AWS::NimbleStudio::Studio
The AWS::NimbleStudio::Studio
resource creates a new studio resource. In
Amazon Nimble Studio, all other resources are contained in
a studio.
When creating a studio, two IAM roles must be provided: the admin role and the user role. These roles are assumed by your users when they log in to the Amazon Nimble Studio portal. The user role must have the AmazonNimbleStudio-StudioUser managed policy attached for the portal to function properly. The Admin Role must have the AmazonNimbleStudio-StudioAdmin managed policy attached for the portal to function properly.
You can optionally specify an AWS Key Management Service key in the StudioEncryptionConfiguration. In Nimble Studio, resource names, descriptions, initialization scripts, and other data you provide are always encrypted at rest using an AWS Key Management Service key. By default, this key is owned by AWS and managed on your behalf. You may provide your own AWS Key Management Service key when calling CreateStudio to encrypt this data using a key that you own and manage. When providing an AWS Key Management Service key during studio creation, Amazon Nimble Studio creates AWS Key Management Service grants in your account to provide your studio user and admin roles access to these AWS Key Management Service keys. If you delete this grant, the studio will no longer be accessible to your portal users. If you delete the studio AWS Key Management Service key, your studio will no longer be accessible.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::NimbleStudio::Studio", "Properties" : { "AdminRoleArn" :
String
, "DisplayName" :String
, "StudioEncryptionConfiguration" :StudioEncryptionConfiguration
, "StudioName" :String
, "Tags" :{
, "UserRoleArn" :Key
:Value
, ...}String
} }
YAML
Type: AWS::NimbleStudio::Studio Properties: AdminRoleArn:
String
DisplayName:String
StudioEncryptionConfiguration:StudioEncryptionConfiguration
StudioName:String
Tags:UserRoleArn:
Key
:Value
String
Properties
AdminRoleArn
-
The IAM role that studio admins assume when logging in to the Nimble Studio portal.
Required: Yes
Type: String
Minimum:
0
Maximum:
2048
Update requires: No interruption
DisplayName
-
A friendly name for the studio.
Required: Yes
Type: String
Minimum:
0
Maximum:
64
Update requires: No interruption
StudioEncryptionConfiguration
-
Configuration of the encryption method that is used for the studio.
Required: No
Type: StudioEncryptionConfiguration
Update requires: No interruption
StudioName
-
The name of the studio, as included in the URL when accessing it in the Nimble Studio portal.
Required: Yes
Type: String
Pattern:
^[a-z0-9]*$
Minimum:
3
Maximum:
64
Update requires: Replacement
-
An array of key-value pairs to apply to this resource.
For more information, see Tag.
Required: No
Type: Object of String
Pattern:
[a-zA-Z0-9]+
Update requires: Replacement
UserRoleArn
-
The IAM role that studio users assume when logging in to the Nimble Studio portal.
Required: Yes
Type: String
Minimum:
0
Maximum:
2048
Update requires: No interruption
Return values
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt
.
HomeRegion
-
The AWS Region where the studio resource is located. For example,
us-west-2
. SsoClientId
-
The IAM Identity Center application client ID that is used to integrate with IAM Identity Center, which enables IAM Identity Center users to log into the Amazon Nimble Studio portal.
StudioId
-
The unique identifier for the studio resource.
StudioUrl
-
The unique identifier for the studio resource.