aws.workspaces.Directory
Explore with Pulumi AI
Provides a WorkSpaces directory in AWS WorkSpaces Service.
NOTE: AWS WorkSpaces service requires
workspaces_DefaultRole
IAM role to operate normally.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleVpc = new aws.ec2.Vpc("example", {cidrBlock: "10.0.0.0/16"});
const exampleA = new aws.ec2.Subnet("example_a", {
vpcId: exampleVpc.id,
availabilityZone: "us-east-1a",
cidrBlock: "10.0.0.0/24",
});
const exampleB = new aws.ec2.Subnet("example_b", {
vpcId: exampleVpc.id,
availabilityZone: "us-east-1b",
cidrBlock: "10.0.1.0/24",
});
const exampleDirectory = new aws.directoryservice.Directory("example", {
name: "corp.example.com",
password: "#S1ncerely",
size: "Small",
vpcSettings: {
vpcId: exampleVpc.id,
subnetIds: [
exampleA.id,
exampleB.id,
],
},
});
const workspaces = aws.iam.getPolicyDocument({
statements: [{
actions: ["sts:AssumeRole"],
principals: [{
type: "Service",
identifiers: ["workspaces.amazonaws.com"],
}],
}],
});
const workspacesDefault = new aws.iam.Role("workspaces_default", {
name: "workspaces_DefaultRole",
assumeRolePolicy: workspaces.then(workspaces => workspaces.json),
});
const workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_service_access", {
role: workspacesDefault.name,
policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess",
});
const workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", {
role: workspacesDefault.name,
policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess",
});
const exampleC = new aws.ec2.Subnet("example_c", {
vpcId: exampleVpc.id,
availabilityZone: "us-east-1c",
cidrBlock: "10.0.2.0/24",
});
const exampleD = new aws.ec2.Subnet("example_d", {
vpcId: exampleVpc.id,
availabilityZone: "us-east-1d",
cidrBlock: "10.0.3.0/24",
});
const example = new aws.workspaces.Directory("example", {
directoryId: exampleDirectory.id,
subnetIds: [
exampleC.id,
exampleD.id,
],
tags: {
Example: "true",
},
selfServicePermissions: {
changeComputeType: true,
increaseVolumeSize: true,
rebuildWorkspace: true,
restartWorkspace: true,
switchRunningMode: true,
},
workspaceAccessProperties: {
deviceTypeAndroid: "ALLOW",
deviceTypeChromeos: "ALLOW",
deviceTypeIos: "ALLOW",
deviceTypeLinux: "DENY",
deviceTypeOsx: "ALLOW",
deviceTypeWeb: "DENY",
deviceTypeWindows: "DENY",
deviceTypeZeroclient: "DENY",
},
workspaceCreationProperties: {
customSecurityGroupId: exampleAwsSecurityGroup.id,
defaultOu: "OU=AWS,DC=Workgroup,DC=Example,DC=com",
enableInternetAccess: true,
enableMaintenanceMode: true,
userEnabledAsLocalAdministrator: true,
},
}, {
dependsOn: [
workspacesDefaultServiceAccess,
workspacesDefaultSelfServiceAccess,
],
});
import pulumi
import pulumi_aws as aws
example_vpc = aws.ec2.Vpc("example", cidr_block="10.0.0.0/16")
example_a = aws.ec2.Subnet("example_a",
vpc_id=example_vpc.id,
availability_zone="us-east-1a",
cidr_block="10.0.0.0/24")
example_b = aws.ec2.Subnet("example_b",
vpc_id=example_vpc.id,
availability_zone="us-east-1b",
cidr_block="10.0.1.0/24")
example_directory = aws.directoryservice.Directory("example",
name="corp.example.com",
password="#S1ncerely",
size="Small",
vpc_settings={
"vpc_id": example_vpc.id,
"subnet_ids": [
example_a.id,
example_b.id,
],
})
workspaces = aws.iam.get_policy_document(statements=[{
"actions": ["sts:AssumeRole"],
"principals": [{
"type": "Service",
"identifiers": ["workspaces.amazonaws.com"],
}],
}])
workspaces_default = aws.iam.Role("workspaces_default",
name="workspaces_DefaultRole",
assume_role_policy=workspaces.json)
workspaces_default_service_access = aws.iam.RolePolicyAttachment("workspaces_default_service_access",
role=workspaces_default.name,
policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess")
workspaces_default_self_service_access = aws.iam.RolePolicyAttachment("workspaces_default_self_service_access",
role=workspaces_default.name,
policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess")
example_c = aws.ec2.Subnet("example_c",
vpc_id=example_vpc.id,
availability_zone="us-east-1c",
cidr_block="10.0.2.0/24")
example_d = aws.ec2.Subnet("example_d",
vpc_id=example_vpc.id,
availability_zone="us-east-1d",
cidr_block="10.0.3.0/24")
example = aws.workspaces.Directory("example",
directory_id=example_directory.id,
subnet_ids=[
example_c.id,
example_d.id,
],
tags={
"Example": "true",
},
self_service_permissions={
"change_compute_type": True,
"increase_volume_size": True,
"rebuild_workspace": True,
"restart_workspace": True,
"switch_running_mode": True,
},
workspace_access_properties={
"device_type_android": "ALLOW",
"device_type_chromeos": "ALLOW",
"device_type_ios": "ALLOW",
"device_type_linux": "DENY",
"device_type_osx": "ALLOW",
"device_type_web": "DENY",
"device_type_windows": "DENY",
"device_type_zeroclient": "DENY",
},
workspace_creation_properties={
"custom_security_group_id": example_aws_security_group["id"],
"default_ou": "OU=AWS,DC=Workgroup,DC=Example,DC=com",
"enable_internet_access": True,
"enable_maintenance_mode": True,
"user_enabled_as_local_administrator": True,
},
opts = pulumi.ResourceOptions(depends_on=[
workspaces_default_service_access,
workspaces_default_self_service_access,
]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleVpc, err := ec2.NewVpc(ctx, "example", &ec2.VpcArgs{
CidrBlock: pulumi.String("10.0.0.0/16"),
})
if err != nil {
return err
}
exampleA, err := ec2.NewSubnet(ctx, "example_a", &ec2.SubnetArgs{
VpcId: exampleVpc.ID(),
AvailabilityZone: pulumi.String("us-east-1a"),
CidrBlock: pulumi.String("10.0.0.0/24"),
})
if err != nil {
return err
}
exampleB, err := ec2.NewSubnet(ctx, "example_b", &ec2.SubnetArgs{
VpcId: exampleVpc.ID(),
AvailabilityZone: pulumi.String("us-east-1b"),
CidrBlock: pulumi.String("10.0.1.0/24"),
})
if err != nil {
return err
}
exampleDirectory, err := directoryservice.NewDirectory(ctx, "example", &directoryservice.DirectoryArgs{
Name: pulumi.String("corp.example.com"),
Password: pulumi.String("#S1ncerely"),
Size: pulumi.String("Small"),
VpcSettings: &directoryservice.DirectoryVpcSettingsArgs{
VpcId: exampleVpc.ID(),
SubnetIds: pulumi.StringArray{
exampleA.ID(),
exampleB.ID(),
},
},
})
if err != nil {
return err
}
workspaces, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
Statements: []iam.GetPolicyDocumentStatement{
{
Actions: []string{
"sts:AssumeRole",
},
Principals: []iam.GetPolicyDocumentStatementPrincipal{
{
Type: "Service",
Identifiers: []string{
"workspaces.amazonaws.com",
},
},
},
},
},
}, nil)
if err != nil {
return err
}
workspacesDefault, err := iam.NewRole(ctx, "workspaces_default", &iam.RoleArgs{
Name: pulumi.String("workspaces_DefaultRole"),
AssumeRolePolicy: pulumi.String(workspaces.Json),
})
if err != nil {
return err
}
workspacesDefaultServiceAccess, err := iam.NewRolePolicyAttachment(ctx, "workspaces_default_service_access", &iam.RolePolicyAttachmentArgs{
Role: workspacesDefault.Name,
PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess"),
})
if err != nil {
return err
}
workspacesDefaultSelfServiceAccess, err := iam.NewRolePolicyAttachment(ctx, "workspaces_default_self_service_access", &iam.RolePolicyAttachmentArgs{
Role: workspacesDefault.Name,
PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess"),
})
if err != nil {
return err
}
exampleC, err := ec2.NewSubnet(ctx, "example_c", &ec2.SubnetArgs{
VpcId: exampleVpc.ID(),
AvailabilityZone: pulumi.String("us-east-1c"),
CidrBlock: pulumi.String("10.0.2.0/24"),
})
if err != nil {
return err
}
exampleD, err := ec2.NewSubnet(ctx, "example_d", &ec2.SubnetArgs{
VpcId: exampleVpc.ID(),
AvailabilityZone: pulumi.String("us-east-1d"),
CidrBlock: pulumi.String("10.0.3.0/24"),
})
if err != nil {
return err
}
_, err = workspaces.NewDirectory(ctx, "example", &workspaces.DirectoryArgs{
DirectoryId: exampleDirectory.ID(),
SubnetIds: pulumi.StringArray{
exampleC.ID(),
exampleD.ID(),
},
Tags: pulumi.StringMap{
"Example": pulumi.String("true"),
},
SelfServicePermissions: &workspaces.DirectorySelfServicePermissionsArgs{
ChangeComputeType: pulumi.Bool(true),
IncreaseVolumeSize: pulumi.Bool(true),
RebuildWorkspace: pulumi.Bool(true),
RestartWorkspace: pulumi.Bool(true),
SwitchRunningMode: pulumi.Bool(true),
},
WorkspaceAccessProperties: &workspaces.DirectoryWorkspaceAccessPropertiesArgs{
DeviceTypeAndroid: pulumi.String("ALLOW"),
DeviceTypeChromeos: pulumi.String("ALLOW"),
DeviceTypeIos: pulumi.String("ALLOW"),
DeviceTypeLinux: pulumi.String("DENY"),
DeviceTypeOsx: pulumi.String("ALLOW"),
DeviceTypeWeb: pulumi.String("DENY"),
DeviceTypeWindows: pulumi.String("DENY"),
DeviceTypeZeroclient: pulumi.String("DENY"),
},
WorkspaceCreationProperties: &workspaces.DirectoryWorkspaceCreationPropertiesArgs{
CustomSecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),
DefaultOu: pulumi.String("OU=AWS,DC=Workgroup,DC=Example,DC=com"),
EnableInternetAccess: pulumi.Bool(true),
EnableMaintenanceMode: pulumi.Bool(true),
UserEnabledAsLocalAdministrator: pulumi.Bool(true),
},
}, pulumi.DependsOn([]pulumi.Resource{
workspacesDefaultServiceAccess,
workspacesDefaultSelfServiceAccess,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleVpc = new Aws.Ec2.Vpc("example", new()
{
CidrBlock = "10.0.0.0/16",
});
var exampleA = new Aws.Ec2.Subnet("example_a", new()
{
VpcId = exampleVpc.Id,
AvailabilityZone = "us-east-1a",
CidrBlock = "10.0.0.0/24",
});
var exampleB = new Aws.Ec2.Subnet("example_b", new()
{
VpcId = exampleVpc.Id,
AvailabilityZone = "us-east-1b",
CidrBlock = "10.0.1.0/24",
});
var exampleDirectory = new Aws.DirectoryService.Directory("example", new()
{
Name = "corp.example.com",
Password = "#S1ncerely",
Size = "Small",
VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs
{
VpcId = exampleVpc.Id,
SubnetIds = new[]
{
exampleA.Id,
exampleB.Id,
},
},
});
var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new()
{
Statements = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
{
Actions = new[]
{
"sts:AssumeRole",
},
Principals = new[]
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
{
Type = "Service",
Identifiers = new[]
{
"workspaces.amazonaws.com",
},
},
},
},
},
});
var workspacesDefault = new Aws.Iam.Role("workspaces_default", new()
{
Name = "workspaces_DefaultRole",
AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
});
var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_service_access", new()
{
Role = workspacesDefault.Name,
PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess",
});
var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_self_service_access", new()
{
Role = workspacesDefault.Name,
PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess",
});
var exampleC = new Aws.Ec2.Subnet("example_c", new()
{
VpcId = exampleVpc.Id,
AvailabilityZone = "us-east-1c",
CidrBlock = "10.0.2.0/24",
});
var exampleD = new Aws.Ec2.Subnet("example_d", new()
{
VpcId = exampleVpc.Id,
AvailabilityZone = "us-east-1d",
CidrBlock = "10.0.3.0/24",
});
var example = new Aws.Workspaces.Directory("example", new()
{
DirectoryId = exampleDirectory.Id,
SubnetIds = new[]
{
exampleC.Id,
exampleD.Id,
},
Tags =
{
{ "Example", "true" },
},
SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs
{
ChangeComputeType = true,
IncreaseVolumeSize = true,
RebuildWorkspace = true,
RestartWorkspace = true,
SwitchRunningMode = true,
},
WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs
{
DeviceTypeAndroid = "ALLOW",
DeviceTypeChromeos = "ALLOW",
DeviceTypeIos = "ALLOW",
DeviceTypeLinux = "DENY",
DeviceTypeOsx = "ALLOW",
DeviceTypeWeb = "DENY",
DeviceTypeWindows = "DENY",
DeviceTypeZeroclient = "DENY",
},
WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs
{
CustomSecurityGroupId = exampleAwsSecurityGroup.Id,
DefaultOu = "OU=AWS,DC=Workgroup,DC=Example,DC=com",
EnableInternetAccess = true,
EnableMaintenanceMode = true,
UserEnabledAsLocalAdministrator = true,
},
}, new CustomResourceOptions
{
DependsOn =
{
workspacesDefaultServiceAccess,
workspacesDefaultSelfServiceAccess,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.ec2.Subnet;
import com.pulumi.aws.ec2.SubnetArgs;
import com.pulumi.aws.directoryservice.Directory;
import com.pulumi.aws.directoryservice.DirectoryArgs;
import com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.workspaces.Directory;
import com.pulumi.aws.workspaces.DirectoryArgs;
import com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs;
import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs;
import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleVpc = new Vpc("exampleVpc", VpcArgs.builder()
.cidrBlock("10.0.0.0/16")
.build());
var exampleA = new Subnet("exampleA", SubnetArgs.builder()
.vpcId(exampleVpc.id())
.availabilityZone("us-east-1a")
.cidrBlock("10.0.0.0/24")
.build());
var exampleB = new Subnet("exampleB", SubnetArgs.builder()
.vpcId(exampleVpc.id())
.availabilityZone("us-east-1b")
.cidrBlock("10.0.1.0/24")
.build());
var exampleDirectory = new Directory("exampleDirectory", DirectoryArgs.builder()
.name("corp.example.com")
.password("#S1ncerely")
.size("Small")
.vpcSettings(DirectoryVpcSettingsArgs.builder()
.vpcId(exampleVpc.id())
.subnetIds(
exampleA.id(),
exampleB.id())
.build())
.build());
final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.actions("sts:AssumeRole")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("workspaces.amazonaws.com")
.build())
.build())
.build());
var workspacesDefault = new Role("workspacesDefault", RoleArgs.builder()
.name("workspaces_DefaultRole")
.assumeRolePolicy(workspaces.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var workspacesDefaultServiceAccess = new RolePolicyAttachment("workspacesDefaultServiceAccess", RolePolicyAttachmentArgs.builder()
.role(workspacesDefault.name())
.policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess")
.build());
var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment("workspacesDefaultSelfServiceAccess", RolePolicyAttachmentArgs.builder()
.role(workspacesDefault.name())
.policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess")
.build());
var exampleC = new Subnet("exampleC", SubnetArgs.builder()
.vpcId(exampleVpc.id())
.availabilityZone("us-east-1c")
.cidrBlock("10.0.2.0/24")
.build());
var exampleD = new Subnet("exampleD", SubnetArgs.builder()
.vpcId(exampleVpc.id())
.availabilityZone("us-east-1d")
.cidrBlock("10.0.3.0/24")
.build());
var example = new Directory("example", DirectoryArgs.builder()
.directoryId(exampleDirectory.id())
.subnetIds(
exampleC.id(),
exampleD.id())
.tags(Map.of("Example", true))
.selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()
.changeComputeType(true)
.increaseVolumeSize(true)
.rebuildWorkspace(true)
.restartWorkspace(true)
.switchRunningMode(true)
.build())
.workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()
.deviceTypeAndroid("ALLOW")
.deviceTypeChromeos("ALLOW")
.deviceTypeIos("ALLOW")
.deviceTypeLinux("DENY")
.deviceTypeOsx("ALLOW")
.deviceTypeWeb("DENY")
.deviceTypeWindows("DENY")
.deviceTypeZeroclient("DENY")
.build())
.workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()
.customSecurityGroupId(exampleAwsSecurityGroup.id())
.defaultOu("OU=AWS,DC=Workgroup,DC=Example,DC=com")
.enableInternetAccess(true)
.enableMaintenanceMode(true)
.userEnabledAsLocalAdministrator(true)
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(
workspacesDefaultServiceAccess,
workspacesDefaultSelfServiceAccess)
.build());
}
}
resources:
example:
type: aws:workspaces:Directory
properties:
directoryId: ${exampleDirectory.id}
subnetIds:
- ${exampleC.id}
- ${exampleD.id}
tags:
Example: true
selfServicePermissions:
changeComputeType: true
increaseVolumeSize: true
rebuildWorkspace: true
restartWorkspace: true
switchRunningMode: true
workspaceAccessProperties:
deviceTypeAndroid: ALLOW
deviceTypeChromeos: ALLOW
deviceTypeIos: ALLOW
deviceTypeLinux: DENY
deviceTypeOsx: ALLOW
deviceTypeWeb: DENY
deviceTypeWindows: DENY
deviceTypeZeroclient: DENY
workspaceCreationProperties:
customSecurityGroupId: ${exampleAwsSecurityGroup.id}
defaultOu: OU=AWS,DC=Workgroup,DC=Example,DC=com
enableInternetAccess: true
enableMaintenanceMode: true
userEnabledAsLocalAdministrator: true
options:
dependson:
- ${workspacesDefaultServiceAccess}
- ${workspacesDefaultSelfServiceAccess}
exampleDirectory:
type: aws:directoryservice:Directory
name: example
properties:
name: corp.example.com
password: '#S1ncerely'
size: Small
vpcSettings:
vpcId: ${exampleVpc.id}
subnetIds:
- ${exampleA.id}
- ${exampleB.id}
workspacesDefault:
type: aws:iam:Role
name: workspaces_default
properties:
name: workspaces_DefaultRole
assumeRolePolicy: ${workspaces.json}
workspacesDefaultServiceAccess:
type: aws:iam:RolePolicyAttachment
name: workspaces_default_service_access
properties:
role: ${workspacesDefault.name}
policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess
workspacesDefaultSelfServiceAccess:
type: aws:iam:RolePolicyAttachment
name: workspaces_default_self_service_access
properties:
role: ${workspacesDefault.name}
policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess
exampleVpc:
type: aws:ec2:Vpc
name: example
properties:
cidrBlock: 10.0.0.0/16
exampleA:
type: aws:ec2:Subnet
name: example_a
properties:
vpcId: ${exampleVpc.id}
availabilityZone: us-east-1a
cidrBlock: 10.0.0.0/24
exampleB:
type: aws:ec2:Subnet
name: example_b
properties:
vpcId: ${exampleVpc.id}
availabilityZone: us-east-1b
cidrBlock: 10.0.1.0/24
exampleC:
type: aws:ec2:Subnet
name: example_c
properties:
vpcId: ${exampleVpc.id}
availabilityZone: us-east-1c
cidrBlock: 10.0.2.0/24
exampleD:
type: aws:ec2:Subnet
name: example_d
properties:
vpcId: ${exampleVpc.id}
availabilityZone: us-east-1d
cidrBlock: 10.0.3.0/24
variables:
workspaces:
fn::invoke:
Function: aws:iam:getPolicyDocument
Arguments:
statements:
- actions:
- sts:AssumeRole
principals:
- type: Service
identifiers:
- workspaces.amazonaws.com
IP Groups
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleIpGroup = new aws.workspaces.IpGroup("example", {name: "example"});
const example = new aws.workspaces.Directory("example", {
directoryId: exampleAwsDirectoryServiceDirectory.id,
ipGroupIds: [exampleIpGroup.id],
});
import pulumi
import pulumi_aws as aws
example_ip_group = aws.workspaces.IpGroup("example", name="example")
example = aws.workspaces.Directory("example",
directory_id=example_aws_directory_service_directory["id"],
ip_group_ids=[example_ip_group.id])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleIpGroup, err := workspaces.NewIpGroup(ctx, "example", &workspaces.IpGroupArgs{
Name: pulumi.String("example"),
})
if err != nil {
return err
}
_, err = workspaces.NewDirectory(ctx, "example", &workspaces.DirectoryArgs{
DirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),
IpGroupIds: pulumi.StringArray{
exampleIpGroup.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleIpGroup = new Aws.Workspaces.IpGroup("example", new()
{
Name = "example",
});
var example = new Aws.Workspaces.Directory("example", new()
{
DirectoryId = exampleAwsDirectoryServiceDirectory.Id,
IpGroupIds = new[]
{
exampleIpGroup.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.workspaces.IpGroup;
import com.pulumi.aws.workspaces.IpGroupArgs;
import com.pulumi.aws.workspaces.Directory;
import com.pulumi.aws.workspaces.DirectoryArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleIpGroup = new IpGroup("exampleIpGroup", IpGroupArgs.builder()
.name("example")
.build());
var example = new Directory("example", DirectoryArgs.builder()
.directoryId(exampleAwsDirectoryServiceDirectory.id())
.ipGroupIds(exampleIpGroup.id())
.build());
}
}
resources:
example:
type: aws:workspaces:Directory
properties:
directoryId: ${exampleAwsDirectoryServiceDirectory.id}
ipGroupIds:
- ${exampleIpGroup.id}
exampleIpGroup:
type: aws:workspaces:IpGroup
name: example
properties:
name: example
Create Directory Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Directory(name: string, args: DirectoryArgs, opts?: CustomResourceOptions);
@overload
def Directory(resource_name: str,
args: DirectoryArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Directory(resource_name: str,
opts: Optional[ResourceOptions] = None,
directory_id: Optional[str] = None,
ip_group_ids: Optional[Sequence[str]] = None,
self_service_permissions: Optional[DirectorySelfServicePermissionsArgs] = None,
subnet_ids: Optional[Sequence[str]] = None,
tags: Optional[Mapping[str, str]] = None,
workspace_access_properties: Optional[DirectoryWorkspaceAccessPropertiesArgs] = None,
workspace_creation_properties: Optional[DirectoryWorkspaceCreationPropertiesArgs] = None)
func NewDirectory(ctx *Context, name string, args DirectoryArgs, opts ...ResourceOption) (*Directory, error)
public Directory(string name, DirectoryArgs args, CustomResourceOptions? opts = null)
public Directory(String name, DirectoryArgs args)
public Directory(String name, DirectoryArgs args, CustomResourceOptions options)
type: aws:workspaces:Directory
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsDirectoryResource = new Aws.Workspaces.Directory("awsDirectoryResource", new()
{
DirectoryId = "string",
IpGroupIds = new[]
{
"string",
},
SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs
{
ChangeComputeType = false,
IncreaseVolumeSize = false,
RebuildWorkspace = false,
RestartWorkspace = false,
SwitchRunningMode = false,
},
SubnetIds = new[]
{
"string",
},
Tags =
{
{ "string", "string" },
},
WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs
{
DeviceTypeAndroid = "string",
DeviceTypeChromeos = "string",
DeviceTypeIos = "string",
DeviceTypeLinux = "string",
DeviceTypeOsx = "string",
DeviceTypeWeb = "string",
DeviceTypeWindows = "string",
DeviceTypeZeroclient = "string",
},
WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs
{
CustomSecurityGroupId = "string",
DefaultOu = "string",
EnableInternetAccess = false,
EnableMaintenanceMode = false,
UserEnabledAsLocalAdministrator = false,
},
});
example, err := workspaces.NewDirectory(ctx, "awsDirectoryResource", &workspaces.DirectoryArgs{
DirectoryId: pulumi.String("string"),
IpGroupIds: pulumi.StringArray{
pulumi.String("string"),
},
SelfServicePermissions: &workspaces.DirectorySelfServicePermissionsArgs{
ChangeComputeType: pulumi.Bool(false),
IncreaseVolumeSize: pulumi.Bool(false),
RebuildWorkspace: pulumi.Bool(false),
RestartWorkspace: pulumi.Bool(false),
SwitchRunningMode: pulumi.Bool(false),
},
SubnetIds: pulumi.StringArray{
pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
WorkspaceAccessProperties: &workspaces.DirectoryWorkspaceAccessPropertiesArgs{
DeviceTypeAndroid: pulumi.String("string"),
DeviceTypeChromeos: pulumi.String("string"),
DeviceTypeIos: pulumi.String("string"),
DeviceTypeLinux: pulumi.String("string"),
DeviceTypeOsx: pulumi.String("string"),
DeviceTypeWeb: pulumi.String("string"),
DeviceTypeWindows: pulumi.String("string"),
DeviceTypeZeroclient: pulumi.String("string"),
},
WorkspaceCreationProperties: &workspaces.DirectoryWorkspaceCreationPropertiesArgs{
CustomSecurityGroupId: pulumi.String("string"),
DefaultOu: pulumi.String("string"),
EnableInternetAccess: pulumi.Bool(false),
EnableMaintenanceMode: pulumi.Bool(false),
UserEnabledAsLocalAdministrator: pulumi.Bool(false),
},
})
var awsDirectoryResource = new Directory("awsDirectoryResource", DirectoryArgs.builder()
.directoryId("string")
.ipGroupIds("string")
.selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()
.changeComputeType(false)
.increaseVolumeSize(false)
.rebuildWorkspace(false)
.restartWorkspace(false)
.switchRunningMode(false)
.build())
.subnetIds("string")
.tags(Map.of("string", "string"))
.workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()
.deviceTypeAndroid("string")
.deviceTypeChromeos("string")
.deviceTypeIos("string")
.deviceTypeLinux("string")
.deviceTypeOsx("string")
.deviceTypeWeb("string")
.deviceTypeWindows("string")
.deviceTypeZeroclient("string")
.build())
.workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()
.customSecurityGroupId("string")
.defaultOu("string")
.enableInternetAccess(false)
.enableMaintenanceMode(false)
.userEnabledAsLocalAdministrator(false)
.build())
.build());
aws_directory_resource = aws.workspaces.Directory("awsDirectoryResource",
directory_id="string",
ip_group_ids=["string"],
self_service_permissions={
"changeComputeType": False,
"increaseVolumeSize": False,
"rebuildWorkspace": False,
"restartWorkspace": False,
"switchRunningMode": False,
},
subnet_ids=["string"],
tags={
"string": "string",
},
workspace_access_properties={
"deviceTypeAndroid": "string",
"deviceTypeChromeos": "string",
"deviceTypeIos": "string",
"deviceTypeLinux": "string",
"deviceTypeOsx": "string",
"deviceTypeWeb": "string",
"deviceTypeWindows": "string",
"deviceTypeZeroclient": "string",
},
workspace_creation_properties={
"customSecurityGroupId": "string",
"defaultOu": "string",
"enableInternetAccess": False,
"enableMaintenanceMode": False,
"userEnabledAsLocalAdministrator": False,
})
const awsDirectoryResource = new aws.workspaces.Directory("awsDirectoryResource", {
directoryId: "string",
ipGroupIds: ["string"],
selfServicePermissions: {
changeComputeType: false,
increaseVolumeSize: false,
rebuildWorkspace: false,
restartWorkspace: false,
switchRunningMode: false,
},
subnetIds: ["string"],
tags: {
string: "string",
},
workspaceAccessProperties: {
deviceTypeAndroid: "string",
deviceTypeChromeos: "string",
deviceTypeIos: "string",
deviceTypeLinux: "string",
deviceTypeOsx: "string",
deviceTypeWeb: "string",
deviceTypeWindows: "string",
deviceTypeZeroclient: "string",
},
workspaceCreationProperties: {
customSecurityGroupId: "string",
defaultOu: "string",
enableInternetAccess: false,
enableMaintenanceMode: false,
userEnabledAsLocalAdministrator: false,
},
});
type: aws:workspaces:Directory
properties:
directoryId: string
ipGroupIds:
- string
selfServicePermissions:
changeComputeType: false
increaseVolumeSize: false
rebuildWorkspace: false
restartWorkspace: false
switchRunningMode: false
subnetIds:
- string
tags:
string: string
workspaceAccessProperties:
deviceTypeAndroid: string
deviceTypeChromeos: string
deviceTypeIos: string
deviceTypeLinux: string
deviceTypeOsx: string
deviceTypeWeb: string
deviceTypeWindows: string
deviceTypeZeroclient: string
workspaceCreationProperties:
customSecurityGroupId: string
defaultOu: string
enableInternetAccess: false
enableMaintenanceMode: false
userEnabledAsLocalAdministrator: false
Directory Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Directory resource accepts the following input properties:
- Directory
Id string - The directory identifier for registration in WorkSpaces service.
- Ip
Group List<string>Ids - The identifiers of the IP access control groups associated with the directory.
- Self
Service Pulumi.Permissions Aws. Workspaces. Inputs. Directory Self Service Permissions - Permissions to enable or disable self-service capabilities. Defined below.
- Subnet
Ids List<string> - The identifiers of the subnets where the directory resides.
- Dictionary<string, string>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Workspace
Access Pulumi.Properties Aws. Workspaces. Inputs. Directory Workspace Access Properties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- Workspace
Creation Pulumi.Properties Aws. Workspaces. Inputs. Directory Workspace Creation Properties - Default properties that are used for creating WorkSpaces. Defined below.
- Directory
Id string - The directory identifier for registration in WorkSpaces service.
- Ip
Group []stringIds - The identifiers of the IP access control groups associated with the directory.
- Self
Service DirectoryPermissions Self Service Permissions Args - Permissions to enable or disable self-service capabilities. Defined below.
- Subnet
Ids []string - The identifiers of the subnets where the directory resides.
- map[string]string
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Workspace
Access DirectoryProperties Workspace Access Properties Args - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- Workspace
Creation DirectoryProperties Workspace Creation Properties Args - Default properties that are used for creating WorkSpaces. Defined below.
- directory
Id String - The directory identifier for registration in WorkSpaces service.
- ip
Group List<String>Ids - The identifiers of the IP access control groups associated with the directory.
- self
Service DirectoryPermissions Self Service Permissions - Permissions to enable or disable self-service capabilities. Defined below.
- subnet
Ids List<String> - The identifiers of the subnets where the directory resides.
- Map<String,String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - workspace
Access DirectoryProperties Workspace Access Properties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace
Creation DirectoryProperties Workspace Creation Properties - Default properties that are used for creating WorkSpaces. Defined below.
- directory
Id string - The directory identifier for registration in WorkSpaces service.
- ip
Group string[]Ids - The identifiers of the IP access control groups associated with the directory.
- self
Service DirectoryPermissions Self Service Permissions - Permissions to enable or disable self-service capabilities. Defined below.
- subnet
Ids string[] - The identifiers of the subnets where the directory resides.
- {[key: string]: string}
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - workspace
Access DirectoryProperties Workspace Access Properties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace
Creation DirectoryProperties Workspace Creation Properties - Default properties that are used for creating WorkSpaces. Defined below.
- directory_
id str - The directory identifier for registration in WorkSpaces service.
- ip_
group_ Sequence[str]ids - The identifiers of the IP access control groups associated with the directory.
- self_
service_ Directorypermissions Self Service Permissions Args - Permissions to enable or disable self-service capabilities. Defined below.
- subnet_
ids Sequence[str] - The identifiers of the subnets where the directory resides.
- Mapping[str, str]
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - workspace_
access_ Directoryproperties Workspace Access Properties Args - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace_
creation_ Directoryproperties Workspace Creation Properties Args - Default properties that are used for creating WorkSpaces. Defined below.
- directory
Id String - The directory identifier for registration in WorkSpaces service.
- ip
Group List<String>Ids - The identifiers of the IP access control groups associated with the directory.
- self
Service Property MapPermissions - Permissions to enable or disable self-service capabilities. Defined below.
- subnet
Ids List<String> - The identifiers of the subnets where the directory resides.
- Map<String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - workspace
Access Property MapProperties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace
Creation Property MapProperties - Default properties that are used for creating WorkSpaces. Defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the Directory resource produces the following output properties:
- Alias string
- The directory alias.
- Customer
User stringName - The user name for the service account.
- Directory
Name string - The name of the directory.
- Directory
Type string - The directory type.
- Dns
Ip List<string>Addresses - The IP addresses of the DNS servers for the directory.
- Iam
Role stringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- Id string
- The provider-assigned unique ID for this managed resource.
- Registration
Code string - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Workspace
Security stringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- Alias string
- The directory alias.
- Customer
User stringName - The user name for the service account.
- Directory
Name string - The name of the directory.
- Directory
Type string - The directory type.
- Dns
Ip []stringAddresses - The IP addresses of the DNS servers for the directory.
- Iam
Role stringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- Id string
- The provider-assigned unique ID for this managed resource.
- Registration
Code string - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Workspace
Security stringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- customer
User StringName - The user name for the service account.
- directory
Name String - The name of the directory.
- directory
Type String - The directory type.
- dns
Ip List<String>Addresses - The IP addresses of the DNS servers for the directory.
- iam
Role StringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id String
- The provider-assigned unique ID for this managed resource.
- registration
Code String - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace
Security StringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- alias string
- The directory alias.
- customer
User stringName - The user name for the service account.
- directory
Name string - The name of the directory.
- directory
Type string - The directory type.
- dns
Ip string[]Addresses - The IP addresses of the DNS servers for the directory.
- iam
Role stringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id string
- The provider-assigned unique ID for this managed resource.
- registration
Code string - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace
Security stringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- alias str
- The directory alias.
- customer_
user_ strname - The user name for the service account.
- directory_
name str - The name of the directory.
- directory_
type str - The directory type.
- dns_
ip_ Sequence[str]addresses - The IP addresses of the DNS servers for the directory.
- iam_
role_ strid - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id str
- The provider-assigned unique ID for this managed resource.
- registration_
code str - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace_
security_ strgroup_ id - The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- customer
User StringName - The user name for the service account.
- directory
Name String - The name of the directory.
- directory
Type String - The directory type.
- dns
Ip List<String>Addresses - The IP addresses of the DNS servers for the directory.
- iam
Role StringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id String
- The provider-assigned unique ID for this managed resource.
- registration
Code String - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace
Security StringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
Look up Existing Directory Resource
Get an existing Directory resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DirectoryState, opts?: CustomResourceOptions): Directory
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
alias: Optional[str] = None,
customer_user_name: Optional[str] = None,
directory_id: Optional[str] = None,
directory_name: Optional[str] = None,
directory_type: Optional[str] = None,
dns_ip_addresses: Optional[Sequence[str]] = None,
iam_role_id: Optional[str] = None,
ip_group_ids: Optional[Sequence[str]] = None,
registration_code: Optional[str] = None,
self_service_permissions: Optional[DirectorySelfServicePermissionsArgs] = None,
subnet_ids: Optional[Sequence[str]] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
workspace_access_properties: Optional[DirectoryWorkspaceAccessPropertiesArgs] = None,
workspace_creation_properties: Optional[DirectoryWorkspaceCreationPropertiesArgs] = None,
workspace_security_group_id: Optional[str] = None) -> Directory
func GetDirectory(ctx *Context, name string, id IDInput, state *DirectoryState, opts ...ResourceOption) (*Directory, error)
public static Directory Get(string name, Input<string> id, DirectoryState? state, CustomResourceOptions? opts = null)
public static Directory get(String name, Output<String> id, DirectoryState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Alias string
- The directory alias.
- Customer
User stringName - The user name for the service account.
- Directory
Id string - The directory identifier for registration in WorkSpaces service.
- Directory
Name string - The name of the directory.
- Directory
Type string - The directory type.
- Dns
Ip List<string>Addresses - The IP addresses of the DNS servers for the directory.
- Iam
Role stringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- Ip
Group List<string>Ids - The identifiers of the IP access control groups associated with the directory.
- Registration
Code string - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Self
Service Pulumi.Permissions Aws. Workspaces. Inputs. Directory Self Service Permissions - Permissions to enable or disable self-service capabilities. Defined below.
- Subnet
Ids List<string> - The identifiers of the subnets where the directory resides.
- Dictionary<string, string>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Workspace
Access Pulumi.Properties Aws. Workspaces. Inputs. Directory Workspace Access Properties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- Workspace
Creation Pulumi.Properties Aws. Workspaces. Inputs. Directory Workspace Creation Properties - Default properties that are used for creating WorkSpaces. Defined below.
- Workspace
Security stringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- Alias string
- The directory alias.
- Customer
User stringName - The user name for the service account.
- Directory
Id string - The directory identifier for registration in WorkSpaces service.
- Directory
Name string - The name of the directory.
- Directory
Type string - The directory type.
- Dns
Ip []stringAddresses - The IP addresses of the DNS servers for the directory.
- Iam
Role stringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- Ip
Group []stringIds - The identifiers of the IP access control groups associated with the directory.
- Registration
Code string - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Self
Service DirectoryPermissions Self Service Permissions Args - Permissions to enable or disable self-service capabilities. Defined below.
- Subnet
Ids []string - The identifiers of the subnets where the directory resides.
- map[string]string
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Workspace
Access DirectoryProperties Workspace Access Properties Args - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- Workspace
Creation DirectoryProperties Workspace Creation Properties Args - Default properties that are used for creating WorkSpaces. Defined below.
- Workspace
Security stringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- customer
User StringName - The user name for the service account.
- directory
Id String - The directory identifier for registration in WorkSpaces service.
- directory
Name String - The name of the directory.
- directory
Type String - The directory type.
- dns
Ip List<String>Addresses - The IP addresses of the DNS servers for the directory.
- iam
Role StringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ip
Group List<String>Ids - The identifiers of the IP access control groups associated with the directory.
- registration
Code String - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- self
Service DirectoryPermissions Self Service Permissions - Permissions to enable or disable self-service capabilities. Defined below.
- subnet
Ids List<String> - The identifiers of the subnets where the directory resides.
- Map<String,String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace
Access DirectoryProperties Workspace Access Properties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace
Creation DirectoryProperties Workspace Creation Properties - Default properties that are used for creating WorkSpaces. Defined below.
- workspace
Security StringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- alias string
- The directory alias.
- customer
User stringName - The user name for the service account.
- directory
Id string - The directory identifier for registration in WorkSpaces service.
- directory
Name string - The name of the directory.
- directory
Type string - The directory type.
- dns
Ip string[]Addresses - The IP addresses of the DNS servers for the directory.
- iam
Role stringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ip
Group string[]Ids - The identifiers of the IP access control groups associated with the directory.
- registration
Code string - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- self
Service DirectoryPermissions Self Service Permissions - Permissions to enable or disable self-service capabilities. Defined below.
- subnet
Ids string[] - The identifiers of the subnets where the directory resides.
- {[key: string]: string}
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace
Access DirectoryProperties Workspace Access Properties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace
Creation DirectoryProperties Workspace Creation Properties - Default properties that are used for creating WorkSpaces. Defined below.
- workspace
Security stringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
- alias str
- The directory alias.
- customer_
user_ strname - The user name for the service account.
- directory_
id str - The directory identifier for registration in WorkSpaces service.
- directory_
name str - The name of the directory.
- directory_
type str - The directory type.
- dns_
ip_ Sequence[str]addresses - The IP addresses of the DNS servers for the directory.
- iam_
role_ strid - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ip_
group_ Sequence[str]ids - The identifiers of the IP access control groups associated with the directory.
- registration_
code str - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- self_
service_ Directorypermissions Self Service Permissions Args - Permissions to enable or disable self-service capabilities. Defined below.
- subnet_
ids Sequence[str] - The identifiers of the subnets where the directory resides.
- Mapping[str, str]
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace_
access_ Directoryproperties Workspace Access Properties Args - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace_
creation_ Directoryproperties Workspace Creation Properties Args - Default properties that are used for creating WorkSpaces. Defined below.
- workspace_
security_ strgroup_ id - The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- customer
User StringName - The user name for the service account.
- directory
Id String - The directory identifier for registration in WorkSpaces service.
- directory
Name String - The name of the directory.
- directory
Type String - The directory type.
- dns
Ip List<String>Addresses - The IP addresses of the DNS servers for the directory.
- iam
Role StringId - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ip
Group List<String>Ids - The identifiers of the IP access control groups associated with the directory.
- registration
Code String - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- self
Service Property MapPermissions - Permissions to enable or disable self-service capabilities. Defined below.
- subnet
Ids List<String> - The identifiers of the subnets where the directory resides.
- Map<String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - workspace
Access Property MapProperties - Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace
Creation Property MapProperties - Default properties that are used for creating WorkSpaces. Defined below.
- workspace
Security StringGroup Id - The identifier of the security group that is assigned to new WorkSpaces.
Supporting Types
DirectorySelfServicePermissions, DirectorySelfServicePermissionsArgs
- Change
Compute boolType - Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default
false
. - Increase
Volume boolSize - Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default
false
. - Rebuild
Workspace bool - Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default
false
. - Restart
Workspace bool - Whether WorkSpaces directory users can restart their workspace. Default
true
. - Switch
Running boolMode - Whether WorkSpaces directory users can switch the running mode of their workspace. Default
false
.
- Change
Compute boolType - Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default
false
. - Increase
Volume boolSize - Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default
false
. - Rebuild
Workspace bool - Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default
false
. - Restart
Workspace bool - Whether WorkSpaces directory users can restart their workspace. Default
true
. - Switch
Running boolMode - Whether WorkSpaces directory users can switch the running mode of their workspace. Default
false
.
- change
Compute BooleanType - Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default
false
. - increase
Volume BooleanSize - Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default
false
. - rebuild
Workspace Boolean - Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default
false
. - restart
Workspace Boolean - Whether WorkSpaces directory users can restart their workspace. Default
true
. - switch
Running BooleanMode - Whether WorkSpaces directory users can switch the running mode of their workspace. Default
false
.
- change
Compute booleanType - Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default
false
. - increase
Volume booleanSize - Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default
false
. - rebuild
Workspace boolean - Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default
false
. - restart
Workspace boolean - Whether WorkSpaces directory users can restart their workspace. Default
true
. - switch
Running booleanMode - Whether WorkSpaces directory users can switch the running mode of their workspace. Default
false
.
- change_
compute_ booltype - Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default
false
. - increase_
volume_ boolsize - Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default
false
. - rebuild_
workspace bool - Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default
false
. - restart_
workspace bool - Whether WorkSpaces directory users can restart their workspace. Default
true
. - switch_
running_ boolmode - Whether WorkSpaces directory users can switch the running mode of their workspace. Default
false
.
- change
Compute BooleanType - Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default
false
. - increase
Volume BooleanSize - Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default
false
. - rebuild
Workspace Boolean - Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default
false
. - restart
Workspace Boolean - Whether WorkSpaces directory users can restart their workspace. Default
true
. - switch
Running BooleanMode - Whether WorkSpaces directory users can switch the running mode of their workspace. Default
false
.
DirectoryWorkspaceAccessProperties, DirectoryWorkspaceAccessPropertiesArgs
- Device
Type stringAndroid - Indicates whether users can use Android devices to access their WorkSpaces.
- Device
Type stringChromeos - Indicates whether users can use Chromebooks to access their WorkSpaces.
- Device
Type stringIos - Indicates whether users can use iOS devices to access their WorkSpaces.
- Device
Type stringLinux - Indicates whether users can use Linux clients to access their WorkSpaces.
- Device
Type stringOsx - Indicates whether users can use macOS clients to access their WorkSpaces.
- Device
Type stringWeb - Indicates whether users can access their WorkSpaces through a web browser.
- Device
Type stringWindows - Indicates whether users can use Windows clients to access their WorkSpaces.
- Device
Type stringZeroclient - Indicates whether users can use zero client devices to access their WorkSpaces.
- Device
Type stringAndroid - Indicates whether users can use Android devices to access their WorkSpaces.
- Device
Type stringChromeos - Indicates whether users can use Chromebooks to access their WorkSpaces.
- Device
Type stringIos - Indicates whether users can use iOS devices to access their WorkSpaces.
- Device
Type stringLinux - Indicates whether users can use Linux clients to access their WorkSpaces.
- Device
Type stringOsx - Indicates whether users can use macOS clients to access their WorkSpaces.
- Device
Type stringWeb - Indicates whether users can access their WorkSpaces through a web browser.
- Device
Type stringWindows - Indicates whether users can use Windows clients to access their WorkSpaces.
- Device
Type stringZeroclient - Indicates whether users can use zero client devices to access their WorkSpaces.
- device
Type StringAndroid - Indicates whether users can use Android devices to access their WorkSpaces.
- device
Type StringChromeos - Indicates whether users can use Chromebooks to access their WorkSpaces.
- device
Type StringIos - Indicates whether users can use iOS devices to access their WorkSpaces.
- device
Type StringLinux - Indicates whether users can use Linux clients to access their WorkSpaces.
- device
Type StringOsx - Indicates whether users can use macOS clients to access their WorkSpaces.
- device
Type StringWeb - Indicates whether users can access their WorkSpaces through a web browser.
- device
Type StringWindows - Indicates whether users can use Windows clients to access their WorkSpaces.
- device
Type StringZeroclient - Indicates whether users can use zero client devices to access their WorkSpaces.
- device
Type stringAndroid - Indicates whether users can use Android devices to access their WorkSpaces.
- device
Type stringChromeos - Indicates whether users can use Chromebooks to access their WorkSpaces.
- device
Type stringIos - Indicates whether users can use iOS devices to access their WorkSpaces.
- device
Type stringLinux - Indicates whether users can use Linux clients to access their WorkSpaces.
- device
Type stringOsx - Indicates whether users can use macOS clients to access their WorkSpaces.
- device
Type stringWeb - Indicates whether users can access their WorkSpaces through a web browser.
- device
Type stringWindows - Indicates whether users can use Windows clients to access their WorkSpaces.
- device
Type stringZeroclient - Indicates whether users can use zero client devices to access their WorkSpaces.
- device_
type_ strandroid - Indicates whether users can use Android devices to access their WorkSpaces.
- device_
type_ strchromeos - Indicates whether users can use Chromebooks to access their WorkSpaces.
- device_
type_ strios - Indicates whether users can use iOS devices to access their WorkSpaces.
- device_
type_ strlinux - Indicates whether users can use Linux clients to access their WorkSpaces.
- device_
type_ strosx - Indicates whether users can use macOS clients to access their WorkSpaces.
- device_
type_ strweb - Indicates whether users can access their WorkSpaces through a web browser.
- device_
type_ strwindows - Indicates whether users can use Windows clients to access their WorkSpaces.
- device_
type_ strzeroclient - Indicates whether users can use zero client devices to access their WorkSpaces.
- device
Type StringAndroid - Indicates whether users can use Android devices to access their WorkSpaces.
- device
Type StringChromeos - Indicates whether users can use Chromebooks to access their WorkSpaces.
- device
Type StringIos - Indicates whether users can use iOS devices to access their WorkSpaces.
- device
Type StringLinux - Indicates whether users can use Linux clients to access their WorkSpaces.
- device
Type StringOsx - Indicates whether users can use macOS clients to access their WorkSpaces.
- device
Type StringWeb - Indicates whether users can access their WorkSpaces through a web browser.
- device
Type StringWindows - Indicates whether users can use Windows clients to access their WorkSpaces.
- device
Type StringZeroclient - Indicates whether users can use zero client devices to access their WorkSpaces.
DirectoryWorkspaceCreationProperties, DirectoryWorkspaceCreationPropertiesArgs
- Custom
Security stringGroup Id - The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- Default
Ou string - The default organizational unit (OU) for your WorkSpace directories. Should conform
"OU=<value>,DC=<value>,...,DC=<value>"
pattern. - Enable
Internet boolAccess - Indicates whether internet access is enabled for your WorkSpaces.
- Enable
Maintenance boolMode - Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- User
Enabled boolAs Local Administrator - Indicates whether users are local administrators of their WorkSpaces.
- Custom
Security stringGroup Id - The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- Default
Ou string - The default organizational unit (OU) for your WorkSpace directories. Should conform
"OU=<value>,DC=<value>,...,DC=<value>"
pattern. - Enable
Internet boolAccess - Indicates whether internet access is enabled for your WorkSpaces.
- Enable
Maintenance boolMode - Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- User
Enabled boolAs Local Administrator - Indicates whether users are local administrators of their WorkSpaces.
- custom
Security StringGroup Id - The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- default
Ou String - The default organizational unit (OU) for your WorkSpace directories. Should conform
"OU=<value>,DC=<value>,...,DC=<value>"
pattern. - enable
Internet BooleanAccess - Indicates whether internet access is enabled for your WorkSpaces.
- enable
Maintenance BooleanMode - Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- user
Enabled BooleanAs Local Administrator - Indicates whether users are local administrators of their WorkSpaces.
- custom
Security stringGroup Id - The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- default
Ou string - The default organizational unit (OU) for your WorkSpace directories. Should conform
"OU=<value>,DC=<value>,...,DC=<value>"
pattern. - enable
Internet booleanAccess - Indicates whether internet access is enabled for your WorkSpaces.
- enable
Maintenance booleanMode - Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- user
Enabled booleanAs Local Administrator - Indicates whether users are local administrators of their WorkSpaces.
- custom_
security_ strgroup_ id - The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- default_
ou str - The default organizational unit (OU) for your WorkSpace directories. Should conform
"OU=<value>,DC=<value>,...,DC=<value>"
pattern. - enable_
internet_ boolaccess - Indicates whether internet access is enabled for your WorkSpaces.
- enable_
maintenance_ boolmode - Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- user_
enabled_ boolas_ local_ administrator - Indicates whether users are local administrators of their WorkSpaces.
- custom
Security StringGroup Id - The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- default
Ou String - The default organizational unit (OU) for your WorkSpace directories. Should conform
"OU=<value>,DC=<value>,...,DC=<value>"
pattern. - enable
Internet BooleanAccess - Indicates whether internet access is enabled for your WorkSpaces.
- enable
Maintenance BooleanMode - Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- user
Enabled BooleanAs Local Administrator - Indicates whether users are local administrators of their WorkSpaces.
Import
Using pulumi import
, import Workspaces directory using the directory ID. For example:
$ pulumi import aws:workspaces/directory:Directory main d-4444444444
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.