2025/11/13 - Amazon WorkSpaces Web - 6 updated api methods
Changes Support for managing web content filtering for defining, tracking and regulating type of content accessed with WorkSpaces Secure Browser as part of browser settings.
{'webContentFilteringPolicy': {'allowedUrls': ['string'],
'blockedCategories': ['Cults | Gambling | '
'Nudity | Pornography | '
'SexEducation | Tasteless '
'| Violence | '
'DownloadSites | '
'ImageSharing | '
'PeerToPeer | '
'StreamingMediaAndDownloads '
'| GenerativeAI | '
'CriminalActivity | '
'Hacking | '
'HateAndIntolerance | '
'IllegalDrug | '
'IllegalSoftware | '
'SchoolCheating | '
'SelfHarm | Weapons | '
'Chat | Games | '
'InstantMessaging | '
'ProfessionalNetwork | '
'SocialNetworking | '
'WebBasedEmail | '
'ParkedDomains'],
'blockedUrls': ['string']}}
Creates a browser settings resource that can be associated with a web portal. Once associated with a web portal, browser settings control how the browser will behave once a user starts a streaming session for the web portal.
See also: AWS API Documentation
Request Syntax
client.create_browser_settings(
tags=[
{
'Key': 'string',
'Value': 'string'
},
],
customerManagedKey='string',
additionalEncryptionContext={
'string': 'string'
},
browserPolicy='string',
clientToken='string',
webContentFilteringPolicy={
'blockedCategories': [
'Cults'|'Gambling'|'Nudity'|'Pornography'|'SexEducation'|'Tasteless'|'Violence'|'DownloadSites'|'ImageSharing'|'PeerToPeer'|'StreamingMediaAndDownloads'|'GenerativeAI'|'CriminalActivity'|'Hacking'|'HateAndIntolerance'|'IllegalDrug'|'IllegalSoftware'|'SchoolCheating'|'SelfHarm'|'Weapons'|'Chat'|'Games'|'InstantMessaging'|'ProfessionalNetwork'|'SocialNetworking'|'WebBasedEmail'|'ParkedDomains',
],
'allowedUrls': [
'string',
],
'blockedUrls': [
'string',
]
}
)
list
The tags to add to the browser settings resource. A tag is a key-value pair.
(dict) --
The tag.
Key (string) -- [REQUIRED]
The key of the tag.
Value (string) -- [REQUIRED]
The value of the tag
string
The custom managed key of the browser settings.
dict
Additional encryption context of the browser settings.
(string) --
(string) --
string
A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token returns the result from the original successful request.
If you do not specify a client token, one is automatically generated by the Amazon Web Services SDK.
This field is autopopulated if not provided.
dict
The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security.
blockedCategories (list) --
Categories of websites that are blocked on the end user’s browsers.
(string) --
allowedUrls (list) --
URLs and domains that are always accessible to end users.
(string) --
blockedUrls (list) --
URLs and domains that end users cannot access.
(string) --
dict
Response Syntax
{
'browserSettingsArn': 'string'
}
Response Structure
(dict) --
browserSettingsArn (string) --
The ARN of the browser settings.
{'eventFilter': {'include': {'UrlBlockByContentFilter'}}}
Creates a session logger.
See also: AWS API Documentation
Request Syntax
client.create_session_logger(
eventFilter={
'all': {}
,
'include': [
'WebsiteInteract'|'FileDownloadFromSecureBrowserToRemoteDisk'|'FileTransferFromRemoteToLocalDisk'|'FileTransferFromLocalToRemoteDisk'|'FileUploadFromRemoteDiskToSecureBrowser'|'ContentPasteToWebsite'|'ContentTransferFromLocalToRemoteClipboard'|'ContentCopyFromWebsite'|'UrlLoad'|'TabOpen'|'TabClose'|'PrintJobSubmit'|'SessionConnect'|'SessionStart'|'SessionDisconnect'|'SessionEnd'|'UrlBlockByContentFilter',
]
},
logConfiguration={
's3': {
'bucket': 'string',
'keyPrefix': 'string',
'bucketOwner': 'string',
'logFileFormat': 'JSONLines'|'Json',
'folderStructure': 'Flat'|'NestedByDate'
}
},
displayName='string',
customerManagedKey='string',
additionalEncryptionContext={
'string': 'string'
},
tags=[
{
'Key': 'string',
'Value': 'string'
},
],
clientToken='string'
)
dict
[REQUIRED]
The filter that specifies the events to monitor.
all (dict) --
The filter that monitors all of the available events, including any new events emitted in the future.
include (list) --
The filter that monitors only the listed set of events. New events are not auto-monitored.
(string) --
dict
[REQUIRED]
The configuration that specifies where logs are delivered.
s3 (dict) --
The configuration for delivering the logs to S3.
bucket (string) -- [REQUIRED]
The S3 bucket name where logs are delivered.
keyPrefix (string) --
The S3 path prefix that determines where log files are stored.
bucketOwner (string) --
The expected bucket owner of the target S3 bucket. The caller must have permissions to write to the target bucket.
logFileFormat (string) -- [REQUIRED]
The format of the LogFile that is written to S3.
folderStructure (string) -- [REQUIRED]
The folder structure that defines the organizational structure for log files in S3.
string
The human-readable display name for the session logger resource.
string
The custom managed key of the session logger.
dict
The additional encryption context of the session logger.
(string) --
(string) --
list
The tags to add to the session logger.
(dict) --
The tag.
Key (string) -- [REQUIRED]
The key of the tag.
Value (string) -- [REQUIRED]
The value of the tag
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token returns the result from the original successful request. If you do not specify a client token, one is automatically generated by the AWS SDK.
This field is autopopulated if not provided.
dict
Response Syntax
{
'sessionLoggerArn': 'string'
}
Response Structure
(dict) --
sessionLoggerArn (string) --
The ARN of the session logger.
{'browserSettings': {'webContentFilteringPolicy': {'allowedUrls': ['string'],
'blockedCategories': ['Cults '
'| '
'Gambling '
'| '
'Nudity '
'| '
'Pornography '
'| '
'SexEducation '
'| '
'Tasteless '
'| '
'Violence '
'| '
'DownloadSites '
'| '
'ImageSharing '
'| '
'PeerToPeer '
'| '
'StreamingMediaAndDownloads '
'| '
'GenerativeAI '
'| '
'CriminalActivity '
'| '
'Hacking '
'| '
'HateAndIntolerance '
'| '
'IllegalDrug '
'| '
'IllegalSoftware '
'| '
'SchoolCheating '
'| '
'SelfHarm '
'| '
'Weapons '
'| '
'Chat '
'| '
'Games '
'| '
'InstantMessaging '
'| '
'ProfessionalNetwork '
'| '
'SocialNetworking '
'| '
'WebBasedEmail '
'| '
'ParkedDomains'],
'blockedUrls': ['string']}}}
Gets browser settings.
See also: AWS API Documentation
Request Syntax
client.get_browser_settings(
browserSettingsArn='string'
)
string
[REQUIRED]
The ARN of the browser settings.
dict
Response Syntax
{
'browserSettings': {
'browserSettingsArn': 'string',
'associatedPortalArns': [
'string',
],
'browserPolicy': 'string',
'customerManagedKey': 'string',
'additionalEncryptionContext': {
'string': 'string'
},
'webContentFilteringPolicy': {
'blockedCategories': [
'Cults'|'Gambling'|'Nudity'|'Pornography'|'SexEducation'|'Tasteless'|'Violence'|'DownloadSites'|'ImageSharing'|'PeerToPeer'|'StreamingMediaAndDownloads'|'GenerativeAI'|'CriminalActivity'|'Hacking'|'HateAndIntolerance'|'IllegalDrug'|'IllegalSoftware'|'SchoolCheating'|'SelfHarm'|'Weapons'|'Chat'|'Games'|'InstantMessaging'|'ProfessionalNetwork'|'SocialNetworking'|'WebBasedEmail'|'ParkedDomains',
],
'allowedUrls': [
'string',
],
'blockedUrls': [
'string',
]
}
}
}
Response Structure
(dict) --
browserSettings (dict) --
The browser settings.
browserSettingsArn (string) --
The ARN of the browser settings.
associatedPortalArns (list) --
A list of web portal ARNs that this browser settings is associated with.
(string) --
browserPolicy (string) --
A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions.
customerManagedKey (string) --
The customer managed key used to encrypt sensitive information in the browser settings.
additionalEncryptionContext (dict) --
The additional encryption context of the browser settings.
(string) --
(string) --
webContentFilteringPolicy (dict) --
The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security.
blockedCategories (list) --
Categories of websites that are blocked on the end user’s browsers.
(string) --
allowedUrls (list) --
URLs and domains that are always accessible to end users.
(string) --
blockedUrls (list) --
URLs and domains that end users cannot access.
(string) --
{'sessionLogger': {'eventFilter': {'include': {'UrlBlockByContentFilter'}}}}
Gets details about a specific session logger resource.
See also: AWS API Documentation
Request Syntax
client.get_session_logger(
sessionLoggerArn='string'
)
string
[REQUIRED]
The ARN of the session logger.
dict
Response Syntax
{
'sessionLogger': {
'sessionLoggerArn': 'string',
'eventFilter': {
'all': {},
'include': [
'WebsiteInteract'|'FileDownloadFromSecureBrowserToRemoteDisk'|'FileTransferFromRemoteToLocalDisk'|'FileTransferFromLocalToRemoteDisk'|'FileUploadFromRemoteDiskToSecureBrowser'|'ContentPasteToWebsite'|'ContentTransferFromLocalToRemoteClipboard'|'ContentCopyFromWebsite'|'UrlLoad'|'TabOpen'|'TabClose'|'PrintJobSubmit'|'SessionConnect'|'SessionStart'|'SessionDisconnect'|'SessionEnd'|'UrlBlockByContentFilter',
]
},
'logConfiguration': {
's3': {
'bucket': 'string',
'keyPrefix': 'string',
'bucketOwner': 'string',
'logFileFormat': 'JSONLines'|'Json',
'folderStructure': 'Flat'|'NestedByDate'
}
},
'customerManagedKey': 'string',
'additionalEncryptionContext': {
'string': 'string'
},
'associatedPortalArns': [
'string',
],
'displayName': 'string',
'creationDate': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
sessionLogger (dict) --
The session logger details.
sessionLoggerArn (string) --
The ARN of the session logger resource.
eventFilter (dict) --
The filter that specifies which events to monitor.
all (dict) --
The filter that monitors all of the available events, including any new events emitted in the future.
include (list) --
The filter that monitors only the listed set of events. New events are not auto-monitored.
(string) --
logConfiguration (dict) --
The configuration that specifies where logs are fowarded.
s3 (dict) --
The configuration for delivering the logs to S3.
bucket (string) --
The S3 bucket name where logs are delivered.
keyPrefix (string) --
The S3 path prefix that determines where log files are stored.
bucketOwner (string) --
The expected bucket owner of the target S3 bucket. The caller must have permissions to write to the target bucket.
logFileFormat (string) --
The format of the LogFile that is written to S3.
folderStructure (string) --
The folder structure that defines the organizational structure for log files in S3.
customerManagedKey (string) --
The custom managed key of the session logger.
additionalEncryptionContext (dict) --
The additional encryption context of the session logger.
(string) --
(string) --
associatedPortalArns (list) --
The associated portal ARN.
(string) --
displayName (string) --
The human-readable display name.
creationDate (datetime) --
The date the session logger resource was created.
{'webContentFilteringPolicy': {'allowedUrls': ['string'],
'blockedCategories': ['Cults | Gambling | '
'Nudity | Pornography | '
'SexEducation | Tasteless '
'| Violence | '
'DownloadSites | '
'ImageSharing | '
'PeerToPeer | '
'StreamingMediaAndDownloads '
'| GenerativeAI | '
'CriminalActivity | '
'Hacking | '
'HateAndIntolerance | '
'IllegalDrug | '
'IllegalSoftware | '
'SchoolCheating | '
'SelfHarm | Weapons | '
'Chat | Games | '
'InstantMessaging | '
'ProfessionalNetwork | '
'SocialNetworking | '
'WebBasedEmail | '
'ParkedDomains'],
'blockedUrls': ['string']}}
Response {'browserSettings': {'webContentFilteringPolicy': {'allowedUrls': ['string'],
'blockedCategories': ['Cults '
'| '
'Gambling '
'| '
'Nudity '
'| '
'Pornography '
'| '
'SexEducation '
'| '
'Tasteless '
'| '
'Violence '
'| '
'DownloadSites '
'| '
'ImageSharing '
'| '
'PeerToPeer '
'| '
'StreamingMediaAndDownloads '
'| '
'GenerativeAI '
'| '
'CriminalActivity '
'| '
'Hacking '
'| '
'HateAndIntolerance '
'| '
'IllegalDrug '
'| '
'IllegalSoftware '
'| '
'SchoolCheating '
'| '
'SelfHarm '
'| '
'Weapons '
'| '
'Chat '
'| '
'Games '
'| '
'InstantMessaging '
'| '
'ProfessionalNetwork '
'| '
'SocialNetworking '
'| '
'WebBasedEmail '
'| '
'ParkedDomains'],
'blockedUrls': ['string']}}}
Updates browser settings.
See also: AWS API Documentation
Request Syntax
client.update_browser_settings(
browserSettingsArn='string',
browserPolicy='string',
clientToken='string',
webContentFilteringPolicy={
'blockedCategories': [
'Cults'|'Gambling'|'Nudity'|'Pornography'|'SexEducation'|'Tasteless'|'Violence'|'DownloadSites'|'ImageSharing'|'PeerToPeer'|'StreamingMediaAndDownloads'|'GenerativeAI'|'CriminalActivity'|'Hacking'|'HateAndIntolerance'|'IllegalDrug'|'IllegalSoftware'|'SchoolCheating'|'SelfHarm'|'Weapons'|'Chat'|'Games'|'InstantMessaging'|'ProfessionalNetwork'|'SocialNetworking'|'WebBasedEmail'|'ParkedDomains',
],
'allowedUrls': [
'string',
],
'blockedUrls': [
'string',
]
}
)
string
[REQUIRED]
The ARN of the browser settings.
string
A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token return the result from the original successful request.
If you do not specify a client token, one is automatically generated by the Amazon Web Services SDK.
This field is autopopulated if not provided.
dict
The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security.
blockedCategories (list) --
Categories of websites that are blocked on the end user’s browsers.
(string) --
allowedUrls (list) --
URLs and domains that are always accessible to end users.
(string) --
blockedUrls (list) --
URLs and domains that end users cannot access.
(string) --
dict
Response Syntax
{
'browserSettings': {
'browserSettingsArn': 'string',
'associatedPortalArns': [
'string',
],
'browserPolicy': 'string',
'customerManagedKey': 'string',
'additionalEncryptionContext': {
'string': 'string'
},
'webContentFilteringPolicy': {
'blockedCategories': [
'Cults'|'Gambling'|'Nudity'|'Pornography'|'SexEducation'|'Tasteless'|'Violence'|'DownloadSites'|'ImageSharing'|'PeerToPeer'|'StreamingMediaAndDownloads'|'GenerativeAI'|'CriminalActivity'|'Hacking'|'HateAndIntolerance'|'IllegalDrug'|'IllegalSoftware'|'SchoolCheating'|'SelfHarm'|'Weapons'|'Chat'|'Games'|'InstantMessaging'|'ProfessionalNetwork'|'SocialNetworking'|'WebBasedEmail'|'ParkedDomains',
],
'allowedUrls': [
'string',
],
'blockedUrls': [
'string',
]
}
}
}
Response Structure
(dict) --
browserSettings (dict) --
The browser settings.
browserSettingsArn (string) --
The ARN of the browser settings.
associatedPortalArns (list) --
A list of web portal ARNs that this browser settings is associated with.
(string) --
browserPolicy (string) --
A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions.
customerManagedKey (string) --
The customer managed key used to encrypt sensitive information in the browser settings.
additionalEncryptionContext (dict) --
The additional encryption context of the browser settings.
(string) --
(string) --
webContentFilteringPolicy (dict) --
The policy that specifies which URLs end users are allowed to access or which URLs or domain categories they are restricted from accessing for enhanced security.
blockedCategories (list) --
Categories of websites that are blocked on the end user’s browsers.
(string) --
allowedUrls (list) --
URLs and domains that are always accessible to end users.
(string) --
blockedUrls (list) --
URLs and domains that end users cannot access.
(string) --
{'eventFilter': {'include': {'UrlBlockByContentFilter'}}}
Response {'sessionLogger': {'eventFilter': {'include': {'UrlBlockByContentFilter'}}}}
Updates the details of a session logger.
See also: AWS API Documentation
Request Syntax
client.update_session_logger(
sessionLoggerArn='string',
eventFilter={
'all': {}
,
'include': [
'WebsiteInteract'|'FileDownloadFromSecureBrowserToRemoteDisk'|'FileTransferFromRemoteToLocalDisk'|'FileTransferFromLocalToRemoteDisk'|'FileUploadFromRemoteDiskToSecureBrowser'|'ContentPasteToWebsite'|'ContentTransferFromLocalToRemoteClipboard'|'ContentCopyFromWebsite'|'UrlLoad'|'TabOpen'|'TabClose'|'PrintJobSubmit'|'SessionConnect'|'SessionStart'|'SessionDisconnect'|'SessionEnd'|'UrlBlockByContentFilter',
]
},
logConfiguration={
's3': {
'bucket': 'string',
'keyPrefix': 'string',
'bucketOwner': 'string',
'logFileFormat': 'JSONLines'|'Json',
'folderStructure': 'Flat'|'NestedByDate'
}
},
displayName='string'
)
string
[REQUIRED]
The ARN of the session logger to update.
dict
The updated eventFilter.
all (dict) --
The filter that monitors all of the available events, including any new events emitted in the future.
include (list) --
The filter that monitors only the listed set of events. New events are not auto-monitored.
(string) --
dict
The updated logConfiguration.
s3 (dict) --
The configuration for delivering the logs to S3.
bucket (string) -- [REQUIRED]
The S3 bucket name where logs are delivered.
keyPrefix (string) --
The S3 path prefix that determines where log files are stored.
bucketOwner (string) --
The expected bucket owner of the target S3 bucket. The caller must have permissions to write to the target bucket.
logFileFormat (string) -- [REQUIRED]
The format of the LogFile that is written to S3.
folderStructure (string) -- [REQUIRED]
The folder structure that defines the organizational structure for log files in S3.
string
The updated display name.
dict
Response Syntax
{
'sessionLogger': {
'sessionLoggerArn': 'string',
'eventFilter': {
'all': {},
'include': [
'WebsiteInteract'|'FileDownloadFromSecureBrowserToRemoteDisk'|'FileTransferFromRemoteToLocalDisk'|'FileTransferFromLocalToRemoteDisk'|'FileUploadFromRemoteDiskToSecureBrowser'|'ContentPasteToWebsite'|'ContentTransferFromLocalToRemoteClipboard'|'ContentCopyFromWebsite'|'UrlLoad'|'TabOpen'|'TabClose'|'PrintJobSubmit'|'SessionConnect'|'SessionStart'|'SessionDisconnect'|'SessionEnd'|'UrlBlockByContentFilter',
]
},
'logConfiguration': {
's3': {
'bucket': 'string',
'keyPrefix': 'string',
'bucketOwner': 'string',
'logFileFormat': 'JSONLines'|'Json',
'folderStructure': 'Flat'|'NestedByDate'
}
},
'customerManagedKey': 'string',
'additionalEncryptionContext': {
'string': 'string'
},
'associatedPortalArns': [
'string',
],
'displayName': 'string',
'creationDate': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
sessionLogger (dict) --
The updated details of the session logger.
sessionLoggerArn (string) --
The ARN of the session logger resource.
eventFilter (dict) --
The filter that specifies which events to monitor.
all (dict) --
The filter that monitors all of the available events, including any new events emitted in the future.
include (list) --
The filter that monitors only the listed set of events. New events are not auto-monitored.
(string) --
logConfiguration (dict) --
The configuration that specifies where logs are fowarded.
s3 (dict) --
The configuration for delivering the logs to S3.
bucket (string) --
The S3 bucket name where logs are delivered.
keyPrefix (string) --
The S3 path prefix that determines where log files are stored.
bucketOwner (string) --
The expected bucket owner of the target S3 bucket. The caller must have permissions to write to the target bucket.
logFileFormat (string) --
The format of the LogFile that is written to S3.
folderStructure (string) --
The folder structure that defines the organizational structure for log files in S3.
customerManagedKey (string) --
The custom managed key of the session logger.
additionalEncryptionContext (dict) --
The additional encryption context of the session logger.
(string) --
(string) --
associatedPortalArns (list) --
The associated portal ARN.
(string) --
displayName (string) --
The human-readable display name.
creationDate (datetime) --
The date the session logger resource was created.