{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-managed-grafana/refs/heads/main/json-schema/amazon-managed-grafana-workspace-description-schema.json", "title": "WorkspaceDescription", "description": "A structure containing information about an Amazon Managed Grafana workspace in your account.", "type": "object", "properties": { "accountAccessType": { "allOf": [ { "$ref": "#/components/schemas/AccountAccessType" }, { "description": "Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in other accounts in the same organization. If this is ORGANIZATION, the workspaceOrganizationalUnits parameter specifies which organizational units the workspace can access." } ] }, "authentication": { "allOf": [ { "$ref": "#/components/schemas/AuthenticationSummary" }, { "description": "A structure that describes whether the workspace uses SAML, IAM Identity Center, or both methods for user authentication." } ] }, "created": { "allOf": [ { "$ref": "#/components/schemas/Timestamp" }, { "description": "The date that the workspace was created." } ] }, "dataSources": { "allOf": [ { "$ref": "#/components/schemas/DataSourceTypesList" }, { "description": "

Specifies the Amazon Web Services data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.

This list is only used when the workspace was created through the Amazon Web Services console, and the permissionType is SERVICE_MANAGED.

" } ] }, "description": { "allOf": [ { "$ref": "#/components/schemas/Description" }, { "description": "The user-defined description of the workspace." } ] }, "endpoint": { "allOf": [ { "$ref": "#/components/schemas/Endpoint" }, { "description": "The URL that users can use to access the Grafana console in the workspace." } ] }, "freeTrialConsumed": { "allOf": [ { "$ref": "#/components/schemas/Boolean" }, { "description": "Specifies whether this workspace has already fully used its free trial for Grafana Enterprise." } ] }, "freeTrialExpiration": { "allOf": [ { "$ref": "#/components/schemas/Timestamp" }, { "description": "If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies when that free trial ends." } ] }, "grafanaVersion": { "allOf": [ { "$ref": "#/components/schemas/GrafanaVersion" }, { "description": "The version of Grafana supported in this workspace." } ] }, "id": { "allOf": [ { "$ref": "#/components/schemas/WorkspaceId" }, { "description": "The unique ID of this workspace." } ] }, "licenseExpiration": { "allOf": [ { "$ref": "#/components/schemas/Timestamp" }, { "description": "If this workspace has a full Grafana Enterprise license, this specifies when the license ends and will need to be renewed." } ] }, "licenseType": { "allOf": [ { "$ref": "#/components/schemas/LicenseType" }, { "description": "Specifies whether this workspace has a full Grafana Enterprise license or a free trial license." } ] }, "modified": { "allOf": [ { "$ref": "#/components/schemas/Timestamp" }, { "description": "The most recent date that the workspace was modified." } ] }, "name": { "allOf": [ { "$ref": "#/components/schemas/WorkspaceName" }, { "description": "The name of the workspace." } ] }, "networkAccessControl": { "allOf": [ { "$ref": "#/components/schemas/NetworkAccessConfiguration" }, { "description": "The configuration settings for network access to your workspace." } ] }, "notificationDestinations": { "allOf": [ { "$ref": "#/components/schemas/NotificationDestinationsList" }, { "description": "The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels." } ] }, "organizationRoleName": { "allOf": [ { "$ref": "#/components/schemas/OrganizationRoleName" }, { "description": "The name of the IAM role that is used to access resources through Organizations." } ] }, "organizationalUnits": { "allOf": [ { "$ref": "#/components/schemas/OrganizationalUnitList" }, { "description": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization." } ] }, "permissionType": { "allOf": [ { "$ref": "#/components/schemas/PermissionType" }, { "description": "

If this is SERVICE_MANAGED, and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

If this is CUSTOMER_MANAGED, you must manage those roles and permissions yourself.

If you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services accounts in the organization, this parameter must be set to CUSTOMER_MANAGED.

For more information about converting between customer and service managed, see Managing permissions for data sources and notification channels. For more information about the roles and permissions that must be managed for customer managed workspaces, see Amazon Managed Grafana permissions and policies for Amazon Web Services data sources and notification channels

" } ] }, "stackSetName": { "allOf": [ { "$ref": "#/components/schemas/StackSetName" }, { "description": "The name of the CloudFormation stack set that is used to generate IAM roles to be used for this workspace." } ] }, "status": { "allOf": [ { "$ref": "#/components/schemas/WorkspaceStatus" }, { "description": "The current status of the workspace." } ] }, "tags": { "allOf": [ { "$ref": "#/components/schemas/TagMap" }, { "description": "The list of tags associated with the workspace." } ] }, "vpcConfiguration": { "allOf": [ { "$ref": "#/components/schemas/VpcConfiguration" }, { "description": "The configuration for connecting to data sources in a private VPC (Amazon Virtual Private Cloud)." } ] }, "workspaceRoleArn": { "allOf": [ { "$ref": "#/components/schemas/IamRoleArn" }, { "description": "The IAM role that grants permissions to the Amazon Web Services resources that the workspace will view data from. This role must already exist." } ] } }, "required": [ "authentication", "created", "dataSources", "endpoint", "grafanaVersion", "id", "modified", "status" ] }