portals
Creates, updates, deletes or gets a portal resource or lists portals in a region
Overview
| Name | portals |
| Type | Resource |
| Description | Definition of AWS::WorkSpacesWeb::Portal Resource Type |
| Id | awscc.workspacesweb.portals |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
additional_encryption_context | object | |
authentication_type | string | |
browser_settings_arn | string | |
browser_type | string | |
creation_date | string | |
customer_managed_key | string | |
data_protection_settings_arn | string | |
display_name | string | |
instance_type | string | |
ip_access_settings_arn | string | |
max_concurrent_sessions | number | |
network_settings_arn | string | |
portal_arn | string | |
portal_endpoint | string | |
portal_status | string | |
renderer_type | string | |
service_provider_saml_metadata | string | |
session_logger_arn | string | |
status_reason | string | |
tags | array | |
trust_store_arn | string | |
user_access_logging_settings_arn | string | |
user_settings_arn | string | |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
portal_arn | string | |
region | string | AWS region. |
For more information, see AWS::WorkSpacesWeb::Portal.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | portals | INSERT | region |
delete_resource | portals | DELETE | Identifier, region |
update_resource | portals | UPDATE | Identifier, PatchDocument, region |
list_resources | portals_list_only | SELECT | region |
get_resource | portals | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual portal.
SELECT
region,
additional_encryption_context,
authentication_type,
browser_settings_arn,
browser_type,
creation_date,
customer_managed_key,
data_protection_settings_arn,
display_name,
instance_type,
ip_access_settings_arn,
max_concurrent_sessions,
network_settings_arn,
portal_arn,
portal_endpoint,
portal_status,
renderer_type,
service_provider_saml_metadata,
session_logger_arn,
status_reason,
tags,
trust_store_arn,
user_access_logging_settings_arn,
user_settings_arn
FROM awscc.workspacesweb.portals
WHERE
region = 'us-east-1' AND
Identifier = '{{ portal_arn }}';
Lists all portals in a region.
SELECT
region,
portal_arn
FROM awscc.workspacesweb.portals_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new portal resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.workspacesweb.portals (
AdditionalEncryptionContext,
AuthenticationType,
BrowserSettingsArn,
CustomerManagedKey,
DataProtectionSettingsArn,
DisplayName,
InstanceType,
IpAccessSettingsArn,
MaxConcurrentSessions,
NetworkSettingsArn,
SessionLoggerArn,
Tags,
TrustStoreArn,
UserAccessLoggingSettingsArn,
UserSettingsArn,
region
)
SELECT
'{{ additional_encryption_context }}',
'{{ authentication_type }}',
'{{ browser_settings_arn }}',
'{{ customer_managed_key }}',
'{{ data_protection_settings_arn }}',
'{{ display_name }}',
'{{ instance_type }}',
'{{ ip_access_settings_arn }}',
'{{ max_concurrent_sessions }}',
'{{ network_settings_arn }}',
'{{ session_logger_arn }}',
'{{ tags }}',
'{{ trust_store_arn }}',
'{{ user_access_logging_settings_arn }}',
'{{ user_settings_arn }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.workspacesweb.portals (
AdditionalEncryptionContext,
AuthenticationType,
BrowserSettingsArn,
CustomerManagedKey,
DataProtectionSettingsArn,
DisplayName,
InstanceType,
IpAccessSettingsArn,
MaxConcurrentSessions,
NetworkSettingsArn,
SessionLoggerArn,
Tags,
TrustStoreArn,
UserAccessLoggingSettingsArn,
UserSettingsArn,
region
)
SELECT
'{{ additional_encryption_context }}',
'{{ authentication_type }}',
'{{ browser_settings_arn }}',
'{{ customer_managed_key }}',
'{{ data_protection_settings_arn }}',
'{{ display_name }}',
'{{ instance_type }}',
'{{ ip_access_settings_arn }}',
'{{ max_concurrent_sessions }}',
'{{ network_settings_arn }}',
'{{ session_logger_arn }}',
'{{ tags }}',
'{{ trust_store_arn }}',
'{{ user_access_logging_settings_arn }}',
'{{ user_settings_arn }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: portal
props:
- name: additional_encryption_context
value: {}
- name: authentication_type
value: '{{ authentication_type }}'
- name: browser_settings_arn
value: '{{ browser_settings_arn }}'
- name: customer_managed_key
value: '{{ customer_managed_key }}'
- name: data_protection_settings_arn
value: '{{ data_protection_settings_arn }}'
- name: display_name
value: '{{ display_name }}'
- name: instance_type
value: '{{ instance_type }}'
- name: ip_access_settings_arn
value: '{{ ip_access_settings_arn }}'
- name: max_concurrent_sessions
value: null
- name: network_settings_arn
value: '{{ network_settings_arn }}'
- name: session_logger_arn
value: '{{ session_logger_arn }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
- name: trust_store_arn
value: '{{ trust_store_arn }}'
- name: user_access_logging_settings_arn
value: '{{ user_access_logging_settings_arn }}'
- name: user_settings_arn
value: '{{ user_settings_arn }}'
UPDATE example
Use the following StackQL query and manifest file to update a portal resource, using stack-deploy.
/*+ update */
UPDATE awscc.workspacesweb.portals
SET PatchDocument = string('{{ {
"AuthenticationType": authentication_type,
"BrowserSettingsArn": browser_settings_arn,
"DataProtectionSettingsArn": data_protection_settings_arn,
"DisplayName": display_name,
"InstanceType": instance_type,
"IpAccessSettingsArn": ip_access_settings_arn,
"MaxConcurrentSessions": max_concurrent_sessions,
"NetworkSettingsArn": network_settings_arn,
"SessionLoggerArn": session_logger_arn,
"Tags": tags,
"TrustStoreArn": trust_store_arn,
"UserAccessLoggingSettingsArn": user_access_logging_settings_arn,
"UserSettingsArn": user_settings_arn
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ portal_arn }}';
DELETE example
/*+ delete */
DELETE FROM awscc.workspacesweb.portals
WHERE
Identifier = '{{ portal_arn }}' AND
region = 'us-east-1';
Permissions
To operate on the portals resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
workspaces-web:CreatePortal,
workspaces-web:GetPortal*,
workspaces-web:AssociateBrowserSettings,
workspaces-web:AssociateIpAccessSettings,
workspaces-web:AssociateNetworkSettings,
workspaces-web:AssociateTrustStore,
workspaces-web:AssociateUserAccessLoggingSettings,
workspaces-web:AssociateUserSettings,
workspaces-web:AssociateDataProtectionSettings,
workspaces-web:AssociateSessionLogger,
workspaces-web:List*,
workspaces-web:TagResource,
kms:DescribeKey,
kms:GenerateDataKey,
kms:Decrypt,
kms:GenerateDataKeyWithoutPlaintext,
kms:ReEncryptTo,
kms:ReEncryptFrom,
ec2:CreateNetworkInterface,
ec2:CreateNetworkInterfacePermission,
ec2:DeleteNetworkInterface,
ec2:DeleteNetworkInterfacePermission,
ec2:ModifyNetworkInterfaceAttribute,
kinesis:PutRecord,
kinesis:PutRecords,
kinesis:Describe*,
sso:CreateManagedApplicationInstance,
sso:Describe*,
s3:PutObject
workspaces-web:GetPortal*,
workspaces-web:List*,
kms:Decrypt,
kms:DescribeKey
workspaces-web:GetPortal*,
workspaces-web:UpdatePortal,
workspaces-web:AssociateBrowserSettings,
workspaces-web:AssociateIpAccessSettings,
workspaces-web:AssociateNetworkSettings,
workspaces-web:AssociateTrustStore,
workspaces-web:AssociateUserAccessLoggingSettings,
workspaces-web:AssociateUserSettings,
workspaces-web:AssociateDataProtectionSettings,
workspaces-web:AssociateSessionLogger,
workspaces-web:DisassociateBrowserSettings,
workspaces-web:DisassociateIpAccessSettings,
workspaces-web:DisassociateNetworkSettings,
workspaces-web:DisassociateTrustStore,
workspaces-web:DisassociateUserAccessLoggingSettings,
workspaces-web:DisassociateUserSettings,
workspaces-web:DisassociateDataProtectionSettings,
workspaces-web:DisassociateSessionLogger,
workspaces-web:List*,
workspaces-web:TagResource,
workspaces-web:UntagResource,
kms:CreateGrant,
kms:Encrypt,
kms:GenerateDataKey,
kms:Decrypt,
kms:DescribeKey,
ec2:CreateNetworkInterface,
ec2:CreateNetworkInterfacePermission,
ec2:DeleteNetworkInterface,
ec2:DeleteNetworkInterfacePermission,
ec2:ModifyNetworkInterfaceAttribute,
kinesis:PutRecord,
kinesis:PutRecords,
kinesis:Describe*,
sso:CreateManagedApplicationInstance,
sso:DeleteManagedApplicationInstance,
sso:Describe*,
sso:GetApplicationInstance,
sso:List*,
s3:PutObject
workspaces-web:GetPortal*,
workspaces-web:DeletePortal,
workspaces-web:DisassociateBrowserSettings,
workspaces-web:DisassociateIpAccessSettings,
workspaces-web:DisassociateNetworkSettings,
workspaces-web:DisassociateTrustStore,
workspaces-web:DisassociateUserAccessLoggingSettings,
workspaces-web:DisassociateUserSettings,
workspaces-web:DisassociateDataProtectionSettings,
workspaces-web:DisassociateSessionLogger,
kms:Decrypt,
kms:DescribeKey,
sso:DeleteManagedApplicationInstance
workspaces-web:List*,
kms:Decrypt,
kms:DescribeKey