Resource: awsGrafanaWorkspaceSamlConfiguration
Provides an Amazon Managed Grafana workspace SAML configuration resource.
Example Usage
Basic configuration
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsIamRoleAssume = new aws.iamRole.IamRole(this, "assume", {
assumeRolePolicy:
'${jsonencode({\n Version = "2012-10-17"\n Statement = [\n {\n Action = "sts:AssumeRole"\n Effect = "Allow"\n Sid = ""\n Principal = {\n Service = "grafana.amazonaws.com"\n }\n },\n ]\n })}',
name: "grafana-assume",
});
const awsGrafanaWorkspaceExample = new aws.grafanaWorkspace.GrafanaWorkspace(
this,
"example",
{
accountAccessType: "CURRENT_ACCOUNT",
authenticationProviders: ["SAML"],
permissionType: "SERVICE_MANAGED",
roleArn: awsIamRoleAssume.arn,
}
);
const awsGrafanaWorkspaceSamlConfigurationExample =
new aws.grafanaWorkspaceSamlConfiguration.GrafanaWorkspaceSamlConfiguration(
this,
"example_2",
{
editorRoleValues: ["editor"],
idpMetadataUrl: "https://my_idp_metadata.url",
workspaceId: awsGrafanaWorkspaceExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsGrafanaWorkspaceSamlConfigurationExample.overrideLogicalId("example");
Argument Reference
The following arguments are required:
editorRoleValues
- (Required) The editor role values.workspaceId
- (Required) The workspace id.
The following arguments are optional:
adminRoleValues
- (Optional) The admin role values.allowedOrganizations
- (Optional) The allowed organizations.emailAssertion
- (Optional) The email assertion.groupsAssertion
- (Optional) The groups assertion.idpMetadataUrl
- (Optional) The IDP Metadata URL. Note that eitheridpMetadataUrl
oridpMetadataXml
(but not both) must be specified.idpMetadataXml
- (Optional) The IDP Metadata XML. Note that eitheridpMetadataUrl
oridpMetadataXml
(but not both) must be specified.loginAssertion
- (Optional) The login assertion.loginValidityDuration
- (Optional) The login validity duration.nameAssertion
- (Optional) The name assertion.orgAssertion
- (Optional) The org assertion.roleAssertion
- (Optional) The role assertion.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
status
- The status of the SAML configuration.
Import
Grafana Workspace SAML configuration can be imported using the workspace's id
, e.g.,