https://pulumi.com logo
Title
m

millions-furniture-75402

06/17/2021, 7:30 PM
I’m trying to configure Trusted Devices in AWS Workspaces. It looks like the enum for device type
DeviceTypeWindows
and
DeviceTypeOSX
in
workspaceAccessProperties
have a 3rd value supported,
TRUST
but it’s only mentioned in a comment about the properties, it’s not in the SDK’s documented types: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/workspaces.html#WorkSpaces.Client.modify_workspace_access_properties
response = client.modify_workspace_access_properties(
    ResourceId='string',
    WorkspaceAccessProperties={
        'DeviceTypeWindows': 'ALLOW'|'DENY',  # should also have |'TRUST'
        'DeviceTypeOsx': 'ALLOW'|'DENY',      # should also have |'TRUST'
        'DeviceTypeWeb': 'ALLOW'|'DENY',
        'DeviceTypeIos': 'ALLOW'|'DENY',
        'DeviceTypeAndroid': 'ALLOW'|'DENY',
        'DeviceTypeChromeOs': 'ALLOW'|'DENY',
        'DeviceTypeZeroClient': 'ALLOW'|'DENY',
        'DeviceTypeLinux': 'ALLOW'|'DENY'
    }
)
To restrict WorkSpaces access to trusted devices (also known as managed devices) with valid certificates, specify a value of TRUST . For more information, see Restrict WorkSpaces Access to Trusted Devices .
With that problem, is there any way I can bypass the validation below that’s blocking me, and attempt to apply the “invalid” value?
aws:workspaces:Directory (client-experience-workspaces-directory):
    error: aws:workspaces/directory:Directory resource 'client-experience-workspaces-directory' has a problem: expected workspace_access_properties.0.device_type_osx to be one of [ALLOW DENY], got TRUST. Examine values at 'Directory.WorkspaceAccessProperties.DeviceTypeOsx'.
I’ve gone with
ignoreChanges: ["workspaceAccessProperties.deviceTypeOsx"]
in my
opts
for now, and manually configure this in the AWS Console since I need to import the root certificate anyway.