This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::Grafana::Workspace SamlConfiguration A structure containing information about how this workspace works with SAML. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[AllowedOrganizations](#cfn-grafana-workspace-samlconfiguration-allowedorganizations)" : {{[ String, ... ]}}, "[AssertionAttributes](#cfn-grafana-workspace-samlconfiguration-assertionattributes)" : {{AssertionAttributes}}, "[IdpMetadata](#cfn-grafana-workspace-samlconfiguration-idpmetadata)" : {{IdpMetadata}}, "[LoginValidityDuration](#cfn-grafana-workspace-samlconfiguration-loginvalidityduration)" : {{Number}}, "[RoleValues](#cfn-grafana-workspace-samlconfiguration-rolevalues)" : {{RoleValues}} } ``` ### YAML ``` [AllowedOrganizations](#cfn-grafana-workspace-samlconfiguration-allowedorganizations): {{ - String}} [AssertionAttributes](#cfn-grafana-workspace-samlconfiguration-assertionattributes): {{ AssertionAttributes}} [IdpMetadata](#cfn-grafana-workspace-samlconfiguration-idpmetadata): {{ IdpMetadata}} [LoginValidityDuration](#cfn-grafana-workspace-samlconfiguration-loginvalidityduration): {{Number}} [RoleValues](#cfn-grafana-workspace-samlconfiguration-rolevalues): {{ RoleValues}} ``` ## Properties `AllowedOrganizations` Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access. *Required*: No *Type*: Array of String *Minimum*: `1` *Maximum*: `256` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `AssertionAttributes` A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace. *Required*: No *Type*: [AssertionAttributes](aws-properties-grafana-workspace-assertionattributes.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `IdpMetadata` A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace. *Required*: Yes *Type*: [IdpMetadata](aws-properties-grafana-workspace-idpmetadata.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `LoginValidityDuration` How long a sign-on session by a SAML user is valid, before the user has to sign on again. *Required*: No *Type*: Number *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `RoleValues` A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace. *Required*: No *Type*: [RoleValues](aws-properties-grafana-workspace-rolevalues.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)