aws.workspaces.Directory
Explore with Pulumi AI
Provides a WorkSpaces directory in AWS WorkSpaces Service.
NOTE: AWS WorkSpaces service requires
workspaces_DefaultRoleIAM role to operate normally.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleVpc = new aws.ec2.Vpc("example", {cidrBlock: "10.0.0.0/16"});
const exampleA = new aws.ec2.Subnet("example_a", {
    vpcId: exampleVpc.id,
    availabilityZone: "us-east-1a",
    cidrBlock: "10.0.0.0/24",
});
const exampleB = new aws.ec2.Subnet("example_b", {
    vpcId: exampleVpc.id,
    availabilityZone: "us-east-1b",
    cidrBlock: "10.0.1.0/24",
});
const exampleDirectory = new aws.directoryservice.Directory("example", {
    name: "corp.example.com",
    password: "#S1ncerely",
    size: "Small",
    vpcSettings: {
        vpcId: exampleVpc.id,
        subnetIds: [
            exampleA.id,
            exampleB.id,
        ],
    },
});
const workspaces = aws.iam.getPolicyDocument({
    statements: [{
        actions: ["sts:AssumeRole"],
        principals: [{
            type: "Service",
            identifiers: ["workspaces.amazonaws.com"],
        }],
    }],
});
const workspacesDefault = new aws.iam.Role("workspaces_default", {
    name: "workspaces_DefaultRole",
    assumeRolePolicy: workspaces.then(workspaces => workspaces.json),
});
const workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_service_access", {
    role: workspacesDefault.name,
    policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess",
});
const workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", {
    role: workspacesDefault.name,
    policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess",
});
const exampleC = new aws.ec2.Subnet("example_c", {
    vpcId: exampleVpc.id,
    availabilityZone: "us-east-1c",
    cidrBlock: "10.0.2.0/24",
});
const exampleD = new aws.ec2.Subnet("example_d", {
    vpcId: exampleVpc.id,
    availabilityZone: "us-east-1d",
    cidrBlock: "10.0.3.0/24",
});
const example = new aws.workspaces.Directory("example", {
    directoryId: exampleDirectory.id,
    subnetIds: [
        exampleC.id,
        exampleD.id,
    ],
    tags: {
        Example: "true",
    },
    certificateBasedAuthProperties: {
        certificateAuthorityArn: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
        status: "ENABLED",
    },
    samlProperties: {
        userAccessUrl: "https://sso.example.com/",
        status: "ENABLED",
    },
    selfServicePermissions: {
        changeComputeType: true,
        increaseVolumeSize: true,
        rebuildWorkspace: true,
        restartWorkspace: true,
        switchRunningMode: true,
    },
    workspaceAccessProperties: {
        deviceTypeAndroid: "ALLOW",
        deviceTypeChromeos: "ALLOW",
        deviceTypeIos: "ALLOW",
        deviceTypeLinux: "DENY",
        deviceTypeOsx: "ALLOW",
        deviceTypeWeb: "DENY",
        deviceTypeWindows: "DENY",
        deviceTypeZeroclient: "DENY",
    },
    workspaceCreationProperties: {
        customSecurityGroupId: exampleAwsSecurityGroup.id,
        defaultOu: "OU=AWS,DC=Workgroup,DC=Example,DC=com",
        enableInternetAccess: true,
        enableMaintenanceMode: true,
        userEnabledAsLocalAdministrator: true,
    },
}, {
    dependsOn: [
        workspacesDefaultServiceAccess,
        workspacesDefaultSelfServiceAccess,
    ],
});
import pulumi
import pulumi_aws as aws
example_vpc = aws.ec2.Vpc("example", cidr_block="10.0.0.0/16")
example_a = aws.ec2.Subnet("example_a",
    vpc_id=example_vpc.id,
    availability_zone="us-east-1a",
    cidr_block="10.0.0.0/24")
example_b = aws.ec2.Subnet("example_b",
    vpc_id=example_vpc.id,
    availability_zone="us-east-1b",
    cidr_block="10.0.1.0/24")
example_directory = aws.directoryservice.Directory("example",
    name="corp.example.com",
    password="#S1ncerely",
    size="Small",
    vpc_settings={
        "vpc_id": example_vpc.id,
        "subnet_ids": [
            example_a.id,
            example_b.id,
        ],
    })
workspaces = aws.iam.get_policy_document(statements=[{
    "actions": ["sts:AssumeRole"],
    "principals": [{
        "type": "Service",
        "identifiers": ["workspaces.amazonaws.com"],
    }],
}])
workspaces_default = aws.iam.Role("workspaces_default",
    name="workspaces_DefaultRole",
    assume_role_policy=workspaces.json)
workspaces_default_service_access = aws.iam.RolePolicyAttachment("workspaces_default_service_access",
    role=workspaces_default.name,
    policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess")
workspaces_default_self_service_access = aws.iam.RolePolicyAttachment("workspaces_default_self_service_access",
    role=workspaces_default.name,
    policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess")
example_c = aws.ec2.Subnet("example_c",
    vpc_id=example_vpc.id,
    availability_zone="us-east-1c",
    cidr_block="10.0.2.0/24")
example_d = aws.ec2.Subnet("example_d",
    vpc_id=example_vpc.id,
    availability_zone="us-east-1d",
    cidr_block="10.0.3.0/24")
example = aws.workspaces.Directory("example",
    directory_id=example_directory.id,
    subnet_ids=[
        example_c.id,
        example_d.id,
    ],
    tags={
        "Example": "true",
    },
    certificate_based_auth_properties={
        "certificate_authority_arn": "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
        "status": "ENABLED",
    },
    saml_properties={
        "user_access_url": "https://sso.example.com/",
        "status": "ENABLED",
    },
    self_service_permissions={
        "change_compute_type": True,
        "increase_volume_size": True,
        "rebuild_workspace": True,
        "restart_workspace": True,
        "switch_running_mode": True,
    },
    workspace_access_properties={
        "device_type_android": "ALLOW",
        "device_type_chromeos": "ALLOW",
        "device_type_ios": "ALLOW",
        "device_type_linux": "DENY",
        "device_type_osx": "ALLOW",
        "device_type_web": "DENY",
        "device_type_windows": "DENY",
        "device_type_zeroclient": "DENY",
    },
    workspace_creation_properties={
        "custom_security_group_id": example_aws_security_group["id"],
        "default_ou": "OU=AWS,DC=Workgroup,DC=Example,DC=com",
        "enable_internet_access": True,
        "enable_maintenance_mode": True,
        "user_enabled_as_local_administrator": True,
    },
    opts = pulumi.ResourceOptions(depends_on=[
            workspaces_default_service_access,
            workspaces_default_self_service_access,
        ]))
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleVpc, err := ec2.NewVpc(ctx, "example", &ec2.VpcArgs{
			CidrBlock: pulumi.String("10.0.0.0/16"),
		})
		if err != nil {
			return err
		}
		exampleA, err := ec2.NewSubnet(ctx, "example_a", &ec2.SubnetArgs{
			VpcId:            exampleVpc.ID(),
			AvailabilityZone: pulumi.String("us-east-1a"),
			CidrBlock:        pulumi.String("10.0.0.0/24"),
		})
		if err != nil {
			return err
		}
		exampleB, err := ec2.NewSubnet(ctx, "example_b", &ec2.SubnetArgs{
			VpcId:            exampleVpc.ID(),
			AvailabilityZone: pulumi.String("us-east-1b"),
			CidrBlock:        pulumi.String("10.0.1.0/24"),
		})
		if err != nil {
			return err
		}
		exampleDirectory, err := directoryservice.NewDirectory(ctx, "example", &directoryservice.DirectoryArgs{
			Name:     pulumi.String("corp.example.com"),
			Password: pulumi.String("#S1ncerely"),
			Size:     pulumi.String("Small"),
			VpcSettings: &directoryservice.DirectoryVpcSettingsArgs{
				VpcId: exampleVpc.ID(),
				SubnetIds: pulumi.StringArray{
					exampleA.ID(),
					exampleB.ID(),
				},
			},
		})
		if err != nil {
			return err
		}
		workspaces, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Actions: []string{
						"sts:AssumeRole",
					},
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"workspaces.amazonaws.com",
							},
						},
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		workspacesDefault, err := iam.NewRole(ctx, "workspaces_default", &iam.RoleArgs{
			Name:             pulumi.String("workspaces_DefaultRole"),
			AssumeRolePolicy: pulumi.String(workspaces.Json),
		})
		if err != nil {
			return err
		}
		workspacesDefaultServiceAccess, err := iam.NewRolePolicyAttachment(ctx, "workspaces_default_service_access", &iam.RolePolicyAttachmentArgs{
			Role:      workspacesDefault.Name,
			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess"),
		})
		if err != nil {
			return err
		}
		workspacesDefaultSelfServiceAccess, err := iam.NewRolePolicyAttachment(ctx, "workspaces_default_self_service_access", &iam.RolePolicyAttachmentArgs{
			Role:      workspacesDefault.Name,
			PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess"),
		})
		if err != nil {
			return err
		}
		exampleC, err := ec2.NewSubnet(ctx, "example_c", &ec2.SubnetArgs{
			VpcId:            exampleVpc.ID(),
			AvailabilityZone: pulumi.String("us-east-1c"),
			CidrBlock:        pulumi.String("10.0.2.0/24"),
		})
		if err != nil {
			return err
		}
		exampleD, err := ec2.NewSubnet(ctx, "example_d", &ec2.SubnetArgs{
			VpcId:            exampleVpc.ID(),
			AvailabilityZone: pulumi.String("us-east-1d"),
			CidrBlock:        pulumi.String("10.0.3.0/24"),
		})
		if err != nil {
			return err
		}
		_, err = workspaces.NewDirectory(ctx, "example", &workspaces.DirectoryArgs{
			DirectoryId: exampleDirectory.ID(),
			SubnetIds: pulumi.StringArray{
				exampleC.ID(),
				exampleD.ID(),
			},
			Tags: pulumi.StringMap{
				"Example": pulumi.String("true"),
			},
			CertificateBasedAuthProperties: &workspaces.DirectoryCertificateBasedAuthPropertiesArgs{
				CertificateAuthorityArn: pulumi.String("arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"),
				Status:                  pulumi.String("ENABLED"),
			},
			SamlProperties: &workspaces.DirectorySamlPropertiesArgs{
				UserAccessUrl: pulumi.String("https://sso.example.com/"),
				Status:        pulumi.String("ENABLED"),
			},
			SelfServicePermissions: &workspaces.DirectorySelfServicePermissionsArgs{
				ChangeComputeType:  pulumi.Bool(true),
				IncreaseVolumeSize: pulumi.Bool(true),
				RebuildWorkspace:   pulumi.Bool(true),
				RestartWorkspace:   pulumi.Bool(true),
				SwitchRunningMode:  pulumi.Bool(true),
			},
			WorkspaceAccessProperties: &workspaces.DirectoryWorkspaceAccessPropertiesArgs{
				DeviceTypeAndroid:    pulumi.String("ALLOW"),
				DeviceTypeChromeos:   pulumi.String("ALLOW"),
				DeviceTypeIos:        pulumi.String("ALLOW"),
				DeviceTypeLinux:      pulumi.String("DENY"),
				DeviceTypeOsx:        pulumi.String("ALLOW"),
				DeviceTypeWeb:        pulumi.String("DENY"),
				DeviceTypeWindows:    pulumi.String("DENY"),
				DeviceTypeZeroclient: pulumi.String("DENY"),
			},
			WorkspaceCreationProperties: &workspaces.DirectoryWorkspaceCreationPropertiesArgs{
				CustomSecurityGroupId:           pulumi.Any(exampleAwsSecurityGroup.Id),
				DefaultOu:                       pulumi.String("OU=AWS,DC=Workgroup,DC=Example,DC=com"),
				EnableInternetAccess:            pulumi.Bool(true),
				EnableMaintenanceMode:           pulumi.Bool(true),
				UserEnabledAsLocalAdministrator: pulumi.Bool(true),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			workspacesDefaultServiceAccess,
			workspacesDefaultSelfServiceAccess,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() => 
{
    var exampleVpc = new Aws.Ec2.Vpc("example", new()
    {
        CidrBlock = "10.0.0.0/16",
    });
    var exampleA = new Aws.Ec2.Subnet("example_a", new()
    {
        VpcId = exampleVpc.Id,
        AvailabilityZone = "us-east-1a",
        CidrBlock = "10.0.0.0/24",
    });
    var exampleB = new Aws.Ec2.Subnet("example_b", new()
    {
        VpcId = exampleVpc.Id,
        AvailabilityZone = "us-east-1b",
        CidrBlock = "10.0.1.0/24",
    });
    var exampleDirectory = new Aws.DirectoryService.Directory("example", new()
    {
        Name = "corp.example.com",
        Password = "#S1ncerely",
        Size = "Small",
        VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs
        {
            VpcId = exampleVpc.Id,
            SubnetIds = new[]
            {
                exampleA.Id,
                exampleB.Id,
            },
        },
    });
    var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Actions = new[]
                {
                    "sts:AssumeRole",
                },
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "workspaces.amazonaws.com",
                        },
                    },
                },
            },
        },
    });
    var workspacesDefault = new Aws.Iam.Role("workspaces_default", new()
    {
        Name = "workspaces_DefaultRole",
        AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });
    var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_service_access", new()
    {
        Role = workspacesDefault.Name,
        PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess",
    });
    var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_self_service_access", new()
    {
        Role = workspacesDefault.Name,
        PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess",
    });
    var exampleC = new Aws.Ec2.Subnet("example_c", new()
    {
        VpcId = exampleVpc.Id,
        AvailabilityZone = "us-east-1c",
        CidrBlock = "10.0.2.0/24",
    });
    var exampleD = new Aws.Ec2.Subnet("example_d", new()
    {
        VpcId = exampleVpc.Id,
        AvailabilityZone = "us-east-1d",
        CidrBlock = "10.0.3.0/24",
    });
    var example = new Aws.Workspaces.Directory("example", new()
    {
        DirectoryId = exampleDirectory.Id,
        SubnetIds = new[]
        {
            exampleC.Id,
            exampleD.Id,
        },
        Tags = 
        {
            { "Example", "true" },
        },
        CertificateBasedAuthProperties = new Aws.Workspaces.Inputs.DirectoryCertificateBasedAuthPropertiesArgs
        {
            CertificateAuthorityArn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012",
            Status = "ENABLED",
        },
        SamlProperties = new Aws.Workspaces.Inputs.DirectorySamlPropertiesArgs
        {
            UserAccessUrl = "https://sso.example.com/",
            Status = "ENABLED",
        },
        SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs
        {
            ChangeComputeType = true,
            IncreaseVolumeSize = true,
            RebuildWorkspace = true,
            RestartWorkspace = true,
            SwitchRunningMode = true,
        },
        WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs
        {
            DeviceTypeAndroid = "ALLOW",
            DeviceTypeChromeos = "ALLOW",
            DeviceTypeIos = "ALLOW",
            DeviceTypeLinux = "DENY",
            DeviceTypeOsx = "ALLOW",
            DeviceTypeWeb = "DENY",
            DeviceTypeWindows = "DENY",
            DeviceTypeZeroclient = "DENY",
        },
        WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs
        {
            CustomSecurityGroupId = exampleAwsSecurityGroup.Id,
            DefaultOu = "OU=AWS,DC=Workgroup,DC=Example,DC=com",
            EnableInternetAccess = true,
            EnableMaintenanceMode = true,
            UserEnabledAsLocalAdministrator = true,
        },
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            workspacesDefaultServiceAccess,
            workspacesDefaultSelfServiceAccess,
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.ec2.Subnet;
import com.pulumi.aws.ec2.SubnetArgs;
import com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.workspaces.inputs.DirectoryCertificateBasedAuthPropertiesArgs;
import com.pulumi.aws.workspaces.inputs.DirectorySamlPropertiesArgs;
import com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs;
import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs;
import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleVpc = new Vpc("exampleVpc", VpcArgs.builder()
            .cidrBlock("10.0.0.0/16")
            .build());
        var exampleA = new Subnet("exampleA", SubnetArgs.builder()
            .vpcId(exampleVpc.id())
            .availabilityZone("us-east-1a")
            .cidrBlock("10.0.0.0/24")
            .build());
        var exampleB = new Subnet("exampleB", SubnetArgs.builder()
            .vpcId(exampleVpc.id())
            .availabilityZone("us-east-1b")
            .cidrBlock("10.0.1.0/24")
            .build());
        var exampleDirectory = new com.pulumi.aws.directoryservice.Directory("exampleDirectory", com.pulumi.aws.directoryservice.DirectoryArgs.builder()
            .name("corp.example.com")
            .password("#S1ncerely")
            .size("Small")
            .vpcSettings(DirectoryVpcSettingsArgs.builder()
                .vpcId(exampleVpc.id())
                .subnetIds(                
                    exampleA.id(),
                    exampleB.id())
                .build())
            .build());
        final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("sts:AssumeRole")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("workspaces.amazonaws.com")
                    .build())
                .build())
            .build());
        var workspacesDefault = new Role("workspacesDefault", RoleArgs.builder()
            .name("workspaces_DefaultRole")
            .assumeRolePolicy(workspaces.json())
            .build());
        var workspacesDefaultServiceAccess = new RolePolicyAttachment("workspacesDefaultServiceAccess", RolePolicyAttachmentArgs.builder()
            .role(workspacesDefault.name())
            .policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess")
            .build());
        var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment("workspacesDefaultSelfServiceAccess", RolePolicyAttachmentArgs.builder()
            .role(workspacesDefault.name())
            .policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess")
            .build());
        var exampleC = new Subnet("exampleC", SubnetArgs.builder()
            .vpcId(exampleVpc.id())
            .availabilityZone("us-east-1c")
            .cidrBlock("10.0.2.0/24")
            .build());
        var exampleD = new Subnet("exampleD", SubnetArgs.builder()
            .vpcId(exampleVpc.id())
            .availabilityZone("us-east-1d")
            .cidrBlock("10.0.3.0/24")
            .build());
        var example = new com.pulumi.aws.workspaces.Directory("example", com.pulumi.aws.workspaces.DirectoryArgs.builder()
            .directoryId(exampleDirectory.id())
            .subnetIds(            
                exampleC.id(),
                exampleD.id())
            .tags(Map.of("Example", "true"))
            .certificateBasedAuthProperties(DirectoryCertificateBasedAuthPropertiesArgs.builder()
                .certificateAuthorityArn("arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012")
                .status("ENABLED")
                .build())
            .samlProperties(DirectorySamlPropertiesArgs.builder()
                .userAccessUrl("https://sso.example.com/")
                .status("ENABLED")
                .build())
            .selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()
                .changeComputeType(true)
                .increaseVolumeSize(true)
                .rebuildWorkspace(true)
                .restartWorkspace(true)
                .switchRunningMode(true)
                .build())
            .workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()
                .deviceTypeAndroid("ALLOW")
                .deviceTypeChromeos("ALLOW")
                .deviceTypeIos("ALLOW")
                .deviceTypeLinux("DENY")
                .deviceTypeOsx("ALLOW")
                .deviceTypeWeb("DENY")
                .deviceTypeWindows("DENY")
                .deviceTypeZeroclient("DENY")
                .build())
            .workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()
                .customSecurityGroupId(exampleAwsSecurityGroup.id())
                .defaultOu("OU=AWS,DC=Workgroup,DC=Example,DC=com")
                .enableInternetAccess(true)
                .enableMaintenanceMode(true)
                .userEnabledAsLocalAdministrator(true)
                .build())
            .build(), CustomResourceOptions.builder()
                .dependsOn(                
                    workspacesDefaultServiceAccess,
                    workspacesDefaultSelfServiceAccess)
                .build());
    }
}
resources:
  example:
    type: aws:workspaces:Directory
    properties:
      directoryId: ${exampleDirectory.id}
      subnetIds:
        - ${exampleC.id}
        - ${exampleD.id}
      tags:
        Example: true
      certificateBasedAuthProperties:
        certificateAuthorityArn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012
        status: ENABLED
      samlProperties:
        userAccessUrl: https://sso.example.com/
        status: ENABLED
      selfServicePermissions:
        changeComputeType: true
        increaseVolumeSize: true
        rebuildWorkspace: true
        restartWorkspace: true
        switchRunningMode: true
      workspaceAccessProperties:
        deviceTypeAndroid: ALLOW
        deviceTypeChromeos: ALLOW
        deviceTypeIos: ALLOW
        deviceTypeLinux: DENY
        deviceTypeOsx: ALLOW
        deviceTypeWeb: DENY
        deviceTypeWindows: DENY
        deviceTypeZeroclient: DENY
      workspaceCreationProperties:
        customSecurityGroupId: ${exampleAwsSecurityGroup.id}
        defaultOu: OU=AWS,DC=Workgroup,DC=Example,DC=com
        enableInternetAccess: true
        enableMaintenanceMode: true
        userEnabledAsLocalAdministrator: true
    options:
      dependsOn:
        - ${workspacesDefaultServiceAccess}
        - ${workspacesDefaultSelfServiceAccess}
  exampleDirectory:
    type: aws:directoryservice:Directory
    name: example
    properties:
      name: corp.example.com
      password: '#S1ncerely'
      size: Small
      vpcSettings:
        vpcId: ${exampleVpc.id}
        subnetIds:
          - ${exampleA.id}
          - ${exampleB.id}
  workspacesDefault:
    type: aws:iam:Role
    name: workspaces_default
    properties:
      name: workspaces_DefaultRole
      assumeRolePolicy: ${workspaces.json}
  workspacesDefaultServiceAccess:
    type: aws:iam:RolePolicyAttachment
    name: workspaces_default_service_access
    properties:
      role: ${workspacesDefault.name}
      policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess
  workspacesDefaultSelfServiceAccess:
    type: aws:iam:RolePolicyAttachment
    name: workspaces_default_self_service_access
    properties:
      role: ${workspacesDefault.name}
      policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess
  exampleVpc:
    type: aws:ec2:Vpc
    name: example
    properties:
      cidrBlock: 10.0.0.0/16
  exampleA:
    type: aws:ec2:Subnet
    name: example_a
    properties:
      vpcId: ${exampleVpc.id}
      availabilityZone: us-east-1a
      cidrBlock: 10.0.0.0/24
  exampleB:
    type: aws:ec2:Subnet
    name: example_b
    properties:
      vpcId: ${exampleVpc.id}
      availabilityZone: us-east-1b
      cidrBlock: 10.0.1.0/24
  exampleC:
    type: aws:ec2:Subnet
    name: example_c
    properties:
      vpcId: ${exampleVpc.id}
      availabilityZone: us-east-1c
      cidrBlock: 10.0.2.0/24
  exampleD:
    type: aws:ec2:Subnet
    name: example_d
    properties:
      vpcId: ${exampleVpc.id}
      availabilityZone: us-east-1d
      cidrBlock: 10.0.3.0/24
variables:
  workspaces:
    fn::invoke:
      function: aws:iam:getPolicyDocument
      arguments:
        statements:
          - actions:
              - sts:AssumeRole
            principals:
              - type: Service
                identifiers:
                  - workspaces.amazonaws.com
IP Groups
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleIpGroup = new aws.workspaces.IpGroup("example", {name: "example"});
const example = new aws.workspaces.Directory("example", {
    directoryId: exampleAwsDirectoryServiceDirectory.id,
    ipGroupIds: [exampleIpGroup.id],
});
import pulumi
import pulumi_aws as aws
example_ip_group = aws.workspaces.IpGroup("example", name="example")
example = aws.workspaces.Directory("example",
    directory_id=example_aws_directory_service_directory["id"],
    ip_group_ids=[example_ip_group.id])
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleIpGroup, err := workspaces.NewIpGroup(ctx, "example", &workspaces.IpGroupArgs{
			Name: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		_, err = workspaces.NewDirectory(ctx, "example", &workspaces.DirectoryArgs{
			DirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),
			IpGroupIds: pulumi.StringArray{
				exampleIpGroup.ID(),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() => 
{
    var exampleIpGroup = new Aws.Workspaces.IpGroup("example", new()
    {
        Name = "example",
    });
    var example = new Aws.Workspaces.Directory("example", new()
    {
        DirectoryId = exampleAwsDirectoryServiceDirectory.Id,
        IpGroupIds = new[]
        {
            exampleIpGroup.Id,
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.workspaces.IpGroup;
import com.pulumi.aws.workspaces.IpGroupArgs;
import com.pulumi.aws.workspaces.Directory;
import com.pulumi.aws.workspaces.DirectoryArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleIpGroup = new IpGroup("exampleIpGroup", IpGroupArgs.builder()
            .name("example")
            .build());
        var example = new Directory("example", DirectoryArgs.builder()
            .directoryId(exampleAwsDirectoryServiceDirectory.id())
            .ipGroupIds(exampleIpGroup.id())
            .build());
    }
}
resources:
  example:
    type: aws:workspaces:Directory
    properties:
      directoryId: ${exampleAwsDirectoryServiceDirectory.id}
      ipGroupIds:
        - ${exampleIpGroup.id}
  exampleIpGroup:
    type: aws:workspaces:IpGroup
    name: example
    properties:
      name: example
Create Directory Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Directory(name: string, args: DirectoryArgs, opts?: CustomResourceOptions);@overload
def Directory(resource_name: str,
              args: DirectoryArgs,
              opts: Optional[ResourceOptions] = None)
@overload
def Directory(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              directory_id: Optional[str] = None,
              certificate_based_auth_properties: Optional[DirectoryCertificateBasedAuthPropertiesArgs] = None,
              ip_group_ids: Optional[Sequence[str]] = None,
              saml_properties: Optional[DirectorySamlPropertiesArgs] = None,
              self_service_permissions: Optional[DirectorySelfServicePermissionsArgs] = None,
              subnet_ids: Optional[Sequence[str]] = None,
              tags: Optional[Mapping[str, str]] = None,
              workspace_access_properties: Optional[DirectoryWorkspaceAccessPropertiesArgs] = None,
              workspace_creation_properties: Optional[DirectoryWorkspaceCreationPropertiesArgs] = None)func NewDirectory(ctx *Context, name string, args DirectoryArgs, opts ...ResourceOption) (*Directory, error)public Directory(string name, DirectoryArgs args, CustomResourceOptions? opts = null)
public Directory(String name, DirectoryArgs args)
public Directory(String name, DirectoryArgs args, CustomResourceOptions options)
type: aws:workspaces:Directory
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DirectoryArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsDirectoryResource = new Aws.Workspaces.Directory("awsDirectoryResource", new()
{
    DirectoryId = "string",
    CertificateBasedAuthProperties = new Aws.Workspaces.Inputs.DirectoryCertificateBasedAuthPropertiesArgs
    {
        CertificateAuthorityArn = "string",
        Status = "string",
    },
    IpGroupIds = new[]
    {
        "string",
    },
    SamlProperties = new Aws.Workspaces.Inputs.DirectorySamlPropertiesArgs
    {
        RelayStateParameterName = "string",
        Status = "string",
        UserAccessUrl = "string",
    },
    SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs
    {
        ChangeComputeType = false,
        IncreaseVolumeSize = false,
        RebuildWorkspace = false,
        RestartWorkspace = false,
        SwitchRunningMode = false,
    },
    SubnetIds = new[]
    {
        "string",
    },
    Tags = 
    {
        { "string", "string" },
    },
    WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs
    {
        DeviceTypeAndroid = "string",
        DeviceTypeChromeos = "string",
        DeviceTypeIos = "string",
        DeviceTypeLinux = "string",
        DeviceTypeOsx = "string",
        DeviceTypeWeb = "string",
        DeviceTypeWindows = "string",
        DeviceTypeZeroclient = "string",
    },
    WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs
    {
        CustomSecurityGroupId = "string",
        DefaultOu = "string",
        EnableInternetAccess = false,
        EnableMaintenanceMode = false,
        UserEnabledAsLocalAdministrator = false,
    },
});
example, err := workspaces.NewDirectory(ctx, "awsDirectoryResource", &workspaces.DirectoryArgs{
	DirectoryId: pulumi.String("string"),
	CertificateBasedAuthProperties: &workspaces.DirectoryCertificateBasedAuthPropertiesArgs{
		CertificateAuthorityArn: pulumi.String("string"),
		Status:                  pulumi.String("string"),
	},
	IpGroupIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	SamlProperties: &workspaces.DirectorySamlPropertiesArgs{
		RelayStateParameterName: pulumi.String("string"),
		Status:                  pulumi.String("string"),
		UserAccessUrl:           pulumi.String("string"),
	},
	SelfServicePermissions: &workspaces.DirectorySelfServicePermissionsArgs{
		ChangeComputeType:  pulumi.Bool(false),
		IncreaseVolumeSize: pulumi.Bool(false),
		RebuildWorkspace:   pulumi.Bool(false),
		RestartWorkspace:   pulumi.Bool(false),
		SwitchRunningMode:  pulumi.Bool(false),
	},
	SubnetIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	WorkspaceAccessProperties: &workspaces.DirectoryWorkspaceAccessPropertiesArgs{
		DeviceTypeAndroid:    pulumi.String("string"),
		DeviceTypeChromeos:   pulumi.String("string"),
		DeviceTypeIos:        pulumi.String("string"),
		DeviceTypeLinux:      pulumi.String("string"),
		DeviceTypeOsx:        pulumi.String("string"),
		DeviceTypeWeb:        pulumi.String("string"),
		DeviceTypeWindows:    pulumi.String("string"),
		DeviceTypeZeroclient: pulumi.String("string"),
	},
	WorkspaceCreationProperties: &workspaces.DirectoryWorkspaceCreationPropertiesArgs{
		CustomSecurityGroupId:           pulumi.String("string"),
		DefaultOu:                       pulumi.String("string"),
		EnableInternetAccess:            pulumi.Bool(false),
		EnableMaintenanceMode:           pulumi.Bool(false),
		UserEnabledAsLocalAdministrator: pulumi.Bool(false),
	},
})
var awsDirectoryResource = new com.pulumi.aws.workspaces.Directory("awsDirectoryResource", com.pulumi.aws.workspaces.DirectoryArgs.builder()
    .directoryId("string")
    .certificateBasedAuthProperties(DirectoryCertificateBasedAuthPropertiesArgs.builder()
        .certificateAuthorityArn("string")
        .status("string")
        .build())
    .ipGroupIds("string")
    .samlProperties(DirectorySamlPropertiesArgs.builder()
        .relayStateParameterName("string")
        .status("string")
        .userAccessUrl("string")
        .build())
    .selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()
        .changeComputeType(false)
        .increaseVolumeSize(false)
        .rebuildWorkspace(false)
        .restartWorkspace(false)
        .switchRunningMode(false)
        .build())
    .subnetIds("string")
    .tags(Map.of("string", "string"))
    .workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()
        .deviceTypeAndroid("string")
        .deviceTypeChromeos("string")
        .deviceTypeIos("string")
        .deviceTypeLinux("string")
        .deviceTypeOsx("string")
        .deviceTypeWeb("string")
        .deviceTypeWindows("string")
        .deviceTypeZeroclient("string")
        .build())
    .workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()
        .customSecurityGroupId("string")
        .defaultOu("string")
        .enableInternetAccess(false)
        .enableMaintenanceMode(false)
        .userEnabledAsLocalAdministrator(false)
        .build())
    .build());
aws_directory_resource = aws.workspaces.Directory("awsDirectoryResource",
    directory_id="string",
    certificate_based_auth_properties={
        "certificate_authority_arn": "string",
        "status": "string",
    },
    ip_group_ids=["string"],
    saml_properties={
        "relay_state_parameter_name": "string",
        "status": "string",
        "user_access_url": "string",
    },
    self_service_permissions={
        "change_compute_type": False,
        "increase_volume_size": False,
        "rebuild_workspace": False,
        "restart_workspace": False,
        "switch_running_mode": False,
    },
    subnet_ids=["string"],
    tags={
        "string": "string",
    },
    workspace_access_properties={
        "device_type_android": "string",
        "device_type_chromeos": "string",
        "device_type_ios": "string",
        "device_type_linux": "string",
        "device_type_osx": "string",
        "device_type_web": "string",
        "device_type_windows": "string",
        "device_type_zeroclient": "string",
    },
    workspace_creation_properties={
        "custom_security_group_id": "string",
        "default_ou": "string",
        "enable_internet_access": False,
        "enable_maintenance_mode": False,
        "user_enabled_as_local_administrator": False,
    })
const awsDirectoryResource = new aws.workspaces.Directory("awsDirectoryResource", {
    directoryId: "string",
    certificateBasedAuthProperties: {
        certificateAuthorityArn: "string",
        status: "string",
    },
    ipGroupIds: ["string"],
    samlProperties: {
        relayStateParameterName: "string",
        status: "string",
        userAccessUrl: "string",
    },
    selfServicePermissions: {
        changeComputeType: false,
        increaseVolumeSize: false,
        rebuildWorkspace: false,
        restartWorkspace: false,
        switchRunningMode: false,
    },
    subnetIds: ["string"],
    tags: {
        string: "string",
    },
    workspaceAccessProperties: {
        deviceTypeAndroid: "string",
        deviceTypeChromeos: "string",
        deviceTypeIos: "string",
        deviceTypeLinux: "string",
        deviceTypeOsx: "string",
        deviceTypeWeb: "string",
        deviceTypeWindows: "string",
        deviceTypeZeroclient: "string",
    },
    workspaceCreationProperties: {
        customSecurityGroupId: "string",
        defaultOu: "string",
        enableInternetAccess: false,
        enableMaintenanceMode: false,
        userEnabledAsLocalAdministrator: false,
    },
});
type: aws:workspaces:Directory
properties:
    certificateBasedAuthProperties:
        certificateAuthorityArn: string
        status: string
    directoryId: string
    ipGroupIds:
        - string
    samlProperties:
        relayStateParameterName: string
        status: string
        userAccessUrl: string
    selfServicePermissions:
        changeComputeType: false
        increaseVolumeSize: false
        rebuildWorkspace: false
        restartWorkspace: false
        switchRunningMode: false
    subnetIds:
        - string
    tags:
        string: string
    workspaceAccessProperties:
        deviceTypeAndroid: string
        deviceTypeChromeos: string
        deviceTypeIos: string
        deviceTypeLinux: string
        deviceTypeOsx: string
        deviceTypeWeb: string
        deviceTypeWindows: string
        deviceTypeZeroclient: string
    workspaceCreationProperties:
        customSecurityGroupId: string
        defaultOu: string
        enableInternetAccess: false
        enableMaintenanceMode: false
        userEnabledAsLocalAdministrator: false
Directory Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Directory resource accepts the following input properties:
- DirectoryId string
- The directory identifier for registration in WorkSpaces service.
- CertificateBased DirectoryAuth Properties Certificate Based Auth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- IpGroup List<string>Ids 
- The identifiers of the IP access control groups associated with the directory.
- SamlProperties DirectorySaml Properties 
- Configuration of SAML authentication integration. Defined below.
- SelfService DirectoryPermissions Self Service Permissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- SubnetIds List<string>
- The identifiers of the subnets where the directory resides.
- Dictionary<string, string>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- WorkspaceAccess DirectoryProperties Workspace Access Properties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- WorkspaceCreation DirectoryProperties Workspace Creation Properties 
- Default properties that are used for creating WorkSpaces. Defined below.
- DirectoryId string
- The directory identifier for registration in WorkSpaces service.
- CertificateBased DirectoryAuth Properties Certificate Based Auth Properties Args 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- IpGroup []stringIds 
- The identifiers of the IP access control groups associated with the directory.
- SamlProperties DirectorySaml Properties Args 
- Configuration of SAML authentication integration. Defined below.
- SelfService DirectoryPermissions Self Service Permissions Args 
- Permissions to enable or disable self-service capabilities. Defined below.
- SubnetIds []string
- The identifiers of the subnets where the directory resides.
- map[string]string
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- WorkspaceAccess DirectoryProperties Workspace Access Properties Args 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- WorkspaceCreation DirectoryProperties Workspace Creation Properties Args 
- Default properties that are used for creating WorkSpaces. Defined below.
- directoryId String
- The directory identifier for registration in WorkSpaces service.
- certificateBased DirectoryAuth Properties Certificate Based Auth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- ipGroup List<String>Ids 
- The identifiers of the IP access control groups associated with the directory.
- samlProperties DirectorySaml Properties 
- Configuration of SAML authentication integration. Defined below.
- selfService DirectoryPermissions Self Service Permissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnetIds List<String>
- The identifiers of the subnets where the directory resides.
- Map<String,String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- workspaceAccess DirectoryProperties Workspace Access Properties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspaceCreation DirectoryProperties Workspace Creation Properties 
- Default properties that are used for creating WorkSpaces. Defined below.
- directoryId string
- The directory identifier for registration in WorkSpaces service.
- certificateBased DirectoryAuth Properties Certificate Based Auth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- ipGroup string[]Ids 
- The identifiers of the IP access control groups associated with the directory.
- samlProperties DirectorySaml Properties 
- Configuration of SAML authentication integration. Defined below.
- selfService DirectoryPermissions Self Service Permissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnetIds string[]
- The identifiers of the subnets where the directory resides.
- {[key: string]: string}
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- workspaceAccess DirectoryProperties Workspace Access Properties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspaceCreation DirectoryProperties Workspace Creation Properties 
- Default properties that are used for creating WorkSpaces. Defined below.
- directory_id str
- The directory identifier for registration in WorkSpaces service.
- certificate_based_ Directoryauth_ properties Certificate Based Auth Properties Args 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- ip_group_ Sequence[str]ids 
- The identifiers of the IP access control groups associated with the directory.
- saml_properties DirectorySaml Properties Args 
- Configuration of SAML authentication integration. Defined below.
- self_service_ Directorypermissions Self Service Permissions Args 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnet_ids Sequence[str]
- The identifiers of the subnets where the directory resides.
- Mapping[str, str]
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- workspace_access_ Directoryproperties Workspace Access Properties Args 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace_creation_ Directoryproperties Workspace Creation Properties Args 
- Default properties that are used for creating WorkSpaces. Defined below.
- directoryId String
- The directory identifier for registration in WorkSpaces service.
- certificateBased Property MapAuth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- ipGroup List<String>Ids 
- The identifiers of the IP access control groups associated with the directory.
- samlProperties Property Map
- Configuration of SAML authentication integration. Defined below.
- selfService Property MapPermissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnetIds List<String>
- The identifiers of the subnets where the directory resides.
- Map<String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- workspaceAccess Property MapProperties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspaceCreation Property MapProperties 
- Default properties that are used for creating WorkSpaces. Defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the Directory resource produces the following output properties:
- Alias string
- The directory alias.
- CustomerUser stringName 
- The user name for the service account.
- DirectoryName string
- The name of the directory.
- DirectoryType string
- The directory type.
- DnsIp List<string>Addresses 
- The IP addresses of the DNS servers for the directory.
- IamRole stringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- Id string
- The provider-assigned unique ID for this managed resource.
- RegistrationCode string
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- WorkspaceSecurity stringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- Alias string
- The directory alias.
- CustomerUser stringName 
- The user name for the service account.
- DirectoryName string
- The name of the directory.
- DirectoryType string
- The directory type.
- DnsIp []stringAddresses 
- The IP addresses of the DNS servers for the directory.
- IamRole stringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- Id string
- The provider-assigned unique ID for this managed resource.
- RegistrationCode string
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- map[string]string
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- WorkspaceSecurity stringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- customerUser StringName 
- The user name for the service account.
- directoryName String
- The name of the directory.
- directoryType String
- The directory type.
- dnsIp List<String>Addresses 
- The IP addresses of the DNS servers for the directory.
- iamRole StringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id String
- The provider-assigned unique ID for this managed resource.
- registrationCode String
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspaceSecurity StringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias string
- The directory alias.
- customerUser stringName 
- The user name for the service account.
- directoryName string
- The name of the directory.
- directoryType string
- The directory type.
- dnsIp string[]Addresses 
- The IP addresses of the DNS servers for the directory.
- iamRole stringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id string
- The provider-assigned unique ID for this managed resource.
- registrationCode string
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspaceSecurity stringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias str
- The directory alias.
- customer_user_ strname 
- The user name for the service account.
- directory_name str
- The name of the directory.
- directory_type str
- The directory type.
- dns_ip_ Sequence[str]addresses 
- The IP addresses of the DNS servers for the directory.
- iam_role_ strid 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id str
- The provider-assigned unique ID for this managed resource.
- registration_code str
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspace_security_ strgroup_ id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- customerUser StringName 
- The user name for the service account.
- directoryName String
- The name of the directory.
- directoryType String
- The directory type.
- dnsIp List<String>Addresses 
- The IP addresses of the DNS servers for the directory.
- iamRole StringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- id String
- The provider-assigned unique ID for this managed resource.
- registrationCode String
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- Map<String>
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspaceSecurity StringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
Look up Existing Directory Resource
Get an existing Directory resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DirectoryState, opts?: CustomResourceOptions): Directory@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        alias: Optional[str] = None,
        certificate_based_auth_properties: Optional[DirectoryCertificateBasedAuthPropertiesArgs] = None,
        customer_user_name: Optional[str] = None,
        directory_id: Optional[str] = None,
        directory_name: Optional[str] = None,
        directory_type: Optional[str] = None,
        dns_ip_addresses: Optional[Sequence[str]] = None,
        iam_role_id: Optional[str] = None,
        ip_group_ids: Optional[Sequence[str]] = None,
        registration_code: Optional[str] = None,
        saml_properties: Optional[DirectorySamlPropertiesArgs] = None,
        self_service_permissions: Optional[DirectorySelfServicePermissionsArgs] = None,
        subnet_ids: Optional[Sequence[str]] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        workspace_access_properties: Optional[DirectoryWorkspaceAccessPropertiesArgs] = None,
        workspace_creation_properties: Optional[DirectoryWorkspaceCreationPropertiesArgs] = None,
        workspace_security_group_id: Optional[str] = None) -> Directoryfunc GetDirectory(ctx *Context, name string, id IDInput, state *DirectoryState, opts ...ResourceOption) (*Directory, error)public static Directory Get(string name, Input<string> id, DirectoryState? state, CustomResourceOptions? opts = null)public static Directory get(String name, Output<String> id, DirectoryState state, CustomResourceOptions options)resources:  _:    type: aws:workspaces:Directory    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Alias string
- The directory alias.
- CertificateBased DirectoryAuth Properties Certificate Based Auth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- CustomerUser stringName 
- The user name for the service account.
- DirectoryId string
- The directory identifier for registration in WorkSpaces service.
- DirectoryName string
- The name of the directory.
- DirectoryType string
- The directory type.
- DnsIp List<string>Addresses 
- The IP addresses of the DNS servers for the directory.
- IamRole stringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- IpGroup List<string>Ids 
- The identifiers of the IP access control groups associated with the directory.
- RegistrationCode string
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- SamlProperties DirectorySaml Properties 
- Configuration of SAML authentication integration. Defined below.
- SelfService DirectoryPermissions Self Service Permissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- SubnetIds List<string>
- The identifiers of the subnets where the directory resides.
- Dictionary<string, string>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- WorkspaceAccess DirectoryProperties Workspace Access Properties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- WorkspaceCreation DirectoryProperties Workspace Creation Properties 
- Default properties that are used for creating WorkSpaces. Defined below.
- WorkspaceSecurity stringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- Alias string
- The directory alias.
- CertificateBased DirectoryAuth Properties Certificate Based Auth Properties Args 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- CustomerUser stringName 
- The user name for the service account.
- DirectoryId string
- The directory identifier for registration in WorkSpaces service.
- DirectoryName string
- The name of the directory.
- DirectoryType string
- The directory type.
- DnsIp []stringAddresses 
- The IP addresses of the DNS servers for the directory.
- IamRole stringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- IpGroup []stringIds 
- The identifiers of the IP access control groups associated with the directory.
- RegistrationCode string
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- SamlProperties DirectorySaml Properties Args 
- Configuration of SAML authentication integration. Defined below.
- SelfService DirectoryPermissions Self Service Permissions Args 
- Permissions to enable or disable self-service capabilities. Defined below.
- SubnetIds []string
- The identifiers of the subnets where the directory resides.
- map[string]string
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- map[string]string
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- WorkspaceAccess DirectoryProperties Workspace Access Properties Args 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- WorkspaceCreation DirectoryProperties Workspace Creation Properties Args 
- Default properties that are used for creating WorkSpaces. Defined below.
- WorkspaceSecurity stringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- certificateBased DirectoryAuth Properties Certificate Based Auth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- customerUser StringName 
- The user name for the service account.
- directoryId String
- The directory identifier for registration in WorkSpaces service.
- directoryName String
- The name of the directory.
- directoryType String
- The directory type.
- dnsIp List<String>Addresses 
- The IP addresses of the DNS servers for the directory.
- iamRole StringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ipGroup List<String>Ids 
- The identifiers of the IP access control groups associated with the directory.
- registrationCode String
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- samlProperties DirectorySaml Properties 
- Configuration of SAML authentication integration. Defined below.
- selfService DirectoryPermissions Self Service Permissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnetIds List<String>
- The identifiers of the subnets where the directory resides.
- Map<String,String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspaceAccess DirectoryProperties Workspace Access Properties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspaceCreation DirectoryProperties Workspace Creation Properties 
- Default properties that are used for creating WorkSpaces. Defined below.
- workspaceSecurity StringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias string
- The directory alias.
- certificateBased DirectoryAuth Properties Certificate Based Auth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- customerUser stringName 
- The user name for the service account.
- directoryId string
- The directory identifier for registration in WorkSpaces service.
- directoryName string
- The name of the directory.
- directoryType string
- The directory type.
- dnsIp string[]Addresses 
- The IP addresses of the DNS servers for the directory.
- iamRole stringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ipGroup string[]Ids 
- The identifiers of the IP access control groups associated with the directory.
- registrationCode string
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- samlProperties DirectorySaml Properties 
- Configuration of SAML authentication integration. Defined below.
- selfService DirectoryPermissions Self Service Permissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnetIds string[]
- The identifiers of the subnets where the directory resides.
- {[key: string]: string}
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspaceAccess DirectoryProperties Workspace Access Properties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspaceCreation DirectoryProperties Workspace Creation Properties 
- Default properties that are used for creating WorkSpaces. Defined below.
- workspaceSecurity stringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias str
- The directory alias.
- certificate_based_ Directoryauth_ properties Certificate Based Auth Properties Args 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- customer_user_ strname 
- The user name for the service account.
- directory_id str
- The directory identifier for registration in WorkSpaces service.
- directory_name str
- The name of the directory.
- directory_type str
- The directory type.
- dns_ip_ Sequence[str]addresses 
- The IP addresses of the DNS servers for the directory.
- iam_role_ strid 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ip_group_ Sequence[str]ids 
- The identifiers of the IP access control groups associated with the directory.
- registration_code str
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- saml_properties DirectorySaml Properties Args 
- Configuration of SAML authentication integration. Defined below.
- self_service_ Directorypermissions Self Service Permissions Args 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnet_ids Sequence[str]
- The identifiers of the subnets where the directory resides.
- Mapping[str, str]
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspace_access_ Directoryproperties Workspace Access Properties Args 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspace_creation_ Directoryproperties Workspace Creation Properties Args 
- Default properties that are used for creating WorkSpaces. Defined below.
- workspace_security_ strgroup_ id 
- The identifier of the security group that is assigned to new WorkSpaces.
- alias String
- The directory alias.
- certificateBased Property MapAuth Properties 
- Configuration of certificate-based authentication (CBA) integration. Requires SAML authentication to be enabled. Defined below.
- customerUser StringName 
- The user name for the service account.
- directoryId String
- The directory identifier for registration in WorkSpaces service.
- directoryName String
- The name of the directory.
- directoryType String
- The directory type.
- dnsIp List<String>Addresses 
- The IP addresses of the DNS servers for the directory.
- iamRole StringId 
- The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf.
- ipGroup List<String>Ids 
- The identifiers of the IP access control groups associated with the directory.
- registrationCode String
- The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory.
- samlProperties Property Map
- Configuration of SAML authentication integration. Defined below.
- selfService Property MapPermissions 
- Permissions to enable or disable self-service capabilities. Defined below.
- subnetIds List<String>
- The identifiers of the subnets where the directory resides.
- Map<String>
- A map of tags assigned to the WorkSpaces directory. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Map<String>
- A map of tags assigned to the resource, including those inherited from the provider default_tagsconfiguration block.
- workspaceAccess Property MapProperties 
- Specifies which devices and operating systems users can use to access their WorkSpaces. Defined below.
- workspaceCreation Property MapProperties 
- Default properties that are used for creating WorkSpaces. Defined below.
- workspaceSecurity StringGroup Id 
- The identifier of the security group that is assigned to new WorkSpaces.
Supporting Types
DirectoryCertificateBasedAuthProperties, DirectoryCertificateBasedAuthPropertiesArgs          
- string
- The Amazon Resource Name (ARN) of the certificate manager private certificate authority (ACM-PCA) that is used for certificate-based authentication.
- Status string
- Status of certificate-based authentication. Default DISABLED.
- string
- The Amazon Resource Name (ARN) of the certificate manager private certificate authority (ACM-PCA) that is used for certificate-based authentication.
- Status string
- Status of certificate-based authentication. Default DISABLED.
- String
- The Amazon Resource Name (ARN) of the certificate manager private certificate authority (ACM-PCA) that is used for certificate-based authentication.
- status String
- Status of certificate-based authentication. Default DISABLED.
- string
- The Amazon Resource Name (ARN) of the certificate manager private certificate authority (ACM-PCA) that is used for certificate-based authentication.
- status string
- Status of certificate-based authentication. Default DISABLED.
- str
- The Amazon Resource Name (ARN) of the certificate manager private certificate authority (ACM-PCA) that is used for certificate-based authentication.
- status str
- Status of certificate-based authentication. Default DISABLED.
- String
- The Amazon Resource Name (ARN) of the certificate manager private certificate authority (ACM-PCA) that is used for certificate-based authentication.
- status String
- Status of certificate-based authentication. Default DISABLED.
DirectorySamlProperties, DirectorySamlPropertiesArgs      
- RelayState stringParameter Name 
- The relay state parameter name supported by the SAML 2.0 identity provider (IdP). Default RelayState.
- Status string
- Status of SAML 2.0 authentication. Default DISABLED.
- UserAccess stringUrl 
- The SAML 2.0 identity provider (IdP) user access URL.
- RelayState stringParameter Name 
- The relay state parameter name supported by the SAML 2.0 identity provider (IdP). Default RelayState.
- Status string
- Status of SAML 2.0 authentication. Default DISABLED.
- UserAccess stringUrl 
- The SAML 2.0 identity provider (IdP) user access URL.
- relayState StringParameter Name 
- The relay state parameter name supported by the SAML 2.0 identity provider (IdP). Default RelayState.
- status String
- Status of SAML 2.0 authentication. Default DISABLED.
- userAccess StringUrl 
- The SAML 2.0 identity provider (IdP) user access URL.
- relayState stringParameter Name 
- The relay state parameter name supported by the SAML 2.0 identity provider (IdP). Default RelayState.
- status string
- Status of SAML 2.0 authentication. Default DISABLED.
- userAccess stringUrl 
- The SAML 2.0 identity provider (IdP) user access URL.
- relay_state_ strparameter_ name 
- The relay state parameter name supported by the SAML 2.0 identity provider (IdP). Default RelayState.
- status str
- Status of SAML 2.0 authentication. Default DISABLED.
- user_access_ strurl 
- The SAML 2.0 identity provider (IdP) user access URL.
- relayState StringParameter Name 
- The relay state parameter name supported by the SAML 2.0 identity provider (IdP). Default RelayState.
- status String
- Status of SAML 2.0 authentication. Default DISABLED.
- userAccess StringUrl 
- The SAML 2.0 identity provider (IdP) user access URL.
DirectorySelfServicePermissions, DirectorySelfServicePermissionsArgs        
- ChangeCompute boolType 
- Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default false.
- IncreaseVolume boolSize 
- Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default false.
- RebuildWorkspace bool
- Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default false.
- RestartWorkspace bool
- Whether WorkSpaces directory users can restart their workspace. Default true.
- SwitchRunning boolMode 
- Whether WorkSpaces directory users can switch the running mode of their workspace. Default false.
- ChangeCompute boolType 
- Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default false.
- IncreaseVolume boolSize 
- Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default false.
- RebuildWorkspace bool
- Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default false.
- RestartWorkspace bool
- Whether WorkSpaces directory users can restart their workspace. Default true.
- SwitchRunning boolMode 
- Whether WorkSpaces directory users can switch the running mode of their workspace. Default false.
- changeCompute BooleanType 
- Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default false.
- increaseVolume BooleanSize 
- Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default false.
- rebuildWorkspace Boolean
- Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default false.
- restartWorkspace Boolean
- Whether WorkSpaces directory users can restart their workspace. Default true.
- switchRunning BooleanMode 
- Whether WorkSpaces directory users can switch the running mode of their workspace. Default false.
- changeCompute booleanType 
- Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default false.
- increaseVolume booleanSize 
- Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default false.
- rebuildWorkspace boolean
- Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default false.
- restartWorkspace boolean
- Whether WorkSpaces directory users can restart their workspace. Default true.
- switchRunning booleanMode 
- Whether WorkSpaces directory users can switch the running mode of their workspace. Default false.
- change_compute_ booltype 
- Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default false.
- increase_volume_ boolsize 
- Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default false.
- rebuild_workspace bool
- Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default false.
- restart_workspace bool
- Whether WorkSpaces directory users can restart their workspace. Default true.
- switch_running_ boolmode 
- Whether WorkSpaces directory users can switch the running mode of their workspace. Default false.
- changeCompute BooleanType 
- Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. Default false.
- increaseVolume BooleanSize 
- Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. Default false.
- rebuildWorkspace Boolean
- Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. Default false.
- restartWorkspace Boolean
- Whether WorkSpaces directory users can restart their workspace. Default true.
- switchRunning BooleanMode 
- Whether WorkSpaces directory users can switch the running mode of their workspace. Default false.
DirectoryWorkspaceAccessProperties, DirectoryWorkspaceAccessPropertiesArgs        
- DeviceType stringAndroid 
- Indicates whether users can use Android devices to access their WorkSpaces.
- DeviceType stringChromeos 
- Indicates whether users can use Chromebooks to access their WorkSpaces.
- DeviceType stringIos 
- Indicates whether users can use iOS devices to access their WorkSpaces.
- DeviceType stringLinux 
- Indicates whether users can use Linux clients to access their WorkSpaces.
- DeviceType stringOsx 
- Indicates whether users can use macOS clients to access their WorkSpaces.
- DeviceType stringWeb 
- Indicates whether users can access their WorkSpaces through a web browser.
- DeviceType stringWindows 
- Indicates whether users can use Windows clients to access their WorkSpaces.
- DeviceType stringZeroclient 
- Indicates whether users can use zero client devices to access their WorkSpaces.
- DeviceType stringAndroid 
- Indicates whether users can use Android devices to access their WorkSpaces.
- DeviceType stringChromeos 
- Indicates whether users can use Chromebooks to access their WorkSpaces.
- DeviceType stringIos 
- Indicates whether users can use iOS devices to access their WorkSpaces.
- DeviceType stringLinux 
- Indicates whether users can use Linux clients to access their WorkSpaces.
- DeviceType stringOsx 
- Indicates whether users can use macOS clients to access their WorkSpaces.
- DeviceType stringWeb 
- Indicates whether users can access their WorkSpaces through a web browser.
- DeviceType stringWindows 
- Indicates whether users can use Windows clients to access their WorkSpaces.
- DeviceType stringZeroclient 
- Indicates whether users can use zero client devices to access their WorkSpaces.
- deviceType StringAndroid 
- Indicates whether users can use Android devices to access their WorkSpaces.
- deviceType StringChromeos 
- Indicates whether users can use Chromebooks to access their WorkSpaces.
- deviceType StringIos 
- Indicates whether users can use iOS devices to access their WorkSpaces.
- deviceType StringLinux 
- Indicates whether users can use Linux clients to access their WorkSpaces.
- deviceType StringOsx 
- Indicates whether users can use macOS clients to access their WorkSpaces.
- deviceType StringWeb 
- Indicates whether users can access their WorkSpaces through a web browser.
- deviceType StringWindows 
- Indicates whether users can use Windows clients to access their WorkSpaces.
- deviceType StringZeroclient 
- Indicates whether users can use zero client devices to access their WorkSpaces.
- deviceType stringAndroid 
- Indicates whether users can use Android devices to access their WorkSpaces.
- deviceType stringChromeos 
- Indicates whether users can use Chromebooks to access their WorkSpaces.
- deviceType stringIos 
- Indicates whether users can use iOS devices to access their WorkSpaces.
- deviceType stringLinux 
- Indicates whether users can use Linux clients to access their WorkSpaces.
- deviceType stringOsx 
- Indicates whether users can use macOS clients to access their WorkSpaces.
- deviceType stringWeb 
- Indicates whether users can access their WorkSpaces through a web browser.
- deviceType stringWindows 
- Indicates whether users can use Windows clients to access their WorkSpaces.
- deviceType stringZeroclient 
- Indicates whether users can use zero client devices to access their WorkSpaces.
- device_type_ strandroid 
- Indicates whether users can use Android devices to access their WorkSpaces.
- device_type_ strchromeos 
- Indicates whether users can use Chromebooks to access their WorkSpaces.
- device_type_ strios 
- Indicates whether users can use iOS devices to access their WorkSpaces.
- device_type_ strlinux 
- Indicates whether users can use Linux clients to access their WorkSpaces.
- device_type_ strosx 
- Indicates whether users can use macOS clients to access their WorkSpaces.
- device_type_ strweb 
- Indicates whether users can access their WorkSpaces through a web browser.
- device_type_ strwindows 
- Indicates whether users can use Windows clients to access their WorkSpaces.
- device_type_ strzeroclient 
- Indicates whether users can use zero client devices to access their WorkSpaces.
- deviceType StringAndroid 
- Indicates whether users can use Android devices to access their WorkSpaces.
- deviceType StringChromeos 
- Indicates whether users can use Chromebooks to access their WorkSpaces.
- deviceType StringIos 
- Indicates whether users can use iOS devices to access their WorkSpaces.
- deviceType StringLinux 
- Indicates whether users can use Linux clients to access their WorkSpaces.
- deviceType StringOsx 
- Indicates whether users can use macOS clients to access their WorkSpaces.
- deviceType StringWeb 
- Indicates whether users can access their WorkSpaces through a web browser.
- deviceType StringWindows 
- Indicates whether users can use Windows clients to access their WorkSpaces.
- deviceType StringZeroclient 
- Indicates whether users can use zero client devices to access their WorkSpaces.
DirectoryWorkspaceCreationProperties, DirectoryWorkspaceCreationPropertiesArgs        
- CustomSecurity stringGroup Id 
- The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- DefaultOu string
- The default organizational unit (OU) for your WorkSpace directories. Should conform "OU=<value>,DC=<value>,...,DC=<value>"pattern.
- EnableInternet boolAccess 
- Indicates whether internet access is enabled for your WorkSpaces.
- EnableMaintenance boolMode 
- Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- UserEnabled boolAs Local Administrator 
- Indicates whether users are local administrators of their WorkSpaces.
- CustomSecurity stringGroup Id 
- The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- DefaultOu string
- The default organizational unit (OU) for your WorkSpace directories. Should conform "OU=<value>,DC=<value>,...,DC=<value>"pattern.
- EnableInternet boolAccess 
- Indicates whether internet access is enabled for your WorkSpaces.
- EnableMaintenance boolMode 
- Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- UserEnabled boolAs Local Administrator 
- Indicates whether users are local administrators of their WorkSpaces.
- customSecurity StringGroup Id 
- The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- defaultOu String
- The default organizational unit (OU) for your WorkSpace directories. Should conform "OU=<value>,DC=<value>,...,DC=<value>"pattern.
- enableInternet BooleanAccess 
- Indicates whether internet access is enabled for your WorkSpaces.
- enableMaintenance BooleanMode 
- Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- userEnabled BooleanAs Local Administrator 
- Indicates whether users are local administrators of their WorkSpaces.
- customSecurity stringGroup Id 
- The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- defaultOu string
- The default organizational unit (OU) for your WorkSpace directories. Should conform "OU=<value>,DC=<value>,...,DC=<value>"pattern.
- enableInternet booleanAccess 
- Indicates whether internet access is enabled for your WorkSpaces.
- enableMaintenance booleanMode 
- Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- userEnabled booleanAs Local Administrator 
- Indicates whether users are local administrators of their WorkSpaces.
- custom_security_ strgroup_ id 
- The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- default_ou str
- The default organizational unit (OU) for your WorkSpace directories. Should conform "OU=<value>,DC=<value>,...,DC=<value>"pattern.
- enable_internet_ boolaccess 
- Indicates whether internet access is enabled for your WorkSpaces.
- enable_maintenance_ boolmode 
- Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- user_enabled_ boolas_ local_ administrator 
- Indicates whether users are local administrators of their WorkSpaces.
- customSecurity StringGroup Id 
- The identifier of your custom security group. Should relate to the same VPC, where workspaces reside in.
- defaultOu String
- The default organizational unit (OU) for your WorkSpace directories. Should conform "OU=<value>,DC=<value>,...,DC=<value>"pattern.
- enableInternet BooleanAccess 
- Indicates whether internet access is enabled for your WorkSpaces.
- enableMaintenance BooleanMode 
- Indicates whether maintenance mode is enabled for your WorkSpaces. For more information, see WorkSpace Maintenance..
- userEnabled BooleanAs Local Administrator 
- Indicates whether users are local administrators of their WorkSpaces.
Import
Using pulumi import, import Workspaces directory using the directory ID. For example:
$ pulumi import aws:workspaces/directory:Directory main d-4444444444
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the awsTerraform Provider.