[0] #=> String, one of "AMAZON_OPENSEARCH_SERVICE", "CLOUDWATCH", "PROMETHEUS", "XRAY", "TIMESTREAM", "SITEWISE"
364
+ # resp.workspace.description #=> String
365
+ # resp.workspace.endpoint #=> String
366
+ # resp.workspace.free_trial_consumed #=> Boolean
367
+ # resp.workspace.free_trial_expiration #=> Time
368
+ # resp.workspace.grafana_version #=> String
369
+ # resp.workspace.id #=> String
370
+ # resp.workspace.license_expiration #=> Time
371
+ # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
372
+ # resp.workspace.modified #=> Time
373
+ # resp.workspace.name #=> String
374
+ # resp.workspace.notification_destinations #=> Array
375
+ # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
376
+ # resp.workspace.organization_role_name #=> String
377
+ # resp.workspace.organizational_units #=> Array
378
+ # resp.workspace.organizational_units[0] #=> String
379
+ # resp.workspace.permission_type #=> String, one of "CUSTOMER_MANAGED", "SERVICE_MANAGED"
380
+ # resp.workspace.stack_set_name #=> String
381
+ # resp.workspace.status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
382
+ # resp.workspace.workspace_role_arn #=> String
383
+ #
384
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/AssociateLicense AWS API Documentation
385
+ #
386
+ # @overload associate_license(params = {})
387
+ # @param [Hash] params ({})
388
+ def associate_license(params = {}, options = {})
389
+ req = build_request(:associate_license, params)
390
+ req.send_request(options)
391
+ end
392
+
393
+ # Creates a *workspace*. In a workspace, you can create Grafana
394
+ # dashboards and visualizations to analyze your metrics, logs, and
395
+ # traces. You don't have to build, package, or deploy any hardware to
396
+ # run the Grafana server.
397
+ #
398
+ # Don't use `CreateWorkspace` to modify an existing workspace. Instead,
399
+ # use [UpdateWorkspace][1].
400
+ #
401
+ #
402
+ #
403
+ # [1]: https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateWorkspace.html
404
+ #
405
+ # @option params [required, String] :account_access_type
406
+ # Specifies whether the workspace can access Amazon Web Services
407
+ # resources in this Amazon Web Services account only, or whether it can
408
+ # also access Amazon Web Services resources in other accounts in the
409
+ # same organization. If you specify `ORGANIZATION`, you must specify
410
+ # which organizational units the workspace can access in the
411
+ # `workspaceOrganizationalUnits` parameter.
412
+ #
413
+ # @option params [required, Array<String>] :authentication_providers
414
+ # Specifies whether this workspace uses SAML 2.0, Amazon Web Services
415
+ # Single Sign On, or both to authenticate users for using the Grafana
416
+ # console within a workspace. For more information, see [User
417
+ # authentication in Amazon Managed Grafana][1].
418
+ #
419
+ #
420
+ #
421
+ # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html
422
+ #
423
+ # @option params [String] :client_token
424
+ # A unique, case-sensitive, user-provided identifier to ensure the
425
+ # idempotency of the request.
426
+ #
427
+ # **A suitable default value is auto-generated.** You should normally
428
+ # not need to pass this option.**
429
+ #
430
+ # @option params [String] :organization_role_name
431
+ # The name of an IAM role that already exists to use with Organizations
432
+ # to access Amazon Web Services data sources and notification channels
433
+ # in other accounts in an organization.
434
+ #
435
+ # @option params [required, String] :permission_type
436
+ # If you specify `Service Managed`, Amazon Managed Grafana automatically
437
+ # creates the IAM roles and provisions the permissions that the
438
+ # workspace needs to use Amazon Web Services data sources and
439
+ # notification channels.
440
+ #
441
+ # If you specify `CUSTOMER_MANAGED`, you will manage those roles and
442
+ # permissions yourself. If you are creating this workspace in a member
443
+ # account of an organization that is not a delegated administrator
444
+ # account, and you want the workspace to access data sources in other
445
+ # Amazon Web Services accounts in the organization, you must choose
446
+ # `CUSTOMER_MANAGED`.
447
+ #
448
+ # For more information, see [Amazon Managed Grafana permissions and
449
+ # policies for Amazon Web Services data sources and notification
450
+ # channels][1]
451
+ #
452
+ #
453
+ #
454
+ # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html
455
+ #
456
+ # @option params [String] :stack_set_name
457
+ # The name of the CloudFormation stack set to use to generate IAM roles
458
+ # to be used for this workspace.
459
+ #
460
+ # @option params [Array<String>] :workspace_data_sources
461
+ # Specify the Amazon Web Services data sources that you want to be
462
+ # queried in this workspace. Specifying these data sources here enables
463
+ # Amazon Managed Grafana to create IAM roles and permissions that allow
464
+ # Amazon Managed Grafana to read data from these sources. You must still
465
+ # add them as data sources in the Grafana console in the workspace.
466
+ #
467
+ # If you don't specify a data source here, you can still add it as a
468
+ # data source in the workspace console later. However, you will then
469
+ # have to manually configure permissions for it.
470
+ #
471
+ # @option params [String] :workspace_description
472
+ # A description for the workspace. This is used only to help you
473
+ # identify this workspace.
474
+ #
475
+ # @option params [String] :workspace_name
476
+ # The name for the workspace. It does not have to be unique.
477
+ #
478
+ # @option params [Array<String>] :workspace_notification_destinations
479
+ # Specify the Amazon Web Services notification channels that you plan to
480
+ # use in this workspace. Specifying these data sources here enables
481
+ # Amazon Managed Grafana to create IAM roles and permissions that allow
482
+ # Amazon Managed Grafana to use these channels.
483
+ #
484
+ # @option params [Array<String>] :workspace_organizational_units
485
+ # Specifies the organizational units that this workspace is allowed to
486
+ # use data sources from, if this workspace is in an account that is part
487
+ # of an organization.
488
+ #
489
+ # @option params [String] :workspace_role_arn
490
+ # The workspace needs an IAM role that grants permissions to the Amazon
491
+ # Web Services resources that the workspace will view data from. If you
492
+ # already have a role that you want to use, specify it here. If you omit
493
+ # this field and you specify some Amazon Web Services resources in
494
+ # `workspaceDataSources` or `workspaceNotificationDestinations`, a new
495
+ # IAM role with the necessary permissions is automatically created.
496
+ #
497
+ # @return [Types::CreateWorkspaceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
498
+ #
499
+ # * {Types::CreateWorkspaceResponse#workspace #workspace} => Types::WorkspaceDescription
500
+ #
501
+ # @example Request syntax with placeholder values
502
+ #
503
+ # resp = client.create_workspace({
504
+ # account_access_type: "CURRENT_ACCOUNT", # required, accepts CURRENT_ACCOUNT, ORGANIZATION
505
+ # authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
506
+ # client_token: "ClientToken",
507
+ # organization_role_name: "OrganizationRoleName",
508
+ # permission_type: "CUSTOMER_MANAGED", # required, accepts CUSTOMER_MANAGED, SERVICE_MANAGED
509
+ # stack_set_name: "StackSetName",
510
+ # workspace_data_sources: ["AMAZON_OPENSEARCH_SERVICE"], # accepts AMAZON_OPENSEARCH_SERVICE, CLOUDWATCH, PROMETHEUS, XRAY, TIMESTREAM, SITEWISE
511
+ # workspace_description: "Description",
512
+ # workspace_name: "WorkspaceName",
513
+ # workspace_notification_destinations: ["SNS"], # accepts SNS
514
+ # workspace_organizational_units: ["OrganizationalUnit"],
515
+ # workspace_role_arn: "IamRoleArn",
516
+ # })
517
+ #
518
+ # @example Response structure
519
+ #
520
+ # resp.workspace.account_access_type #=> String, one of "CURRENT_ACCOUNT", "ORGANIZATION"
521
+ # resp.workspace.authentication.providers #=> Array
522
+ # resp.workspace.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
523
+ # resp.workspace.authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
524
+ # resp.workspace.created #=> Time
525
+ # resp.workspace.data_sources #=> Array
526
+ # resp.workspace.data_sources[0] #=> String, one of "AMAZON_OPENSEARCH_SERVICE", "CLOUDWATCH", "PROMETHEUS", "XRAY", "TIMESTREAM", "SITEWISE"
527
+ # resp.workspace.description #=> String
528
+ # resp.workspace.endpoint #=> String
529
+ # resp.workspace.free_trial_consumed #=> Boolean
530
+ # resp.workspace.free_trial_expiration #=> Time
531
+ # resp.workspace.grafana_version #=> String
532
+ # resp.workspace.id #=> String
533
+ # resp.workspace.license_expiration #=> Time
534
+ # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
535
+ # resp.workspace.modified #=> Time
536
+ # resp.workspace.name #=> String
537
+ # resp.workspace.notification_destinations #=> Array
538
+ # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
539
+ # resp.workspace.organization_role_name #=> String
540
+ # resp.workspace.organizational_units #=> Array
541
+ # resp.workspace.organizational_units[0] #=> String
542
+ # resp.workspace.permission_type #=> String, one of "CUSTOMER_MANAGED", "SERVICE_MANAGED"
543
+ # resp.workspace.stack_set_name #=> String
544
+ # resp.workspace.status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
545
+ # resp.workspace.workspace_role_arn #=> String
546
+ #
547
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/CreateWorkspace AWS API Documentation
548
+ #
549
+ # @overload create_workspace(params = {})
550
+ # @param [Hash] params ({})
551
+ def create_workspace(params = {}, options = {})
552
+ req = build_request(:create_workspace, params)
553
+ req.send_request(options)
554
+ end
555
+
556
+ # Deletes an Amazon Managed Grafana workspace.
557
+ #
558
+ # @option params [required, String] :workspace_id
559
+ # The ID of the workspace to delete.
560
+ #
561
+ # @return [Types::DeleteWorkspaceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
562
+ #
563
+ # * {Types::DeleteWorkspaceResponse#workspace #workspace} => Types::WorkspaceDescription
564
+ #
565
+ # @example Request syntax with placeholder values
566
+ #
567
+ # resp = client.delete_workspace({
568
+ # workspace_id: "WorkspaceId", # required
569
+ # })
570
+ #
571
+ # @example Response structure
572
+ #
573
+ # resp.workspace.account_access_type #=> String, one of "CURRENT_ACCOUNT", "ORGANIZATION"
574
+ # resp.workspace.authentication.providers #=> Array
575
+ # resp.workspace.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
576
+ # resp.workspace.authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
577
+ # resp.workspace.created #=> Time
578
+ # resp.workspace.data_sources #=> Array
579
+ # resp.workspace.data_sources[0] #=> String, one of "AMAZON_OPENSEARCH_SERVICE", "CLOUDWATCH", "PROMETHEUS", "XRAY", "TIMESTREAM", "SITEWISE"
580
+ # resp.workspace.description #=> String
581
+ # resp.workspace.endpoint #=> String
582
+ # resp.workspace.free_trial_consumed #=> Boolean
583
+ # resp.workspace.free_trial_expiration #=> Time
584
+ # resp.workspace.grafana_version #=> String
585
+ # resp.workspace.id #=> String
586
+ # resp.workspace.license_expiration #=> Time
587
+ # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
588
+ # resp.workspace.modified #=> Time
589
+ # resp.workspace.name #=> String
590
+ # resp.workspace.notification_destinations #=> Array
591
+ # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
592
+ # resp.workspace.organization_role_name #=> String
593
+ # resp.workspace.organizational_units #=> Array
594
+ # resp.workspace.organizational_units[0] #=> String
595
+ # resp.workspace.permission_type #=> String, one of "CUSTOMER_MANAGED", "SERVICE_MANAGED"
596
+ # resp.workspace.stack_set_name #=> String
597
+ # resp.workspace.status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
598
+ # resp.workspace.workspace_role_arn #=> String
599
+ #
600
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspace AWS API Documentation
601
+ #
602
+ # @overload delete_workspace(params = {})
603
+ # @param [Hash] params ({})
604
+ def delete_workspace(params = {}, options = {})
605
+ req = build_request(:delete_workspace, params)
606
+ req.send_request(options)
607
+ end
608
+
609
+ # Displays information about one Amazon Managed Grafana workspace.
610
+ #
611
+ # @option params [required, String] :workspace_id
612
+ # The ID of the workspace to display information about.
613
+ #
614
+ # @return [Types::DescribeWorkspaceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
615
+ #
616
+ # * {Types::DescribeWorkspaceResponse#workspace #workspace} => Types::WorkspaceDescription
617
+ #
618
+ # @example Request syntax with placeholder values
619
+ #
620
+ # resp = client.describe_workspace({
621
+ # workspace_id: "WorkspaceId", # required
622
+ # })
623
+ #
624
+ # @example Response structure
625
+ #
626
+ # resp.workspace.account_access_type #=> String, one of "CURRENT_ACCOUNT", "ORGANIZATION"
627
+ # resp.workspace.authentication.providers #=> Array
628
+ # resp.workspace.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
629
+ # resp.workspace.authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
630
+ # resp.workspace.created #=> Time
631
+ # resp.workspace.data_sources #=> Array
632
+ # resp.workspace.data_sources[0] #=> String, one of "AMAZON_OPENSEARCH_SERVICE", "CLOUDWATCH", "PROMETHEUS", "XRAY", "TIMESTREAM", "SITEWISE"
633
+ # resp.workspace.description #=> String
634
+ # resp.workspace.endpoint #=> String
635
+ # resp.workspace.free_trial_consumed #=> Boolean
636
+ # resp.workspace.free_trial_expiration #=> Time
637
+ # resp.workspace.grafana_version #=> String
638
+ # resp.workspace.id #=> String
639
+ # resp.workspace.license_expiration #=> Time
640
+ # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
641
+ # resp.workspace.modified #=> Time
642
+ # resp.workspace.name #=> String
643
+ # resp.workspace.notification_destinations #=> Array
644
+ # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
645
+ # resp.workspace.organization_role_name #=> String
646
+ # resp.workspace.organizational_units #=> Array
647
+ # resp.workspace.organizational_units[0] #=> String
648
+ # resp.workspace.permission_type #=> String, one of "CUSTOMER_MANAGED", "SERVICE_MANAGED"
649
+ # resp.workspace.stack_set_name #=> String
650
+ # resp.workspace.status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
651
+ # resp.workspace.workspace_role_arn #=> String
652
+ #
653
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspace AWS API Documentation
654
+ #
655
+ # @overload describe_workspace(params = {})
656
+ # @param [Hash] params ({})
657
+ def describe_workspace(params = {}, options = {})
658
+ req = build_request(:describe_workspace, params)
659
+ req.send_request(options)
660
+ end
661
+
662
+ # Displays information about the authentication methods used in one
663
+ # Amazon Managed Grafana workspace.
664
+ #
665
+ # @option params [required, String] :workspace_id
666
+ # The ID of the workspace to return authentication information about.
667
+ #
668
+ # @return [Types::DescribeWorkspaceAuthenticationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
669
+ #
670
+ # * {Types::DescribeWorkspaceAuthenticationResponse#authentication #authentication} => Types::AuthenticationDescription
671
+ #
672
+ # @example Request syntax with placeholder values
673
+ #
674
+ # resp = client.describe_workspace_authentication({
675
+ # workspace_id: "WorkspaceId", # required
676
+ # })
677
+ #
678
+ # @example Response structure
679
+ #
680
+ # resp.authentication.aws_sso.sso_client_id #=> String
681
+ # resp.authentication.providers #=> Array
682
+ # resp.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
683
+ # resp.authentication.saml.configuration.allowed_organizations #=> Array
684
+ # resp.authentication.saml.configuration.allowed_organizations[0] #=> String
685
+ # resp.authentication.saml.configuration.assertion_attributes.email #=> String
686
+ # resp.authentication.saml.configuration.assertion_attributes.groups #=> String
687
+ # resp.authentication.saml.configuration.assertion_attributes.login #=> String
688
+ # resp.authentication.saml.configuration.assertion_attributes.name #=> String
689
+ # resp.authentication.saml.configuration.assertion_attributes.org #=> String
690
+ # resp.authentication.saml.configuration.assertion_attributes.role #=> String
691
+ # resp.authentication.saml.configuration.idp_metadata.url #=> String
692
+ # resp.authentication.saml.configuration.idp_metadata.xml #=> String
693
+ # resp.authentication.saml.configuration.login_validity_duration #=> Integer
694
+ # resp.authentication.saml.configuration.role_values.admin #=> Array
695
+ # resp.authentication.saml.configuration.role_values.admin[0] #=> String
696
+ # resp.authentication.saml.configuration.role_values.editor #=> Array
697
+ # resp.authentication.saml.configuration.role_values.editor[0] #=> String
698
+ # resp.authentication.saml.status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
699
+ #
700
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceAuthentication AWS API Documentation
701
+ #
702
+ # @overload describe_workspace_authentication(params = {})
703
+ # @param [Hash] params ({})
704
+ def describe_workspace_authentication(params = {}, options = {})
705
+ req = build_request(:describe_workspace_authentication, params)
706
+ req.send_request(options)
707
+ end
708
+
709
+ # Removes the Grafana Enterprise license from a workspace.
710
+ #
711
+ # @option params [required, String] :license_type
712
+ # The type of license to remove from the workspace.
713
+ #
714
+ # @option params [required, String] :workspace_id
715
+ # The ID of the workspace to remove the Grafana Enterprise license from.
716
+ #
717
+ # @return [Types::DisassociateLicenseResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
718
+ #
719
+ # * {Types::DisassociateLicenseResponse#workspace #workspace} => Types::WorkspaceDescription
720
+ #
721
+ # @example Request syntax with placeholder values
722
+ #
723
+ # resp = client.disassociate_license({
724
+ # license_type: "ENTERPRISE", # required, accepts ENTERPRISE, ENTERPRISE_FREE_TRIAL
725
+ # workspace_id: "WorkspaceId", # required
726
+ # })
727
+ #
728
+ # @example Response structure
729
+ #
730
+ # resp.workspace.account_access_type #=> String, one of "CURRENT_ACCOUNT", "ORGANIZATION"
731
+ # resp.workspace.authentication.providers #=> Array
732
+ # resp.workspace.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
733
+ # resp.workspace.authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
734
+ # resp.workspace.created #=> Time
735
+ # resp.workspace.data_sources #=> Array
736
+ # resp.workspace.data_sources[0] #=> String, one of "AMAZON_OPENSEARCH_SERVICE", "CLOUDWATCH", "PROMETHEUS", "XRAY", "TIMESTREAM", "SITEWISE"
737
+ # resp.workspace.description #=> String
738
+ # resp.workspace.endpoint #=> String
739
+ # resp.workspace.free_trial_consumed #=> Boolean
740
+ # resp.workspace.free_trial_expiration #=> Time
741
+ # resp.workspace.grafana_version #=> String
742
+ # resp.workspace.id #=> String
743
+ # resp.workspace.license_expiration #=> Time
744
+ # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
745
+ # resp.workspace.modified #=> Time
746
+ # resp.workspace.name #=> String
747
+ # resp.workspace.notification_destinations #=> Array
748
+ # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
749
+ # resp.workspace.organization_role_name #=> String
750
+ # resp.workspace.organizational_units #=> Array
751
+ # resp.workspace.organizational_units[0] #=> String
752
+ # resp.workspace.permission_type #=> String, one of "CUSTOMER_MANAGED", "SERVICE_MANAGED"
753
+ # resp.workspace.stack_set_name #=> String
754
+ # resp.workspace.status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
755
+ # resp.workspace.workspace_role_arn #=> String
756
+ #
757
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DisassociateLicense AWS API Documentation
758
+ #
759
+ # @overload disassociate_license(params = {})
760
+ # @param [Hash] params ({})
761
+ def disassociate_license(params = {}, options = {})
762
+ req = build_request(:disassociate_license, params)
763
+ req.send_request(options)
764
+ end
765
+
766
+ # Lists the users and groups who have the Grafana `Admin` and `Editor`
767
+ # roles in this workspace. If you use this operation without specifying
768
+ # `userId` or `groupId`, the operation returns the roles of all users
769
+ # and groups. If you specify a `userId` or a `groupId`, only the roles
770
+ # for that user or group are returned. If you do this, you can specify
771
+ # only one `userId` or one `groupId`.
772
+ #
773
+ # @option params [String] :group_id
774
+ # (Optional) Limits the results to only the group that matches this ID.
775
+ #
776
+ # @option params [Integer] :max_results
777
+ # The maximum number of results to include in the response.
778
+ #
779
+ # @option params [String] :next_token
780
+ # The token to use when requesting the next set of results. You received
781
+ # this token from a previous `ListPermissions` operation.
782
+ #
783
+ # @option params [String] :user_id
784
+ # (Optional) Limits the results to only the user that matches this ID.
785
+ #
786
+ # @option params [String] :user_type
787
+ # (Optional) If you specify `SSO_USER`, then only the permissions of
788
+ # Amazon Web Services SSO users are returned. If you specify
789
+ # `SSO_GROUP`, only the permissions of Amazon Web Services SSO groups
790
+ # are returned.
791
+ #
792
+ # @option params [required, String] :workspace_id
793
+ # The ID of the workspace to list permissions for. This parameter is
794
+ # required.
795
+ #
796
+ # @return [Types::ListPermissionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
797
+ #
798
+ # * {Types::ListPermissionsResponse#next_token #next_token} => String
799
+ # * {Types::ListPermissionsResponse#permissions #permissions} => Array&lt;Types::PermissionEntry&gt;
800
+ #
801
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
802
+ #
803
+ # @example Request syntax with placeholder values
804
+ #
805
+ # resp = client.list_permissions({
806
+ # group_id: "SsoId",
807
+ # max_results: 1,
808
+ # next_token: "PaginationToken",
809
+ # user_id: "SsoId",
810
+ # user_type: "SSO_USER", # accepts SSO_USER, SSO_GROUP
811
+ # workspace_id: "WorkspaceId", # required
812
+ # })
813
+ #
814
+ # @example Response structure
815
+ #
816
+ # resp.next_token #=> String
817
+ # resp.permissions #=> Array
818
+ # resp.permissions[0].role #=> String, one of "ADMIN", "EDITOR"
819
+ # resp.permissions[0].user.id #=> String
820
+ # resp.permissions[0].user.type #=> String, one of "SSO_USER", "SSO_GROUP"
821
+ #
822
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListPermissions AWS API Documentation
823
+ #
824
+ # @overload list_permissions(params = {})
825
+ # @param [Hash] params ({})
826
+ def list_permissions(params = {}, options = {})
827
+ req = build_request(:list_permissions, params)
828
+ req.send_request(options)
829
+ end
830
+
831
+ # Returns a list of Amazon Managed Grafana workspaces in the account,
832
+ # with some information about each workspace. For more complete
833
+ # information about one workspace, use [DescribeWorkspace][1].
834
+ #
835
+ #
836
+ #
837
+ # [1]: https://docs.aws.amazon.com/AAMG/latest/APIReference/API_DescribeWorkspace.html
838
+ #
839
+ # @option params [Integer] :max_results
840
+ # The maximum number of workspaces to include in the results.
841
+ #
842
+ # @option params [String] :next_token
843
+ # The token for the next set of workspaces to return. (You receive this
844
+ # token from a previous `ListWorkspaces` operation.)
845
+ #
846
+ # @return [Types::ListWorkspacesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
847
+ #
848
+ # * {Types::ListWorkspacesResponse#next_token #next_token} => String
849
+ # * {Types::ListWorkspacesResponse#workspaces #workspaces} => Array&lt;Types::WorkspaceSummary&gt;
850
+ #
851
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
852
+ #
853
+ # @example Request syntax with placeholder values
854
+ #
855
+ # resp = client.list_workspaces({
856
+ # max_results: 1,
857
+ # next_token: "PaginationToken",
858
+ # })
859
+ #
860
+ # @example Response structure
861
+ #
862
+ # resp.next_token #=> String
863
+ # resp.workspaces #=> Array
864
+ # resp.workspaces[0].authentication.providers #=> Array
865
+ # resp.workspaces[0].authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
866
+ # resp.workspaces[0].authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
867
+ # resp.workspaces[0].created #=> Time
868
+ # resp.workspaces[0].description #=> String
869
+ # resp.workspaces[0].endpoint #=> String
870
+ # resp.workspaces[0].grafana_version #=> String
871
+ # resp.workspaces[0].id #=> String
872
+ # resp.workspaces[0].modified #=> Time
873
+ # resp.workspaces[0].name #=> String
874
+ # resp.workspaces[0].notification_destinations #=> Array
875
+ # resp.workspaces[0].notification_destinations[0] #=> String, one of "SNS"
876
+ # resp.workspaces[0].status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
877
+ #
878
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaces AWS API Documentation
879
+ #
880
+ # @overload list_workspaces(params = {})
881
+ # @param [Hash] params ({})
882
+ def list_workspaces(params = {}, options = {})
883
+ req = build_request(:list_workspaces, params)
884
+ req.send_request(options)
885
+ end
886
+
887
+ # Updates which users in a workspace have the Grafana `Admin` or
888
+ # `Editor` roles.
889
+ #
890
+ # @option params [required, Array<Types::UpdateInstruction>] :update_instruction_batch
891
+ # An array of structures that contain the permission updates to make.
892
+ #
893
+ # @option params [required, String] :workspace_id
894
+ # The ID of the workspace to update.
895
+ #
896
+ # @return [Types::UpdatePermissionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
897
+ #
898
+ # * {Types::UpdatePermissionsResponse#errors #errors} => Array&lt;Types::UpdateError&gt;
899
+ #
900
+ # @example Request syntax with placeholder values
901
+ #
902
+ # resp = client.update_permissions({
903
+ # update_instruction_batch: [ # required
904
+ # {
905
+ # action: "ADD", # required, accepts ADD, REVOKE
906
+ # role: "ADMIN", # required, accepts ADMIN, EDITOR
907
+ # users: [ # required
908
+ # {
909
+ # id: "SsoId", # required
910
+ # type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
911
+ # },
912
+ # ],
913
+ # },
914
+ # ],
915
+ # workspace_id: "WorkspaceId", # required
916
+ # })
917
+ #
918
+ # @example Response structure
919
+ #
920
+ # resp.errors #=> Array
921
+ # resp.errors[0].caused_by.action #=> String, one of "ADD", "REVOKE"
922
+ # resp.errors[0].caused_by.role #=> String, one of "ADMIN", "EDITOR"
923
+ # resp.errors[0].caused_by.users #=> Array
924
+ # resp.errors[0].caused_by.users[0].id #=> String
925
+ # resp.errors[0].caused_by.users[0].type #=> String, one of "SSO_USER", "SSO_GROUP"
926
+ # resp.errors[0].code #=> Integer
927
+ # resp.errors[0].message #=> String
928
+ #
929
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdatePermissions AWS API Documentation
930
+ #
931
+ # @overload update_permissions(params = {})
932
+ # @param [Hash] params ({})
933
+ def update_permissions(params = {}, options = {})
934
+ req = build_request(:update_permissions, params)
935
+ req.send_request(options)
936
+ end
937
+
938
+ # Modifies an existing Amazon Managed Grafana workspace. If you use this
939
+ # operation and omit any optional parameters, the existing values of
940
+ # those parameters are not changed.
941
+ #
942
+ # To modify the user authentication methods that the workspace uses,
943
+ # such as SAML or Amazon Web Services SSO, use
944
+ # [UpdateWorkspaceAuthentication][1].
945
+ #
946
+ # To modify which users in the workspace have the `Admin` and `Editor`
947
+ # Grafana roles, use [UpdatePermissions][2].
948
+ #
949
+ #
950
+ #
951
+ # [1]: https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateWorkspaceAuthentication.html
952
+ # [2]: https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdatePermissions.html
953
+ #
954
+ # @option params [String] :account_access_type
955
+ # Specifies whether the workspace can access Amazon Web Services
956
+ # resources in this Amazon Web Services account only, or whether it can
957
+ # also access Amazon Web Services resources in other accounts in the
958
+ # same organization. If you specify `ORGANIZATION`, you must specify
959
+ # which organizational units the workspace can access in the
960
+ # `workspaceOrganizationalUnits` parameter.
961
+ #
962
+ # @option params [String] :organization_role_name
963
+ # The name of an IAM role that already exists to use to access resources
964
+ # through Organizations.
965
+ #
966
+ # @option params [String] :permission_type
967
+ # If you specify `Service Managed`, Amazon Managed Grafana automatically
968
+ # creates the IAM roles and provisions the permissions that the
969
+ # workspace needs to use Amazon Web Services data sources and
970
+ # notification channels.
971
+ #
972
+ # If you specify `CUSTOMER_MANAGED`, you will manage those roles and
973
+ # permissions yourself. If you are creating this workspace in a member
974
+ # account of an organization and that account is not a delegated
975
+ # administrator account, and you want the workspace to access data
976
+ # sources in other Amazon Web Services accounts in the organization, you
977
+ # must choose `CUSTOMER_MANAGED`.
978
+ #
979
+ # For more information, see [Amazon Managed Grafana permissions and
980
+ # policies for Amazon Web Services data sources and notification
981
+ # channels][1]
982
+ #
983
+ #
984
+ #
985
+ # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html
986
+ #
987
+ # @option params [String] :stack_set_name
988
+ # The name of the CloudFormation stack set to use to generate IAM roles
989
+ # to be used for this workspace.
990
+ #
991
+ # @option params [Array<String>] :workspace_data_sources
992
+ # Specify the Amazon Web Services data sources that you want to be
993
+ # queried in this workspace. Specifying these data sources here enables
994
+ # Amazon Managed Grafana to create IAM roles and permissions that allow
995
+ # Amazon Managed Grafana to read data from these sources. You must still
996
+ # add them as data sources in the Grafana console in the workspace.
997
+ #
998
+ # If you don't specify a data source here, you can still add it as a
999
+ # data source later in the workspace console. However, you will then
1000
+ # have to manually configure permissions for it.
1001
+ #
1002
+ # @option params [String] :workspace_description
1003
+ # A description for the workspace. This is used only to help you
1004
+ # identify this workspace.
1005
+ #
1006
+ # @option params [required, String] :workspace_id
1007
+ # The ID of the workspace to update.
1008
+ #
1009
+ # @option params [String] :workspace_name
1010
+ # A new name for the workspace to update.
1011
+ #
1012
+ # @option params [Array<String>] :workspace_notification_destinations
1013
+ # Specify the Amazon Web Services notification channels that you plan to
1014
+ # use in this workspace. Specifying these data sources here enables
1015
+ # Amazon Managed Grafana to create IAM roles and permissions that allow
1016
+ # Amazon Managed Grafana to use these channels.
1017
+ #
1018
+ # @option params [Array<String>] :workspace_organizational_units
1019
+ # Specifies the organizational units that this workspace is allowed to
1020
+ # use data sources from, if this workspace is in an account that is part
1021
+ # of an organization.
1022
+ #
1023
+ # @option params [String] :workspace_role_arn
1024
+ # The workspace needs an IAM role that grants permissions to the Amazon
1025
+ # Web Services resources that the workspace will view data from. If you
1026
+ # already have a role that you want to use, specify it here. If you omit
1027
+ # this field and you specify some Amazon Web Services resources in
1028
+ # `workspaceDataSources` or `workspaceNotificationDestinations`, a new
1029
+ # IAM role with the necessary permissions is automatically created.
1030
+ #
1031
+ # @return [Types::UpdateWorkspaceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1032
+ #
1033
+ # * {Types::UpdateWorkspaceResponse#workspace #workspace} => Types::WorkspaceDescription
1034
+ #
1035
+ # @example Request syntax with placeholder values
1036
+ #
1037
+ # resp = client.update_workspace({
1038
+ # account_access_type: "CURRENT_ACCOUNT", # accepts CURRENT_ACCOUNT, ORGANIZATION
1039
+ # organization_role_name: "OrganizationRoleName",
1040
+ # permission_type: "CUSTOMER_MANAGED", # accepts CUSTOMER_MANAGED, SERVICE_MANAGED
1041
+ # stack_set_name: "StackSetName",
1042
+ # workspace_data_sources: ["AMAZON_OPENSEARCH_SERVICE"], # accepts AMAZON_OPENSEARCH_SERVICE, CLOUDWATCH, PROMETHEUS, XRAY, TIMESTREAM, SITEWISE
1043
+ # workspace_description: "Description",
1044
+ # workspace_id: "WorkspaceId", # required
1045
+ # workspace_name: "WorkspaceName",
1046
+ # workspace_notification_destinations: ["SNS"], # accepts SNS
1047
+ # workspace_organizational_units: ["OrganizationalUnit"],
1048
+ # workspace_role_arn: "IamRoleArn",
1049
+ # })
1050
+ #
1051
+ # @example Response structure
1052
+ #
1053
+ # resp.workspace.account_access_type #=> String, one of "CURRENT_ACCOUNT", "ORGANIZATION"
1054
+ # resp.workspace.authentication.providers #=> Array
1055
+ # resp.workspace.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
1056
+ # resp.workspace.authentication.saml_configuration_status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
1057
+ # resp.workspace.created #=> Time
1058
+ # resp.workspace.data_sources #=> Array
1059
+ # resp.workspace.data_sources[0] #=> String, one of "AMAZON_OPENSEARCH_SERVICE", "CLOUDWATCH", "PROMETHEUS", "XRAY", "TIMESTREAM", "SITEWISE"
1060
+ # resp.workspace.description #=> String
1061
+ # resp.workspace.endpoint #=> String
1062
+ # resp.workspace.free_trial_consumed #=> Boolean
1063
+ # resp.workspace.free_trial_expiration #=> Time
1064
+ # resp.workspace.grafana_version #=> String
1065
+ # resp.workspace.id #=> String
1066
+ # resp.workspace.license_expiration #=> Time
1067
+ # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
1068
+ # resp.workspace.modified #=> Time
1069
+ # resp.workspace.name #=> String
1070
+ # resp.workspace.notification_destinations #=> Array
1071
+ # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
1072
+ # resp.workspace.organization_role_name #=> String
1073
+ # resp.workspace.organizational_units #=> Array
1074
+ # resp.workspace.organizational_units[0] #=> String
1075
+ # resp.workspace.permission_type #=> String, one of "CUSTOMER_MANAGED", "SERVICE_MANAGED"
1076
+ # resp.workspace.stack_set_name #=> String
1077
+ # resp.workspace.status #=> String, one of "ACTIVE", "CREATING", "DELETING", "FAILED", "UPDATING", "UPGRADING", "DELETION_FAILED", "CREATION_FAILED", "UPDATE_FAILED", "UPGRADE_FAILED", "LICENSE_REMOVAL_FAILED"
1078
+ # resp.workspace.workspace_role_arn #=> String
1079
+ #
1080
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspace AWS API Documentation
1081
+ #
1082
+ # @overload update_workspace(params = {})
1083
+ # @param [Hash] params ({})
1084
+ def update_workspace(params = {}, options = {})
1085
+ req = build_request(:update_workspace, params)
1086
+ req.send_request(options)
1087
+ end
1088
+
1089
+ # Use this operation to define the identity provider (IdP) that this
1090
+ # workspace authenticates users from, using SAML. You can also map SAML
1091
+ # assertion attributes to workspace user information and define which
1092
+ # groups in the assertion attribute are to have the `Admin` and `Editor`
1093
+ # roles in the workspace.
1094
+ #
1095
+ # @option params [required, Array<String>] :authentication_providers
1096
+ # Specifies whether this workspace uses SAML 2.0, Amazon Web Services
1097
+ # Single Sign On, or both to authenticate users for using the Grafana
1098
+ # console within a workspace. For more information, see [User
1099
+ # authentication in Amazon Managed Grafana][1].
1100
+ #
1101
+ #
1102
+ #
1103
+ # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html
1104
+ #
1105
+ # @option params [Types::SamlConfiguration] :saml_configuration
1106
+ # If the workspace uses SAML, use this structure to map SAML assertion
1107
+ # attributes to workspace user information and define which groups in
1108
+ # the assertion attribute are to have the `Admin` and `Editor` roles in
1109
+ # the workspace.
1110
+ #
1111
+ # @option params [required, String] :workspace_id
1112
+ # The ID of the workspace to update the authentication for.
1113
+ #
1114
+ # @return [Types::UpdateWorkspaceAuthenticationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1115
+ #
1116
+ # * {Types::UpdateWorkspaceAuthenticationResponse#authentication #authentication} => Types::AuthenticationDescription
1117
+ #
1118
+ # @example Request syntax with placeholder values
1119
+ #
1120
+ # resp = client.update_workspace_authentication({
1121
+ # authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
1122
+ # saml_configuration: {
1123
+ # allowed_organizations: ["AllowedOrganization"],
1124
+ # assertion_attributes: {
1125
+ # email: "AssertionAttribute",
1126
+ # groups: "AssertionAttribute",
1127
+ # login: "AssertionAttribute",
1128
+ # name: "AssertionAttribute",
1129
+ # org: "AssertionAttribute",
1130
+ # role: "AssertionAttribute",
1131
+ # },
1132
+ # idp_metadata: { # required
1133
+ # url: "IdpMetadataUrl",
1134
+ # xml: "String",
1135
+ # },
1136
+ # login_validity_duration: 1,
1137
+ # role_values: {
1138
+ # admin: ["RoleValue"],
1139
+ # editor: ["RoleValue"],
1140
+ # },
1141
+ # },
1142
+ # workspace_id: "WorkspaceId", # required
1143
+ # })
1144
+ #
1145
+ # @example Response structure
1146
+ #
1147
+ # resp.authentication.aws_sso.sso_client_id #=> String
1148
+ # resp.authentication.providers #=> Array
1149
+ # resp.authentication.providers[0] #=> String, one of "AWS_SSO", "SAML"
1150
+ # resp.authentication.saml.configuration.allowed_organizations #=> Array
1151
+ # resp.authentication.saml.configuration.allowed_organizations[0] #=> String
1152
+ # resp.authentication.saml.configuration.assertion_attributes.email #=> String
1153
+ # resp.authentication.saml.configuration.assertion_attributes.groups #=> String
1154
+ # resp.authentication.saml.configuration.assertion_attributes.login #=> String
1155
+ # resp.authentication.saml.configuration.assertion_attributes.name #=> String
1156
+ # resp.authentication.saml.configuration.assertion_attributes.org #=> String
1157
+ # resp.authentication.saml.configuration.assertion_attributes.role #=> String
1158
+ # resp.authentication.saml.configuration.idp_metadata.url #=> String
1159
+ # resp.authentication.saml.configuration.idp_metadata.xml #=> String
1160
+ # resp.authentication.saml.configuration.login_validity_duration #=> Integer
1161
+ # resp.authentication.saml.configuration.role_values.admin #=> Array
1162
+ # resp.authentication.saml.configuration.role_values.admin[0] #=> String
1163
+ # resp.authentication.saml.configuration.role_values.editor #=> Array
1164
+ # resp.authentication.saml.configuration.role_values.editor[0] #=> String
1165
+ # resp.authentication.saml.status #=> String, one of "CONFIGURED", "NOT_CONFIGURED"
1166
+ #
1167
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceAuthentication AWS API Documentation
1168
+ #
1169
+ # @overload update_workspace_authentication(params = {})
1170
+ # @param [Hash] params ({})
1171
+ def update_workspace_authentication(params = {}, options = {})
1172
+ req = build_request(:update_workspace_authentication, params)
1173
+ req.send_request(options)
1174
+ end
1175
+
1176
+ # @!endgroup
1177
+
1178
+ # @param params ({})
1179
+ # @api private
1180
+ def build_request(operation_name, params = {})
1181
+ handlers = @handlers.for(operation_name)
1182
+ context = Seahorse::Client::RequestContext.new(
1183
+ operation_name: operation_name,
1184
+ operation: config.api.operation(operation_name),
1185
+ client: self,
1186
+ params: params,
1187
+ config: config)
1188
+ context[:gem_name] = 'aws-sdk-managedgrafana'
1189
+ context[:gem_version] = '1.0.0'
1190
+ Seahorse::Client::Request.new(handlers, context)
1191
+ end
1192
+
1193
+ # @api private
1194
+ # @deprecated
1195
+ def waiter_names
1196
+ []
1197
+ end
1198
+
1199
+ class << self
1200
+
1201
+ # @api private
1202
+ attr_reader :identifier
1203
+
1204
+ # @api private
1205
+ def errors_module
1206
+ Errors
1207
+ end
1208
+
1209
+ end
1210
+ end
1211
+ end