aws-sdk-managedgrafana 1.9.0 → 1.11.0

data/lib/aws-sdk-managedgrafana/types.rb

@@ -27,18 +27,6 @@ module Aws::ManagedGrafana
     # be used to define information about the users authenticated by the IdP
     # to use the workspace.
     #
-    # @note When making an API call, you may pass AssertionAttributes
-    #   data as a hash:
-    #
-    #       {
-    #         email: "AssertionAttribute",
-    #         groups: "AssertionAttribute",
-    #         login: "AssertionAttribute",
-    #         name: "AssertionAttribute",
-    #         org: "AssertionAttribute",
-    #         role: "AssertionAttribute",
-    #       }
-    #
     # @!attribute [rw] email
     #   The name of the attribute within the SAML assertion to use as the
     #   email names for SAML users.
@@ -82,14 +70,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass AssociateLicenseRequest
-    #   data as a hash:
-    #
-    #       {
-    #         license_type: "ENTERPRISE", # required, accepts ENTERPRISE, ENTERPRISE_FREE_TRIAL
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] license_type
     #   The type of license to associate with the workspace.
     #   @return [String]
@@ -124,13 +104,13 @@ module Aws::ManagedGrafana
     #
     # @!attribute [rw] aws_sso
     #   A structure containing information about how this workspace works
-    #   with Amazon Web Services SSO.
+    #   with IAM Identity Center.
     #   @return [Types::AwsSsoAuthentication]
     #
     # @!attribute [rw] providers
-    #   Specifies whether this workspace uses Amazon Web Services SSO, SAML,
-    #   or both methods to authenticate users to use the Grafana console in
-    #   the Amazon Managed Grafana workspace.
+    #   Specifies whether this workspace uses IAM Identity Center, SAML, or
+    #   both methods to authenticate users to use the Grafana console in the
+    #   Amazon Managed Grafana workspace.
     #   @return [Array<String>]
     #
     # @!attribute [rw] saml
@@ -149,13 +129,13 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # A structure that describes whether the workspace uses SAML, Amazon Web
-    # Services SSO, or both methods for user authentication, and whether
+    # A structure that describes whether the workspace uses SAML, IAM
+    # Identity Center, or both methods for user authentication, and whether
     # that authentication is fully configured.
     #
     # @!attribute [rw] providers
-    #   Specifies whether the workspace uses SAML, Amazon Web Services SSO,
-    #   or both methods for user authentication.
+    #   Specifies whether the workspace uses SAML, IAM Identity Center, or
+    #   both methods for user authentication.
     #   @return [Array<String>]
     #
     # @!attribute [rw] saml_configuration_status
@@ -173,10 +153,10 @@ module Aws::ManagedGrafana
     end
 
     # A structure containing information about how this workspace works with
-    # Amazon Web Services SSO.
+    # IAM Identity Center.
     #
     # @!attribute [rw] sso_client_id
-    #   The ID of the Amazon Web Services SSO-managed application that is
+    #   The ID of the IAM Identity Center-managed application that is
     #   created by Amazon Managed Grafana.
     #   @return [String]
     #
@@ -213,25 +193,15 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass CreateWorkspaceApiKeyRequest
-    #   data as a hash:
-    #
-    #       {
-    #         key_name: "ApiKeyName", # required
-    #         key_role: "String", # required
-    #         seconds_to_live: 1, # required
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] key_name
-    #   Specifies the name of the key to create. Key names must be unique to
-    #   the workspace.
+    #   Specifies the name of the key. Keynames must be unique to the
+    #   workspace.
     #   @return [String]
     #
     # @!attribute [rw] key_role
     #   Specifies the permission level of the key.
     #
-    #   Valid Values: `VIEWER` \| `EDITOR` \| `ADMIN`
+    #   Valid values: `VIEWER`\|`EDITOR`\|`ADMIN`
     #   @return [String]
     #
     # @!attribute [rw] seconds_to_live
@@ -240,7 +210,7 @@ module Aws::ManagedGrafana
     #   @return [Integer]
     #
     # @!attribute [rw] workspace_id
-    #   The ID of the workspace in which to create an API key.
+    #   The ID of the workspace to create an API key.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/CreateWorkspaceApiKeyRequest AWS API Documentation
@@ -255,8 +225,8 @@ module Aws::ManagedGrafana
     end
 
     # @!attribute [rw] key
-    #   The key token that was created. Use this value as a bearer token to
-    #   authenticate HTTP requests to the workspace.
+    #   The key token. Use this value as a bearer token to authenticate HTTP
+    #   requests to the workspace.
     #   @return [String]
     #
     # @!attribute [rw] key_name
@@ -277,27 +247,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass CreateWorkspaceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         account_access_type: "CURRENT_ACCOUNT", # required, accepts CURRENT_ACCOUNT, ORGANIZATION
-    #         authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
-    #         client_token: "ClientToken",
-    #         organization_role_name: "OrganizationRoleName",
-    #         permission_type: "CUSTOMER_MANAGED", # required, accepts CUSTOMER_MANAGED, SERVICE_MANAGED
-    #         stack_set_name: "StackSetName",
-    #         tags: {
-    #           "TagKey" => "TagValue",
-    #         },
-    #         workspace_data_sources: ["AMAZON_OPENSEARCH_SERVICE"], # accepts AMAZON_OPENSEARCH_SERVICE, CLOUDWATCH, PROMETHEUS, XRAY, TIMESTREAM, SITEWISE, ATHENA, REDSHIFT
-    #         workspace_description: "Description",
-    #         workspace_name: "WorkspaceName",
-    #         workspace_notification_destinations: ["SNS"], # accepts SNS
-    #         workspace_organizational_units: ["OrganizationalUnit"],
-    #         workspace_role_arn: "IamRoleArn",
-    #       }
-    #
     # @!attribute [rw] account_access_type
     #   Specifies whether the workspace can access Amazon Web Services
     #   resources in this Amazon Web Services account only, or whether it
@@ -308,10 +257,10 @@ module Aws::ManagedGrafana
     #   @return [String]
     #
     # @!attribute [rw] authentication_providers
-    #   Specifies whether this workspace uses SAML 2.0, Amazon Web Services
-    #   Single Sign On, or both to authenticate users for using the Grafana
-    #   console within a workspace. For more information, see [User
-    #   authentication in Amazon Managed Grafana][1].
+    #   Specifies whether this workspace uses SAML 2.0, IAM Identity Center
+    #   (successor to Single Sign-On), or both to authenticate users for
+    #   using the Grafana console within a workspace. For more information,
+    #   see [User authentication in Amazon Managed Grafana][1].
     #
     #
     #
@@ -326,6 +275,16 @@ module Aws::ManagedGrafana
     #   not need to pass this option.
     #   @return [String]
     #
+    # @!attribute [rw] configuration
+    #   The configuration string for the workspace that you create. For more
+    #   information about the format and configuration options available,
+    #   see [Working in your Grafana workspace][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html
+    #   @return [String]
+    #
     # @!attribute [rw] organization_role_name
     #   The name of an IAM role that already exists to use with
     #   Organizations to access Amazon Web Services data sources and
@@ -336,9 +295,12 @@ module Aws::ManagedGrafana
     #   If you specify `SERVICE_MANAGED` on AWS Grafana console, Amazon
     #   Managed Grafana automatically creates the IAM roles and provisions
     #   the permissions that the workspace needs to use Amazon Web Services
-    #   data sources and notification channels. In CLI mode, the
+    #   data sources and notification channels. In the CLI mode, the
     #   permissionType `SERVICE_MANAGED` will not create the IAM role for
-    #   you.
+    #   you. The ability for the Amazon Managed Grafana to create the IAM
+    #   role on behalf of the user is supported only in the Amazon Managed
+    #   Grafana AWS console. Use only the `CUSTOMER_MANAGED` permission type
+    #   when creating a workspace in the CLI.
     #
     #   If you specify `CUSTOMER_MANAGED`, you will manage those roles and
     #   permissions yourself. If you are creating this workspace in a member
@@ -365,6 +327,11 @@ module Aws::ManagedGrafana
     #   The list of tags associated with the workspace.
     #   @return [Hash<String,String>]
     #
+    # @!attribute [rw] vpc_configuration
+    #   The configuration settings for an Amazon VPC that contains data
+    #   sources for your Grafana workspace to connect to.
+    #   @return [Types::VpcConfiguration]
+    #
     # @!attribute [rw] workspace_data_sources
     #   Specify the Amazon Web Services data sources that you want to be
     #   queried in this workspace. Specifying these data sources here
@@ -415,10 +382,12 @@ module Aws::ManagedGrafana
       :account_access_type,
       :authentication_providers,
       :client_token,
+      :configuration,
       :organization_role_name,
       :permission_type,
       :stack_set_name,
       :tags,
+      :vpc_configuration,
       :workspace_data_sources,
       :workspace_description,
       :workspace_name,
@@ -441,14 +410,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DeleteWorkspaceApiKeyRequest
-    #   data as a hash:
-    #
-    #       {
-    #         key_name: "ApiKeyName", # required
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] key_name
     #   The name of the API key to delete.
     #   @return [String]
@@ -467,7 +428,7 @@ module Aws::ManagedGrafana
     end
 
     # @!attribute [rw] key_name
-    #   The name of the API key that was deleted.
+    #   The name of the key that was deleted.
     #   @return [String]
     #
     # @!attribute [rw] workspace_id
@@ -483,13 +444,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DeleteWorkspaceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] workspace_id
     #   The ID of the workspace to delete.
     #   @return [String]
@@ -515,13 +469,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DescribeWorkspaceAuthenticationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] workspace_id
     #   The ID of the workspace to return authentication information about.
     #   @return [String]
@@ -547,13 +494,36 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DescribeWorkspaceRequest
-    #   data as a hash:
+    # @!attribute [rw] workspace_id
+    #   The ID of the workspace to get configuration information for.
+    #   @return [String]
     #
-    #       {
-    #         workspace_id: "WorkspaceId", # required
-    #       }
+    # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceConfigurationRequest AWS API Documentation
     #
+    class DescribeWorkspaceConfigurationRequest < Struct.new(
+      :workspace_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] configuration
+    #   The configuration string for the workspace that you requested. For
+    #   more information about the format and configuration options
+    #   available, see [Working in your Grafana workspace][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceConfigurationResponse AWS API Documentation
+    #
+    class DescribeWorkspaceConfigurationResponse < Struct.new(
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] workspace_id
     #   The ID of the workspace to display information about.
     #   @return [String]
@@ -578,14 +548,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DisassociateLicenseRequest
-    #   data as a hash:
-    #
-    #       {
-    #         license_type: "ENTERPRISE", # required, accepts ENTERPRISE, ENTERPRISE_FREE_TRIAL
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] license_type
     #   The type of license to remove from the workspace.
     #   @return [String]
@@ -620,18 +582,18 @@ module Aws::ManagedGrafana
     # integrate the identity provider with this workspace. You can specify
     # the metadata either by providing a URL to its location in the `url`
     # parameter, or by specifying the full metadata in XML format in the
-    # `xml` parameter.
+    # `xml` parameter. Specifying both will cause an error.
     #
     # @note IdpMetadata is a union - when making an API calls you must set exactly one of the members.
     #
     # @note IdpMetadata is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of IdpMetadata corresponding to the set member.
     #
     # @!attribute [rw] url
-    #   The URL of the location containing the metadata.
+    #   The URL of the location containing the IdP metadata.
     #   @return [String]
     #
     # @!attribute [rw] xml
-    #   The actual full metadata file, in XML format.
+    #   The full IdP metadata, in XML format.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/IdpMetadata AWS API Documentation
@@ -668,18 +630,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListPermissionsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         group_id: "SsoId",
-    #         max_results: 1,
-    #         next_token: "PaginationToken",
-    #         user_id: "SsoId",
-    #         user_type: "SSO_USER", # accepts SSO_USER, SSO_GROUP
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] group_id
     #   (Optional) Limits the results to only the group that matches this
     #   ID.
@@ -700,9 +650,8 @@ module Aws::ManagedGrafana
     #
     # @!attribute [rw] user_type
     #   (Optional) If you specify `SSO_USER`, then only the permissions of
-    #   Amazon Web Services SSO users are returned. If you specify
-    #   `SSO_GROUP`, only the permissions of Amazon Web Services SSO groups
-    #   are returned.
+    #   IAM Identity Center users are returned. If you specify `SSO_GROUP`,
+    #   only the permissions of IAM Identity Center groups are returned.
     #   @return [String]
     #
     # @!attribute [rw] workspace_id
@@ -741,13 +690,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListTagsForResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "String", # required
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   The ARN of the resource the list of tags are associated with.
     #   @return [String]
@@ -772,14 +714,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListWorkspacesRequest
-    #   data as a hash:
-    #
-    #       {
-    #         max_results: 1,
-    #         next_token: "PaginationToken",
-    #       }
-    #
     # @!attribute [rw] max_results
     #   The maximum number of workspaces to include in the results.
     #   @return [Integer]
@@ -817,11 +751,11 @@ module Aws::ManagedGrafana
     end
 
     # A structure containing the identity of one user or group and the
-    # `Admin` or `Editor` role that they have.
+    # `Admin`, `Editor`, or `Viewer` role that they have.
     #
     # @!attribute [rw] role
-    #   Specifies whether the user or group has the `Admin` or `Editor`
-    #   role.
+    #   Specifies whether the user or group has the `Admin`, `Editor`, or
+    #   `Viewer` role.
     #   @return [String]
     #
     # @!attribute [rw] user
@@ -863,15 +797,8 @@ module Aws::ManagedGrafana
 
     # This structure defines which groups defined in the SAML assertion
     # attribute are to be mapped to the Grafana `Admin` and `Editor` roles
-    # in the workspace.
-    #
-    # @note When making an API call, you may pass RoleValues
-    #   data as a hash:
-    #
-    #       {
-    #         admin: ["RoleValue"],
-    #         editor: ["RoleValue"],
-    #       }
+    # in the workspace. SAML authenticated users not part of `Admin` or
+    # `Editor` role groups have `Viewer` permission over the workspace.
     #
     # @!attribute [rw] admin
     #   A list of groups from the SAML assertion attribute to grant the
@@ -916,30 +843,6 @@ module Aws::ManagedGrafana
     # A structure containing information about how this workspace works with
     # SAML.
     #
-    # @note When making an API call, you may pass SamlConfiguration
-    #   data as a hash:
-    #
-    #       {
-    #         allowed_organizations: ["AllowedOrganization"],
-    #         assertion_attributes: {
-    #           email: "AssertionAttribute",
-    #           groups: "AssertionAttribute",
-    #           login: "AssertionAttribute",
-    #           name: "AssertionAttribute",
-    #           org: "AssertionAttribute",
-    #           role: "AssertionAttribute",
-    #         },
-    #         idp_metadata: { # required
-    #           url: "IdpMetadataUrl",
-    #           xml: "String",
-    #         },
-    #         login_validity_duration: 1,
-    #         role_values: {
-    #           admin: ["RoleValue"],
-    #           editor: ["RoleValue"],
-    #         },
-    #       }
-    #
     # @!attribute [rw] allowed_organizations
     #   Lists which organizations defined in the SAML assertion are allowed
     #   to use the Amazon Managed Grafana workspace. If this is empty, all
@@ -1014,16 +917,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass TagResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "String", # required
-    #         tags: { # required
-    #           "TagKey" => "TagValue",
-    #         },
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   The ARN of the resource the tag is associated with.
     #   @return [String]
@@ -1077,14 +970,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UntagResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "String", # required
-    #         tag_keys: ["TagKey"], # required
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   The ARN of the resource the tag association is removed from.
     #   @return [String]
@@ -1142,20 +1027,6 @@ module Aws::ManagedGrafana
     #
     # [1]: https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdatePermissions.html
     #
-    # @note When making an API call, you may pass UpdateInstruction
-    #   data as a hash:
-    #
-    #       {
-    #         action: "ADD", # required, accepts ADD, REVOKE
-    #         role: "ADMIN", # required, accepts ADMIN, EDITOR, VIEWER
-    #         users: [ # required
-    #           {
-    #             id: "SsoId", # required
-    #             type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] action
     #   Specifies whether this update is to add or revoke role permissions.
     #   @return [String]
@@ -1180,25 +1051,6 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdatePermissionsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         update_instruction_batch: [ # required
-    #           {
-    #             action: "ADD", # required, accepts ADD, REVOKE
-    #             role: "ADMIN", # required, accepts ADMIN, EDITOR, VIEWER
-    #             users: [ # required
-    #               {
-    #                 id: "SsoId", # required
-    #                 type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
-    #               },
-    #             ],
-    #           },
-    #         ],
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] update_instruction_batch
     #   An array of structures that contain the permission updates to make.
     #   @return [Array<Types::UpdateInstruction>]
@@ -1229,39 +1081,11 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateWorkspaceAuthenticationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         authentication_providers: ["AWS_SSO"], # required, accepts AWS_SSO, SAML
-    #         saml_configuration: {
-    #           allowed_organizations: ["AllowedOrganization"],
-    #           assertion_attributes: {
-    #             email: "AssertionAttribute",
-    #             groups: "AssertionAttribute",
-    #             login: "AssertionAttribute",
-    #             name: "AssertionAttribute",
-    #             org: "AssertionAttribute",
-    #             role: "AssertionAttribute",
-    #           },
-    #           idp_metadata: { # required
-    #             url: "IdpMetadataUrl",
-    #             xml: "String",
-    #           },
-    #           login_validity_duration: 1,
-    #           role_values: {
-    #             admin: ["RoleValue"],
-    #             editor: ["RoleValue"],
-    #           },
-    #         },
-    #         workspace_id: "WorkspaceId", # required
-    #       }
-    #
     # @!attribute [rw] authentication_providers
-    #   Specifies whether this workspace uses SAML 2.0, Amazon Web Services
-    #   Single Sign On, or both to authenticate users for using the Grafana
-    #   console within a workspace. For more information, see [User
-    #   authentication in Amazon Managed Grafana][1].
+    #   Specifies whether this workspace uses SAML 2.0, IAM Identity Center
+    #   (successor to Single Sign-On), or both to authenticate users for
+    #   using the Grafana console within a workspace. For more information,
+    #   see [User authentication in Amazon Managed Grafana][1].
     #
     #
     #
@@ -1302,23 +1126,33 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateWorkspaceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         account_access_type: "CURRENT_ACCOUNT", # accepts CURRENT_ACCOUNT, ORGANIZATION
-    #         organization_role_name: "OrganizationRoleName",
-    #         permission_type: "CUSTOMER_MANAGED", # accepts CUSTOMER_MANAGED, SERVICE_MANAGED
-    #         stack_set_name: "StackSetName",
-    #         workspace_data_sources: ["AMAZON_OPENSEARCH_SERVICE"], # accepts AMAZON_OPENSEARCH_SERVICE, CLOUDWATCH, PROMETHEUS, XRAY, TIMESTREAM, SITEWISE, ATHENA, REDSHIFT
-    #         workspace_description: "Description",
-    #         workspace_id: "WorkspaceId", # required
-    #         workspace_name: "WorkspaceName",
-    #         workspace_notification_destinations: ["SNS"], # accepts SNS
-    #         workspace_organizational_units: ["OrganizationalUnit"],
-    #         workspace_role_arn: "IamRoleArn",
-    #       }
+    # @!attribute [rw] configuration
+    #   The new configuration string for the workspace. For more information
+    #   about the format and configuration options available, see [Working
+    #   in your Grafana workspace][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html
+    #   @return [String]
+    #
+    # @!attribute [rw] workspace_id
+    #   The ID of the workspace to update.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceConfigurationRequest AWS API Documentation
+    #
+    class UpdateWorkspaceConfigurationRequest < Struct.new(
+      :configuration,
+      :workspace_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceConfigurationResponse AWS API Documentation
     #
+    class UpdateWorkspaceConfigurationResponse < Aws::EmptyStructure; end
+
     # @!attribute [rw] account_access_type
     #   Specifies whether the workspace can access Amazon Web Services
     #   resources in this Amazon Web Services account only, or whether it
@@ -1355,11 +1189,23 @@ module Aws::ManagedGrafana
     #   [1]: https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html
     #   @return [String]
     #
+    # @!attribute [rw] remove_vpc_configuration
+    #   Whether to remove the VPC configuration from the workspace.
+    #
+    #   Setting this to `true` and providing a `vpcConfiguration` to set
+    #   will return an error.
+    #   @return [Boolean]
+    #
     # @!attribute [rw] stack_set_name
     #   The name of the CloudFormation stack set to use to generate IAM
     #   roles to be used for this workspace.
     #   @return [String]
     #
+    # @!attribute [rw] vpc_configuration
+    #   The configuration settings for an Amazon VPC that contains data
+    #   sources for your Grafana workspace to connect to.
+    #   @return [Types::VpcConfiguration]
+    #
     # @!attribute [rw] workspace_data_sources
     #   Specify the Amazon Web Services data sources that you want to be
     #   queried in this workspace. Specifying these data sources here
@@ -1415,7 +1261,9 @@ module Aws::ManagedGrafana
       :account_access_type,
       :organization_role_name,
       :permission_type,
+      :remove_vpc_configuration,
       :stack_set_name,
+      :vpc_configuration,
       :workspace_data_sources,
       :workspace_description,
       :workspace_id,
@@ -1441,14 +1289,6 @@ module Aws::ManagedGrafana
 
     # A structure that specifies one user or group in the workspace.
     #
-    # @note When making an API call, you may pass User
-    #   data as a hash:
-    #
-    #       {
-    #         id: "SsoId", # required
-    #         type: "SSO_USER", # required, accepts SSO_USER, SSO_GROUP
-    #       }
-    #
     # @!attribute [rw] id
     #   The ID of the user or group.
     #
@@ -1513,6 +1353,28 @@ module Aws::ManagedGrafana
       include Aws::Structure
     end
 
+    # The configuration settings for an Amazon VPC that contains data
+    # sources for your Grafana workspace to connect to.
+    #
+    # @!attribute [rw] security_group_ids
+    #   The list of Amazon EC2 security group IDs attached to the Amazon VPC
+    #   for your Grafana workspace to connect.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] subnet_ids
+    #   The list of Amazon EC2 subnet IDs created in the Amazon VPC for your
+    #   Grafana workspace to connect.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/VpcConfiguration AWS API Documentation
+    #
+    class VpcConfiguration < Struct.new(
+      :security_group_ids,
+      :subnet_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # A structure containing information about an Amazon Managed Grafana
     # workspace in your account.
     #
@@ -1526,8 +1388,8 @@ module Aws::ManagedGrafana
     #   @return [String]
     #
     # @!attribute [rw] authentication
-    #   A structure that describes whether the workspace uses SAML, Amazon
-    #   Web Services SSO, or both methods for user authentication.
+    #   A structure that describes whether the workspace uses SAML, IAM
+    #   Identity Center, or both methods for user authentication.
     #   @return [Types::AuthenticationSummary]
     #
     # @!attribute [rw] created
@@ -1637,6 +1499,11 @@ module Aws::ManagedGrafana
     #   The list of tags associated with the workspace.
     #   @return [Hash<String,String>]
     #
+    # @!attribute [rw] vpc_configuration
+    #   The configuration for connecting to data sources in a private VPC
+    #   (Amazon Virtual Private Cloud).
+    #   @return [Types::VpcConfiguration]
+    #
     # @!attribute [rw] workspace_role_arn
     #   The IAM role that grants permissions to the Amazon Web Services
     #   resources that the workspace will view data from. This role must
@@ -1667,6 +1534,7 @@ module Aws::ManagedGrafana
       :stack_set_name,
       :status,
       :tags,
+      :vpc_configuration,
       :workspace_role_arn)
       SENSITIVE = [:description, :name, :organization_role_name, :organizational_units, :workspace_role_arn]
       include Aws::Structure