Create a workspace - Amazon IoT TwinMaker
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Create a workspace

To create and configure your first workspace, use the following steps.

Note

This topic shows you how to create a simple workspace with a single resource. For a fully featured workspace with multiple resources, try the sample setup in the Amazon IoT TwinMaker samples Github repository.

  1. On the Amazon IoT TwinMaker console home page, choose Workspaces in the left navigation pane.

  2. On the Workspaces page, choose Create workspace.

  3. On the Create a Workspace page, enter a name for your workspace.

  4. (Optional) Add a description for your workspace.

  5. Under S3 resource, choose Create an S3 bucket. This option creates an Amazon S3 bucket where Amazon IoT TwinMaker stores information and resources related to the workspace. Each workspace requires its own bucket.

  6. Under Execution role, choose either Auto-generate a new role or the custom IAM role that you created as for this workspace.

    If you choose Auto-generate a new role, Amazon IoT TwinMaker attaches a policy to the role that grants permission to the new service role to access other Amazon services, including permission to read and write to the Amazon S3 bucket that you specify in the previous step. For information about assigning permissions to this role, see Create and manage a service role for Amazon IoT TwinMaker.

  7. Choose Create Workspace. The following banner appears at the top of the Workspaces page.

    A banner with the recommended IAM policy and role names, and a button that lets you get the required JSON.

  8. Choose Get json. We recommend you add the IAM policy you see to the IAM role that Amazon IoT TwinMaker created for users and accounts that view the Grafana dashboard. The name of this role follows this pattern: workspace-nameDashboardRole, For instructions on how to create a policy and attach it to a role, see Modifying a role permissions policy (console).

    The following example contains the policy to add to the dashboard role.

    
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::iottwinmaker-workspace-workspace-name-lower-case-account-id",
        "arn:aws:s3:::iottwinmaker-workspace-workspace-name-lower-case-account-id/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "iottwinmaker:Get*",
        "iottwinmaker:List*"
      ],
      "Resource": [
        "arn:aws:iottwinmaker:us-east-1:account-id:workspace/workspace-name",
        "arn:aws:iottwinmaker:us-east-1:account-id:workspace/workspace-name/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "iottwinmaker:ListWorkspaces",
      "Resource": "*"
    }
  ]
}

You're now ready to start creating a data model for your workspace with your first entity. For instructions on how to do this, see Create your first entity.