We recommend new projects start with resources from the AWS provider.
aws-native.ec2.VerifiedAccessTrustProvider
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
The AWS::EC2::VerifiedAccessTrustProvider type describes a verified access trust provider
Create VerifiedAccessTrustProvider Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VerifiedAccessTrustProvider(name: string, args: VerifiedAccessTrustProviderArgs, opts?: CustomResourceOptions);
@overload
def VerifiedAccessTrustProvider(resource_name: str,
args: VerifiedAccessTrustProviderArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VerifiedAccessTrustProvider(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy_reference_name: Optional[str] = None,
trust_provider_type: Optional[str] = None,
description: Optional[str] = None,
device_options: Optional[VerifiedAccessTrustProviderDeviceOptionsArgs] = None,
device_trust_provider_type: Optional[str] = None,
oidc_options: Optional[VerifiedAccessTrustProviderOidcOptionsArgs] = None,
sse_specification: Optional[SseSpecificationPropertiesArgs] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
user_trust_provider_type: Optional[str] = None)
func NewVerifiedAccessTrustProvider(ctx *Context, name string, args VerifiedAccessTrustProviderArgs, opts ...ResourceOption) (*VerifiedAccessTrustProvider, error)
public VerifiedAccessTrustProvider(string name, VerifiedAccessTrustProviderArgs args, CustomResourceOptions? opts = null)
public VerifiedAccessTrustProvider(String name, VerifiedAccessTrustProviderArgs args)
public VerifiedAccessTrustProvider(String name, VerifiedAccessTrustProviderArgs args, CustomResourceOptions options)
type: aws-native:ec2:VerifiedAccessTrustProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VerifiedAccessTrustProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VerifiedAccessTrustProviderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VerifiedAccessTrustProviderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VerifiedAccessTrustProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VerifiedAccessTrustProviderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
VerifiedAccessTrustProvider Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VerifiedAccessTrustProvider resource accepts the following input properties:
- Policy
Reference stringName - The identifier to be used when working with policy rules.
- Trust
Provider stringType - Type of trust provider. Possible values: user|device
- Description string
- A description for the Amazon Web Services Verified Access trust provider.
- Device
Options Pulumi.Aws Native. Ec2. Inputs. Verified Access Trust Provider Device Options - The options for device-identity trust provider.
- Device
Trust stringProvider Type - The type of device-based trust provider. Possible values: jamf|crowdstrike
- Oidc
Options Pulumi.Aws Native. Ec2. Inputs. Verified Access Trust Provider Oidc Options - The options for an OpenID Connect-compatible user-identity trust provider.
- Sse
Specification Pulumi.Aws Native. Ec2. Inputs. Sse Specification Properties - The configuration options for customer provided KMS encryption.
- List<Pulumi.
Aws Native. Inputs. Tag> - An array of key-value pairs to apply to this resource.
- User
Trust stringProvider Type - The type of device-based trust provider. Possible values: oidc|iam-identity-center
- Policy
Reference stringName - The identifier to be used when working with policy rules.
- Trust
Provider stringType - Type of trust provider. Possible values: user|device
- Description string
- A description for the Amazon Web Services Verified Access trust provider.
- Device
Options VerifiedAccess Trust Provider Device Options Args - The options for device-identity trust provider.
- Device
Trust stringProvider Type - The type of device-based trust provider. Possible values: jamf|crowdstrike
- Oidc
Options VerifiedAccess Trust Provider Oidc Options Args - The options for an OpenID Connect-compatible user-identity trust provider.
- Sse
Specification SseSpecification Properties Args - The configuration options for customer provided KMS encryption.
- Tag
Args - An array of key-value pairs to apply to this resource.
- User
Trust stringProvider Type - The type of device-based trust provider. Possible values: oidc|iam-identity-center
- policy
Reference StringName - The identifier to be used when working with policy rules.
- trust
Provider StringType - Type of trust provider. Possible values: user|device
- description String
- A description for the Amazon Web Services Verified Access trust provider.
- device
Options VerifiedAccess Trust Provider Device Options - The options for device-identity trust provider.
- device
Trust StringProvider Type - The type of device-based trust provider. Possible values: jamf|crowdstrike
- oidc
Options VerifiedAccess Trust Provider Oidc Options - The options for an OpenID Connect-compatible user-identity trust provider.
- sse
Specification SseSpecification Properties - The configuration options for customer provided KMS encryption.
- List<Tag>
- An array of key-value pairs to apply to this resource.
- user
Trust StringProvider Type - The type of device-based trust provider. Possible values: oidc|iam-identity-center
- policy
Reference stringName - The identifier to be used when working with policy rules.
- trust
Provider stringType - Type of trust provider. Possible values: user|device
- description string
- A description for the Amazon Web Services Verified Access trust provider.
- device
Options VerifiedAccess Trust Provider Device Options - The options for device-identity trust provider.
- device
Trust stringProvider Type - The type of device-based trust provider. Possible values: jamf|crowdstrike
- oidc
Options VerifiedAccess Trust Provider Oidc Options - The options for an OpenID Connect-compatible user-identity trust provider.
- sse
Specification SseSpecification Properties - The configuration options for customer provided KMS encryption.
- Tag[]
- An array of key-value pairs to apply to this resource.
- user
Trust stringProvider Type - The type of device-based trust provider. Possible values: oidc|iam-identity-center
- policy_
reference_ strname - The identifier to be used when working with policy rules.
- trust_
provider_ strtype - Type of trust provider. Possible values: user|device
- description str
- A description for the Amazon Web Services Verified Access trust provider.
- device_
options VerifiedAccess Trust Provider Device Options Args - The options for device-identity trust provider.
- device_
trust_ strprovider_ type - The type of device-based trust provider. Possible values: jamf|crowdstrike
- oidc_
options VerifiedAccess Trust Provider Oidc Options Args - The options for an OpenID Connect-compatible user-identity trust provider.
- sse_
specification SseSpecification Properties Args - The configuration options for customer provided KMS encryption.
- Sequence[Tag
Args] - An array of key-value pairs to apply to this resource.
- user_
trust_ strprovider_ type - The type of device-based trust provider. Possible values: oidc|iam-identity-center
- policy
Reference StringName - The identifier to be used when working with policy rules.
- trust
Provider StringType - Type of trust provider. Possible values: user|device
- description String
- A description for the Amazon Web Services Verified Access trust provider.
- device
Options Property Map - The options for device-identity trust provider.
- device
Trust StringProvider Type - The type of device-based trust provider. Possible values: jamf|crowdstrike
- oidc
Options Property Map - The options for an OpenID Connect-compatible user-identity trust provider.
- sse
Specification Property Map - The configuration options for customer provided KMS encryption.
- List<Property Map>
- An array of key-value pairs to apply to this resource.
- user
Trust StringProvider Type - The type of device-based trust provider. Possible values: oidc|iam-identity-center
Outputs
All input properties are implicitly available as output properties. Additionally, the VerifiedAccessTrustProvider resource produces the following output properties:
- Creation
Time string - The creation time.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Updated stringTime - The last updated time.
- Verified
Access stringTrust Provider Id - The ID of the Amazon Web Services Verified Access trust provider.
- Creation
Time string - The creation time.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Updated stringTime - The last updated time.
- Verified
Access stringTrust Provider Id - The ID of the Amazon Web Services Verified Access trust provider.
- creation
Time String - The creation time.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Updated StringTime - The last updated time.
- verified
Access StringTrust Provider Id - The ID of the Amazon Web Services Verified Access trust provider.
- creation
Time string - The creation time.
- id string
- The provider-assigned unique ID for this managed resource.
- last
Updated stringTime - The last updated time.
- verified
Access stringTrust Provider Id - The ID of the Amazon Web Services Verified Access trust provider.
- creation_
time str - The creation time.
- id str
- The provider-assigned unique ID for this managed resource.
- last_
updated_ strtime - The last updated time.
- verified_
access_ strtrust_ provider_ id - The ID of the Amazon Web Services Verified Access trust provider.
- creation
Time String - The creation time.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Updated StringTime - The last updated time.
- verified
Access StringTrust Provider Id - The ID of the Amazon Web Services Verified Access trust provider.
Supporting Types
SseSpecificationProperties, SseSpecificationPropertiesArgs
- Customer
Managed boolKey Enabled - Whether to encrypt the policy with the provided key or disable encryption
- Kms
Key stringArn - KMS Key Arn used to encrypt the group policy
- Customer
Managed boolKey Enabled - Whether to encrypt the policy with the provided key or disable encryption
- Kms
Key stringArn - KMS Key Arn used to encrypt the group policy
- customer
Managed BooleanKey Enabled - Whether to encrypt the policy with the provided key or disable encryption
- kms
Key StringArn - KMS Key Arn used to encrypt the group policy
- customer
Managed booleanKey Enabled - Whether to encrypt the policy with the provided key or disable encryption
- kms
Key stringArn - KMS Key Arn used to encrypt the group policy
- customer_
managed_ boolkey_ enabled - Whether to encrypt the policy with the provided key or disable encryption
- kms_
key_ strarn - KMS Key Arn used to encrypt the group policy
- customer
Managed BooleanKey Enabled - Whether to encrypt the policy with the provided key or disable encryption
- kms
Key StringArn - KMS Key Arn used to encrypt the group policy
Tag, TagArgs
VerifiedAccessTrustProviderDeviceOptions, VerifiedAccessTrustProviderDeviceOptionsArgs
- Public
Signing stringKey Url - URL Verified Access will use to verify authenticity of the device tokens.
- Tenant
Id string - The ID of the tenant application with the device-identity provider.
- Public
Signing stringKey Url - URL Verified Access will use to verify authenticity of the device tokens.
- Tenant
Id string - The ID of the tenant application with the device-identity provider.
- public
Signing StringKey Url - URL Verified Access will use to verify authenticity of the device tokens.
- tenant
Id String - The ID of the tenant application with the device-identity provider.
- public
Signing stringKey Url - URL Verified Access will use to verify authenticity of the device tokens.
- tenant
Id string - The ID of the tenant application with the device-identity provider.
- public_
signing_ strkey_ url - URL Verified Access will use to verify authenticity of the device tokens.
- tenant_
id str - The ID of the tenant application with the device-identity provider.
- public
Signing StringKey Url - URL Verified Access will use to verify authenticity of the device tokens.
- tenant
Id String - The ID of the tenant application with the device-identity provider.
VerifiedAccessTrustProviderOidcOptions, VerifiedAccessTrustProviderOidcOptionsArgs
- string
- The OIDC authorization endpoint.
- Client
Id string - The client identifier.
- Client
Secret string - The client secret.
- Issuer string
- The OIDC issuer.
- Scope string
- OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
- Token
Endpoint string - The OIDC token endpoint.
- User
Info stringEndpoint - The OIDC user info endpoint.
- string
- The OIDC authorization endpoint.
- Client
Id string - The client identifier.
- Client
Secret string - The client secret.
- Issuer string
- The OIDC issuer.
- Scope string
- OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
- Token
Endpoint string - The OIDC token endpoint.
- User
Info stringEndpoint - The OIDC user info endpoint.
- String
- The OIDC authorization endpoint.
- client
Id String - The client identifier.
- client
Secret String - The client secret.
- issuer String
- The OIDC issuer.
- scope String
- OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
- token
Endpoint String - The OIDC token endpoint.
- user
Info StringEndpoint - The OIDC user info endpoint.
- string
- The OIDC authorization endpoint.
- client
Id string - The client identifier.
- client
Secret string - The client secret.
- issuer string
- The OIDC issuer.
- scope string
- OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
- token
Endpoint string - The OIDC token endpoint.
- user
Info stringEndpoint - The OIDC user info endpoint.
- str
- The OIDC authorization endpoint.
- client_
id str - The client identifier.
- client_
secret str - The client secret.
- issuer str
- The OIDC issuer.
- scope str
- OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
- token_
endpoint str - The OIDC token endpoint.
- user_
info_ strendpoint - The OIDC user info endpoint.
- String
- The OIDC authorization endpoint.
- client
Id String - The client identifier.
- client
Secret String - The client secret.
- issuer String
- The OIDC issuer.
- scope String
- OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes.
- token
Endpoint String - The OIDC token endpoint.
- user
Info StringEndpoint - The OIDC user info endpoint.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.