Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. workspacesweb
  5. Portal

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native

aws-native.workspacesweb.Portal

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native

Definition of AWS::WorkSpacesWeb::Portal Resource Type

Create Portal Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Portal(name: string, args?: PortalArgs, opts?: CustomResourceOptions);
@overload
def Portal(resource_name: str,
           args: Optional[PortalArgs] = None,
           opts: Optional[ResourceOptions] = None)

@overload
def Portal(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           additional_encryption_context: Optional[Mapping[str, str]] = None,
           authentication_type: Optional[PortalAuthenticationType] = None,
           browser_settings_arn: Optional[str] = None,
           customer_managed_key: Optional[str] = None,
           data_protection_settings_arn: Optional[str] = None,
           display_name: Optional[str] = None,
           instance_type: Optional[PortalInstanceType] = None,
           ip_access_settings_arn: Optional[str] = None,
           max_concurrent_sessions: Optional[float] = None,
           network_settings_arn: Optional[str] = None,
           tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
           trust_store_arn: Optional[str] = None,
           user_access_logging_settings_arn: Optional[str] = None,
           user_settings_arn: Optional[str] = None)
func NewPortal(ctx *Context, name string, args *PortalArgs, opts ...ResourceOption) (*Portal, error)
public Portal(string name, PortalArgs? args = null, CustomResourceOptions? opts = null)
public Portal(String name, PortalArgs args)
public Portal(String name, PortalArgs args, CustomResourceOptions options)

type: aws-native:workspacesweb:Portal
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args PortalArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args PortalArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args PortalArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args PortalArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. PortalArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Portal Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Portal resource accepts the following input properties:

AdditionalEncryptionContext Dictionary<string, string>
The additional encryption context of the portal.
AuthenticationType Pulumi.AwsNative.WorkSpacesWeb.PortalAuthenticationType

The type of authentication integration points used when signing into the web portal. Defaults to Standard .

Standard web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:

  1. Create and deploy a CloudFormation template with a Standard portal with no IdentityProvider resource.

  2. Retrieve the SP metadata using Fn:GetAtt , the WorkSpaces Secure Browser console, or by the calling the GetPortalServiceProviderMetadata API.

  3. Submit the data to your IdP.

  4. Add an IdentityProvider resource to your CloudFormation template.

IAM Identity Center web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.

BrowserSettingsArn string
The ARN of the browser settings that is associated with this web portal.
CustomerManagedKey string

The customer managed key of the web portal.

Pattern : ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

DataProtectionSettingsArn string
The ARN of the data protection settings.
DisplayName string
The name of the web portal.
InstanceType Pulumi.AwsNative.WorkSpacesWeb.PortalInstanceType
The type and resources of the underlying instance.
IpAccessSettingsArn string
The ARN of the IP access settings that is associated with the web portal.
MaxConcurrentSessions double
The maximum number of concurrent sessions for the portal.
NetworkSettingsArn string
The ARN of the network settings that is associated with the web portal.
Tags List<Pulumi.AwsNative.Inputs.Tag>
The tags to add to the web portal. A tag is a key-value pair.
TrustStoreArn string
The ARN of the trust store that is associated with the web portal.
UserAccessLoggingSettingsArn string
The ARN of the user access logging settings that is associated with the web portal.
UserSettingsArn string
The ARN of the user settings that is associated with the web portal.
AdditionalEncryptionContext map[string]string
The additional encryption context of the portal.
AuthenticationType PortalAuthenticationType

The type of authentication integration points used when signing into the web portal. Defaults to Standard .

Standard web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:

  1. Create and deploy a CloudFormation template with a Standard portal with no IdentityProvider resource.

  2. Retrieve the SP metadata using Fn:GetAtt , the WorkSpaces Secure Browser console, or by the calling the GetPortalServiceProviderMetadata API.

  3. Submit the data to your IdP.

  4. Add an IdentityProvider resource to your CloudFormation template.

IAM Identity Center web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.

BrowserSettingsArn string
The ARN of the browser settings that is associated with this web portal.
CustomerManagedKey string

The customer managed key of the web portal.

Pattern : ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

DataProtectionSettingsArn string
The ARN of the data protection settings.
DisplayName string
The name of the web portal.
InstanceType PortalInstanceType
The type and resources of the underlying instance.
IpAccessSettingsArn string
The ARN of the IP access settings that is associated with the web portal.
MaxConcurrentSessions float64
The maximum number of concurrent sessions for the portal.
NetworkSettingsArn string
The ARN of the network settings that is associated with the web portal.
Tags TagArgs
The tags to add to the web portal. A tag is a key-value pair.
TrustStoreArn string
The ARN of the trust store that is associated with the web portal.
UserAccessLoggingSettingsArn string
The ARN of the user access logging settings that is associated with the web portal.
UserSettingsArn string
The ARN of the user settings that is associated with the web portal.
additionalEncryptionContext Map<String,String>
The additional encryption context of the portal.
authenticationType PortalAuthenticationType

The type of authentication integration points used when signing into the web portal. Defaults to Standard .

Standard web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:

  1. Create and deploy a CloudFormation template with a Standard portal with no IdentityProvider resource.

  2. Retrieve the SP metadata using Fn:GetAtt , the WorkSpaces Secure Browser console, or by the calling the GetPortalServiceProviderMetadata API.

  3. Submit the data to your IdP.

  4. Add an IdentityProvider resource to your CloudFormation template.

IAM Identity Center web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.

browserSettingsArn String
The ARN of the browser settings that is associated with this web portal.
customerManagedKey String

The customer managed key of the web portal.

Pattern : ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

dataProtectionSettingsArn String
The ARN of the data protection settings.
displayName String
The name of the web portal.
instanceType PortalInstanceType
The type and resources of the underlying instance.
ipAccessSettingsArn String
The ARN of the IP access settings that is associated with the web portal.
maxConcurrentSessions Double
The maximum number of concurrent sessions for the portal.
networkSettingsArn String
The ARN of the network settings that is associated with the web portal.
tags List<Tag>
The tags to add to the web portal. A tag is a key-value pair.
trustStoreArn String
The ARN of the trust store that is associated with the web portal.
userAccessLoggingSettingsArn String
The ARN of the user access logging settings that is associated with the web portal.
userSettingsArn String
The ARN of the user settings that is associated with the web portal.
additionalEncryptionContext {[key: string]: string}
The additional encryption context of the portal.
authenticationType PortalAuthenticationType

The type of authentication integration points used when signing into the web portal. Defaults to Standard .

Standard web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:

  1. Create and deploy a CloudFormation template with a Standard portal with no IdentityProvider resource.

  2. Retrieve the SP metadata using Fn:GetAtt , the WorkSpaces Secure Browser console, or by the calling the GetPortalServiceProviderMetadata API.

  3. Submit the data to your IdP.

  4. Add an IdentityProvider resource to your CloudFormation template.

IAM Identity Center web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.

browserSettingsArn string
The ARN of the browser settings that is associated with this web portal.
customerManagedKey string

The customer managed key of the web portal.

Pattern : ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

dataProtectionSettingsArn string
The ARN of the data protection settings.
displayName string
The name of the web portal.
instanceType PortalInstanceType
The type and resources of the underlying instance.
ipAccessSettingsArn string
The ARN of the IP access settings that is associated with the web portal.
maxConcurrentSessions number
The maximum number of concurrent sessions for the portal.
networkSettingsArn string
The ARN of the network settings that is associated with the web portal.
tags Tag[]
The tags to add to the web portal. A tag is a key-value pair.
trustStoreArn string
The ARN of the trust store that is associated with the web portal.
userAccessLoggingSettingsArn string
The ARN of the user access logging settings that is associated with the web portal.
userSettingsArn string
The ARN of the user settings that is associated with the web portal.
additional_encryption_context Mapping[str, str]
The additional encryption context of the portal.
authentication_type PortalAuthenticationType

The type of authentication integration points used when signing into the web portal. Defaults to Standard .

Standard web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:

  1. Create and deploy a CloudFormation template with a Standard portal with no IdentityProvider resource.

  2. Retrieve the SP metadata using Fn:GetAtt , the WorkSpaces Secure Browser console, or by the calling the GetPortalServiceProviderMetadata API.

  3. Submit the data to your IdP.

  4. Add an IdentityProvider resource to your CloudFormation template.

IAM Identity Center web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.

browser_settings_arn str
The ARN of the browser settings that is associated with this web portal.
customer_managed_key str

The customer managed key of the web portal.

Pattern : ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

data_protection_settings_arn str
The ARN of the data protection settings.
display_name str
The name of the web portal.
instance_type PortalInstanceType
The type and resources of the underlying instance.
ip_access_settings_arn str
The ARN of the IP access settings that is associated with the web portal.
max_concurrent_sessions float
The maximum number of concurrent sessions for the portal.
network_settings_arn str
The ARN of the network settings that is associated with the web portal.
tags Sequence[TagArgs]
The tags to add to the web portal. A tag is a key-value pair.
trust_store_arn str
The ARN of the trust store that is associated with the web portal.
user_access_logging_settings_arn str
The ARN of the user access logging settings that is associated with the web portal.
user_settings_arn str
The ARN of the user settings that is associated with the web portal.
additionalEncryptionContext Map<String>
The additional encryption context of the portal.
authenticationType "Standard" | "IAM_Identity_Center"

The type of authentication integration points used when signing into the web portal. Defaults to Standard .

Standard web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:

  1. Create and deploy a CloudFormation template with a Standard portal with no IdentityProvider resource.

  2. Retrieve the SP metadata using Fn:GetAtt , the WorkSpaces Secure Browser console, or by the calling the GetPortalServiceProviderMetadata API.

  3. Submit the data to your IdP.

  4. Add an IdentityProvider resource to your CloudFormation template.

IAM Identity Center web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.

browserSettingsArn String
The ARN of the browser settings that is associated with this web portal.
customerManagedKey String

The customer managed key of the web portal.

Pattern : ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$

dataProtectionSettingsArn String
The ARN of the data protection settings.
displayName String
The name of the web portal.
instanceType "standard.regular" | "standard.large" | "standard.xlarge"
The type and resources of the underlying instance.
ipAccessSettingsArn String
The ARN of the IP access settings that is associated with the web portal.
maxConcurrentSessions Number
The maximum number of concurrent sessions for the portal.
networkSettingsArn String
The ARN of the network settings that is associated with the web portal.
tags List<Property Map>
The tags to add to the web portal. A tag is a key-value pair.
trustStoreArn String
The ARN of the trust store that is associated with the web portal.
userAccessLoggingSettingsArn String
The ARN of the user access logging settings that is associated with the web portal.
userSettingsArn String
The ARN of the user settings that is associated with the web portal.

Outputs

All input properties are implicitly available as output properties. Additionally, the Portal resource produces the following output properties:

BrowserType Pulumi.AwsNative.WorkSpacesWeb.PortalBrowserType
The browser that users see when using a streaming session.
CreationDate string
The creation date of the web portal.
Id string
The provider-assigned unique ID for this managed resource.
PortalArn string
The ARN of the web portal.
PortalEndpoint string
The endpoint URL of the web portal that users access in order to start streaming sessions.
PortalStatus Pulumi.AwsNative.WorkSpacesWeb.PortalStatus
The status of the web portal.
RendererType Pulumi.AwsNative.WorkSpacesWeb.PortalRendererType
The renderer that is used in streaming sessions.
ServiceProviderSamlMetadata string
The SAML metadata of the service provider.
StatusReason string
A message that explains why the web portal is in its current status.
BrowserType PortalBrowserType
The browser that users see when using a streaming session.
CreationDate string
The creation date of the web portal.
Id string
The provider-assigned unique ID for this managed resource.
PortalArn string
The ARN of the web portal.
PortalEndpoint string
The endpoint URL of the web portal that users access in order to start streaming sessions.
PortalStatus PortalStatus
The status of the web portal.
RendererType PortalRendererType
The renderer that is used in streaming sessions.
ServiceProviderSamlMetadata string
The SAML metadata of the service provider.
StatusReason string
A message that explains why the web portal is in its current status.
browserType PortalBrowserType
The browser that users see when using a streaming session.
creationDate String
The creation date of the web portal.
id String
The provider-assigned unique ID for this managed resource.
portalArn String
The ARN of the web portal.
portalEndpoint String
The endpoint URL of the web portal that users access in order to start streaming sessions.
portalStatus PortalStatus
The status of the web portal.
rendererType PortalRendererType
The renderer that is used in streaming sessions.
serviceProviderSamlMetadata String
The SAML metadata of the service provider.
statusReason String
A message that explains why the web portal is in its current status.
browserType PortalBrowserType
The browser that users see when using a streaming session.
creationDate string
The creation date of the web portal.
id string
The provider-assigned unique ID for this managed resource.
portalArn string
The ARN of the web portal.
portalEndpoint string
The endpoint URL of the web portal that users access in order to start streaming sessions.
portalStatus PortalStatus
The status of the web portal.
rendererType PortalRendererType
The renderer that is used in streaming sessions.
serviceProviderSamlMetadata string
The SAML metadata of the service provider.
statusReason string
A message that explains why the web portal is in its current status.
browser_type PortalBrowserType
The browser that users see when using a streaming session.
creation_date str
The creation date of the web portal.
id str
The provider-assigned unique ID for this managed resource.
portal_arn str
The ARN of the web portal.
portal_endpoint str
The endpoint URL of the web portal that users access in order to start streaming sessions.
portal_status PortalStatus
The status of the web portal.
renderer_type PortalRendererType
The renderer that is used in streaming sessions.
service_provider_saml_metadata str
The SAML metadata of the service provider.
status_reason str
A message that explains why the web portal is in its current status.
browserType "Chrome"
The browser that users see when using a streaming session.
creationDate String
The creation date of the web portal.
id String
The provider-assigned unique ID for this managed resource.
portalArn String
The ARN of the web portal.
portalEndpoint String
The endpoint URL of the web portal that users access in order to start streaming sessions.
portalStatus "Incomplete" | "Pending" | "Active"
The status of the web portal.
rendererType "AppStream"
The renderer that is used in streaming sessions.
serviceProviderSamlMetadata String
The SAML metadata of the service provider.
statusReason String
A message that explains why the web portal is in its current status.

Supporting Types

PortalAuthenticationType
, PortalAuthenticationTypeArgs

Standard
Standard
IamIdentityCenter
IAM_Identity_Center
PortalAuthenticationTypeStandard
Standard
PortalAuthenticationTypeIamIdentityCenter
IAM_Identity_Center
Standard
Standard
IamIdentityCenter
IAM_Identity_Center
Standard
Standard
IamIdentityCenter
IAM_Identity_Center
STANDARD
Standard
IAM_IDENTITY_CENTER
IAM_Identity_Center
"Standard"
Standard
"IAM_Identity_Center"
IAM_Identity_Center

PortalBrowserType
, PortalBrowserTypeArgs

Chrome
Chrome
PortalBrowserTypeChrome
Chrome
Chrome
Chrome
Chrome
Chrome
CHROME
Chrome
"Chrome"
Chrome

PortalInstanceType
, PortalInstanceTypeArgs

StandardRegular
standard.regular
StandardLarge
standard.large
StandardXlarge
standard.xlarge
PortalInstanceTypeStandardRegular
standard.regular
PortalInstanceTypeStandardLarge
standard.large
PortalInstanceTypeStandardXlarge
standard.xlarge
StandardRegular
standard.regular
StandardLarge
standard.large
StandardXlarge
standard.xlarge
StandardRegular
standard.regular
StandardLarge
standard.large
StandardXlarge
standard.xlarge
STANDARD_REGULAR
standard.regular
STANDARD_LARGE
standard.large
STANDARD_XLARGE
standard.xlarge
"standard.regular"
standard.regular
"standard.large"
standard.large
"standard.xlarge"
standard.xlarge

PortalRendererType
, PortalRendererTypeArgs

AppStream
AppStream
PortalRendererTypeAppStream
AppStream
AppStream
AppStream
AppStream
AppStream
APP_STREAM
AppStream
"AppStream"
AppStream

PortalStatus
, PortalStatusArgs

Incomplete
Incomplete
Pending
Pending
Active
Active
PortalStatusIncomplete
Incomplete
PortalStatusPending
Pending
PortalStatusActive
Active
Incomplete
Incomplete
Pending
Pending
Active
Active
Incomplete
Incomplete
Pending
Pending
Active
Active
INCOMPLETE
Incomplete
PENDING
Pending
ACTIVE
Active
"Incomplete"
Incomplete
"Pending"
Pending
"Active"
Active

Tag
, TagArgs

Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag
key This property is required. string
The key name of the tag
value This property is required. string
The value of the tag
key This property is required. str
The key name of the tag
value This property is required. str
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native