millions-furniture-75402
06/17/2021, 7:30 PMDeviceTypeWindows
and DeviceTypeOSX
in workspaceAccessProperties
have a 3rd value supported, TRUST
but it’s only mentioned in a comment about the properties, it’s not in the SDK’s documented types:
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/workspaces.html#WorkSpaces.Client.modify_workspace_access_properties
response = client.modify_workspace_access_properties(
ResourceId='string',
WorkspaceAccessProperties={
'DeviceTypeWindows': 'ALLOW'|'DENY', # should also have |'TRUST'
'DeviceTypeOsx': 'ALLOW'|'DENY', # should also have |'TRUST'
'DeviceTypeWeb': 'ALLOW'|'DENY',
'DeviceTypeIos': 'ALLOW'|'DENY',
'DeviceTypeAndroid': 'ALLOW'|'DENY',
'DeviceTypeChromeOs': 'ALLOW'|'DENY',
'DeviceTypeZeroClient': 'ALLOW'|'DENY',
'DeviceTypeLinux': 'ALLOW'|'DENY'
}
)
To restrict WorkSpaces access to trusted devices (also known as managed devices) with valid certificates, specify a value of TRUST . For more information, see Restrict WorkSpaces Access to Trusted Devices .With that problem, is there any way I can bypass the validation below that’s blocking me, and attempt to apply the “invalid” value?
aws:workspaces:Directory (client-experience-workspaces-directory):
error: aws:workspaces/directory:Directory resource 'client-experience-workspaces-directory' has a problem: expected workspace_access_properties.0.device_type_osx to be one of [ALLOW DENY], got TRUST. Examine values at 'Directory.WorkspaceAccessProperties.DeviceTypeOsx'.
ignoreChanges: ["workspaceAccessProperties.deviceTypeOsx"]
in my opts
for now, and manually configure this in the AWS Console since I need to import the root certificate anyway.