Create Verified Access Trust Provider
ec2_create_verified_access_trust_provider | R Documentation |
A trust provider is a third-party entity that creates, maintains, and manages identity information for users and devices¶
Description¶
A trust provider is a third-party entity that creates, maintains, and manages identity information for users and devices. When an application request is made, the identity information sent by the trust provider is evaluated by Verified Access before allowing or denying the application request.
Usage¶
ec2_create_verified_access_trust_provider(TrustProviderType,
UserTrustProviderType, DeviceTrustProviderType, OidcOptions,
DeviceOptions, PolicyReferenceName, Description, TagSpecifications,
ClientToken, DryRun, SseSpecification)
Arguments¶
TrustProviderType
[required] The type of trust provider.
UserTrustProviderType
The type of user-based trust provider. This parameter is required when the provider type is
user
.DeviceTrustProviderType
The type of device-based trust provider. This parameter is required when the provider type is
device
.OidcOptions
The options for a OpenID Connect-compatible user-identity trust provider. This parameter is required when the provider type is
user
.DeviceOptions
The options for a device-based trust provider. This parameter is required when the provider type is
device
.PolicyReferenceName
[required] The identifier to be used when working with policy rules.
Description
A description for the Verified Access trust provider.
TagSpecifications
The tags to assign to the Verified Access trust provider.
ClientToken
A unique, case-sensitive token that you provide to ensure idempotency of your modification request. For more information, see Ensuring idempotency.
DryRun
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is
DryRunOperation
. Otherwise, it isUnauthorizedOperation
.SseSpecification
The options for server side encryption.
Value¶
A list with the following syntax:
list(
VerifiedAccessTrustProvider = list(
VerifiedAccessTrustProviderId = "string",
Description = "string",
TrustProviderType = "user"|"device",
UserTrustProviderType = "iam-identity-center"|"oidc",
DeviceTrustProviderType = "jamf"|"crowdstrike"|"jumpcloud",
OidcOptions = list(
Issuer = "string",
AuthorizationEndpoint = "string",
TokenEndpoint = "string",
UserInfoEndpoint = "string",
ClientId = "string",
ClientSecret = "string",
Scope = "string"
),
DeviceOptions = list(
TenantId = "string",
PublicSigningKeyUrl = "string"
),
PolicyReferenceName = "string",
CreationTime = "string",
LastUpdatedTime = "string",
Tags = list(
list(
Key = "string",
Value = "string"
)
),
SseSpecification = list(
CustomerManagedKeyEnabled = TRUE|FALSE,
KmsKeyArn = "string"
)
)
)
Request syntax¶
svc$create_verified_access_trust_provider(
TrustProviderType = "user"|"device",
UserTrustProviderType = "iam-identity-center"|"oidc",
DeviceTrustProviderType = "jamf"|"crowdstrike"|"jumpcloud",
OidcOptions = list(
Issuer = "string",
AuthorizationEndpoint = "string",
TokenEndpoint = "string",
UserInfoEndpoint = "string",
ClientId = "string",
ClientSecret = "string",
Scope = "string"
),
DeviceOptions = list(
TenantId = "string",
PublicSigningKeyUrl = "string"
),
PolicyReferenceName = "string",
Description = "string",
TagSpecifications = list(
list(
ResourceType = "capacity-reservation"|"client-vpn-endpoint"|"customer-gateway"|"carrier-gateway"|"coip-pool"|"dedicated-host"|"dhcp-options"|"egress-only-internet-gateway"|"elastic-ip"|"elastic-gpu"|"export-image-task"|"export-instance-task"|"fleet"|"fpga-image"|"host-reservation"|"image"|"import-image-task"|"import-snapshot-task"|"instance"|"instance-event-window"|"internet-gateway"|"ipam"|"ipam-pool"|"ipam-scope"|"ipv4pool-ec2"|"ipv6pool-ec2"|"key-pair"|"launch-template"|"local-gateway"|"local-gateway-route-table"|"local-gateway-virtual-interface"|"local-gateway-virtual-interface-group"|"local-gateway-route-table-vpc-association"|"local-gateway-route-table-virtual-interface-group-association"|"natgateway"|"network-acl"|"network-interface"|"network-insights-analysis"|"network-insights-path"|"network-insights-access-scope"|"network-insights-access-scope-analysis"|"placement-group"|"prefix-list"|"replace-root-volume-task"|"reserved-instances"|"route-table"|"security-group"|"security-group-rule"|"snapshot"|"spot-fleet-request"|"spot-instances-request"|"subnet"|"subnet-cidr-reservation"|"traffic-mirror-filter"|"traffic-mirror-session"|"traffic-mirror-target"|"transit-gateway"|"transit-gateway-attachment"|"transit-gateway-connect-peer"|"transit-gateway-multicast-domain"|"transit-gateway-policy-table"|"transit-gateway-route-table"|"transit-gateway-route-table-announcement"|"volume"|"vpc"|"vpc-endpoint"|"vpc-endpoint-connection"|"vpc-endpoint-service"|"vpc-endpoint-service-permission"|"vpc-peering-connection"|"vpn-connection"|"vpn-gateway"|"vpc-flow-log"|"capacity-reservation-fleet"|"traffic-mirror-filter-rule"|"vpc-endpoint-connection-device-type"|"verified-access-instance"|"verified-access-group"|"verified-access-endpoint"|"verified-access-policy"|"verified-access-trust-provider"|"vpn-connection-device-type"|"vpc-block-public-access-exclusion"|"ipam-resource-discovery"|"ipam-resource-discovery-association"|"instance-connect-endpoint"|"ipam-external-resource-verification-token",
Tags = list(
list(
Key = "string",
Value = "string"
)
)
)
),
ClientToken = "string",
DryRun = TRUE|FALSE,
SseSpecification = list(
CustomerManagedKeyEnabled = TRUE|FALSE,
KmsKeyArn = "string"
)
)