1. Packages
  2. AWS
  3. API Docs
  4. verifiedaccess
  5. Endpoint
AWS v6.54.0 published on Friday, Sep 27, 2024 by Pulumi

aws.verifiedaccess.Endpoint

Explore with Pulumi AI

aws logo
AWS v6.54.0 published on Friday, Sep 27, 2024 by Pulumi

    Resource for managing an AWS EC2 (Elastic Compute Cloud) Verified Access Endpoint.

    Example Usage

    ALB Example

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.Endpoint("example", {
        applicationDomain: "example.com",
        attachmentType: "vpc",
        description: "example",
        domainCertificateArn: exampleAwsAcmCertificate.arn,
        endpointDomainPrefix: "example",
        endpointType: "load-balancer",
        loadBalancerOptions: {
            loadBalancerArn: exampleAwsLb.arn,
            port: 443,
            protocol: "https",
            subnetIds: .map(subnet => (subnet.id)),
        },
        securityGroupIds: [exampleAwsSecurityGroup.id],
        verifiedAccessGroupId: exampleAwsVerifiedaccessGroup.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.Endpoint("example",
        application_domain="example.com",
        attachment_type="vpc",
        description="example",
        domain_certificate_arn=example_aws_acm_certificate["arn"],
        endpoint_domain_prefix="example",
        endpoint_type="load-balancer",
        load_balancer_options={
            "load_balancer_arn": example_aws_lb["arn"],
            "port": 443,
            "protocol": "https",
            "subnet_ids": [subnet["id"] for subnet in public],
        },
        security_group_ids=[example_aws_security_group["id"]],
        verified_access_group_id=example_aws_verifiedaccess_group["id"])
    
    Coming soon!
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.Endpoint("example", new()
        {
            ApplicationDomain = "example.com",
            AttachmentType = "vpc",
            Description = "example",
            DomainCertificateArn = exampleAwsAcmCertificate.Arn,
            EndpointDomainPrefix = "example",
            EndpointType = "load-balancer",
            LoadBalancerOptions = new Aws.VerifiedAccess.Inputs.EndpointLoadBalancerOptionsArgs
            {
                LoadBalancerArn = exampleAwsLb.Arn,
                Port = 443,
                Protocol = "https",
                SubnetIds = .Select(subnet => 
                {
                    return subnet.Id;
                }).ToList(),
            },
            SecurityGroupIds = new[]
            {
                exampleAwsSecurityGroup.Id,
            },
            VerifiedAccessGroupId = exampleAwsVerifiedaccessGroup.Id,
        });
    
    });
    
    Coming soon!
    
    Coming soon!
    

    Network Interface Example

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.Endpoint("example", {
        applicationDomain: "example.com",
        attachmentType: "vpc",
        description: "example",
        domainCertificateArn: exampleAwsAcmCertificate.arn,
        endpointDomainPrefix: "example",
        endpointType: "network-interface",
        networkInterfaceOptions: {
            networkInterfaceId: exampleAwsNetworkInterface.id,
            port: 443,
            protocol: "https",
        },
        securityGroupIds: [exampleAwsSecurityGroup.id],
        verifiedAccessGroupId: exampleAwsVerifiedaccessGroup.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.Endpoint("example",
        application_domain="example.com",
        attachment_type="vpc",
        description="example",
        domain_certificate_arn=example_aws_acm_certificate["arn"],
        endpoint_domain_prefix="example",
        endpoint_type="network-interface",
        network_interface_options={
            "network_interface_id": example_aws_network_interface["id"],
            "port": 443,
            "protocol": "https",
        },
        security_group_ids=[example_aws_security_group["id"]],
        verified_access_group_id=example_aws_verifiedaccess_group["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewEndpoint(ctx, "example", &verifiedaccess.EndpointArgs{
    			ApplicationDomain:    pulumi.String("example.com"),
    			AttachmentType:       pulumi.String("vpc"),
    			Description:          pulumi.String("example"),
    			DomainCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),
    			EndpointDomainPrefix: pulumi.String("example"),
    			EndpointType:         pulumi.String("network-interface"),
    			NetworkInterfaceOptions: &verifiedaccess.EndpointNetworkInterfaceOptionsArgs{
    				NetworkInterfaceId: pulumi.Any(exampleAwsNetworkInterface.Id),
    				Port:               pulumi.Int(443),
    				Protocol:           pulumi.String("https"),
    			},
    			SecurityGroupIds: pulumi.StringArray{
    				exampleAwsSecurityGroup.Id,
    			},
    			VerifiedAccessGroupId: pulumi.Any(exampleAwsVerifiedaccessGroup.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.Endpoint("example", new()
        {
            ApplicationDomain = "example.com",
            AttachmentType = "vpc",
            Description = "example",
            DomainCertificateArn = exampleAwsAcmCertificate.Arn,
            EndpointDomainPrefix = "example",
            EndpointType = "network-interface",
            NetworkInterfaceOptions = new Aws.VerifiedAccess.Inputs.EndpointNetworkInterfaceOptionsArgs
            {
                NetworkInterfaceId = exampleAwsNetworkInterface.Id,
                Port = 443,
                Protocol = "https",
            },
            SecurityGroupIds = new[]
            {
                exampleAwsSecurityGroup.Id,
            },
            VerifiedAccessGroupId = exampleAwsVerifiedaccessGroup.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.Endpoint;
    import com.pulumi.aws.verifiedaccess.EndpointArgs;
    import com.pulumi.aws.verifiedaccess.inputs.EndpointNetworkInterfaceOptionsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Endpoint("example", EndpointArgs.builder()
                .applicationDomain("example.com")
                .attachmentType("vpc")
                .description("example")
                .domainCertificateArn(exampleAwsAcmCertificate.arn())
                .endpointDomainPrefix("example")
                .endpointType("network-interface")
                .networkInterfaceOptions(EndpointNetworkInterfaceOptionsArgs.builder()
                    .networkInterfaceId(exampleAwsNetworkInterface.id())
                    .port(443)
                    .protocol("https")
                    .build())
                .securityGroupIds(exampleAwsSecurityGroup.id())
                .verifiedAccessGroupId(exampleAwsVerifiedaccessGroup.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:Endpoint
        properties:
          applicationDomain: example.com
          attachmentType: vpc
          description: example
          domainCertificateArn: ${exampleAwsAcmCertificate.arn}
          endpointDomainPrefix: example
          endpointType: network-interface
          networkInterfaceOptions:
            networkInterfaceId: ${exampleAwsNetworkInterface.id}
            port: 443
            protocol: https
          securityGroupIds:
            - ${exampleAwsSecurityGroup.id}
          verifiedAccessGroupId: ${exampleAwsVerifiedaccessGroup.id}
    

    Create Endpoint Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Endpoint(name: string, args: EndpointArgs, opts?: CustomResourceOptions);
    @overload
    def Endpoint(resource_name: str,
                 args: EndpointArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def Endpoint(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 application_domain: Optional[str] = None,
                 attachment_type: Optional[str] = None,
                 verified_access_group_id: Optional[str] = None,
                 domain_certificate_arn: Optional[str] = None,
                 endpoint_domain_prefix: Optional[str] = None,
                 endpoint_type: Optional[str] = None,
                 load_balancer_options: Optional[EndpointLoadBalancerOptionsArgs] = None,
                 network_interface_options: Optional[EndpointNetworkInterfaceOptionsArgs] = None,
                 policy_document: Optional[str] = None,
                 security_group_ids: Optional[Sequence[str]] = None,
                 sse_specification: Optional[EndpointSseSpecificationArgs] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 description: Optional[str] = None)
    func NewEndpoint(ctx *Context, name string, args EndpointArgs, opts ...ResourceOption) (*Endpoint, error)
    public Endpoint(string name, EndpointArgs args, CustomResourceOptions? opts = null)
    public Endpoint(String name, EndpointArgs args)
    public Endpoint(String name, EndpointArgs args, CustomResourceOptions options)
    
    type: aws:verifiedaccess:Endpoint
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args EndpointArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args EndpointArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args EndpointArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args EndpointArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args EndpointArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var exampleendpointResourceResourceFromVerifiedaccessendpoint = new Aws.VerifiedAccess.Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint", new()
    {
        ApplicationDomain = "string",
        AttachmentType = "string",
        VerifiedAccessGroupId = "string",
        DomainCertificateArn = "string",
        EndpointDomainPrefix = "string",
        EndpointType = "string",
        LoadBalancerOptions = new Aws.VerifiedAccess.Inputs.EndpointLoadBalancerOptionsArgs
        {
            LoadBalancerArn = "string",
            Port = 0,
            Protocol = "string",
            SubnetIds = new[]
            {
                "string",
            },
        },
        NetworkInterfaceOptions = new Aws.VerifiedAccess.Inputs.EndpointNetworkInterfaceOptionsArgs
        {
            NetworkInterfaceId = "string",
            Port = 0,
            Protocol = "string",
        },
        PolicyDocument = "string",
        SecurityGroupIds = new[]
        {
            "string",
        },
        SseSpecification = new Aws.VerifiedAccess.Inputs.EndpointSseSpecificationArgs
        {
            CustomerManagedKeyEnabled = false,
            KmsKeyArn = "string",
        },
        Tags = 
        {
            { "string", "string" },
        },
        Description = "string",
    });
    
    example, err := verifiedaccess.NewEndpoint(ctx, "exampleendpointResourceResourceFromVerifiedaccessendpoint", &verifiedaccess.EndpointArgs{
    	ApplicationDomain:     pulumi.String("string"),
    	AttachmentType:        pulumi.String("string"),
    	VerifiedAccessGroupId: pulumi.String("string"),
    	DomainCertificateArn:  pulumi.String("string"),
    	EndpointDomainPrefix:  pulumi.String("string"),
    	EndpointType:          pulumi.String("string"),
    	LoadBalancerOptions: &verifiedaccess.EndpointLoadBalancerOptionsArgs{
    		LoadBalancerArn: pulumi.String("string"),
    		Port:            pulumi.Int(0),
    		Protocol:        pulumi.String("string"),
    		SubnetIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	NetworkInterfaceOptions: &verifiedaccess.EndpointNetworkInterfaceOptionsArgs{
    		NetworkInterfaceId: pulumi.String("string"),
    		Port:               pulumi.Int(0),
    		Protocol:           pulumi.String("string"),
    	},
    	PolicyDocument: pulumi.String("string"),
    	SecurityGroupIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	SseSpecification: &verifiedaccess.EndpointSseSpecificationArgs{
    		CustomerManagedKeyEnabled: pulumi.Bool(false),
    		KmsKeyArn:                 pulumi.String("string"),
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Description: pulumi.String("string"),
    })
    
    var exampleendpointResourceResourceFromVerifiedaccessendpoint = new Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint", EndpointArgs.builder()
        .applicationDomain("string")
        .attachmentType("string")
        .verifiedAccessGroupId("string")
        .domainCertificateArn("string")
        .endpointDomainPrefix("string")
        .endpointType("string")
        .loadBalancerOptions(EndpointLoadBalancerOptionsArgs.builder()
            .loadBalancerArn("string")
            .port(0)
            .protocol("string")
            .subnetIds("string")
            .build())
        .networkInterfaceOptions(EndpointNetworkInterfaceOptionsArgs.builder()
            .networkInterfaceId("string")
            .port(0)
            .protocol("string")
            .build())
        .policyDocument("string")
        .securityGroupIds("string")
        .sseSpecification(EndpointSseSpecificationArgs.builder()
            .customerManagedKeyEnabled(false)
            .kmsKeyArn("string")
            .build())
        .tags(Map.of("string", "string"))
        .description("string")
        .build());
    
    exampleendpoint_resource_resource_from_verifiedaccessendpoint = aws.verifiedaccess.Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint",
        application_domain="string",
        attachment_type="string",
        verified_access_group_id="string",
        domain_certificate_arn="string",
        endpoint_domain_prefix="string",
        endpoint_type="string",
        load_balancer_options={
            "loadBalancerArn": "string",
            "port": 0,
            "protocol": "string",
            "subnetIds": ["string"],
        },
        network_interface_options={
            "networkInterfaceId": "string",
            "port": 0,
            "protocol": "string",
        },
        policy_document="string",
        security_group_ids=["string"],
        sse_specification={
            "customerManagedKeyEnabled": False,
            "kmsKeyArn": "string",
        },
        tags={
            "string": "string",
        },
        description="string")
    
    const exampleendpointResourceResourceFromVerifiedaccessendpoint = new aws.verifiedaccess.Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint", {
        applicationDomain: "string",
        attachmentType: "string",
        verifiedAccessGroupId: "string",
        domainCertificateArn: "string",
        endpointDomainPrefix: "string",
        endpointType: "string",
        loadBalancerOptions: {
            loadBalancerArn: "string",
            port: 0,
            protocol: "string",
            subnetIds: ["string"],
        },
        networkInterfaceOptions: {
            networkInterfaceId: "string",
            port: 0,
            protocol: "string",
        },
        policyDocument: "string",
        securityGroupIds: ["string"],
        sseSpecification: {
            customerManagedKeyEnabled: false,
            kmsKeyArn: "string",
        },
        tags: {
            string: "string",
        },
        description: "string",
    });
    
    type: aws:verifiedaccess:Endpoint
    properties:
        applicationDomain: string
        attachmentType: string
        description: string
        domainCertificateArn: string
        endpointDomainPrefix: string
        endpointType: string
        loadBalancerOptions:
            loadBalancerArn: string
            port: 0
            protocol: string
            subnetIds:
                - string
        networkInterfaceOptions:
            networkInterfaceId: string
            port: 0
            protocol: string
        policyDocument: string
        securityGroupIds:
            - string
        sseSpecification:
            customerManagedKeyEnabled: false
            kmsKeyArn: string
        tags:
            string: string
        verifiedAccessGroupId: string
    

    Endpoint Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Endpoint resource accepts the following input properties:

    ApplicationDomain string
    The DNS name for users to reach your application.
    AttachmentType string
    The type of attachment. Currently, only vpc is supported.
    DomainCertificateArn string
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    EndpointDomainPrefix string
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    EndpointType string
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    VerifiedAccessGroupId string

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    Description string
    A description for the Verified Access endpoint.
    LoadBalancerOptions EndpointLoadBalancerOptions
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    NetworkInterfaceOptions EndpointNetworkInterfaceOptions
    The network interface details. This parameter is required if the endpoint type is network-interface.
    PolicyDocument string
    The policy document that is associated with this resource.
    SecurityGroupIds List<string>
    List of the the security groups IDs to associate with the Verified Access endpoint.
    SseSpecification EndpointSseSpecification
    The options in use for server side encryption.
    Tags Dictionary<string, string>
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    ApplicationDomain string
    The DNS name for users to reach your application.
    AttachmentType string
    The type of attachment. Currently, only vpc is supported.
    DomainCertificateArn string
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    EndpointDomainPrefix string
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    EndpointType string
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    VerifiedAccessGroupId string

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    Description string
    A description for the Verified Access endpoint.
    LoadBalancerOptions EndpointLoadBalancerOptionsArgs
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    NetworkInterfaceOptions EndpointNetworkInterfaceOptionsArgs
    The network interface details. This parameter is required if the endpoint type is network-interface.
    PolicyDocument string
    The policy document that is associated with this resource.
    SecurityGroupIds []string
    List of the the security groups IDs to associate with the Verified Access endpoint.
    SseSpecification EndpointSseSpecificationArgs
    The options in use for server side encryption.
    Tags map[string]string
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    applicationDomain String
    The DNS name for users to reach your application.
    attachmentType String
    The type of attachment. Currently, only vpc is supported.
    domainCertificateArn String
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpointDomainPrefix String
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpointType String
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    verifiedAccessGroupId String

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    description String
    A description for the Verified Access endpoint.
    loadBalancerOptions EndpointLoadBalancerOptions
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    networkInterfaceOptions EndpointNetworkInterfaceOptions
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policyDocument String
    The policy document that is associated with this resource.
    securityGroupIds List<String>
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sseSpecification EndpointSseSpecification
    The options in use for server side encryption.
    tags Map<String,String>
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    applicationDomain string
    The DNS name for users to reach your application.
    attachmentType string
    The type of attachment. Currently, only vpc is supported.
    domainCertificateArn string
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpointDomainPrefix string
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpointType string
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    verifiedAccessGroupId string

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    description string
    A description for the Verified Access endpoint.
    loadBalancerOptions EndpointLoadBalancerOptions
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    networkInterfaceOptions EndpointNetworkInterfaceOptions
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policyDocument string
    The policy document that is associated with this resource.
    securityGroupIds string[]
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sseSpecification EndpointSseSpecification
    The options in use for server side encryption.
    tags {[key: string]: string}
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    application_domain str
    The DNS name for users to reach your application.
    attachment_type str
    The type of attachment. Currently, only vpc is supported.
    domain_certificate_arn str
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpoint_domain_prefix str
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpoint_type str
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    verified_access_group_id str

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    description str
    A description for the Verified Access endpoint.
    load_balancer_options EndpointLoadBalancerOptionsArgs
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    network_interface_options EndpointNetworkInterfaceOptionsArgs
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policy_document str
    The policy document that is associated with this resource.
    security_group_ids Sequence[str]
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sse_specification EndpointSseSpecificationArgs
    The options in use for server side encryption.
    tags Mapping[str, str]
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    applicationDomain String
    The DNS name for users to reach your application.
    attachmentType String
    The type of attachment. Currently, only vpc is supported.
    domainCertificateArn String
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpointDomainPrefix String
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpointType String
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    verifiedAccessGroupId String

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    description String
    A description for the Verified Access endpoint.
    loadBalancerOptions Property Map
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    networkInterfaceOptions Property Map
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policyDocument String
    The policy document that is associated with this resource.
    securityGroupIds List<String>
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sseSpecification Property Map
    The options in use for server side encryption.
    tags Map<String>
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Endpoint resource produces the following output properties:

    DeviceValidationDomain string
    Returned if endpoint has a device trust provider attached.
    EndpointDomain string
    A DNS name that is generated for the endpoint.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll Dictionary<string, string>

    Deprecated: Please use tags instead.

    VerifiedAccessInstanceId string
    DeviceValidationDomain string
    Returned if endpoint has a device trust provider attached.
    EndpointDomain string
    A DNS name that is generated for the endpoint.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll map[string]string

    Deprecated: Please use tags instead.

    VerifiedAccessInstanceId string
    deviceValidationDomain String
    Returned if endpoint has a device trust provider attached.
    endpointDomain String
    A DNS name that is generated for the endpoint.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String,String>

    Deprecated: Please use tags instead.

    verifiedAccessInstanceId String
    deviceValidationDomain string
    Returned if endpoint has a device trust provider attached.
    endpointDomain string
    A DNS name that is generated for the endpoint.
    id string
    The provider-assigned unique ID for this managed resource.
    tagsAll {[key: string]: string}

    Deprecated: Please use tags instead.

    verifiedAccessInstanceId string
    device_validation_domain str
    Returned if endpoint has a device trust provider attached.
    endpoint_domain str
    A DNS name that is generated for the endpoint.
    id str
    The provider-assigned unique ID for this managed resource.
    tags_all Mapping[str, str]

    Deprecated: Please use tags instead.

    verified_access_instance_id str
    deviceValidationDomain String
    Returned if endpoint has a device trust provider attached.
    endpointDomain String
    A DNS name that is generated for the endpoint.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String>

    Deprecated: Please use tags instead.

    verifiedAccessInstanceId String

    Look up Existing Endpoint Resource

    Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: EndpointState, opts?: CustomResourceOptions): Endpoint
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            application_domain: Optional[str] = None,
            attachment_type: Optional[str] = None,
            description: Optional[str] = None,
            device_validation_domain: Optional[str] = None,
            domain_certificate_arn: Optional[str] = None,
            endpoint_domain: Optional[str] = None,
            endpoint_domain_prefix: Optional[str] = None,
            endpoint_type: Optional[str] = None,
            load_balancer_options: Optional[EndpointLoadBalancerOptionsArgs] = None,
            network_interface_options: Optional[EndpointNetworkInterfaceOptionsArgs] = None,
            policy_document: Optional[str] = None,
            security_group_ids: Optional[Sequence[str]] = None,
            sse_specification: Optional[EndpointSseSpecificationArgs] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            verified_access_group_id: Optional[str] = None,
            verified_access_instance_id: Optional[str] = None) -> Endpoint
    func GetEndpoint(ctx *Context, name string, id IDInput, state *EndpointState, opts ...ResourceOption) (*Endpoint, error)
    public static Endpoint Get(string name, Input<string> id, EndpointState? state, CustomResourceOptions? opts = null)
    public static Endpoint get(String name, Output<String> id, EndpointState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ApplicationDomain string
    The DNS name for users to reach your application.
    AttachmentType string
    The type of attachment. Currently, only vpc is supported.
    Description string
    A description for the Verified Access endpoint.
    DeviceValidationDomain string
    Returned if endpoint has a device trust provider attached.
    DomainCertificateArn string
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    EndpointDomain string
    A DNS name that is generated for the endpoint.
    EndpointDomainPrefix string
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    EndpointType string
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    LoadBalancerOptions EndpointLoadBalancerOptions
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    NetworkInterfaceOptions EndpointNetworkInterfaceOptions
    The network interface details. This parameter is required if the endpoint type is network-interface.
    PolicyDocument string
    The policy document that is associated with this resource.
    SecurityGroupIds List<string>
    List of the the security groups IDs to associate with the Verified Access endpoint.
    SseSpecification EndpointSseSpecification
    The options in use for server side encryption.
    Tags Dictionary<string, string>
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>

    Deprecated: Please use tags instead.

    VerifiedAccessGroupId string

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    VerifiedAccessInstanceId string
    ApplicationDomain string
    The DNS name for users to reach your application.
    AttachmentType string
    The type of attachment. Currently, only vpc is supported.
    Description string
    A description for the Verified Access endpoint.
    DeviceValidationDomain string
    Returned if endpoint has a device trust provider attached.
    DomainCertificateArn string
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    EndpointDomain string
    A DNS name that is generated for the endpoint.
    EndpointDomainPrefix string
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    EndpointType string
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    LoadBalancerOptions EndpointLoadBalancerOptionsArgs
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    NetworkInterfaceOptions EndpointNetworkInterfaceOptionsArgs
    The network interface details. This parameter is required if the endpoint type is network-interface.
    PolicyDocument string
    The policy document that is associated with this resource.
    SecurityGroupIds []string
    List of the the security groups IDs to associate with the Verified Access endpoint.
    SseSpecification EndpointSseSpecificationArgs
    The options in use for server side encryption.
    Tags map[string]string
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string

    Deprecated: Please use tags instead.

    VerifiedAccessGroupId string

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    VerifiedAccessInstanceId string
    applicationDomain String
    The DNS name for users to reach your application.
    attachmentType String
    The type of attachment. Currently, only vpc is supported.
    description String
    A description for the Verified Access endpoint.
    deviceValidationDomain String
    Returned if endpoint has a device trust provider attached.
    domainCertificateArn String
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpointDomain String
    A DNS name that is generated for the endpoint.
    endpointDomainPrefix String
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpointType String
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    loadBalancerOptions EndpointLoadBalancerOptions
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    networkInterfaceOptions EndpointNetworkInterfaceOptions
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policyDocument String
    The policy document that is associated with this resource.
    securityGroupIds List<String>
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sseSpecification EndpointSseSpecification
    The options in use for server side encryption.
    tags Map<String,String>
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>

    Deprecated: Please use tags instead.

    verifiedAccessGroupId String

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    verifiedAccessInstanceId String
    applicationDomain string
    The DNS name for users to reach your application.
    attachmentType string
    The type of attachment. Currently, only vpc is supported.
    description string
    A description for the Verified Access endpoint.
    deviceValidationDomain string
    Returned if endpoint has a device trust provider attached.
    domainCertificateArn string
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpointDomain string
    A DNS name that is generated for the endpoint.
    endpointDomainPrefix string
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpointType string
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    loadBalancerOptions EndpointLoadBalancerOptions
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    networkInterfaceOptions EndpointNetworkInterfaceOptions
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policyDocument string
    The policy document that is associated with this resource.
    securityGroupIds string[]
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sseSpecification EndpointSseSpecification
    The options in use for server side encryption.
    tags {[key: string]: string}
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}

    Deprecated: Please use tags instead.

    verifiedAccessGroupId string

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    verifiedAccessInstanceId string
    application_domain str
    The DNS name for users to reach your application.
    attachment_type str
    The type of attachment. Currently, only vpc is supported.
    description str
    A description for the Verified Access endpoint.
    device_validation_domain str
    Returned if endpoint has a device trust provider attached.
    domain_certificate_arn str
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpoint_domain str
    A DNS name that is generated for the endpoint.
    endpoint_domain_prefix str
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpoint_type str
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    load_balancer_options EndpointLoadBalancerOptionsArgs
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    network_interface_options EndpointNetworkInterfaceOptionsArgs
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policy_document str
    The policy document that is associated with this resource.
    security_group_ids Sequence[str]
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sse_specification EndpointSseSpecificationArgs
    The options in use for server side encryption.
    tags Mapping[str, str]
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]

    Deprecated: Please use tags instead.

    verified_access_group_id str

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    verified_access_instance_id str
    applicationDomain String
    The DNS name for users to reach your application.
    attachmentType String
    The type of attachment. Currently, only vpc is supported.
    description String
    A description for the Verified Access endpoint.
    deviceValidationDomain String
    Returned if endpoint has a device trust provider attached.
    domainCertificateArn String
    The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.
    endpointDomain String
    A DNS name that is generated for the endpoint.
    endpointDomainPrefix String
    A custom identifier that is prepended to the DNS name that is generated for the endpoint.
    endpointType String
    The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.
    loadBalancerOptions Property Map
    The load balancer details. This parameter is required if the endpoint type is load-balancer.
    networkInterfaceOptions Property Map
    The network interface details. This parameter is required if the endpoint type is network-interface.
    policyDocument String
    The policy document that is associated with this resource.
    securityGroupIds List<String>
    List of the the security groups IDs to associate with the Verified Access endpoint.
    sseSpecification Property Map
    The options in use for server side encryption.
    tags Map<String>
    Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>

    Deprecated: Please use tags instead.

    verifiedAccessGroupId String

    The ID of the Verified Access group to associate the endpoint with.

    The following arguments are optional:

    verifiedAccessInstanceId String

    Supporting Types

    EndpointLoadBalancerOptions, EndpointLoadBalancerOptionsArgs

    LoadBalancerArn string
    Port int
    Protocol string
    SubnetIds List<string>
    LoadBalancerArn string
    Port int
    Protocol string
    SubnetIds []string
    loadBalancerArn String
    port Integer
    protocol String
    subnetIds List<String>
    loadBalancerArn string
    port number
    protocol string
    subnetIds string[]
    load_balancer_arn str
    port int
    protocol str
    subnet_ids Sequence[str]
    loadBalancerArn String
    port Number
    protocol String
    subnetIds List<String>

    EndpointNetworkInterfaceOptions, EndpointNetworkInterfaceOptionsArgs

    networkInterfaceId String
    port Integer
    protocol String
    networkInterfaceId string
    port number
    protocol string
    networkInterfaceId String
    port Number
    protocol String

    EndpointSseSpecification, EndpointSseSpecificationArgs

    Import

    Using pulumi import, import Verified Access Instances using the id. For example:

    $ pulumi import aws:verifiedaccess/endpoint:Endpoint example vae-8012925589
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.54.0 published on Friday, Sep 27, 2024 by Pulumi