verified_access_endpoint
Gets an individual verified_access_endpoint resource
Overview
| Name | verified_access_endpoint |
| Type | Resource |
| Description | verified_access_endpoint |
| Id | awscc.ec2.verified_access_endpoint |
Fields
| Name | Datatype | Description |
|---|---|---|
verified_access_endpoint_id | string | The ID of the AWS Verified Access endpoint. |
verified_access_group_id | string | The ID of the AWS Verified Access group. |
verified_access_instance_id | string | The ID of the AWS Verified Access instance. |
status | string | The endpoint status. |
security_group_ids | array | The IDs of the security groups for the endpoint. |
network_interface_options | object | The options for network-interface type endpoint. |
load_balancer_options | object | The load balancer details if creating the AWS Verified Access endpoint as load-balancer type. |
endpoint_type | string | The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified. |
endpoint_domain | string | A DNS name that is generated for the endpoint. |
endpoint_domain_prefix | string | A custom identifier that gets prepended to a DNS name that is generated for the endpoint. |
device_validation_domain | string | Returned if endpoint has a device trust provider attached. |
domain_certificate_arn | string | The ARN of a public TLS/SSL certificate imported into or created with ACM. |
attachment_type | string | The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application. |
application_domain | string | The DNS name for users to reach your application. |
creation_time | string | The creation time. |
last_updated_time | string | The last updated time. |
description | string | A description for the AWS Verified Access endpoint. |
policy_document | string | The AWS Verified Access policy document. |
policy_enabled | boolean | The status of the Verified Access policy. |
tags | array | An array of key-value pairs to apply to this resource. |
sse_specification | object | The configuration options for customer provided KMS encryption. |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
verified_access_endpoint_id,
verified_access_group_id,
verified_access_instance_id,
status,
security_group_ids,
network_interface_options,
load_balancer_options,
endpoint_type,
endpoint_domain,
endpoint_domain_prefix,
device_validation_domain,
domain_certificate_arn,
attachment_type,
application_domain,
creation_time,
last_updated_time,
description,
policy_document,
policy_enabled,
tags,
sse_specification
FROM awscc.ec2.verified_access_endpoint
WHERE data__Identifier = '<VerifiedAccessEndpointId>';
Permissions
To operate on the verified_access_endpoint resource, the following permissions are required:
Read
ec2:DescribeVerifiedAccessEndpoints,
ec2:GetVerifiedAccessEndpointPolicy,
ec2:DescribeTags,
acm:CreateCertificateRelation,
acm:DeleteCertificateRelation,
acm:DescribeCertificate,
acm:GetCertificateWithPK,
ec2:CreateTags,
ec2:CreateVerifiedAccessEndpoint,
ec2:DeleteTags,
ec2:DeleteVerifiedAccessEndpoint,
ec2:DescribeAccountAttributes,
ec2:DescribeNetworkInterfaces,
ec2:DescribeSecurityGroups,
ec2:DescribeSubnets,
ec2:ModifyVerifiedAccessEndpoint,
ec2:ModifyVerifiedAccessEndpointPolicy,
elasticloadbalancing:DescribeListenerCertificates,
elasticloadbalancing:DescribeListeners,
elasticloadbalancing:DescribeLoadBalancers,
iam:CreateServiceLinkedRole,
iam:ListRoles,
sso:CreateManagedApplicationInstance,
sso:DeleteManagedApplicationInstance,
sso:GetManagedApplicationInstance,
sso:GetPeregrineStatus,
sso:GetSharedSsoConfiguration,
kms:DescribeKey,
kms:RetireGrant,
kms:CreateGrant,
kms:GenerateDataKey,
kms:Decrypt
Update
ec2:ModifyVerifiedAccessEndpoint,
ec2:ModifyVerifiedAccessEndpointPolicy,
ec2:DescribeVerifiedAccessEndpoints,
ec2:GetVerifiedAccessEndpointPolicy,
ec2:DescribeTags,
ec2:DeleteTags,
ec2:CreateTags,
acm:GetCertificateWithPK,
acm:DescribeCertificate,
acm:CreateCertificateRelation,
acm:DeleteCertificateRelation,
sso:GetManagedApplicationInstance,
sso:GetPeregrineStatus,
sso:GetSharedSsoConfiguration,
sso:CreateManagedApplicationInstance,
sso:DeleteManagedApplicationInstance,
ec2:DescribeSubnets,
ec2:DescribeSecurityGroups,
ec2:DescribeNetworkInterfaces,
ec2:DescribeAccountAttributes,
elasticloadbalancing:DescribeLoadBalancers,
elasticloadbalancing:DescribeListeners,
elasticloadbalancing:DescribeListenerCertificates,
ec2:CreateVerifiedAccessEndpoint,
ec2:DeleteVerifiedAccessEndpoint,
iam:CreateServiceLinkedRole,
iam:ListRoles,
kms:DescribeKey,
kms:RetireGrant,
kms:CreateGrant,
kms:GenerateDataKey,
kms:Decrypt
Delete
ec2:DescribeVerifiedAccessEndpoints,
ec2:DescribeTags,
ec2:DeleteVerifiedAccessEndpoint,
ec2:DeleteTags,
sso:DeleteManagedApplicationInstance,
acm:DeleteCertificateRelation,
acm:DescribeCertificate,
acm:CreateCertificateRelation,
acm:GetCertificateWithPK,
ec2:CreateTags,
ec2:CreateVerifiedAccessEndpoint,
ec2:DescribeAccountAttributes,
ec2:DescribeNetworkInterfaces,
ec2:DescribeSecurityGroups,
ec2:DescribeSubnets,
ec2:GetVerifiedAccessEndpointPolicy,
ec2:ModifyVerifiedAccessEndpoint,
ec2:ModifyVerifiedAccessEndpointPolicy,
elasticloadbalancing:DescribeListenerCertificates,
elasticloadbalancing:DescribeListeners,
elasticloadbalancing:DescribeLoadBalancers,
iam:CreateServiceLinkedRole,
iam:ListRoles,
sso:CreateManagedApplicationInstance,
sso:GetManagedApplicationInstance,
sso:GetPeregrineStatus,
sso:GetSharedSsoConfiguration,
kms:DescribeKey,
kms:RetireGrant,
kms:CreateGrant,
kms:GenerateDataKey,
kms:Decrypt