1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. ec2
  5. VerifiedAccessTrustProvider

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi

aws-native.ec2.VerifiedAccessTrustProvider

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi

    The AWS::EC2::VerifiedAccessTrustProvider type describes a verified access trust provider

    Create VerifiedAccessTrustProvider Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new VerifiedAccessTrustProvider(name: string, args: VerifiedAccessTrustProviderArgs, opts?: CustomResourceOptions);
    @overload
    def VerifiedAccessTrustProvider(resource_name: str,
                                    args: VerifiedAccessTrustProviderArgs,
                                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def VerifiedAccessTrustProvider(resource_name: str,
                                    opts: Optional[ResourceOptions] = None,
                                    policy_reference_name: Optional[str] = None,
                                    trust_provider_type: Optional[str] = None,
                                    description: Optional[str] = None,
                                    device_options: Optional[VerifiedAccessTrustProviderDeviceOptionsArgs] = None,
                                    device_trust_provider_type: Optional[str] = None,
                                    oidc_options: Optional[VerifiedAccessTrustProviderOidcOptionsArgs] = None,
                                    sse_specification: Optional[SseSpecificationPropertiesArgs] = None,
                                    tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
                                    user_trust_provider_type: Optional[str] = None)
    func NewVerifiedAccessTrustProvider(ctx *Context, name string, args VerifiedAccessTrustProviderArgs, opts ...ResourceOption) (*VerifiedAccessTrustProvider, error)
    public VerifiedAccessTrustProvider(string name, VerifiedAccessTrustProviderArgs args, CustomResourceOptions? opts = null)
    public VerifiedAccessTrustProvider(String name, VerifiedAccessTrustProviderArgs args)
    public VerifiedAccessTrustProvider(String name, VerifiedAccessTrustProviderArgs args, CustomResourceOptions options)
    
    type: aws-native:ec2:VerifiedAccessTrustProvider
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args VerifiedAccessTrustProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args VerifiedAccessTrustProviderArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args VerifiedAccessTrustProviderArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args VerifiedAccessTrustProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args VerifiedAccessTrustProviderArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    VerifiedAccessTrustProvider Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The VerifiedAccessTrustProvider resource accepts the following input properties:

    PolicyReferenceName string
    The identifier to be used when working with policy rules.
    TrustProviderType string
    Type of trust provider. Possible values: user|device
    Description string
    A description for the Amazon Web Services Verified Access trust provider.
    DeviceOptions Pulumi.AwsNative.Ec2.Inputs.VerifiedAccessTrustProviderDeviceOptions
    The options for device-identity trust provider.
    DeviceTrustProviderType string
    The type of device-based trust provider. Possible values: jamf|crowdstrike
    OidcOptions Pulumi.AwsNative.Ec2.Inputs.VerifiedAccessTrustProviderOidcOptions
    The options for an OpenID Connect-compatible user-identity trust provider.
    SseSpecification Pulumi.AwsNative.Ec2.Inputs.SseSpecificationProperties
    The configuration options for customer provided KMS encryption.
    Tags List<Pulumi.AwsNative.Inputs.Tag>
    An array of key-value pairs to apply to this resource.
    UserTrustProviderType string
    The type of device-based trust provider. Possible values: oidc|iam-identity-center
    PolicyReferenceName string
    The identifier to be used when working with policy rules.
    TrustProviderType string
    Type of trust provider. Possible values: user|device
    Description string
    A description for the Amazon Web Services Verified Access trust provider.
    DeviceOptions VerifiedAccessTrustProviderDeviceOptionsArgs
    The options for device-identity trust provider.
    DeviceTrustProviderType string
    The type of device-based trust provider. Possible values: jamf|crowdstrike
    OidcOptions VerifiedAccessTrustProviderOidcOptionsArgs
    The options for an OpenID Connect-compatible user-identity trust provider.
    SseSpecification SseSpecificationPropertiesArgs
    The configuration options for customer provided KMS encryption.
    Tags TagArgs
    An array of key-value pairs to apply to this resource.
    UserTrustProviderType string
    The type of device-based trust provider. Possible values: oidc|iam-identity-center
    policyReferenceName String
    The identifier to be used when working with policy rules.
    trustProviderType String
    Type of trust provider. Possible values: user|device
    description String
    A description for the Amazon Web Services Verified Access trust provider.
    deviceOptions VerifiedAccessTrustProviderDeviceOptions
    The options for device-identity trust provider.
    deviceTrustProviderType String
    The type of device-based trust provider. Possible values: jamf|crowdstrike
    oidcOptions VerifiedAccessTrustProviderOidcOptions
    The options for an OpenID Connect-compatible user-identity trust provider.
    sseSpecification SseSpecificationProperties
    The configuration options for customer provided KMS encryption.
    tags List<Tag>
    An array of key-value pairs to apply to this resource.
    userTrustProviderType String
    The type of device-based trust provider. Possible values: oidc|iam-identity-center
    policyReferenceName string
    The identifier to be used when working with policy rules.
    trustProviderType string
    Type of trust provider. Possible values: user|device
    description string
    A description for the Amazon Web Services Verified Access trust provider.
    deviceOptions VerifiedAccessTrustProviderDeviceOptions
    The options for device-identity trust provider.
    deviceTrustProviderType string
    The type of device-based trust provider. Possible values: jamf|crowdstrike
    oidcOptions VerifiedAccessTrustProviderOidcOptions
    The options for an OpenID Connect-compatible user-identity trust provider.
    sseSpecification SseSpecificationProperties
    The configuration options for customer provided KMS encryption.
    tags Tag[]
    An array of key-value pairs to apply to this resource.
    userTrustProviderType string
    The type of device-based trust provider. Possible values: oidc|iam-identity-center
    policy_reference_name str
    The identifier to be used when working with policy rules.
    trust_provider_type str
    Type of trust provider. Possible values: user|device
    description str
    A description for the Amazon Web Services Verified Access trust provider.
    device_options VerifiedAccessTrustProviderDeviceOptionsArgs
    The options for device-identity trust provider.
    device_trust_provider_type str
    The type of device-based trust provider. Possible values: jamf|crowdstrike
    oidc_options VerifiedAccessTrustProviderOidcOptionsArgs
    The options for an OpenID Connect-compatible user-identity trust provider.
    sse_specification SseSpecificationPropertiesArgs
    The configuration options for customer provided KMS encryption.
    tags Sequence[TagArgs]
    An array of key-value pairs to apply to this resource.
    user_trust_provider_type str
    The type of device-based trust provider. Possible values: oidc|iam-identity-center
    policyReferenceName String
    The identifier to be used when working with policy rules.
    trustProviderType String
    Type of trust provider. Possible values: user|device
    description String
    A description for the Amazon Web Services Verified Access trust provider.
    deviceOptions Property Map
    The options for device-identity trust provider.
    deviceTrustProviderType String
    The type of device-based trust provider. Possible values: jamf|crowdstrike
    oidcOptions Property Map
    The options for an OpenID Connect-compatible user-identity trust provider.
    sseSpecification Property Map
    The configuration options for customer provided KMS encryption.
    tags List<Property Map>
    An array of key-value pairs to apply to this resource.
    userTrustProviderType String
    The type of device-based trust provider. Possible values: oidc|iam-identity-center

    Outputs

    All input properties are implicitly available as output properties. Additionally, the VerifiedAccessTrustProvider resource produces the following output properties:

    CreationTime string
    The creation time.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastUpdatedTime string
    The last updated time.
    VerifiedAccessTrustProviderId string
    The ID of the Amazon Web Services Verified Access trust provider.
    CreationTime string
    The creation time.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastUpdatedTime string
    The last updated time.
    VerifiedAccessTrustProviderId string
    The ID of the Amazon Web Services Verified Access trust provider.
    creationTime String
    The creation time.
    id String
    The provider-assigned unique ID for this managed resource.
    lastUpdatedTime String
    The last updated time.
    verifiedAccessTrustProviderId String
    The ID of the Amazon Web Services Verified Access trust provider.
    creationTime string
    The creation time.
    id string
    The provider-assigned unique ID for this managed resource.
    lastUpdatedTime string
    The last updated time.
    verifiedAccessTrustProviderId string
    The ID of the Amazon Web Services Verified Access trust provider.
    creation_time str
    The creation time.
    id str
    The provider-assigned unique ID for this managed resource.
    last_updated_time str
    The last updated time.
    verified_access_trust_provider_id str
    The ID of the Amazon Web Services Verified Access trust provider.
    creationTime String
    The creation time.
    id String
    The provider-assigned unique ID for this managed resource.
    lastUpdatedTime String
    The last updated time.
    verifiedAccessTrustProviderId String
    The ID of the Amazon Web Services Verified Access trust provider.

    Supporting Types

    SseSpecificationProperties, SseSpecificationPropertiesArgs

    CustomerManagedKeyEnabled bool
    Whether to encrypt the policy with the provided key or disable encryption
    KmsKeyArn string
    KMS Key Arn used to encrypt the group policy
    CustomerManagedKeyEnabled bool
    Whether to encrypt the policy with the provided key or disable encryption
    KmsKeyArn string
    KMS Key Arn used to encrypt the group policy
    customerManagedKeyEnabled Boolean
    Whether to encrypt the policy with the provided key or disable encryption
    kmsKeyArn String
    KMS Key Arn used to encrypt the group policy
    customerManagedKeyEnabled boolean
    Whether to encrypt the policy with the provided key or disable encryption
    kmsKeyArn string
    KMS Key Arn used to encrypt the group policy
    customer_managed_key_enabled bool
    Whether to encrypt the policy with the provided key or disable encryption
    kms_key_arn str
    KMS Key Arn used to encrypt the group policy
    customerManagedKeyEnabled Boolean
    Whether to encrypt the policy with the provided key or disable encryption
    kmsKeyArn String
    KMS Key Arn used to encrypt the group policy

    Tag, TagArgs

    Key string
    The key name of the tag
    Value string
    The value of the tag
    Key string
    The key name of the tag
    Value string
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag
    key string
    The key name of the tag
    value string
    The value of the tag
    key str
    The key name of the tag
    value str
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag

    VerifiedAccessTrustProviderDeviceOptions, VerifiedAccessTrustProviderDeviceOptionsArgs

    PublicSigningKeyUrl string
    URL Verified Access will use to verify authenticity of the device tokens.
    TenantId string
    The ID of the tenant application with the device-identity provider.
    PublicSigningKeyUrl string
    URL Verified Access will use to verify authenticity of the device tokens.
    TenantId string
    The ID of the tenant application with the device-identity provider.
    publicSigningKeyUrl String
    URL Verified Access will use to verify authenticity of the device tokens.
    tenantId String
    The ID of the tenant application with the device-identity provider.
    publicSigningKeyUrl string
    URL Verified Access will use to verify authenticity of the device tokens.
    tenantId string
    The ID of the tenant application with the device-identity provider.
    public_signing_key_url str
    URL Verified Access will use to verify authenticity of the device tokens.
    tenant_id str
    The ID of the tenant application with the device-identity provider.
    publicSigningKeyUrl String
    URL Verified Access will use to verify authenticity of the device tokens.
    tenantId String
    The ID of the tenant application with the device-identity provider.

    VerifiedAccessTrustProviderOidcOptions, VerifiedAccessTrustProviderOidcOptionsArgs

    AuthorizationEndpoint string
    The OIDC authorization endpoint.
    ClientId string
    The client identifier.
    ClientSecret string
    The client secret.
    Issuer string
    The OIDC issuer.
    Scope string
    OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
    TokenEndpoint string
    The OIDC token endpoint.
    UserInfoEndpoint string
    The OIDC user info endpoint.
    AuthorizationEndpoint string
    The OIDC authorization endpoint.
    ClientId string
    The client identifier.
    ClientSecret string
    The client secret.
    Issuer string
    The OIDC issuer.
    Scope string
    OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
    TokenEndpoint string
    The OIDC token endpoint.
    UserInfoEndpoint string
    The OIDC user info endpoint.
    authorizationEndpoint String
    The OIDC authorization endpoint.
    clientId String
    The client identifier.
    clientSecret String
    The client secret.
    issuer String
    The OIDC issuer.
    scope String
    OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
    tokenEndpoint String
    The OIDC token endpoint.
    userInfoEndpoint String
    The OIDC user info endpoint.
    authorizationEndpoint string
    The OIDC authorization endpoint.
    clientId string
    The client identifier.
    clientSecret string
    The client secret.
    issuer string
    The OIDC issuer.
    scope string
    OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
    tokenEndpoint string
    The OIDC token endpoint.
    userInfoEndpoint string
    The OIDC user info endpoint.
    authorization_endpoint str
    The OIDC authorization endpoint.
    client_id str
    The client identifier.
    client_secret str
    The client secret.
    issuer str
    The OIDC issuer.
    scope str
    OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
    token_endpoint str
    The OIDC token endpoint.
    user_info_endpoint str
    The OIDC user info endpoint.
    authorizationEndpoint String
    The OIDC authorization endpoint.
    clientId String
    The client identifier.
    clientSecret String
    The client secret.
    issuer String
    The OIDC issuer.
    scope String
    OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
    tokenEndpoint String
    The OIDC token endpoint.
    userInfoEndpoint String
    The OIDC user info endpoint.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi