AWS::NimbleStudio::Studio - AWS CloudFormation
SyntaxPropertiesReturn values

AWS::NimbleStudio::Studio

The AWS::NimbleStudio::Studio resource creates a new studio resource. In Amazon Nimble Studio, all other resources are contained in a studio.

When creating a studio, two IAM roles must be provided: the admin role and the user role. These roles are assumed by your users when they log in to the Amazon Nimble Studio portal. The user role must have the AmazonNimbleStudio-StudioUser managed policy attached for the portal to function properly. The Admin Role must have the AmazonNimbleStudio-StudioAdmin managed policy attached for the portal to function properly.

You can optionally specify an AWS Key Management Service key in the StudioEncryptionConfiguration. In Nimble Studio, resource names, descriptions, initialization scripts, and other data you provide are always encrypted at rest using an AWS Key Management Service key. By default, this key is owned by AWS and managed on your behalf. You may provide your own AWS Key Management Service key when calling CreateStudio to encrypt this data using a key that you own and manage. When providing an AWS Key Management Service key during studio creation, Amazon Nimble Studio creates AWS Key Management Service grants in your account to provide your studio user and admin roles access to these AWS Key Management Service keys. If you delete this grant, the studio will no longer be accessible to your portal users. If you delete the studio AWS Key Management Service key, your studio will no longer be accessible.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::NimbleStudio::Studio",
  "Properties" : {
      "AdminRoleArn" : String,
      "DisplayName" : String,
      "StudioEncryptionConfiguration" : StudioEncryptionConfiguration,
      "StudioName" : String,
      "Tags" : {Key: Value, ...},
      "UserRoleArn" : String
    }
}

YAML

Type: AWS::NimbleStudio::Studio
Properties:
  AdminRoleArn: String
  DisplayName: String
  StudioEncryptionConfiguration: 
    StudioEncryptionConfiguration
  StudioName: String
  Tags: 
    Key: Value
  UserRoleArn: String

Properties

AdminRoleArn

The IAM role that studio admins assume when logging in to the Nimble Studio portal.

Required: Yes

Type: String

Update requires: No interruption

DisplayName

A friendly name for the studio.

Required: Yes

Type: String

Minimum: 0

Maximum: 64

Update requires: No interruption

StudioEncryptionConfiguration

Configuration of the encryption method that is used for the studio.

Required: No

Type: StudioEncryptionConfiguration

Update requires: No interruption

StudioName

The name of the studio, as included in the URL when accessing it in the Nimble Studio portal.

Required: Yes

Type: String

Pattern: ^[a-z0-9]*$

Minimum: 3

Maximum: 64

Update requires: Replacement

Tags

An array of key-value pairs to apply to this resource.

For more information, see Tag.

Required: No

Type: Object of String

Pattern: .+

Update requires: Replacement

UserRoleArn

The IAM role that studio users assume when logging in to the Nimble Studio portal.

Required: Yes

Type: String

Update requires: No interruption

Return values

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

HomeRegion

The AWS Region where the studio resource is located. For example, us-west-2.

SsoClientId

The IAM Identity Center application client ID that is used to integrate with IAM Identity Center, which enables IAM Identity Center users to log into the Amazon Nimble Studio portal.

StudioId

The unique identifier for the studio resource.

StudioUrl

The unique identifier for the studio resource.