For BYOL it is possible to use AWS IAM Identity Center to set up a Microsfot Entra ID joined Directory. This allows to manage user directly via AWS IAM Identity which is already backed by the user's Entra ID instance.
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
Volunteering to Work on This Issue
If you are interested in working on this issue, please leave a comment.
If this would be your first contribution, please review the contribution guide.
Description
For BYOL it is possible to use AWS IAM Identity Center to set up a Microsfot Entra ID joined Directory. This allows to manage user directly via AWS IAM Identity which is already backed by the user's Entra ID instance.
Affected Resource(s) and/or Data Source(s)
Potential Terraform Configuration
References
Announcement: https://aws.amazon.com/about-aws/whats-new/2024/08/aws-microsoft-entra-id-intune-amazon-workspaces-personal/ Relevant part in the documentation: https://docs.aws.amazon.com/workspaces/latest/adminguide/launch-workspaces-tutorials.html#launch-entra-id
Based on CLI/Boto3 there is a new property "microsoft-entra-config" which takes the Microsoft Entra ID tenant ID as well as a secret containing the applciation ID and the API token. API boto3 reference: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/workspaces/client/register_workspace_directory.html#WorkSpaces.Client.register_workspace_directory AWS CLI reference: https://docs.aws.amazon.com/cli/latest/reference/workspaces/register-workspace-directory.html
I guess the relevant GO SDK links are these: Register direcotry: https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/workspaces#Client.RegisterWorkspaceDirectory Config object MicrosoftEntraConfig: https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/workspaces@v1.46.3/types#MicrosoftEntraConfig
Would you like to implement a fix?
No