aws-sdk-managedgrafana 1.10.0 → 1.12.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 98a3805f6f6c020f69a8681129b0ff5ebce892f8a0b4d2536cfa7abeca8f4cc5
4
- data.tar.gz: 6c5f9dda87b536a675bf8e25613e79ca974371cdc30eb911eb58898624a6ffa4
3
+ metadata.gz: dbed3c483cb41a8ed9c42655e36beb415da0a7c1a45e21ad77554152ebd627fd
4
+ data.tar.gz: cfa5fb3b3859d7c141652054436061144dea64c925d9f629b4db914cc0c5e89c
5
5
  SHA512:
6
- metadata.gz: c878b1d4197f1c82ba977f416ba7891e6877f5bc9c92630b78f8e7cda676b1e4dfbec83adf97a252c83b3aeec715d392be3162b0e946724bb7c3b03b2a756232
7
- data.tar.gz: 6c33ed2eb57ea1317c67c769e28c4a5d919a2cfbd564bd8f1813bf1d5edc80c65266bdd8497c707bef5b64c735b2604b745402955081fcab4bfd81991c3e28f0
6
+ metadata.gz: 026314fed6e3710f307837edf8daf8b965133b2b3289f7b95befe1503bf0c4b6e79df1f6ada184ef77c59a0b7ee27faa58212f6bb73247be025fe88d7e199472
7
+ data.tar.gz: bef0e55956c9c8b6d9ad29a882e0b35018f59c68aebc0ad31ce3bacf0e04807f80af4d65ae2ec6e276b5086705d6a6e334a07b20a3e5c40b4293fca37f2d331b
data/CHANGELOG.md CHANGED
@@ -1,6 +1,18 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.12.0 (2023-02-16)
5
+ ------------------
6
+
7
+ * Feature - With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces
8
+
9
+ 1.11.0 (2023-01-18)
10
+ ------------------
11
+
12
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
13
+
14
+ * Issue - Replace runtime endpoint resolution approach with generated ruby code.
15
+
4
16
  1.10.0 (2022-11-23)
5
17
  ------------------
6
18
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.10.0
1
+ 1.12.0
@@ -412,6 +412,10 @@ module Aws::ManagedGrafana
412
412
  # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
413
413
  # resp.workspace.modified #=> Time
414
414
  # resp.workspace.name #=> String
415
+ # resp.workspace.network_access_control.prefix_list_ids #=> Array
416
+ # resp.workspace.network_access_control.prefix_list_ids[0] #=> String
417
+ # resp.workspace.network_access_control.vpce_ids #=> Array
418
+ # resp.workspace.network_access_control.vpce_ids[0] #=> String
415
419
  # resp.workspace.notification_destinations #=> Array
416
420
  # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
417
421
  # resp.workspace.organization_role_name #=> String
@@ -487,6 +491,17 @@ module Aws::ManagedGrafana
487
491
  #
488
492
  # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html
489
493
  #
494
+ # @option params [Types::NetworkAccessConfiguration] :network_access_control
495
+ # Configuration for network access to your workspace.
496
+ #
497
+ # When this is configured, only listed IP addresses and VPC endpoints
498
+ # will be able to access your workspace. Standard Grafana authentication
499
+ # and authorization will still be required.
500
+ #
501
+ # If this is not configured, or is removed, then all IP addresses and
502
+ # VPC endpoints will be allowed. Standard Grafana authentication and
503
+ # authorization will still be required.
504
+ #
490
505
  # @option params [String] :organization_role_name
491
506
  # The name of an IAM role that already exists to use with Organizations
492
507
  # to access Amazon Web Services data sources and notification channels
@@ -577,6 +592,10 @@ module Aws::ManagedGrafana
577
592
  # authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
578
593
  # client_token: "ClientToken",
579
594
  # configuration: "OverridableConfigurationJson",
595
+ # network_access_control: {
596
+ # prefix_list_ids: ["PrefixListId"], # required
597
+ # vpce_ids: ["VpceId"], # required
598
+ # },
580
599
  # organization_role_name: "OrganizationRoleName",
581
600
  # permission_type: "CUSTOMER_MANAGED", # required, accepts CUSTOMER_MANAGED, SERVICE_MANAGED
582
601
  # stack_set_name: "StackSetName",
@@ -614,6 +633,10 @@ module Aws::ManagedGrafana
614
633
  # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
615
634
  # resp.workspace.modified #=> Time
616
635
  # resp.workspace.name #=> String
636
+ # resp.workspace.network_access_control.prefix_list_ids #=> Array
637
+ # resp.workspace.network_access_control.prefix_list_ids[0] #=> String
638
+ # resp.workspace.network_access_control.vpce_ids #=> Array
639
+ # resp.workspace.network_access_control.vpce_ids[0] #=> String
617
640
  # resp.workspace.notification_destinations #=> Array
618
641
  # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
619
642
  # resp.workspace.organization_role_name #=> String
@@ -728,6 +751,10 @@ module Aws::ManagedGrafana
728
751
  # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
729
752
  # resp.workspace.modified #=> Time
730
753
  # resp.workspace.name #=> String
754
+ # resp.workspace.network_access_control.prefix_list_ids #=> Array
755
+ # resp.workspace.network_access_control.prefix_list_ids[0] #=> String
756
+ # resp.workspace.network_access_control.vpce_ids #=> Array
757
+ # resp.workspace.network_access_control.vpce_ids[0] #=> String
731
758
  # resp.workspace.notification_destinations #=> Array
732
759
  # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
733
760
  # resp.workspace.organization_role_name #=> String
@@ -821,6 +848,10 @@ module Aws::ManagedGrafana
821
848
  # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
822
849
  # resp.workspace.modified #=> Time
823
850
  # resp.workspace.name #=> String
851
+ # resp.workspace.network_access_control.prefix_list_ids #=> Array
852
+ # resp.workspace.network_access_control.prefix_list_ids[0] #=> String
853
+ # resp.workspace.network_access_control.vpce_ids #=> Array
854
+ # resp.workspace.network_access_control.vpce_ids[0] #=> String
824
855
  # resp.workspace.notification_destinations #=> Array
825
856
  # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
826
857
  # resp.workspace.organization_role_name #=> String
@@ -959,6 +990,10 @@ module Aws::ManagedGrafana
959
990
  # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
960
991
  # resp.workspace.modified #=> Time
961
992
  # resp.workspace.name #=> String
993
+ # resp.workspace.network_access_control.prefix_list_ids #=> Array
994
+ # resp.workspace.network_access_control.prefix_list_ids[0] #=> String
995
+ # resp.workspace.network_access_control.vpce_ids #=> Array
996
+ # resp.workspace.network_access_control.vpce_ids[0] #=> String
962
997
  # resp.workspace.notification_destinations #=> Array
963
998
  # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
964
999
  # resp.workspace.organization_role_name #=> String
@@ -1277,12 +1312,23 @@ module Aws::ManagedGrafana
1277
1312
  # which organizational units the workspace can access in the
1278
1313
  # `workspaceOrganizationalUnits` parameter.
1279
1314
  #
1315
+ # @option params [Types::NetworkAccessConfiguration] :network_access_control
1316
+ # The configuration settings for network access to your workspace.
1317
+ #
1318
+ # When this is configured, only listed IP addresses and VPC endpoints
1319
+ # will be able to access your workspace. Standard Grafana authentication
1320
+ # and authorization will still be required.
1321
+ #
1322
+ # If this is not configured, or is removed, then all IP addresses and
1323
+ # VPC endpoints will be allowed. Standard Grafana authentication and
1324
+ # authorization will still be required.
1325
+ #
1280
1326
  # @option params [String] :organization_role_name
1281
1327
  # The name of an IAM role that already exists to use to access resources
1282
1328
  # through Organizations.
1283
1329
  #
1284
1330
  # @option params [String] :permission_type
1285
- # If you specify `Service Managed`, Amazon Managed Grafana automatically
1331
+ # If you specify `SERVICE_MANAGED`, Amazon Managed Grafana automatically
1286
1332
  # creates the IAM roles and provisions the permissions that the
1287
1333
  # workspace needs to use Amazon Web Services data sources and
1288
1334
  # notification channels.
@@ -1302,6 +1348,16 @@ module Aws::ManagedGrafana
1302
1348
  #
1303
1349
  # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html
1304
1350
  #
1351
+ # @option params [Boolean] :remove_network_access_configuration
1352
+ # Whether to remove the network access configuration from the workspace.
1353
+ #
1354
+ # Setting this to `true` and providing a `networkAccessControl` to set
1355
+ # will return an error.
1356
+ #
1357
+ # If you remove this configuration by setting this to `true`, then all
1358
+ # IP addresses and VPC endpoints will be allowed. Standard Grafana
1359
+ # authentication and authorization will still be required.
1360
+ #
1305
1361
  # @option params [Boolean] :remove_vpc_configuration
1306
1362
  # Whether to remove the VPC configuration from the workspace.
1307
1363
  #
@@ -1364,8 +1420,13 @@ module Aws::ManagedGrafana
1364
1420
  #
1365
1421
  # resp = client.update_workspace({
1366
1422
  # account_access_type: "CURRENT_ACCOUNT", # accepts CURRENT_ACCOUNT, ORGANIZATION
1423
+ # network_access_control: {
1424
+ # prefix_list_ids: ["PrefixListId"], # required
1425
+ # vpce_ids: ["VpceId"], # required
1426
+ # },
1367
1427
  # organization_role_name: "OrganizationRoleName",
1368
1428
  # permission_type: "CUSTOMER_MANAGED", # accepts CUSTOMER_MANAGED, SERVICE_MANAGED
1429
+ # remove_network_access_configuration: false,
1369
1430
  # remove_vpc_configuration: false,
1370
1431
  # stack_set_name: "StackSetName",
1371
1432
  # vpc_configuration: {
@@ -1400,6 +1461,10 @@ module Aws::ManagedGrafana
1400
1461
  # resp.workspace.license_type #=> String, one of "ENTERPRISE", "ENTERPRISE_FREE_TRIAL"
1401
1462
  # resp.workspace.modified #=> Time
1402
1463
  # resp.workspace.name #=> String
1464
+ # resp.workspace.network_access_control.prefix_list_ids #=> Array
1465
+ # resp.workspace.network_access_control.prefix_list_ids[0] #=> String
1466
+ # resp.workspace.network_access_control.vpce_ids #=> Array
1467
+ # resp.workspace.network_access_control.vpce_ids[0] #=> String
1403
1468
  # resp.workspace.notification_destinations #=> Array
1404
1469
  # resp.workspace.notification_destinations[0] #=> String, one of "SNS"
1405
1470
  # resp.workspace.organization_role_name #=> String
@@ -1561,7 +1626,7 @@ module Aws::ManagedGrafana
1561
1626
  params: params,
1562
1627
  config: config)
1563
1628
  context[:gem_name] = 'aws-sdk-managedgrafana'
1564
- context[:gem_version] = '1.10.0'
1629
+ context[:gem_version] = '1.12.0'
1565
1630
  Seahorse::Client::Request.new(handlers, context)
1566
1631
  end
1567
1632
 
@@ -68,6 +68,7 @@ module Aws::ManagedGrafana
68
68
  ListWorkspacesRequestMaxResultsInteger = Shapes::IntegerShape.new(name: 'ListWorkspacesRequestMaxResultsInteger')
69
69
  ListWorkspacesResponse = Shapes::StructureShape.new(name: 'ListWorkspacesResponse')
70
70
  LoginValidityDuration = Shapes::IntegerShape.new(name: 'LoginValidityDuration')
71
+ NetworkAccessConfiguration = Shapes::StructureShape.new(name: 'NetworkAccessConfiguration')
71
72
  NotificationDestinationType = Shapes::StringShape.new(name: 'NotificationDestinationType')
72
73
  NotificationDestinationsList = Shapes::ListShape.new(name: 'NotificationDestinationsList')
73
74
  OrganizationRoleName = Shapes::StringShape.new(name: 'OrganizationRoleName')
@@ -78,6 +79,8 @@ module Aws::ManagedGrafana
78
79
  PermissionEntry = Shapes::StructureShape.new(name: 'PermissionEntry')
79
80
  PermissionEntryList = Shapes::ListShape.new(name: 'PermissionEntryList')
80
81
  PermissionType = Shapes::StringShape.new(name: 'PermissionType')
82
+ PrefixListId = Shapes::StringShape.new(name: 'PrefixListId')
83
+ PrefixListIds = Shapes::ListShape.new(name: 'PrefixListIds')
81
84
  ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
82
85
  Role = Shapes::StringShape.new(name: 'Role')
83
86
  RoleValue = Shapes::StringShape.new(name: 'RoleValue')
@@ -127,6 +130,8 @@ module Aws::ManagedGrafana
127
130
  ValidationExceptionFieldList = Shapes::ListShape.new(name: 'ValidationExceptionFieldList')
128
131
  ValidationExceptionReason = Shapes::StringShape.new(name: 'ValidationExceptionReason')
129
132
  VpcConfiguration = Shapes::StructureShape.new(name: 'VpcConfiguration')
133
+ VpceId = Shapes::StringShape.new(name: 'VpceId')
134
+ VpceIds = Shapes::ListShape.new(name: 'VpceIds')
130
135
  WorkspaceDescription = Shapes::StructureShape.new(name: 'WorkspaceDescription')
131
136
  WorkspaceId = Shapes::StringShape.new(name: 'WorkspaceId')
132
137
  WorkspaceList = Shapes::ListShape.new(name: 'WorkspaceList')
@@ -188,6 +193,7 @@ module Aws::ManagedGrafana
188
193
  CreateWorkspaceRequest.add_member(:authentication_providers, Shapes::ShapeRef.new(shape: AuthenticationProviders, required: true, location_name: "authenticationProviders"))
189
194
  CreateWorkspaceRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
190
195
  CreateWorkspaceRequest.add_member(:configuration, Shapes::ShapeRef.new(shape: OverridableConfigurationJson, location_name: "configuration", metadata: {"jsonvalue"=>true}))
196
+ CreateWorkspaceRequest.add_member(:network_access_control, Shapes::ShapeRef.new(shape: NetworkAccessConfiguration, location_name: "networkAccessControl"))
191
197
  CreateWorkspaceRequest.add_member(:organization_role_name, Shapes::ShapeRef.new(shape: OrganizationRoleName, location_name: "organizationRoleName"))
192
198
  CreateWorkspaceRequest.add_member(:permission_type, Shapes::ShapeRef.new(shape: PermissionType, required: true, location_name: "permissionType"))
193
199
  CreateWorkspaceRequest.add_member(:stack_set_name, Shapes::ShapeRef.new(shape: StackSetName, location_name: "stackSetName"))
@@ -283,6 +289,10 @@ module Aws::ManagedGrafana
283
289
  ListWorkspacesResponse.add_member(:workspaces, Shapes::ShapeRef.new(shape: WorkspaceList, required: true, location_name: "workspaces"))
284
290
  ListWorkspacesResponse.struct_class = Types::ListWorkspacesResponse
285
291
 
292
+ NetworkAccessConfiguration.add_member(:prefix_list_ids, Shapes::ShapeRef.new(shape: PrefixListIds, required: true, location_name: "prefixListIds"))
293
+ NetworkAccessConfiguration.add_member(:vpce_ids, Shapes::ShapeRef.new(shape: VpceIds, required: true, location_name: "vpceIds"))
294
+ NetworkAccessConfiguration.struct_class = Types::NetworkAccessConfiguration
295
+
286
296
  NotificationDestinationsList.member = Shapes::ShapeRef.new(shape: NotificationDestinationType)
287
297
 
288
298
  OrganizationalUnitList.member = Shapes::ShapeRef.new(shape: OrganizationalUnit)
@@ -293,6 +303,8 @@ module Aws::ManagedGrafana
293
303
 
294
304
  PermissionEntryList.member = Shapes::ShapeRef.new(shape: PermissionEntry)
295
305
 
306
+ PrefixListIds.member = Shapes::ShapeRef.new(shape: PrefixListId)
307
+
296
308
  ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
297
309
  ResourceNotFoundException.add_member(:resource_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceId"))
298
310
  ResourceNotFoundException.add_member(:resource_type, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceType"))
@@ -385,8 +397,10 @@ module Aws::ManagedGrafana
385
397
  UpdateWorkspaceConfigurationResponse.struct_class = Types::UpdateWorkspaceConfigurationResponse
386
398
 
387
399
  UpdateWorkspaceRequest.add_member(:account_access_type, Shapes::ShapeRef.new(shape: AccountAccessType, location_name: "accountAccessType"))
400
+ UpdateWorkspaceRequest.add_member(:network_access_control, Shapes::ShapeRef.new(shape: NetworkAccessConfiguration, location_name: "networkAccessControl"))
388
401
  UpdateWorkspaceRequest.add_member(:organization_role_name, Shapes::ShapeRef.new(shape: OrganizationRoleName, location_name: "organizationRoleName"))
389
402
  UpdateWorkspaceRequest.add_member(:permission_type, Shapes::ShapeRef.new(shape: PermissionType, location_name: "permissionType"))
403
+ UpdateWorkspaceRequest.add_member(:remove_network_access_configuration, Shapes::ShapeRef.new(shape: Boolean, location_name: "removeNetworkAccessConfiguration"))
390
404
  UpdateWorkspaceRequest.add_member(:remove_vpc_configuration, Shapes::ShapeRef.new(shape: Boolean, location_name: "removeVpcConfiguration"))
391
405
  UpdateWorkspaceRequest.add_member(:stack_set_name, Shapes::ShapeRef.new(shape: StackSetName, location_name: "stackSetName"))
392
406
  UpdateWorkspaceRequest.add_member(:vpc_configuration, Shapes::ShapeRef.new(shape: VpcConfiguration, location_name: "vpcConfiguration"))
@@ -423,6 +437,8 @@ module Aws::ManagedGrafana
423
437
  VpcConfiguration.add_member(:subnet_ids, Shapes::ShapeRef.new(shape: SubnetIds, required: true, location_name: "subnetIds"))
424
438
  VpcConfiguration.struct_class = Types::VpcConfiguration
425
439
 
440
+ VpceIds.member = Shapes::ShapeRef.new(shape: VpceId)
441
+
426
442
  WorkspaceDescription.add_member(:account_access_type, Shapes::ShapeRef.new(shape: AccountAccessType, location_name: "accountAccessType"))
427
443
  WorkspaceDescription.add_member(:authentication, Shapes::ShapeRef.new(shape: AuthenticationSummary, required: true, location_name: "authentication"))
428
444
  WorkspaceDescription.add_member(:created, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "created"))
@@ -437,6 +453,7 @@ module Aws::ManagedGrafana
437
453
  WorkspaceDescription.add_member(:license_type, Shapes::ShapeRef.new(shape: LicenseType, location_name: "licenseType"))
438
454
  WorkspaceDescription.add_member(:modified, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "modified"))
439
455
  WorkspaceDescription.add_member(:name, Shapes::ShapeRef.new(shape: WorkspaceName, location_name: "name"))
456
+ WorkspaceDescription.add_member(:network_access_control, Shapes::ShapeRef.new(shape: NetworkAccessConfiguration, location_name: "networkAccessControl"))
440
457
  WorkspaceDescription.add_member(:notification_destinations, Shapes::ShapeRef.new(shape: NotificationDestinationsList, location_name: "notificationDestinations"))
441
458
  WorkspaceDescription.add_member(:organization_role_name, Shapes::ShapeRef.new(shape: OrganizationRoleName, location_name: "organizationRoleName"))
442
459
  WorkspaceDescription.add_member(:organizational_units, Shapes::ShapeRef.new(shape: OrganizationalUnitList, location_name: "organizationalUnits"))
@@ -9,103 +9,76 @@
9
9
 
10
10
  module Aws::ManagedGrafana
11
11
  class EndpointProvider
12
- def initialize(rule_set = nil)
13
- @@rule_set ||= begin
14
- endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
15
- Aws::Endpoints::RuleSet.new(
16
- version: endpoint_rules['version'],
17
- service_id: endpoint_rules['serviceId'],
18
- parameters: endpoint_rules['parameters'],
19
- rules: endpoint_rules['rules']
20
- )
12
+ def resolve_endpoint(parameters)
13
+ region = parameters.region
14
+ use_dual_stack = parameters.use_dual_stack
15
+ use_fips = parameters.use_fips
16
+ endpoint = parameters.endpoint
17
+ if Aws::Endpoints::Matchers.set?(endpoint)
18
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
19
+ raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
20
+ end
21
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
22
+ raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
23
+ end
24
+ return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
21
25
  end
22
- @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
23
- end
26
+ if Aws::Endpoints::Matchers.set?(region)
27
+ if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
28
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
29
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
30
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
31
+ end
32
+ raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
33
+ end
34
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
35
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
36
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
37
+ end
38
+ raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
39
+ end
40
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
41
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
42
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
43
+ end
44
+ raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
45
+ end
46
+ if Aws::Endpoints::Matchers.string_equals?(region, "ap-northeast-1")
47
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.ap-northeast-1.amazonaws.com", headers: {}, properties: {})
48
+ end
49
+ if Aws::Endpoints::Matchers.string_equals?(region, "ap-northeast-2")
50
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.ap-northeast-2.amazonaws.com", headers: {}, properties: {})
51
+ end
52
+ if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-1")
53
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.ap-southeast-1.amazonaws.com", headers: {}, properties: {})
54
+ end
55
+ if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-2")
56
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.ap-southeast-2.amazonaws.com", headers: {}, properties: {})
57
+ end
58
+ if Aws::Endpoints::Matchers.string_equals?(region, "eu-central-1")
59
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.eu-central-1.amazonaws.com", headers: {}, properties: {})
60
+ end
61
+ if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-1")
62
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.eu-west-1.amazonaws.com", headers: {}, properties: {})
63
+ end
64
+ if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-2")
65
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.eu-west-2.amazonaws.com", headers: {}, properties: {})
66
+ end
67
+ if Aws::Endpoints::Matchers.string_equals?(region, "us-east-1")
68
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.us-east-1.amazonaws.com", headers: {}, properties: {})
69
+ end
70
+ if Aws::Endpoints::Matchers.string_equals?(region, "us-east-2")
71
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.us-east-2.amazonaws.com", headers: {}, properties: {})
72
+ end
73
+ if Aws::Endpoints::Matchers.string_equals?(region, "us-west-2")
74
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.us-west-2.amazonaws.com", headers: {}, properties: {})
75
+ end
76
+ return Aws::Endpoints::Endpoint.new(url: "https://grafana.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
77
+ end
78
+ end
79
+ raise ArgumentError, "Invalid Configuration: Missing Region"
80
+ raise ArgumentError, 'No endpoint could be resolved'
24
81
 
25
- def resolve_endpoint(parameters)
26
- @provider.resolve_endpoint(parameters)
27
82
  end
28
-
29
- # @api private
30
- RULES = <<-JSON
31
- eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
32
- bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
33
- dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
34
- cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
35
- dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
36
- ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
37
- ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
38
- ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
39
- aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
40
- OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
41
- UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
42
- dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
43
- UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
44
- dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
45
- ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
46
- IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
47
- aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
48
- bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
49
- ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
50
- Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
51
- cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
52
- InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
53
- aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
54
- cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
55
- InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
56
- W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
57
- UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
58
- SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
59
- eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
60
- InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
61
- LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
62
- ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
63
- b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
64
- fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
65
- RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
66
- ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
67
- ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
68
- ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
69
- dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
70
- dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
71
- Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
72
- In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
73
- YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
74
- YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
75
- cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
76
- dCI6eyJ1cmwiOiJodHRwczovL2dyYWZhbmEtZmlwcy57UmVnaW9ufS57UGFy
77
- dGl0aW9uUmVzdWx0I2R1YWxTdGFja0Ruc1N1ZmZpeH0iLCJwcm9wZXJ0aWVz
78
- Ijp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQifV19LHsiY29u
79
- ZGl0aW9ucyI6W10sImVycm9yIjoiRklQUyBhbmQgRHVhbFN0YWNrIGFyZSBl
80
- bmFibGVkLCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBv
81
- bmUgb3IgYm90aCIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25zIjpb
82
- eyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VGSVBT
83
- In0sdHJ1ZV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9u
84
- cyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3RydWUseyJmbiI6
85
- ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRpb25SZXN1bHQifSwi
86
- c3VwcG9ydHNGSVBTIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJj
87
- b25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
88
- aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vZ3JhZmFuYS1m
89
- aXBzLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInBy
90
- b3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9
91
- XX1dfSx7ImNvbmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMgZW5hYmxl
92
- ZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBGSVBTIiwi
93
- dHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVh
94
- bkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9LHRydWVd
95
- fV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZu
96
- IjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJnZXRBdHRy
97
- IiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1cHBvcnRz
98
- RHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25k
99
- aXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9ncmFmYW5h
100
- LntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4
101
- fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRw
102
- b2ludCJ9XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJEdWFsU3RhY2sg
103
- aXMgZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9y
104
- dCBEdWFsU3RhY2siLCJ0eXBlIjoiZXJyb3IifV19LHsiY29uZGl0aW9ucyI6
105
- W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vZ3JhZmFuYS57UmVnaW9u
106
- fS57UGFydGl0aW9uUmVzdWx0I2Ruc1N1ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7
107
- fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQifV19XX0=
108
-
109
- JSON
110
83
  end
111
84
  end
@@ -27,18 +27,6 @@ module Aws::ManagedGrafana
27
27
  # be used to define information about the users authenticated by the IdP
28
28
  # to use the workspace.
29
29
  #
30
- # @note When making an API call, you may pass AssertionAttributes
31
- # data as a hash:
32
- #
33
- # {
34
- # email: "AssertionAttribute",
35
- # groups: "AssertionAttribute",
36
- # login: "AssertionAttribute",
37
- # name: "AssertionAttribute",
38
- # org: "AssertionAttribute",
39
- # role: "AssertionAttribute",
40
- # }
41
- #
42
30
  # @!attribute [rw] email
43
31
  # The name of the attribute within the SAML assertion to use as the
44
32
  # email names for SAML users.
@@ -82,14 +70,6 @@ module Aws::ManagedGrafana
82
70
  include Aws::Structure
83
71
  end
84
72
 
85
- # @note When making an API call, you may pass AssociateLicenseRequest
86
- # data as a hash:
87
- #
88
- # {
89
- # license_type: "ENTERPRISE", # required, accepts ENTERPRISE, ENTERPRISE_FREE_TRIAL
90
- # workspace_id: "WorkspaceId", # required
91
- # }
92
- #
93
73
  # @!attribute [rw] license_type
94
74
  # The type of license to associate with the workspace.
95
75
  # @return [String]
@@ -213,16 +193,6 @@ module Aws::ManagedGrafana
213
193
  include Aws::Structure
214
194
  end
215
195
 
216
- # @note When making an API call, you may pass CreateWorkspaceApiKeyRequest
217
- # data as a hash:
218
- #
219
- # {
220
- # key_name: "ApiKeyName", # required
221
- # key_role: "String", # required
222
- # seconds_to_live: 1, # required
223
- # workspace_id: "WorkspaceId", # required
224
- # }
225
- #
226
196
  # @!attribute [rw] key_name
227
197
  # Specifies the name of the key. Keynames must be unique to the
228
198
  # workspace.
@@ -277,32 +247,6 @@ module Aws::ManagedGrafana
277
247
  include Aws::Structure
278
248
  end
279
249
 
280
- # @note When making an API call, you may pass CreateWorkspaceRequest
281
- # data as a hash:
282
- #
283
- # {
284
- # account_access_type: "CURRENT_ACCOUNT", # required, accepts CURRENT_ACCOUNT, ORGANIZATION
285
- # authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
286
- # client_token: "ClientToken",
287
- # configuration: "OverridableConfigurationJson",
288
- # organization_role_name: "OrganizationRoleName",
289
- # permission_type: "CUSTOMER_MANAGED", # required, accepts CUSTOMER_MANAGED, SERVICE_MANAGED
290
- # stack_set_name: "StackSetName",
291
- # tags: {
292
- # "TagKey" => "TagValue",
293
- # },
294
- # vpc_configuration: {
295
- # security_group_ids: ["SecurityGroupId"], # required
296
- # subnet_ids: ["SubnetId"], # required
297
- # },
298
- # workspace_data_sources: ["AMAZON_OPENSEARCH_SERVICE"], # accepts AMAZON_OPENSEARCH_SERVICE, CLOUDWATCH, PROMETHEUS, XRAY, TIMESTREAM, SITEWISE, ATHENA, REDSHIFT, TWINMAKER
299
- # workspace_description: "Description",
300
- # workspace_name: "WorkspaceName",
301
- # workspace_notification_destinations: ["SNS"], # accepts SNS
302
- # workspace_organizational_units: ["OrganizationalUnit"],
303
- # workspace_role_arn: "IamRoleArn",
304
- # }
305
- #
306
250
  # @!attribute [rw] account_access_type
307
251
  # Specifies whether the workspace can access Amazon Web Services
308
252
  # resources in this Amazon Web Services account only, or whether it
@@ -341,6 +285,18 @@ module Aws::ManagedGrafana
341
285
  # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html
342
286
  # @return [String]
343
287
  #
288
+ # @!attribute [rw] network_access_control
289
+ # Configuration for network access to your workspace.
290
+ #
291
+ # When this is configured, only listed IP addresses and VPC endpoints
292
+ # will be able to access your workspace. Standard Grafana
293
+ # authentication and authorization will still be required.
294
+ #
295
+ # If this is not configured, or is removed, then all IP addresses and
296
+ # VPC endpoints will be allowed. Standard Grafana authentication and
297
+ # authorization will still be required.
298
+ # @return [Types::NetworkAccessConfiguration]
299
+ #
344
300
  # @!attribute [rw] organization_role_name
345
301
  # The name of an IAM role that already exists to use with
346
302
  # Organizations to access Amazon Web Services data sources and
@@ -439,6 +395,7 @@ module Aws::ManagedGrafana
439
395
  :authentication_providers,
440
396
  :client_token,
441
397
  :configuration,
398
+ :network_access_control,
442
399
  :organization_role_name,
443
400
  :permission_type,
444
401
  :stack_set_name,
@@ -466,14 +423,6 @@ module Aws::ManagedGrafana
466
423
  include Aws::Structure
467
424
  end
468
425
 
469
- # @note When making an API call, you may pass DeleteWorkspaceApiKeyRequest
470
- # data as a hash:
471
- #
472
- # {
473
- # key_name: "ApiKeyName", # required
474
- # workspace_id: "WorkspaceId", # required
475
- # }
476
- #
477
426
  # @!attribute [rw] key_name
478
427
  # The name of the API key to delete.
479
428
  # @return [String]
@@ -508,13 +457,6 @@ module Aws::ManagedGrafana
508
457
  include Aws::Structure
509
458
  end
510
459
 
511
- # @note When making an API call, you may pass DeleteWorkspaceRequest
512
- # data as a hash:
513
- #
514
- # {
515
- # workspace_id: "WorkspaceId", # required
516
- # }
517
- #
518
460
  # @!attribute [rw] workspace_id
519
461
  # The ID of the workspace to delete.
520
462
  # @return [String]
@@ -540,13 +482,6 @@ module Aws::ManagedGrafana
540
482
  include Aws::Structure
541
483
  end
542
484
 
543
- # @note When making an API call, you may pass DescribeWorkspaceAuthenticationRequest
544
- # data as a hash:
545
- #
546
- # {
547
- # workspace_id: "WorkspaceId", # required
548
- # }
549
- #
550
485
  # @!attribute [rw] workspace_id
551
486
  # The ID of the workspace to return authentication information about.
552
487
  # @return [String]
@@ -572,13 +507,6 @@ module Aws::ManagedGrafana
572
507
  include Aws::Structure
573
508
  end
574
509
 
575
- # @note When making an API call, you may pass DescribeWorkspaceConfigurationRequest
576
- # data as a hash:
577
- #
578
- # {
579
- # workspace_id: "WorkspaceId", # required
580
- # }
581
- #
582
510
  # @!attribute [rw] workspace_id
583
511
  # The ID of the workspace to get configuration information for.
584
512
  # @return [String]
@@ -609,13 +537,6 @@ module Aws::ManagedGrafana
609
537
  include Aws::Structure
610
538
  end
611
539
 
612
- # @note When making an API call, you may pass DescribeWorkspaceRequest
613
- # data as a hash:
614
- #
615
- # {
616
- # workspace_id: "WorkspaceId", # required
617
- # }
618
- #
619
540
  # @!attribute [rw] workspace_id
620
541
  # The ID of the workspace to display information about.
621
542
  # @return [String]
@@ -640,14 +561,6 @@ module Aws::ManagedGrafana
640
561
  include Aws::Structure
641
562
  end
642
563
 
643
- # @note When making an API call, you may pass DisassociateLicenseRequest
644
- # data as a hash:
645
- #
646
- # {
647
- # license_type: "ENTERPRISE", # required, accepts ENTERPRISE, ENTERPRISE_FREE_TRIAL
648
- # workspace_id: "WorkspaceId", # required
649
- # }
650
- #
651
564
  # @!attribute [rw] license_type
652
565
  # The type of license to remove from the workspace.
653
566
  # @return [String]
@@ -730,18 +643,6 @@ module Aws::ManagedGrafana
730
643
  include Aws::Structure
731
644
  end
732
645
 
733
- # @note When making an API call, you may pass ListPermissionsRequest
734
- # data as a hash:
735
- #
736
- # {
737
- # group_id: "SsoId",
738
- # max_results: 1,
739
- # next_token: "PaginationToken",
740
- # user_id: "SsoId",
741
- # user_type: "SSO_USER", # accepts SSO_USER, SSO_GROUP
742
- # workspace_id: "WorkspaceId", # required
743
- # }
744
- #
745
646
  # @!attribute [rw] group_id
746
647
  # (Optional) Limits the results to only the group that matches this
747
648
  # ID.
@@ -802,13 +703,6 @@ module Aws::ManagedGrafana
802
703
  include Aws::Structure
803
704
  end
804
705
 
805
- # @note When making an API call, you may pass ListTagsForResourceRequest
806
- # data as a hash:
807
- #
808
- # {
809
- # resource_arn: "String", # required
810
- # }
811
- #
812
706
  # @!attribute [rw] resource_arn
813
707
  # The ARN of the resource the list of tags are associated with.
814
708
  # @return [String]
@@ -833,14 +727,6 @@ module Aws::ManagedGrafana
833
727
  include Aws::Structure
834
728
  end
835
729
 
836
- # @note When making an API call, you may pass ListWorkspacesRequest
837
- # data as a hash:
838
- #
839
- # {
840
- # max_results: 1,
841
- # next_token: "PaginationToken",
842
- # }
843
- #
844
730
  # @!attribute [rw] max_results
845
731
  # The maximum number of workspaces to include in the results.
846
732
  # @return [Integer]
@@ -877,6 +763,69 @@ module Aws::ManagedGrafana
877
763
  include Aws::Structure
878
764
  end
879
765
 
766
+ # The configuration settings for in-bound network access to your
767
+ # workspace.
768
+ #
769
+ # When this is configured, only listed IP addresses and VPC endpoints
770
+ # will be able to access your workspace. Standard Grafana authentication
771
+ # and authorization will still be required.
772
+ #
773
+ # If this is not configured, or is removed, then all IP addresses and
774
+ # VPC endpoints will be allowed. Standard Grafana authentication and
775
+ # authorization will still be required.
776
+ #
777
+ # @!attribute [rw] prefix_list_ids
778
+ # An array of prefix list IDs. A prefix list is a list of CIDR ranges
779
+ # of IP addresses. The IP addresses specified are allowed to access
780
+ # your workspace. If the list is not included in the configuration
781
+ # then no IP addresses will be allowed to access the workspace. You
782
+ # create a prefix list using the Amazon VPC console.
783
+ #
784
+ # Prefix list IDs have the format `pl-1a2b3c4d `.
785
+ #
786
+ # For more information about prefix lists, see [Group CIDR blocks
787
+ # using managed prefix lists][1]in the *Amazon Virtual Private Cloud
788
+ # User Guide*.
789
+ #
790
+ #
791
+ #
792
+ # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html
793
+ # @return [Array<String>]
794
+ #
795
+ # @!attribute [rw] vpce_ids
796
+ # An array of Amazon VPC endpoint IDs for the workspace. You can
797
+ # create VPC endpoints to your Amazon Managed Grafana workspace for
798
+ # access from within a VPC. If a `NetworkAccessConfiguration` is
799
+ # specified then only VPC endpoints specified here will be allowed to
800
+ # access the workspace.
801
+ #
802
+ # VPC endpoint IDs have the format `vpce-1a2b3c4d `.
803
+ #
804
+ # For more information about creating an interface VPC endpoint, see
805
+ # [Interface VPC endpoints][1] in the *Amazon Managed Grafana User
806
+ # Guide*.
807
+ #
808
+ # <note markdown="1"> The only VPC endpoints that can be specified here are interface VPC
809
+ # endpoints for Grafana workspaces (using the
810
+ # `com.amazonaws.[region].grafana-workspace` service endpoint). Other
811
+ # VPC endpoints will be ignored.
812
+ #
813
+ # </note>
814
+ #
815
+ #
816
+ #
817
+ # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints
818
+ # @return [Array<String>]
819
+ #
820
+ # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/NetworkAccessConfiguration AWS API Documentation
821
+ #
822
+ class NetworkAccessConfiguration < Struct.new(
823
+ :prefix_list_ids,
824
+ :vpce_ids)
825
+ SENSITIVE = []
826
+ include Aws::Structure
827
+ end
828
+
880
829
  # A structure containing the identity of one user or group and the
881
830
  # `Admin`, `Editor`, or `Viewer` role that they have.
882
831
  #
@@ -927,14 +876,6 @@ module Aws::ManagedGrafana
927
876
  # in the workspace. SAML authenticated users not part of `Admin` or
928
877
  # `Editor` role groups have `Viewer` permission over the workspace.
929
878
  #
930
- # @note When making an API call, you may pass RoleValues
931
- # data as a hash:
932
- #
933
- # {
934
- # admin: ["RoleValue"],
935
- # editor: ["RoleValue"],
936
- # }
937
- #
938
879
  # @!attribute [rw] admin
939
880
  # A list of groups from the SAML assertion attribute to grant the
940
881
  # Grafana `Admin` role to.
@@ -978,30 +919,6 @@ module Aws::ManagedGrafana
978
919
  # A structure containing information about how this workspace works with
979
920
  # SAML.
980
921
  #
981
- # @note When making an API call, you may pass SamlConfiguration
982
- # data as a hash:
983
- #
984
- # {
985
- # allowed_organizations: ["AllowedOrganization"],
986
- # assertion_attributes: {
987
- # email: "AssertionAttribute",
988
- # groups: "AssertionAttribute",
989
- # login: "AssertionAttribute",
990
- # name: "AssertionAttribute",
991
- # org: "AssertionAttribute",
992
- # role: "AssertionAttribute",
993
- # },
994
- # idp_metadata: { # required
995
- # url: "IdpMetadataUrl",
996
- # xml: "String",
997
- # },
998
- # login_validity_duration: 1,
999
- # role_values: {
1000
- # admin: ["RoleValue"],
1001
- # editor: ["RoleValue"],
1002
- # },
1003
- # }
1004
- #
1005
922
  # @!attribute [rw] allowed_organizations
1006
923
  # Lists which organizations defined in the SAML assertion are allowed
1007
924
  # to use the Amazon Managed Grafana workspace. If this is empty, all
@@ -1076,16 +993,6 @@ module Aws::ManagedGrafana
1076
993
  include Aws::Structure
1077
994
  end
1078
995
 
1079
- # @note When making an API call, you may pass TagResourceRequest
1080
- # data as a hash:
1081
- #
1082
- # {
1083
- # resource_arn: "String", # required
1084
- # tags: { # required
1085
- # "TagKey" => "TagValue",
1086
- # },
1087
- # }
1088
- #
1089
996
  # @!attribute [rw] resource_arn
1090
997
  # The ARN of the resource the tag is associated with.
1091
998
  # @return [String]
@@ -1139,14 +1046,6 @@ module Aws::ManagedGrafana
1139
1046
  include Aws::Structure
1140
1047
  end
1141
1048
 
1142
- # @note When making an API call, you may pass UntagResourceRequest
1143
- # data as a hash:
1144
- #
1145
- # {
1146
- # resource_arn: "String", # required
1147
- # tag_keys: ["TagKey"], # required
1148
- # }
1149
- #
1150
1049
  # @!attribute [rw] resource_arn
1151
1050
  # The ARN of the resource the tag association is removed from.
1152
1051
  # @return [String]
@@ -1204,20 +1103,6 @@ module Aws::ManagedGrafana
1204
1103
  #
1205
1104
  # [1]: https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdatePermissions.html
1206
1105
  #
1207
- # @note When making an API call, you may pass UpdateInstruction
1208
- # data as a hash:
1209
- #
1210
- # {
1211
- # action: "ADD", # required, accepts ADD, REVOKE
1212
- # role: "ADMIN", # required, accepts ADMIN, EDITOR, VIEWER
1213
- # users: [ # required
1214
- # {
1215
- # id: "SsoId", # required
1216
- # type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
1217
- # },
1218
- # ],
1219
- # }
1220
- #
1221
1106
  # @!attribute [rw] action
1222
1107
  # Specifies whether this update is to add or revoke role permissions.
1223
1108
  # @return [String]
@@ -1242,25 +1127,6 @@ module Aws::ManagedGrafana
1242
1127
  include Aws::Structure
1243
1128
  end
1244
1129
 
1245
- # @note When making an API call, you may pass UpdatePermissionsRequest
1246
- # data as a hash:
1247
- #
1248
- # {
1249
- # update_instruction_batch: [ # required
1250
- # {
1251
- # action: "ADD", # required, accepts ADD, REVOKE
1252
- # role: "ADMIN", # required, accepts ADMIN, EDITOR, VIEWER
1253
- # users: [ # required
1254
- # {
1255
- # id: "SsoId", # required
1256
- # type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
1257
- # },
1258
- # ],
1259
- # },
1260
- # ],
1261
- # workspace_id: "WorkspaceId", # required
1262
- # }
1263
- #
1264
1130
  # @!attribute [rw] update_instruction_batch
1265
1131
  # An array of structures that contain the permission updates to make.
1266
1132
  # @return [Array<Types::UpdateInstruction>]
@@ -1291,34 +1157,6 @@ module Aws::ManagedGrafana
1291
1157
  include Aws::Structure
1292
1158
  end
1293
1159
 
1294
- # @note When making an API call, you may pass UpdateWorkspaceAuthenticationRequest
1295
- # data as a hash:
1296
- #
1297
- # {
1298
- # authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
1299
- # saml_configuration: {
1300
- # allowed_organizations: ["AllowedOrganization"],
1301
- # assertion_attributes: {
1302
- # email: "AssertionAttribute",
1303
- # groups: "AssertionAttribute",
1304
- # login: "AssertionAttribute",
1305
- # name: "AssertionAttribute",
1306
- # org: "AssertionAttribute",
1307
- # role: "AssertionAttribute",
1308
- # },
1309
- # idp_metadata: { # required
1310
- # url: "IdpMetadataUrl",
1311
- # xml: "String",
1312
- # },
1313
- # login_validity_duration: 1,
1314
- # role_values: {
1315
- # admin: ["RoleValue"],
1316
- # editor: ["RoleValue"],
1317
- # },
1318
- # },
1319
- # workspace_id: "WorkspaceId", # required
1320
- # }
1321
- #
1322
1160
  # @!attribute [rw] authentication_providers
1323
1161
  # Specifies whether this workspace uses SAML 2.0, IAM Identity Center
1324
1162
  # (successor to Single Sign-On), or both to authenticate users for
@@ -1364,14 +1202,6 @@ module Aws::ManagedGrafana
1364
1202
  include Aws::Structure
1365
1203
  end
1366
1204
 
1367
- # @note When making an API call, you may pass UpdateWorkspaceConfigurationRequest
1368
- # data as a hash:
1369
- #
1370
- # {
1371
- # configuration: "OverridableConfigurationJson", # required
1372
- # workspace_id: "WorkspaceId", # required
1373
- # }
1374
- #
1375
1205
  # @!attribute [rw] configuration
1376
1206
  # The new configuration string for the workspace. For more information
1377
1207
  # about the format and configuration options available, see [Working
@@ -1399,28 +1229,6 @@ module Aws::ManagedGrafana
1399
1229
  #
1400
1230
  class UpdateWorkspaceConfigurationResponse < Aws::EmptyStructure; end
1401
1231
 
1402
- # @note When making an API call, you may pass UpdateWorkspaceRequest
1403
- # data as a hash:
1404
- #
1405
- # {
1406
- # account_access_type: "CURRENT_ACCOUNT", # accepts CURRENT_ACCOUNT, ORGANIZATION
1407
- # organization_role_name: "OrganizationRoleName",
1408
- # permission_type: "CUSTOMER_MANAGED", # accepts CUSTOMER_MANAGED, SERVICE_MANAGED
1409
- # remove_vpc_configuration: false,
1410
- # stack_set_name: "StackSetName",
1411
- # vpc_configuration: {
1412
- # security_group_ids: ["SecurityGroupId"], # required
1413
- # subnet_ids: ["SubnetId"], # required
1414
- # },
1415
- # workspace_data_sources: ["AMAZON_OPENSEARCH_SERVICE"], # accepts AMAZON_OPENSEARCH_SERVICE, CLOUDWATCH, PROMETHEUS, XRAY, TIMESTREAM, SITEWISE, ATHENA, REDSHIFT, TWINMAKER
1416
- # workspace_description: "Description",
1417
- # workspace_id: "WorkspaceId", # required
1418
- # workspace_name: "WorkspaceName",
1419
- # workspace_notification_destinations: ["SNS"], # accepts SNS
1420
- # workspace_organizational_units: ["OrganizationalUnit"],
1421
- # workspace_role_arn: "IamRoleArn",
1422
- # }
1423
- #
1424
1232
  # @!attribute [rw] account_access_type
1425
1233
  # Specifies whether the workspace can access Amazon Web Services
1426
1234
  # resources in this Amazon Web Services account only, or whether it
@@ -1430,13 +1238,25 @@ module Aws::ManagedGrafana
1430
1238
  # `workspaceOrganizationalUnits` parameter.
1431
1239
  # @return [String]
1432
1240
  #
1241
+ # @!attribute [rw] network_access_control
1242
+ # The configuration settings for network access to your workspace.
1243
+ #
1244
+ # When this is configured, only listed IP addresses and VPC endpoints
1245
+ # will be able to access your workspace. Standard Grafana
1246
+ # authentication and authorization will still be required.
1247
+ #
1248
+ # If this is not configured, or is removed, then all IP addresses and
1249
+ # VPC endpoints will be allowed. Standard Grafana authentication and
1250
+ # authorization will still be required.
1251
+ # @return [Types::NetworkAccessConfiguration]
1252
+ #
1433
1253
  # @!attribute [rw] organization_role_name
1434
1254
  # The name of an IAM role that already exists to use to access
1435
1255
  # resources through Organizations.
1436
1256
  # @return [String]
1437
1257
  #
1438
1258
  # @!attribute [rw] permission_type
1439
- # If you specify `Service Managed`, Amazon Managed Grafana
1259
+ # If you specify `SERVICE_MANAGED`, Amazon Managed Grafana
1440
1260
  # automatically creates the IAM roles and provisions the permissions
1441
1261
  # that the workspace needs to use Amazon Web Services data sources and
1442
1262
  # notification channels.
@@ -1457,6 +1277,18 @@ module Aws::ManagedGrafana
1457
1277
  # [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html
1458
1278
  # @return [String]
1459
1279
  #
1280
+ # @!attribute [rw] remove_network_access_configuration
1281
+ # Whether to remove the network access configuration from the
1282
+ # workspace.
1283
+ #
1284
+ # Setting this to `true` and providing a `networkAccessControl` to set
1285
+ # will return an error.
1286
+ #
1287
+ # If you remove this configuration by setting this to `true`, then all
1288
+ # IP addresses and VPC endpoints will be allowed. Standard Grafana
1289
+ # authentication and authorization will still be required.
1290
+ # @return [Boolean]
1291
+ #
1460
1292
  # @!attribute [rw] remove_vpc_configuration
1461
1293
  # Whether to remove the VPC configuration from the workspace.
1462
1294
  #
@@ -1527,8 +1359,10 @@ module Aws::ManagedGrafana
1527
1359
  #
1528
1360
  class UpdateWorkspaceRequest < Struct.new(
1529
1361
  :account_access_type,
1362
+ :network_access_control,
1530
1363
  :organization_role_name,
1531
1364
  :permission_type,
1365
+ :remove_network_access_configuration,
1532
1366
  :remove_vpc_configuration,
1533
1367
  :stack_set_name,
1534
1368
  :vpc_configuration,
@@ -1557,14 +1391,6 @@ module Aws::ManagedGrafana
1557
1391
 
1558
1392
  # A structure that specifies one user or group in the workspace.
1559
1393
  #
1560
- # @note When making an API call, you may pass User
1561
- # data as a hash:
1562
- #
1563
- # {
1564
- # id: "SsoId", # required
1565
- # type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
1566
- # }
1567
- #
1568
1394
  # @!attribute [rw] id
1569
1395
  # The ID of the user or group.
1570
1396
  #
@@ -1632,22 +1458,19 @@ module Aws::ManagedGrafana
1632
1458
  # The configuration settings for an Amazon VPC that contains data
1633
1459
  # sources for your Grafana workspace to connect to.
1634
1460
  #
1635
- # @note When making an API call, you may pass VpcConfiguration
1636
- # data as a hash:
1461
+ # <note markdown="1"> Provided `securityGroupIds` and `subnetIds` must be part of the same
1462
+ # VPC.
1637
1463
  #
1638
- # {
1639
- # security_group_ids: ["SecurityGroupId"], # required
1640
- # subnet_ids: ["SubnetId"], # required
1641
- # }
1464
+ # </note>
1642
1465
  #
1643
1466
  # @!attribute [rw] security_group_ids
1644
1467
  # The list of Amazon EC2 security group IDs attached to the Amazon VPC
1645
- # for your Grafana workspace to connect.
1468
+ # for your Grafana workspace to connect. Duplicates not allowed.
1646
1469
  # @return [Array<String>]
1647
1470
  #
1648
1471
  # @!attribute [rw] subnet_ids
1649
1472
  # The list of Amazon EC2 subnet IDs created in the Amazon VPC for your
1650
- # Grafana workspace to connect.
1473
+ # Grafana workspace to connect. Duplicates not allowed.
1651
1474
  # @return [Array<String>]
1652
1475
  #
1653
1476
  # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/VpcConfiguration AWS API Documentation
@@ -1731,6 +1554,10 @@ module Aws::ManagedGrafana
1731
1554
  # The name of the workspace.
1732
1555
  # @return [String]
1733
1556
  #
1557
+ # @!attribute [rw] network_access_control
1558
+ # The configuration settings for network access to your workspace.
1559
+ # @return [Types::NetworkAccessConfiguration]
1560
+ #
1734
1561
  # @!attribute [rw] notification_destinations
1735
1562
  # The Amazon Web Services notification channels that Amazon Managed
1736
1563
  # Grafana can automatically create IAM roles and permissions for, to
@@ -1749,7 +1576,7 @@ module Aws::ManagedGrafana
1749
1576
  # @return [Array<String>]
1750
1577
  #
1751
1578
  # @!attribute [rw] permission_type
1752
- # If this is `Service Managed`, Amazon Managed Grafana automatically
1579
+ # If this is `SERVICE_MANAGED`, Amazon Managed Grafana automatically
1753
1580
  # creates the IAM roles and provisions the permissions that the
1754
1581
  # workspace needs to use Amazon Web Services data sources and
1755
1582
  # notification channels.
@@ -1811,6 +1638,7 @@ module Aws::ManagedGrafana
1811
1638
  :license_type,
1812
1639
  :modified,
1813
1640
  :name,
1641
+ :network_access_control,
1814
1642
  :notification_destinations,
1815
1643
  :organization_role_name,
1816
1644
  :organizational_units,
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-managedgrafana/customizations'
52
52
  # @!group service
53
53
  module Aws::ManagedGrafana
54
54
 
55
- GEM_VERSION = '1.10.0'
55
+ GEM_VERSION = '1.12.0'
56
56
 
57
57
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-managedgrafana
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.10.0
4
+ version: 1.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-11-23 00:00:00.000000000 Z
11
+ date: 2023-02-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core