aws-cdk-lib

import * as cdk from "../../core/lib"; import * as constructs from "constructs"; import * as cfn_parse from "../../core/lib/helpers-internal"; import { BrowserSettingsReference, DataProtectionSettingsReference, IBrowserSettingsRef, IDataProtectionSettingsRef, IdentityProviderReference, IIdentityProviderRef, IIpAccessSettingsRef, INetworkSettingsRef, IpAccessSettingsReference, IPortalRef, ISessionLoggerRef, ITrustStoreRef, IUserAccessLoggingSettingsRef, IUserSettingsRef, NetworkSettingsReference, PortalReference, SessionLoggerReference, TrustStoreReference, UserAccessLoggingSettingsReference, UserSettingsReference } from "../../interfaces/generated/aws-workspacesweb-interfaces.generated"; /** * This resource specifies browser settings that can be associated with a web portal. * * Once associated with a web portal, browser settings control how the browser will behave once a user starts a streaming session for the web portal. * * @cloudformationResource AWS::WorkSpacesWeb::BrowserSettings * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html */ export declare class CfnBrowserSettings extends cdk.CfnResource implements cdk.IInspectable, IBrowserSettingsRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnBrowserSettings from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnBrowserSettings; /** * Checks whether the given object is a CfnBrowserSettings */ static isCfnBrowserSettings(x: any): x is CfnBrowserSettings; static arnForBrowserSettings(resource: IBrowserSettingsRef): string; /** * Additional encryption context of the browser settings. */ private _additionalEncryptionContext?; /** * A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions. */ private _browserPolicy?; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * The custom managed key of the browser settings. */ private _customerManagedKey?; /** * The tags to add to the browser settings resource. */ private _tags?; /** * The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security. */ private _webContentFilteringPolicy?; /** * Create a new `AWS::WorkSpacesWeb::BrowserSettings`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnBrowserSettingsProps); get browserSettingsRef(): BrowserSettingsReference; /** * Additional encryption context of the browser settings. */ get additionalEncryptionContext(): cdk.IResolvable | Record<string, string> | undefined; /** * Additional encryption context of the browser settings. */ set additionalEncryptionContext(value: cdk.IResolvable | Record<string, string> | undefined); /** * A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions. */ get browserPolicy(): string | undefined; /** * A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions. */ set browserPolicy(value: string | undefined); /** * The custom managed key of the browser settings. */ get customerManagedKey(): string | undefined; /** * The custom managed key of the browser settings. */ set customerManagedKey(value: string | undefined); /** * The tags to add to the browser settings resource. */ get tags(): Array<cdk.CfnTag> | undefined; /** * The tags to add to the browser settings resource. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security. */ get webContentFilteringPolicy(): cdk.IResolvable | CfnBrowserSettings.WebContentFilteringPolicyProperty | undefined; /** * The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security. */ set webContentFilteringPolicy(value: cdk.IResolvable | CfnBrowserSettings.WebContentFilteringPolicyProperty | undefined); /** * A list of web portal ARNs that the browser settings resource is associated with. * * @cloudformationAttribute AssociatedPortalArns */ get attrAssociatedPortalArns(): Array<string>; /** * The ARN of the browser settings. * * @cloudformationAttribute BrowserSettingsArn */ get attrBrowserSettingsArn(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnBrowserSettings { /** * The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-browsersettings-webcontentfilteringpolicy.html */ interface WebContentFilteringPolicyProperty { /** * URLs and domains that are always accessible to end users. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-browsersettings-webcontentfilteringpolicy.html#cfn-workspacesweb-browsersettings-webcontentfilteringpolicy-allowedurls */ readonly allowedUrls?: Array<string>; /** * Categories of websites that are blocked on the end user's browsers. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-browsersettings-webcontentfilteringpolicy.html#cfn-workspacesweb-browsersettings-webcontentfilteringpolicy-blockedcategories */ readonly blockedCategories?: Array<string>; /** * URLs and domains that end users cannot access. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-browsersettings-webcontentfilteringpolicy.html#cfn-workspacesweb-browsersettings-webcontentfilteringpolicy-blockedurls */ readonly blockedUrls?: Array<string>; } } /** * Properties for defining a `CfnBrowserSettings` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html */ export interface CfnBrowserSettingsProps { /** * Additional encryption context of the browser settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html#cfn-workspacesweb-browsersettings-additionalencryptioncontext */ readonly additionalEncryptionContext?: cdk.IResolvable | Record<string, string>; /** * A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html#cfn-workspacesweb-browsersettings-browserpolicy */ readonly browserPolicy?: string; /** * The custom managed key of the browser settings. * * *Pattern* : `^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html#cfn-workspacesweb-browsersettings-customermanagedkey */ readonly customerManagedKey?: string; /** * The tags to add to the browser settings resource. * * A tag is a key-value pair. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html#cfn-workspacesweb-browsersettings-tags */ readonly tags?: Array<cdk.CfnTag>; /** * The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-browsersettings.html#cfn-workspacesweb-browsersettings-webcontentfilteringpolicy */ readonly webContentFilteringPolicy?: cdk.IResolvable | CfnBrowserSettings.WebContentFilteringPolicyProperty; } /** * This resource specifies an identity provider that is then associated with a web portal. * * This resource is not required if your portal's `AuthenticationType` is IAM Identity Center. * * @cloudformationResource AWS::WorkSpacesWeb::IdentityProvider * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html */ export declare class CfnIdentityProvider extends cdk.CfnResource implements cdk.IInspectable, IIdentityProviderRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnIdentityProvider from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnIdentityProvider; /** * Checks whether the given object is a CfnIdentityProvider */ static isCfnIdentityProvider(x: any): x is CfnIdentityProvider; static arnForIdentityProvider(resource: IIdentityProviderRef): string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * The identity provider details. The following list describes the provider detail keys for each identity provider type. */ private _identityProviderDetails; /** * The identity provider name. */ private _identityProviderName; /** * The identity provider type. */ private _identityProviderType; /** * The ARN of the identity provider. */ private _portalArn?; private _tags?; /** * Create a new `AWS::WorkSpacesWeb::IdentityProvider`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnIdentityProviderProps); get identityProviderRef(): IdentityProviderReference; /** * The identity provider details. The following list describes the provider detail keys for each identity provider type. */ get identityProviderDetails(): cdk.IResolvable | Record<string, string>; /** * The identity provider details. The following list describes the provider detail keys for each identity provider type. */ set identityProviderDetails(value: cdk.IResolvable | Record<string, string>); /** * The identity provider name. */ get identityProviderName(): string; /** * The identity provider name. */ set identityProviderName(value: string); /** * The identity provider type. */ get identityProviderType(): string; /** * The identity provider type. */ set identityProviderType(value: string); /** * The ARN of the identity provider. */ get portalArn(): string | undefined; /** * The ARN of the identity provider. */ set portalArn(value: string | undefined); get tags(): Array<cdk.CfnTag> | undefined; set tags(value: Array<cdk.CfnTag> | undefined); /** * The ARN of the identity provider. * * @cloudformationAttribute IdentityProviderArn */ get attrIdentityProviderArn(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnIdentityProvider` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html */ export interface CfnIdentityProviderProps { /** * The identity provider details. The following list describes the provider detail keys for each identity provider type. * * - For Google and Login with Amazon: * * - `client_id` * - `client_secret` * - `authorize_scopes` * - For Facebook: * * - `client_id` * - `client_secret` * - `authorize_scopes` * - `api_version` * - For Sign in with Apple: * * - `client_id` * - `team_id` * - `key_id` * - `private_key` * - `authorize_scopes` * - For OIDC providers: * * - `client_id` * - `client_secret` * - `attributes_request_method` * - `oidc_issuer` * - `authorize_scopes` * - `authorize_url` *if not available from discovery URL specified by oidc_issuer key* * - `token_url` *if not available from discovery URL specified by oidc_issuer key* * - `attributes_url` *if not available from discovery URL specified by oidc_issuer key* * - `jwks_uri` *if not available from discovery URL specified by oidc_issuer key* * - For SAML providers: * * - `MetadataFile` OR `MetadataURL` * - `IDPSignout` (boolean) *optional* * - `IDPInit` (boolean) *optional* * - `RequestSigningAlgorithm` (string) *optional* - Only accepts `rsa-sha256` * - `EncryptedResponses` (boolean) *optional* * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html#cfn-workspacesweb-identityprovider-identityproviderdetails */ readonly identityProviderDetails: cdk.IResolvable | Record<string, string>; /** * The identity provider name. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html#cfn-workspacesweb-identityprovider-identityprovidername */ readonly identityProviderName: string; /** * The identity provider type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html#cfn-workspacesweb-identityprovider-identityprovidertype */ readonly identityProviderType: string; /** * The ARN of the identity provider. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html#cfn-workspacesweb-identityprovider-portalarn */ readonly portalArn?: string; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-identityprovider.html#cfn-workspacesweb-identityprovider-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * This resource specifies IP access settings that can be associated with a web portal. * * For more information, see [Set up IP access controls (optional)](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/ip-access-controls.html) . * * @cloudformationResource AWS::WorkSpacesWeb::IpAccessSettings * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html */ export declare class CfnIpAccessSettings extends cdk.CfnResource implements cdk.IInspectable, IIpAccessSettingsRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnIpAccessSettings from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnIpAccessSettings; /** * Checks whether the given object is a CfnIpAccessSettings */ static isCfnIpAccessSettings(x: any): x is CfnIpAccessSettings; static arnForIpAccessSettings(resource: IIpAccessSettingsRef): string; /** * Additional encryption context of the IP access settings. */ private _additionalEncryptionContext?; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * The custom managed key of the IP access settings. */ private _customerManagedKey?; /** * The description of the IP access settings. */ private _description?; /** * The display name of the IP access settings. */ private _displayName?; /** * The IP rules of the IP access settings. */ private _ipRules; /** * The tags to add to the IP access settings resource. */ private _tags?; /** * Create a new `AWS::WorkSpacesWeb::IpAccessSettings`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnIpAccessSettingsProps); get ipAccessSettingsRef(): IpAccessSettingsReference; /** * Additional encryption context of the IP access settings. */ get additionalEncryptionContext(): cdk.IResolvable | Record<string, string> | undefined; /** * Additional encryption context of the IP access settings. */ set additionalEncryptionContext(value: cdk.IResolvable | Record<string, string> | undefined); /** * The custom managed key of the IP access settings. */ get customerManagedKey(): string | undefined; /** * The custom managed key of the IP access settings. */ set customerManagedKey(value: string | undefined); /** * The description of the IP access settings. */ get description(): string | undefined; /** * The description of the IP access settings. */ set description(value: string | undefined); /** * The display name of the IP access settings. */ get displayName(): string | undefined; /** * The display name of the IP access settings. */ set displayName(value: string | undefined); /** * The IP rules of the IP access settings. */ get ipRules(): Array<CfnIpAccessSettings.IpRuleProperty | cdk.IResolvable> | cdk.IResolvable; /** * The IP rules of the IP access settings. */ set ipRules(value: Array<CfnIpAccessSettings.IpRuleProperty | cdk.IResolvable> | cdk.IResolvable); /** * The tags to add to the IP access settings resource. */ get tags(): Array<cdk.CfnTag> | undefined; /** * The tags to add to the IP access settings resource. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * A list of web portal ARNs that this IP access settings resource is associated with. * * @cloudformationAttribute AssociatedPortalArns */ get attrAssociatedPortalArns(): Array<string>; /** * The creation date timestamp of the IP access settings. * * @cloudformationAttribute CreationDate */ get attrCreationDate(): string; /** * The ARN of the IP access settings resource. * * @cloudformationAttribute IpAccessSettingsArn */ get attrIpAccessSettingsArn(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnIpAccessSettings { /** * The IP rules of the IP access settings. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-ipaccesssettings-iprule.html */ interface IpRuleProperty { /** * The description of the IP rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-ipaccesssettings-iprule.html#cfn-workspacesweb-ipaccesssettings-iprule-description */ readonly description?: string; /** * The IP range of the IP rule. * * This can either be a single IP address or a range using CIDR notation. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-ipaccesssettings-iprule.html#cfn-workspacesweb-ipaccesssettings-iprule-iprange */ readonly ipRange: string; } } /** * Properties for defining a `CfnIpAccessSettings` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html */ export interface CfnIpAccessSettingsProps { /** * Additional encryption context of the IP access settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html#cfn-workspacesweb-ipaccesssettings-additionalencryptioncontext */ readonly additionalEncryptionContext?: cdk.IResolvable | Record<string, string>; /** * The custom managed key of the IP access settings. * * *Pattern* : `^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html#cfn-workspacesweb-ipaccesssettings-customermanagedkey */ readonly customerManagedKey?: string; /** * The description of the IP access settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html#cfn-workspacesweb-ipaccesssettings-description */ readonly description?: string; /** * The display name of the IP access settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html#cfn-workspacesweb-ipaccesssettings-displayname */ readonly displayName?: string; /** * The IP rules of the IP access settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html#cfn-workspacesweb-ipaccesssettings-iprules */ readonly ipRules: Array<CfnIpAccessSettings.IpRuleProperty | cdk.IResolvable> | cdk.IResolvable; /** * The tags to add to the IP access settings resource. * * A tag is a key-value pair. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-ipaccesssettings.html#cfn-workspacesweb-ipaccesssettings-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * This resource specifies network settings that can be associated with a web portal. * * Once associated with a web portal, network settings define how streaming instances will connect with your specified VPC. * * The VPC must have default tenancy. VPCs with dedicated tenancy are not supported. * * For availability consideration, you must have at least two subnets created in two different Availability Zones. WorkSpaces Secure Browser is available in a subset of the Availability Zones for each supported Region. For more information, see [Supported Availability Zones](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/availability-zones.html) . * * @cloudformationResource AWS::WorkSpacesWeb::NetworkSettings * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-networksettings.html */ export declare class CfnNetworkSettings extends cdk.CfnResource implements cdk.IInspectable, INetworkSettingsRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnNetworkSettings from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnNetworkSettings; /** * Checks whether the given object is a CfnNetworkSettings */ static isCfnNetworkSettings(x: any): x is CfnNetworkSettings; static arnForNetworkSettings(resource: INetworkSettingsRef): string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * One or more security groups used to control access from streaming instances to your VPC. */ private _securityGroupIds; /** * The subnets in which network interfaces are created to connect streaming instances to your VPC. */ private _subnetIds; /** * The tags to add to the network settings resource. */ private _tags?; /** * The VPC that streaming instances will connect to. */ private _vpcId; /** * Create a new `AWS::WorkSpacesWeb::NetworkSettings`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnNetworkSettingsProps); get networkSettingsRef(): NetworkSettingsReference; /** * One or more security groups used to control access from streaming instances to your VPC. */ get securityGroupIds(): Array<string>; /** * One or more security groups used to control access from streaming instances to your VPC. */ set securityGroupIds(value: Array<string>); /** * The subnets in which network interfaces are created to connect streaming instances to your VPC. */ get subnetIds(): Array<string>; /** * The subnets in which network interfaces are created to connect streaming instances to your VPC. */ set subnetIds(value: Array<string>); /** * The tags to add to the network settings resource. */ get tags(): Array<cdk.CfnTag> | undefined; /** * The tags to add to the network settings resource. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * The VPC that streaming instances will connect to. */ get vpcId(): string; /** * The VPC that streaming instances will connect to. */ set vpcId(value: string); /** * A list of web portal ARNs that this network settings is associated with. * * @cloudformationAttribute AssociatedPortalArns */ get attrAssociatedPortalArns(): Array<string>; /** * The ARN of the network settings. * * @cloudformationAttribute NetworkSettingsArn */ get attrNetworkSettingsArn(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnNetworkSettings` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-networksettings.html */ export interface CfnNetworkSettingsProps { /** * One or more security groups used to control access from streaming instances to your VPC. * * *Pattern* : `^[\w+\-]+$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-networksettings.html#cfn-workspacesweb-networksettings-securitygroupids */ readonly securityGroupIds: Array<string>; /** * The subnets in which network interfaces are created to connect streaming instances to your VPC. * * At least two of these subnets must be in different availability zones. * * *Pattern* : `^subnet-([0-9a-f]{8}|[0-9a-f]{17})$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-networksettings.html#cfn-workspacesweb-networksettings-subnetids */ readonly subnetIds: Array<string>; /** * The tags to add to the network settings resource. * * A tag is a key-value pair. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-networksettings.html#cfn-workspacesweb-networksettings-tags */ readonly tags?: Array<cdk.CfnTag>; /** * The VPC that streaming instances will connect to. * * *Pattern* : `^vpc-[0-9a-z]*$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-networksettings.html#cfn-workspacesweb-networksettings-vpcid */ readonly vpcId: string; } /** * This resource specifies a web portal, which users use to start browsing sessions. * * A `Standard` web portal can't start browsing sessions unless you have at defined and associated an `IdentityProvider` and `NetworkSettings` resource. An `IAM Identity Center` web portal does not require an `IdentityProvider` resource. * * For more information about web portals, see [What is Amazon WorkSpaces Secure Browser?](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/what-is-workspaces-web.html.html) . * * @cloudformationResource AWS::WorkSpacesWeb::Portal * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html */ export declare class CfnPortal extends cdk.CfnResource implements cdk.IInspectable, IPortalRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnPortal from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPortal; /** * Checks whether the given object is a CfnPortal */ static isCfnPortal(x: any): x is CfnPortal; static arnForPortal(resource: IPortalRef): string; /** * The additional encryption context of the portal. */ private _additionalEncryptionContext?; /** * The type of authentication integration points used when signing into the web portal. Defaults to `Standard` . */ private _authenticationType?; /** * The ARN of the browser settings that is associated with this web portal. */ private _browserSettingsArn?; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * The customer managed key of the web portal. */ private _customerManagedKey?; /** * The ARN of the data protection settings. */ private _dataProtectionSettingsArn?; /** * The name of the web portal. */ private _displayName?; /** * The type and resources of the underlying instance. */ private _instanceType?; /** * The ARN of the IP access settings that is associated with the web portal. */ private _ipAccessSettingsArn?; /** * The maximum number of concurrent sessions for the portal. */ private _maxConcurrentSessions?; /** * The ARN of the network settings that is associated with the web portal. */ private _networkSettingsArn?; private _portalCustomDomain?; /** * The ARN of the session logger that is associated with the portal. */ private _sessionLoggerArn?; /** * The tags to add to the web portal. */ private _tags?; /** * The ARN of the trust store that is associated with the web portal. */ private _trustStoreArn?; /** * The ARN of the user access logging settings that is associated with the web portal. */ private _userAccessLoggingSettingsArn?; /** * The ARN of the user settings that is associated with the web portal. */ private _userSettingsArn?; /** * Create a new `AWS::WorkSpacesWeb::Portal`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnPortalProps); get portalRef(): PortalReference; /** * The additional encryption context of the portal. */ get additionalEncryptionContext(): cdk.IResolvable | Record<string, string> | undefined; /** * The additional encryption context of the portal. */ set additionalEncryptionContext(value: cdk.IResolvable | Record<string, string> | undefined); /** * The type of authentication integration points used when signing into the web portal. Defaults to `Standard` . */ get authenticationType(): string | undefined; /** * The type of authentication integration points used when signing into the web portal. Defaults to `Standard` . */ set authenticationType(value: string | undefined); /** * The ARN of the browser settings that is associated with this web portal. */ get browserSettingsArn(): string | undefined; /** * The ARN of the browser settings that is associated with this web portal. */ set browserSettingsArn(value: string | undefined); /** * The customer managed key of the web portal. */ get customerManagedKey(): string | undefined; /** * The customer managed key of the web portal. */ set customerManagedKey(value: string | undefined); /** * The ARN of the data protection settings. */ get dataProtectionSettingsArn(): string | undefined; /** * The ARN of the data protection settings. */ set dataProtectionSettingsArn(value: string | undefined); /** * The name of the web portal. */ get displayName(): string | undefined; /** * The name of the web portal. */ set displayName(value: string | undefined); /** * The type and resources of the underlying instance. */ get instanceType(): string | undefined; /** * The type and resources of the underlying instance. */ set instanceType(value: string | undefined); /** * The ARN of the IP access settings that is associated with the web portal. */ get ipAccessSettingsArn(): string | undefined; /** * The ARN of the IP access settings that is associated with the web portal. */ set ipAccessSettingsArn(value: string | undefined); /** * The maximum number of concurrent sessions for the portal. */ get maxConcurrentSessions(): number | undefined; /** * The maximum number of concurrent sessions for the portal. */ set maxConcurrentSessions(value: number | undefined); /** * The ARN of the network settings that is associated with the web portal. */ get networkSettingsArn(): string | undefined; /** * The ARN of the network settings that is associated with the web portal. */ set networkSettingsArn(value: string | undefined); get portalCustomDomain(): string | undefined; set portalCustomDomain(value: string | undefined); /** * The ARN of the session logger that is associated with the portal. */ get sessionLoggerArn(): string | undefined; /** * The ARN of the session logger that is associated with the portal. */ set sessionLoggerArn(value: string | undefined); /** * The tags to add to the web portal. */ get tags(): Array<cdk.CfnTag> | undefined; /** * The tags to add to the web portal. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * The ARN of the trust store that is associated with the web portal. */ get trustStoreArn(): string | undefined; /** * The ARN of the trust store that is associated with the web portal. */ set trustStoreArn(value: string | undefined); /** * The ARN of the user access logging settings that is associated with the web portal. */ get userAccessLoggingSettingsArn(): string | undefined; /** * The ARN of the user access logging settings that is associated with the web portal. */ set userAccessLoggingSettingsArn(value: string | undefined); /** * The ARN of the user settings that is associated with the web portal. */ get userSettingsArn(): string | undefined; /** * The ARN of the user settings that is associated with the web portal. */ set userSettingsArn(value: string | undefined); /** * The browser that users see when using a streaming session. * * @cloudformationAttribute BrowserType */ get attrBrowserType(): string; /** * The creation date of the web portal. * * @cloudformationAttribute CreationDate */ get attrCreationDate(): string; /** * The ARN of the web portal. * * @cloudformationAttribute PortalArn */ get attrPortalArn(): string; /** * The endpoint URL of the web portal that users access in order to start streaming sessions. * * @cloudformationAttribute PortalEndpoint */ get attrPortalEndpoint(): string; /** * The status of the web portal. * * @cloudformationAttribute PortalStatus */ get attrPortalStatus(): string; /** * The renderer that is used in streaming sessions. * * @cloudformationAttribute RendererType */ get attrRendererType(): string; /** * The SAML metadata of the service provider. * * @cloudformationAttribute ServiceProviderSamlMetadata */ get attrServiceProviderSamlMetadata(): string; /** * A message that explains why the web portal is in its current status. * * @cloudformationAttribute StatusReason */ get attrStatusReason(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnPortal` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html */ export interface CfnPortalProps { /** * The additional encryption context of the portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-additionalencryptioncontext */ readonly additionalEncryptionContext?: cdk.IResolvable | Record<string, string>; /** * The type of authentication integration points used when signing into the web portal. Defaults to `Standard` . * * `Standard` web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps: * * 1. Create and deploy a CloudFormation template with a `Standard` portal with no `IdentityProvider` resource. * * 2. Retrieve the SP metadata using `Fn:GetAtt` , the WorkSpaces Secure Browser console, or by the calling the `GetPortalServiceProviderMetadata` API. * * 3. Submit the data to your IdP. * * 4. Add an `IdentityProvider` resource to your CloudFormation template. * * `SSO` web portals are authenticated through SSOlong . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in SSO . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-authenticationtype */ readonly authenticationType?: string; /** * The ARN of the browser settings that is associated with this web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-browsersettingsarn */ readonly browserSettingsArn?: string; /** * The customer managed key of the web portal. * * *Pattern* : `^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$` * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-customermanagedkey */ readonly customerManagedKey?: string; /** * The ARN of the data protection settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-dataprotectionsettingsarn */ readonly dataProtectionSettingsArn?: string; /** * The name of the web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-displayname */ readonly displayName?: string; /** * The type and resources of the underlying instance. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-instancetype */ readonly instanceType?: string; /** * The ARN of the IP access settings that is associated with the web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-ipaccesssettingsarn */ readonly ipAccessSettingsArn?: string; /** * The maximum number of concurrent sessions for the portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-maxconcurrentsessions */ readonly maxConcurrentSessions?: number; /** * The ARN of the network settings that is associated with the web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-networksettingsarn */ readonly networkSettingsArn?: string; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-portalcustomdomain */ readonly portalCustomDomain?: string; /** * The ARN of the session logger that is associated with the portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-sessionloggerarn */ readonly sessionLoggerArn?: string; /** * The tags to add to the web portal. * * A tag is a key-value pair. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-tags */ readonly tags?: Array<cdk.CfnTag>; /** * The ARN of the trust store that is associated with the web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-truststorearn */ readonly trustStoreArn?: string; /** * The ARN of the user access logging settings that is associated with the web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-useraccessloggingsettingsarn */ readonly userAccessLoggingSettingsArn?: string; /** * The ARN of the user settings that is associated with the web portal. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-portal.html#cfn-workspacesweb-portal-usersettingsarn */ readonly userSettingsArn?: string; } /** * This resource specifies a trust store that can be associated with a web portal. * * A trust store contains certificate authority (CA) certificates. Once associated with a web portal, the browser in a streaming session will recognize certificates that have been issued using any of the CAs in the trust store. If your organization has internal websites that use certificates issued by private CAs, you should add the private CA certificate to the trust store. * * @cloudformationResource AWS::WorkSpacesWeb::TrustStore * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-truststore.html */ export declare class CfnTrustStore extends cdk.CfnResource implements cdk.IInspectable, ITrustStoreRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnTrustStore from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnTrustStore; /** * Checks whether the given object is a CfnTrustStore */ static isCfnTrustStore(x: any): x is CfnTrustStore; static arnForTrustStore(resource: ITrustStoreRef): string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * A list of CA certificates to be added to the trust store. */ private _certificateList; /** * The tags to add to the trust store. */ private _tags?; /** * Create a new `AWS::WorkSpacesWeb::TrustStore`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnTrustStoreProps); get trustStoreRef(): TrustStoreReference; /** * A list of CA certificates to be added to the trust store. */ get certificateList(): Array<string>; /** * A list of CA certificates to be added to the trus