Table of Contents
A low-level client representing Amazon WorkLink
Amazon WorkLink is a cloud-based service that provides secure access to internal websites and web apps from iOS and Android phones. In a single step, your users, such as employees, can access internal websites as efficiently as they access any other public website. They enter a URL in their web browser, or choose a link to an internal website in an email. Amazon WorkLink authenticates the user's access and securely renders authorized internal web content in a secure rendering service in the AWS cloud. Amazon WorkLink doesn't download or store any internal web content on mobile devices.
import boto3
client = boto3.client('worklink')
These are the available methods:
Specifies a domain to be associated to Amazon WorkLink.
See also: AWS API Documentation
Request Syntax
response = client.associate_domain(
FleetArn='string',
DomainName='string',
DisplayName='string',
AcmCertificateArn='string'
)
[REQUIRED]
The Amazon Resource Name (ARN) of the fleet.
[REQUIRED]
The fully qualified domain name (FQDN).
[REQUIRED]
The ARN of an issued ACM certificate that is valid for the domain being associated.
dict
Response Syntax
{}
Response Structure
Exceptions
Associates a website authorization provider with a specified fleet. This is used to authorize users against associated websites in the company network.
See also: AWS API Documentation
Request Syntax
response = client.associate_website_authorization_provider(
FleetArn='string',
AuthorizationProviderType='SAML',
DomainName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The authorization provider type.
dict
Response Syntax
{
'AuthorizationProviderId': 'string'
}
Response Structure
(dict) --
AuthorizationProviderId (string) --
A unique identifier for the authorization provider.
Exceptions
Imports the root certificate of a certificate authority (CA) used to obtain TLS certificates used by associated websites within the company network.
See also: AWS API Documentation
Request Syntax
response = client.associate_website_certificate_authority(
FleetArn='string',
Certificate='string',
DisplayName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The root certificate of the CA.
dict
Response Syntax
{
'WebsiteCaId': 'string'
}
Response Structure
(dict) --
WebsiteCaId (string) --
A unique identifier for the CA.
Exceptions
Check if an operation can be paginated.
Creates a fleet. A fleet consists of resources and the configuration that delivers associated websites to authorized users who download and set up the Amazon WorkLink app.
See also: AWS API Documentation
Request Syntax
response = client.create_fleet(
FleetName='string',
DisplayName='string',
OptimizeForEndUserLocation=True|False,
Tags={
'string': 'string'
}
)
[REQUIRED]
A unique name for the fleet.
The tags to add to the resource. A tag is a key-value pair.
dict
Response Syntax
{
'FleetArn': 'string'
}
Response Structure
(dict) --
FleetArn (string) --
The Amazon Resource Name (ARN) of the fleet.
Exceptions
Deletes a fleet. Prevents users from accessing previously associated websites.
See also: AWS API Documentation
Request Syntax
response = client.delete_fleet(
FleetArn='string'
)
[REQUIRED]
The ARN of the fleet.
{}
Response Structure
Exceptions
Describes the configuration for delivering audit streams to the customer account.
See also: AWS API Documentation
Request Syntax
response = client.describe_audit_stream_configuration(
FleetArn='string'
)
[REQUIRED]
The ARN of the fleet.
{
'AuditStreamArn': 'string'
}
Response Structure
The ARN of the Amazon Kinesis data stream that will receive the audit events.
Exceptions
Describes the networking configuration to access the internal websites associated with the specified fleet.
See also: AWS API Documentation
Request Syntax
response = client.describe_company_network_configuration(
FleetArn='string'
)
[REQUIRED]
The ARN of the fleet.
{
'VpcId': 'string',
'SubnetIds': [
'string',
],
'SecurityGroupIds': [
'string',
]
}
Response Structure
The VPC with connectivity to associated websites.
The subnets used for X-ENI connections from Amazon WorkLink rendering containers.
The security groups associated with access to the provided subnets.
Exceptions
Provides information about a user's device.
See also: AWS API Documentation
Request Syntax
response = client.describe_device(
FleetArn='string',
DeviceId='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
A unique identifier for a registered user's device.
dict
Response Syntax
{
'Status': 'ACTIVE'|'SIGNED_OUT',
'Model': 'string',
'Manufacturer': 'string',
'OperatingSystem': 'string',
'OperatingSystemVersion': 'string',
'PatchLevel': 'string',
'FirstAccessedTime': datetime(2015, 1, 1),
'LastAccessedTime': datetime(2015, 1, 1),
'Username': 'string'
}
Response Structure
(dict) --
Status (string) --
The current state of the device.
Model (string) --
The model of the device.
Manufacturer (string) --
The manufacturer of the device.
OperatingSystem (string) --
The operating system of the device.
OperatingSystemVersion (string) --
The operating system version of the device.
PatchLevel (string) --
The operating system patch level of the device.
FirstAccessedTime (datetime) --
The date that the device first signed in to Amazon WorkLink.
LastAccessedTime (datetime) --
The date that the device last accessed Amazon WorkLink.
Username (string) --
The user name associated with the device.
Exceptions
Describes the device policy configuration for the specified fleet.
See also: AWS API Documentation
Request Syntax
response = client.describe_device_policy_configuration(
FleetArn='string'
)
[REQUIRED]
The ARN of the fleet.
{
'DeviceCaCertificate': 'string'
}
Response Structure
The certificate chain, including intermediate certificates and the root certificate authority certificate used to issue device certificates.
Exceptions
Provides information about the domain.
See also: AWS API Documentation
Request Syntax
response = client.describe_domain(
FleetArn='string',
DomainName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The name of the domain.
dict
Response Syntax
{
'DomainName': 'string',
'DisplayName': 'string',
'CreatedTime': datetime(2015, 1, 1),
'DomainStatus': 'PENDING_VALIDATION'|'ASSOCIATING'|'ACTIVE'|'INACTIVE'|'DISASSOCIATING'|'DISASSOCIATED'|'FAILED_TO_ASSOCIATE'|'FAILED_TO_DISASSOCIATE',
'AcmCertificateArn': 'string'
}
Response Structure
(dict) --
DomainName (string) --
The name of the domain.
DisplayName (string) --
The name to display.
CreatedTime (datetime) --
The time that the domain was added.
DomainStatus (string) --
The current state for the domain.
AcmCertificateArn (string) --
The ARN of an issued ACM certificate that is valid for the domain being associated.
Exceptions
Provides basic information for the specified fleet, excluding identity provider, networking, and device configuration details.
See also: AWS API Documentation
Request Syntax
response = client.describe_fleet_metadata(
FleetArn='string'
)
[REQUIRED]
The Amazon Resource Name (ARN) of the fleet.
{
'CreatedTime': datetime(2015, 1, 1),
'LastUpdatedTime': datetime(2015, 1, 1),
'FleetName': 'string',
'DisplayName': 'string',
'OptimizeForEndUserLocation': True|False,
'CompanyCode': 'string',
'FleetStatus': 'CREATING'|'ACTIVE'|'DELETING'|'DELETED'|'FAILED_TO_CREATE'|'FAILED_TO_DELETE',
'Tags': {
'string': 'string'
}
}
Response Structure
The time that the fleet was created.
The time that the fleet was last updated.
The name of the fleet.
The name to display.
The option to optimize for better performance by routing traffic through the closest AWS Region to users, which may be outside of your home Region.
The identifier used by users to sign in to the Amazon WorkLink app.
The current state of the fleet.
The tags attached to the resource. A tag is a key-value pair.
Exceptions
Describes the identity provider configuration of the specified fleet.
See also: AWS API Documentation
Request Syntax
response = client.describe_identity_provider_configuration(
FleetArn='string'
)
[REQUIRED]
The ARN of the fleet.
{
'IdentityProviderType': 'SAML',
'ServiceProviderSamlMetadata': 'string',
'IdentityProviderSamlMetadata': 'string'
}
Response Structure
The type of identity provider.
The SAML metadata document uploaded to the user’s identity provider.
The SAML metadata document provided by the user’s identity provider.
Exceptions
Provides information about the certificate authority.
See also: AWS API Documentation
Request Syntax
response = client.describe_website_certificate_authority(
FleetArn='string',
WebsiteCaId='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
A unique identifier for the certificate authority.
dict
Response Syntax
{
'Certificate': 'string',
'CreatedTime': datetime(2015, 1, 1),
'DisplayName': 'string'
}
Response Structure
(dict) --
Certificate (string) --
The root certificate of the certificate authority.
CreatedTime (datetime) --
The time that the certificate authority was added.
DisplayName (string) --
The certificate name to display.
Exceptions
Disassociates a domain from Amazon WorkLink. End users lose the ability to access the domain with Amazon WorkLink.
See also: AWS API Documentation
Request Syntax
response = client.disassociate_domain(
FleetArn='string',
DomainName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The name of the domain.
dict
Response Syntax
{}
Response Structure
Exceptions
Disassociates a website authorization provider from a specified fleet. After the disassociation, users can't load any associated websites that require this authorization provider.
See also: AWS API Documentation
Request Syntax
response = client.disassociate_website_authorization_provider(
FleetArn='string',
AuthorizationProviderId='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
A unique identifier for the authorization provider.
dict
Response Syntax
{}
Response Structure
Exceptions
Removes a certificate authority (CA).
See also: AWS API Documentation
Request Syntax
response = client.disassociate_website_certificate_authority(
FleetArn='string',
WebsiteCaId='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
A unique identifier for the CA.
dict
Response Syntax
{}
Response Structure
Exceptions
Generate a presigned url given a client, its method, and arguments
The presigned url
Create a paginator for an operation.
Returns an object that can wait for some condition.
Retrieves a list of devices registered with the specified fleet.
See also: AWS API Documentation
Request Syntax
response = client.list_devices(
FleetArn='string',
NextToken='string',
MaxResults=123
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{
'Devices': [
{
'DeviceId': 'string',
'DeviceStatus': 'ACTIVE'|'SIGNED_OUT'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Devices (list) --
Information about the devices.
(dict) --
The summary of devices.
DeviceId (string) --
The ID of the device.
DeviceStatus (string) --
The status of the device.
NextToken (string) --
The pagination token used to retrieve the next page of results for this operation. If there are no more pages, this value is null.
Exceptions
Retrieves a list of domains associated to a specified fleet.
See also: AWS API Documentation
Request Syntax
response = client.list_domains(
FleetArn='string',
NextToken='string',
MaxResults=123
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{
'Domains': [
{
'DomainName': 'string',
'DisplayName': 'string',
'CreatedTime': datetime(2015, 1, 1),
'DomainStatus': 'PENDING_VALIDATION'|'ASSOCIATING'|'ACTIVE'|'INACTIVE'|'DISASSOCIATING'|'DISASSOCIATED'|'FAILED_TO_ASSOCIATE'|'FAILED_TO_DISASSOCIATE'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Domains (list) --
Information about the domains.
(dict) --
The summary of the domain.
DomainName (string) --
The name of the domain.
DisplayName (string) --
The name to display.
CreatedTime (datetime) --
The time that the domain was created.
DomainStatus (string) --
The status of the domain.
NextToken (string) --
The pagination token used to retrieve the next page of results for this operation. If there are no more pages, this value is null.
Exceptions
Retrieves a list of fleets for the current account and Region.
See also: AWS API Documentation
Request Syntax
response = client.list_fleets(
NextToken='string',
MaxResults=123
)
dict
Response Syntax
{
'FleetSummaryList': [
{
'FleetArn': 'string',
'CreatedTime': datetime(2015, 1, 1),
'LastUpdatedTime': datetime(2015, 1, 1),
'FleetName': 'string',
'DisplayName': 'string',
'CompanyCode': 'string',
'FleetStatus': 'CREATING'|'ACTIVE'|'DELETING'|'DELETED'|'FAILED_TO_CREATE'|'FAILED_TO_DELETE',
'Tags': {
'string': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
FleetSummaryList (list) --
The summary list of the fleets.
(dict) --
The summary of the fleet.
FleetArn (string) --
The Amazon Resource Name (ARN) of the fleet.
CreatedTime (datetime) --
The time when the fleet was created.
LastUpdatedTime (datetime) --
The time when the fleet was last updated.
FleetName (string) --
The name of the fleet.
DisplayName (string) --
The name of the fleet to display.
CompanyCode (string) --
The identifier used by users to sign into the Amazon WorkLink app.
FleetStatus (string) --
The status of the fleet.
Tags (dict) --
The tags attached to the resource. A tag is a key-value pair.
NextToken (string) --
The pagination token used to retrieve the next page of results for this operation. If there are no more pages, this value is null.
Exceptions
Retrieves a list of tags for the specified resource.
See also: AWS API Documentation
Request Syntax
response = client.list_tags_for_resource(
ResourceArn='string'
)
[REQUIRED]
The Amazon Resource Name (ARN) of the fleet.
{
'Tags': {
'string': 'string'
}
}
Response Structure
The tags attached to the resource. A tag is a key-value pair.
Exceptions
Retrieves a list of website authorization providers associated with a specified fleet.
See also: AWS API Documentation
Request Syntax
response = client.list_website_authorization_providers(
FleetArn='string',
NextToken='string',
MaxResults=123
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{
'WebsiteAuthorizationProviders': [
{
'AuthorizationProviderId': 'string',
'AuthorizationProviderType': 'SAML',
'DomainName': 'string',
'CreatedTime': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
WebsiteAuthorizationProviders (list) --
The website authorization providers.
(dict) --
The summary of the website authorization provider.
AuthorizationProviderId (string) --
A unique identifier for the authorization provider.
AuthorizationProviderType (string) --
The authorization provider type.
DomainName (string) --
The domain name of the authorization provider. This applies only to SAML-based authorization providers.
CreatedTime (datetime) --
The time of creation.
NextToken (string) --
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
Exceptions
Retrieves a list of certificate authorities added for the current account and Region.
See also: AWS API Documentation
Request Syntax
response = client.list_website_certificate_authorities(
FleetArn='string',
MaxResults=123,
NextToken='string'
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{
'WebsiteCertificateAuthorities': [
{
'WebsiteCaId': 'string',
'CreatedTime': datetime(2015, 1, 1),
'DisplayName': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
WebsiteCertificateAuthorities (list) --
Information about the certificates.
(dict) --
The summary of the certificate authority (CA).
WebsiteCaId (string) --
A unique identifier for the CA.
CreatedTime (datetime) --
The time when the CA was added.
DisplayName (string) --
The name to display.
NextToken (string) --
The pagination token used to retrieve the next page of results for this operation. If there are no more pages, this value is null.
Exceptions
Moves a domain to ACTIVE status if it was in the INACTIVE status.
See also: AWS API Documentation
Request Syntax
response = client.restore_domain_access(
FleetArn='string',
DomainName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The name of the domain.
dict
Response Syntax
{}
Response Structure
Exceptions
Moves a domain to INACTIVE status if it was in the ACTIVE status.
See also: AWS API Documentation
Request Syntax
response = client.revoke_domain_access(
FleetArn='string',
DomainName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The name of the domain.
dict
Response Syntax
{}
Response Structure
Exceptions
Signs the user out from all of their devices. The user can sign in again if they have valid credentials.
See also: AWS API Documentation
Request Syntax
response = client.sign_out_user(
FleetArn='string',
Username='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The name of the user.
dict
Response Syntax
{}
Response Structure
Exceptions
Adds or overwrites one or more tags for the specified resource, such as a fleet. Each tag consists of a key and an optional value. If a resource already has a tag with the same key, this operation updates its value.
See also: AWS API Documentation
Request Syntax
response = client.tag_resource(
ResourceArn='string',
Tags={
'string': 'string'
}
)
[REQUIRED]
The Amazon Resource Name (ARN) of the fleet.
[REQUIRED]
The tags to add to the resource. A tag is a key-value pair.
dict
Response Syntax
{}
Response Structure
Exceptions
Removes one or more tags from the specified resource.
See also: AWS API Documentation
Request Syntax
response = client.untag_resource(
ResourceArn='string',
TagKeys=[
'string',
]
)
[REQUIRED]
The Amazon Resource Name (ARN) of the fleet.
[REQUIRED]
The list of tag keys to remove from the resource.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates the audit stream configuration for the fleet.
See also: AWS API Documentation
Request Syntax
response = client.update_audit_stream_configuration(
FleetArn='string',
AuditStreamArn='string'
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates the company network configuration for the fleet.
See also: AWS API Documentation
Request Syntax
response = client.update_company_network_configuration(
FleetArn='string',
VpcId='string',
SubnetIds=[
'string',
],
SecurityGroupIds=[
'string',
]
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The VPC with connectivity to associated websites.
[REQUIRED]
The subnets used for X-ENI connections from Amazon WorkLink rendering containers.
[REQUIRED]
The security groups associated with access to the provided subnets.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates the device policy configuration for the fleet.
See also: AWS API Documentation
Request Syntax
response = client.update_device_policy_configuration(
FleetArn='string',
DeviceCaCertificate='string'
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates domain metadata, such as DisplayName.
See also: AWS API Documentation
Request Syntax
response = client.update_domain_metadata(
FleetArn='string',
DomainName='string',
DisplayName='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The name of the domain.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates fleet metadata, such as DisplayName.
See also: AWS API Documentation
Request Syntax
response = client.update_fleet_metadata(
FleetArn='string',
DisplayName='string',
OptimizeForEndUserLocation=True|False
)
[REQUIRED]
The ARN of the fleet.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates the identity provider configuration for the fleet.
See also: AWS API Documentation
Request Syntax
response = client.update_identity_provider_configuration(
FleetArn='string',
IdentityProviderType='SAML',
IdentityProviderSamlMetadata='string'
)
[REQUIRED]
The ARN of the fleet.
[REQUIRED]
The type of identity provider.
dict
Response Syntax
{}
Response Structure
Exceptions
The available paginators are: