@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
272 lines • 11.3 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.Directory = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
* Provides a WorkSpaces directory in AWS WorkSpaces Service.
*
* > **NOTE:** AWS WorkSpaces service requires [`workspaces_DefaultRole`](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-access-control.html#create-default-role) IAM role to operate normally.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const exampleVpc = new aws.ec2.Vpc("example", {cidrBlock: "10.0.0.0/16"});
* const exampleA = new aws.ec2.Subnet("example_a", {
* vpcId: exampleVpc.id,
* availabilityZone: "us-east-1a",
* cidrBlock: "10.0.0.0/24",
* });
* const exampleB = new aws.ec2.Subnet("example_b", {
* vpcId: exampleVpc.id,
* availabilityZone: "us-east-1b",
* cidrBlock: "10.0.1.0/24",
* });
* const exampleDirectory = new aws.directoryservice.Directory("example", {
* name: "corp.example.com",
* password: "#S1ncerely",
* size: "Small",
* vpcSettings: {
* vpcId: exampleVpc.id,
* subnetIds: [
* exampleA.id,
* exampleB.id,
* ],
* },
* });
* const workspaces = aws.iam.getPolicyDocument({
* statements: [{
* actions: ["sts:AssumeRole"],
* principals: [{
* type: "Service",
* identifiers: ["workspaces.amazonaws.com"],
* }],
* }],
* });
* const workspacesDefault = new aws.iam.Role("workspaces_default", {
* name: "workspaces_DefaultRole",
* assumeRolePolicy: workspaces.then(workspaces => workspaces.json),
* });
* const workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_service_access", {
* role: workspacesDefault.name,
* policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess",
* });
* const workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", {
* role: workspacesDefault.name,
* policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess",
* });
* const exampleC = new aws.ec2.Subnet("example_c", {
* vpcId: exampleVpc.id,
* availabilityZone: "us-east-1c",
* cidrBlock: "10.0.2.0/24",
* });
* const exampleD = new aws.ec2.Subnet("example_d", {
* vpcId: exampleVpc.id,
* availabilityZone: "us-east-1d",
* cidrBlock: "10.0.3.0/24",
* });
* const example = new aws.workspaces.Directory("example", {
* directoryId: exampleDirectory.id,
* subnetIds: [
* exampleC.id,
* exampleD.id,
* ],
* tags: {
* Example: "true",
* },
* certificateBasedAuthProperties: {
* certificateAuthorityArn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
* status: "ENABLED",
* },
* samlProperties: {
* userAccessUrl: "https://sso.example.com/",
* status: "ENABLED",
* },
* selfServicePermissions: {
* changeComputeType: true,
* increaseVolumeSize: true,
* rebuildWorkspace: true,
* restartWorkspace: true,
* switchRunningMode: true,
* },
* workspaceAccessProperties: {
* deviceTypeAndroid: "ALLOW",
* deviceTypeChromeos: "ALLOW",
* deviceTypeIos: "ALLOW",
* deviceTypeLinux: "DENY",
* deviceTypeOsx: "ALLOW",
* deviceTypeWeb: "DENY",
* deviceTypeWindows: "DENY",
* deviceTypeZeroclient: "DENY",
* },
* workspaceCreationProperties: {
* customSecurityGroupId: exampleAwsSecurityGroup.id,
* defaultOu: "OU=AWS,DC=Workgroup,DC=Example,DC=com",
* enableInternetAccess: true,
* enableMaintenanceMode: true,
* userEnabledAsLocalAdministrator: true,
* },
* }, {
* dependsOn: [
* workspacesDefaultServiceAccess,
* workspacesDefaultSelfServiceAccess,
* ],
* });
* ```
*
* ### WorkSpaces Pools
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.workspaces.Directory("example", {
* subnetIds: [
* exampleC.id,
* exampleD.id,
* ],
* workspaceType: "POOLS",
* workspaceDirectoryName: "Pool directory",
* workspaceDirectoryDescription: "WorkSpaces Pools directory",
* userIdentityType: "CUSTOMER_MANAGED",
* activeDirectoryConfig: {
* domainName: "example.internal",
* serviceAccountSecretArn: exampleAwsSecretsmanagerSecret.arn,
* },
* workspaceAccessProperties: {
* deviceTypeAndroid: "ALLOW",
* deviceTypeChromeos: "ALLOW",
* deviceTypeIos: "ALLOW",
* deviceTypeLinux: "DENY",
* deviceTypeOsx: "ALLOW",
* deviceTypeWeb: "DENY",
* deviceTypeWindows: "DENY",
* deviceTypeZeroclient: "DENY",
* },
* workspaceCreationProperties: {
* customSecurityGroupId: exampleAwsSecurityGroup.id,
* defaultOu: "OU=AWS,DC=Workgroup,DC=Example,DC=com",
* enableInternetAccess: true,
* },
* samlProperties: {
* relayStateParameterName: "RelayState",
* userAccessUrl: "https://sso.example.com/",
* status: "ENABLED",
* },
* });
* ```
*
* ### IP Groups
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const exampleIpGroup = new aws.workspaces.IpGroup("example", {name: "example"});
* const example = new aws.workspaces.Directory("example", {
* directoryId: exampleAwsDirectoryServiceDirectory.id,
* ipGroupIds: [exampleIpGroup.id],
* });
* ```
*
* ## Import
*
* Using `pulumi import`, import Workspaces directory using the directory ID. For example:
*
* ```sh
* $ pulumi import aws:workspaces/directory:Directory main d-4444444444
* ```
*/
class Directory extends pulumi.CustomResource {
/**
* Get an existing Directory resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name, id, state, opts) {
return new Directory(name, state, { ...opts, id: id });
}
/**
* Returns true if the given object is an instance of Directory. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj) {
if (obj === undefined || obj === null) {
return false;
}
return obj['__pulumiType'] === Directory.__pulumiType;
}
constructor(name, argsOrState, opts) {
let resourceInputs = {};
opts = opts || {};
if (opts.id) {
const state = argsOrState;
resourceInputs["activeDirectoryConfig"] = state?.activeDirectoryConfig;
resourceInputs["alias"] = state?.alias;
resourceInputs["certificateBasedAuthProperties"] = state?.certificateBasedAuthProperties;
resourceInputs["customerUserName"] = state?.customerUserName;
resourceInputs["directoryId"] = state?.directoryId;
resourceInputs["directoryName"] = state?.directoryName;
resourceInputs["directoryType"] = state?.directoryType;
resourceInputs["dnsIpAddresses"] = state?.dnsIpAddresses;
resourceInputs["iamRoleId"] = state?.iamRoleId;
resourceInputs["ipGroupIds"] = state?.ipGroupIds;
resourceInputs["region"] = state?.region;
resourceInputs["registrationCode"] = state?.registrationCode;
resourceInputs["samlProperties"] = state?.samlProperties;
resourceInputs["selfServicePermissions"] = state?.selfServicePermissions;
resourceInputs["subnetIds"] = state?.subnetIds;
resourceInputs["tags"] = state?.tags;
resourceInputs["tagsAll"] = state?.tagsAll;
resourceInputs["userIdentityType"] = state?.userIdentityType;
resourceInputs["workspaceAccessProperties"] = state?.workspaceAccessProperties;
resourceInputs["workspaceCreationProperties"] = state?.workspaceCreationProperties;
resourceInputs["workspaceDirectoryDescription"] = state?.workspaceDirectoryDescription;
resourceInputs["workspaceDirectoryName"] = state?.workspaceDirectoryName;
resourceInputs["workspaceSecurityGroupId"] = state?.workspaceSecurityGroupId;
resourceInputs["workspaceType"] = state?.workspaceType;
}
else {
const args = argsOrState;
resourceInputs["activeDirectoryConfig"] = args?.activeDirectoryConfig;
resourceInputs["certificateBasedAuthProperties"] = args?.certificateBasedAuthProperties;
resourceInputs["directoryId"] = args?.directoryId;
resourceInputs["ipGroupIds"] = args?.ipGroupIds;
resourceInputs["region"] = args?.region;
resourceInputs["samlProperties"] = args?.samlProperties;
resourceInputs["selfServicePermissions"] = args?.selfServicePermissions;
resourceInputs["subnetIds"] = args?.subnetIds;
resourceInputs["tags"] = args?.tags;
resourceInputs["userIdentityType"] = args?.userIdentityType;
resourceInputs["workspaceAccessProperties"] = args?.workspaceAccessProperties;
resourceInputs["workspaceCreationProperties"] = args?.workspaceCreationProperties;
resourceInputs["workspaceDirectoryDescription"] = args?.workspaceDirectoryDescription;
resourceInputs["workspaceDirectoryName"] = args?.workspaceDirectoryName;
resourceInputs["workspaceType"] = args?.workspaceType;
resourceInputs["alias"] = undefined /*out*/;
resourceInputs["customerUserName"] = undefined /*out*/;
resourceInputs["directoryName"] = undefined /*out*/;
resourceInputs["directoryType"] = undefined /*out*/;
resourceInputs["dnsIpAddresses"] = undefined /*out*/;
resourceInputs["iamRoleId"] = undefined /*out*/;
resourceInputs["registrationCode"] = undefined /*out*/;
resourceInputs["tagsAll"] = undefined /*out*/;
resourceInputs["workspaceSecurityGroupId"] = undefined /*out*/;
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(Directory.__pulumiType, name, resourceInputs, opts);
}
}
exports.Directory = Directory;
/** @internal */
Directory.__pulumiType = 'aws:workspaces/directory:Directory';
//# sourceMappingURL=directory.js.map