AWS::EC2::VerifiedAccessTrustProvider

A trust provider is a third-party entity that creates, maintains, and manages identity information for users and devices. When an application request is made, the identity information sent by the trust provider is evaluated by Verified Access before allowing or denying the application request.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::EC2::VerifiedAccessTrustProvider",
  "Properties" : {
      "Description" : String,
      "DeviceOptions" : DeviceOptions,
      "DeviceTrustProviderType" : String,
      "OidcOptions" : OidcOptions,
      "PolicyReferenceName" : String,
      "SseSpecification" : SseSpecification,
      "Tags" : [ Tag, ... ],
      "TrustProviderType" : String,
      "UserTrustProviderType" : String
    }
}

YAML


Type: AWS::EC2::VerifiedAccessTrustProvider
Properties:
  Description: String
  DeviceOptions: 
    DeviceOptions
  DeviceTrustProviderType: String
  OidcOptions: 
    OidcOptions
  PolicyReferenceName: String
  SseSpecification: 
    SseSpecification
  Tags: 
    - Tag
  TrustProviderType: String
  UserTrustProviderType: String

Properties

Description

A description for the AWS Verified Access trust provider.

Required: No

Type: String

Update requires: No interruption

DeviceOptions

The options for device-identity trust provider.

Required: No

Type: DeviceOptions

Update requires: Replacement

DeviceTrustProviderType

The type of device-based trust provider.

Required: No

Type: String

Allowed values: jamf | crowdstrike | jumpcloud

Update requires: Replacement

OidcOptions

The options for an OpenID Connect-compatible user-identity trust provider.

Required: No

Type: OidcOptions

Update requires: No interruption

PolicyReferenceName

The identifier to be used when working with policy rules.

Required: Yes

Type: String

Update requires: Replacement

SseSpecification

The options for additional server side encryption.

Required: No

Type: SseSpecification

Update requires: No interruption

Tags

The tags.

Required: No

Type: Array of Tag

Update requires: No interruption

TrustProviderType

The type of Verified Access trust provider.

Required: Yes

Type: String

Allowed values: user | device

Update requires: Replacement

UserTrustProviderType

The type of user-based trust provider.

Required: No

Type: String

Allowed values: iam-identity-center | oidc

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the ID of the Verified Access trust provider.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

CreationTime: The creation time.
LastUpdatedTime: The last updated time.
VerifiedAccessTrustProviderId: The ID of the Verified Access trust provider.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

VerifiedAccessTrustProvider

DeviceOptions