AWS Classic v6.42.0, Jun 26 24

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws

aws.verifiedaccess.Endpoint

Explore with Pulumi AI

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws

Example Usage

ALB Example

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.verifiedaccess.Endpoint("example", {
    applicationDomain: "example.com",
    attachmentType: "vpc",
    description: "example",
    domainCertificateArn: exampleAwsAcmCertificate.arn,
    endpointDomainPrefix: "example",
    endpointType: "load-balancer",
    loadBalancerOptions: {
        loadBalancerArn: exampleAwsLb.arn,
        port: 443,
        protocol: "https",
        subnetIds: .map(subnet => (subnet.id)),
    },
    securityGroupIds: [exampleAwsSecurityGroup.id],
    verifiedAccessGroupId: exampleAwsVerifiedaccessGroup.id,
});

import pulumi
import pulumi_aws as aws

example = aws.verifiedaccess.Endpoint("example",
    application_domain="example.com",
    attachment_type="vpc",
    description="example",
    domain_certificate_arn=example_aws_acm_certificate["arn"],
    endpoint_domain_prefix="example",
    endpoint_type="load-balancer",
    load_balancer_options={
        "loadBalancerArn": example_aws_lb["arn"],
        "port": 443,
        "protocol": "https",
        "subnetIds": [subnet["id"] for subnet in public],
    },
    security_group_ids=[example_aws_security_group["id"]],
    verified_access_group_id=example_aws_verifiedaccess_group["id"])

Coming soon!

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.VerifiedAccess.Endpoint("example", new()
    {
        ApplicationDomain = "example.com",
        AttachmentType = "vpc",
        Description = "example",
        DomainCertificateArn = exampleAwsAcmCertificate.Arn,
        EndpointDomainPrefix = "example",
        EndpointType = "load-balancer",
        LoadBalancerOptions = new Aws.VerifiedAccess.Inputs.EndpointLoadBalancerOptionsArgs
        {
            LoadBalancerArn = exampleAwsLb.Arn,
            Port = 443,
            Protocol = "https",
            SubnetIds = .Select(subnet => 
            {
                return subnet.Id;
            }).ToList(),
        },
        SecurityGroupIds = new[]
        {
            exampleAwsSecurityGroup.Id,
        },
        VerifiedAccessGroupId = exampleAwsVerifiedaccessGroup.Id,
    });

});

Coming soon!

Coming soon!

Network Interface Example

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.verifiedaccess.Endpoint("example", {
    applicationDomain: "example.com",
    attachmentType: "vpc",
    description: "example",
    domainCertificateArn: exampleAwsAcmCertificate.arn,
    endpointDomainPrefix: "example",
    endpointType: "network-interface",
    networkInterfaceOptions: {
        networkInterfaceId: exampleAwsNetworkInterface.id,
        port: 443,
        protocol: "https",
    },
    securityGroupIds: [exampleAwsSecurityGroup.id],
    verifiedAccessGroupId: exampleAwsVerifiedaccessGroup.id,
});

import pulumi
import pulumi_aws as aws

example = aws.verifiedaccess.Endpoint("example",
    application_domain="example.com",
    attachment_type="vpc",
    description="example",
    domain_certificate_arn=example_aws_acm_certificate["arn"],
    endpoint_domain_prefix="example",
    endpoint_type="network-interface",
    network_interface_options={
        "networkInterfaceId": example_aws_network_interface["id"],
        "port": 443,
        "protocol": "https",
    },
    security_group_ids=[example_aws_security_group["id"]],
    verified_access_group_id=example_aws_verifiedaccess_group["id"])

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := verifiedaccess.NewEndpoint(ctx, "example", &verifiedaccess.EndpointArgs{
			ApplicationDomain:    pulumi.String("example.com"),
			AttachmentType:       pulumi.String("vpc"),
			Description:          pulumi.String("example"),
			DomainCertificateArn: pulumi.Any(exampleAwsAcmCertificate.Arn),
			EndpointDomainPrefix: pulumi.String("example"),
			EndpointType:         pulumi.String("network-interface"),
			NetworkInterfaceOptions: &verifiedaccess.EndpointNetworkInterfaceOptionsArgs{
				NetworkInterfaceId: pulumi.Any(exampleAwsNetworkInterface.Id),
				Port:               pulumi.Int(443),
				Protocol:           pulumi.String("https"),
			},
			SecurityGroupIds: pulumi.StringArray{
				exampleAwsSecurityGroup.Id,
			},
			VerifiedAccessGroupId: pulumi.Any(exampleAwsVerifiedaccessGroup.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.VerifiedAccess.Endpoint("example", new()
    {
        ApplicationDomain = "example.com",
        AttachmentType = "vpc",
        Description = "example",
        DomainCertificateArn = exampleAwsAcmCertificate.Arn,
        EndpointDomainPrefix = "example",
        EndpointType = "network-interface",
        NetworkInterfaceOptions = new Aws.VerifiedAccess.Inputs.EndpointNetworkInterfaceOptionsArgs
        {
            NetworkInterfaceId = exampleAwsNetworkInterface.Id,
            Port = 443,
            Protocol = "https",
        },
        SecurityGroupIds = new[]
        {
            exampleAwsSecurityGroup.Id,
        },
        VerifiedAccessGroupId = exampleAwsVerifiedaccessGroup.Id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.verifiedaccess.Endpoint;
import com.pulumi.aws.verifiedaccess.EndpointArgs;
import com.pulumi.aws.verifiedaccess.inputs.EndpointNetworkInterfaceOptionsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new Endpoint("example", EndpointArgs.builder()
            .applicationDomain("example.com")
            .attachmentType("vpc")
            .description("example")
            .domainCertificateArn(exampleAwsAcmCertificate.arn())
            .endpointDomainPrefix("example")
            .endpointType("network-interface")
            .networkInterfaceOptions(EndpointNetworkInterfaceOptionsArgs.builder()
                .networkInterfaceId(exampleAwsNetworkInterface.id())
                .port(443)
                .protocol("https")
                .build())
            .securityGroupIds(exampleAwsSecurityGroup.id())
            .verifiedAccessGroupId(exampleAwsVerifiedaccessGroup.id())
            .build());

    }
}

resources:
  example:
    type: aws:verifiedaccess:Endpoint
    properties:
      applicationDomain: example.com
      attachmentType: vpc
      description: example
      domainCertificateArn: ${exampleAwsAcmCertificate.arn}
      endpointDomainPrefix: example
      endpointType: network-interface
      networkInterfaceOptions:
        networkInterfaceId: ${exampleAwsNetworkInterface.id}
        port: 443
        protocol: https
      securityGroupIds:
        - ${exampleAwsSecurityGroup.id}
      verifiedAccessGroupId: ${exampleAwsVerifiedaccessGroup.id}

Create Endpoint Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Endpoint(name: string, args: EndpointArgs, opts?: CustomResourceOptions);

@overload
def Endpoint(resource_name: str,
             args: EndpointArgs,
             opts: Optional[ResourceOptions] = None)

@overload
def Endpoint(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             application_domain: Optional[str] = None,
             attachment_type: Optional[str] = None,
             verified_access_group_id: Optional[str] = None,
             domain_certificate_arn: Optional[str] = None,
             endpoint_domain_prefix: Optional[str] = None,
             endpoint_type: Optional[str] = None,
             load_balancer_options: Optional[EndpointLoadBalancerOptionsArgs] = None,
             network_interface_options: Optional[EndpointNetworkInterfaceOptionsArgs] = None,
             policy_document: Optional[str] = None,
             security_group_ids: Optional[Sequence[str]] = None,
             sse_specification: Optional[EndpointSseSpecificationArgs] = None,
             tags: Optional[Mapping[str, str]] = None,
             description: Optional[str] = None)

func NewEndpoint(ctx *Context, name string, args EndpointArgs, opts ...ResourceOption) (*Endpoint, error)

public Endpoint(string name, EndpointArgs args, CustomResourceOptions? opts = null)

public Endpoint(String name, EndpointArgs args)
public Endpoint(String name, EndpointArgs args, CustomResourceOptions options)

type: aws:verifiedaccess:Endpoint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args EndpointArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args EndpointArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args EndpointArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args EndpointArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args EndpointArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var exampleendpointResourceResourceFromVerifiedaccessendpoint = new Aws.VerifiedAccess.Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint", new()
{
    ApplicationDomain = "string",
    AttachmentType = "string",
    VerifiedAccessGroupId = "string",
    DomainCertificateArn = "string",
    EndpointDomainPrefix = "string",
    EndpointType = "string",
    LoadBalancerOptions = new Aws.VerifiedAccess.Inputs.EndpointLoadBalancerOptionsArgs
    {
        LoadBalancerArn = "string",
        Port = 0,
        Protocol = "string",
        SubnetIds = new[]
        {
            "string",
        },
    },
    NetworkInterfaceOptions = new Aws.VerifiedAccess.Inputs.EndpointNetworkInterfaceOptionsArgs
    {
        NetworkInterfaceId = "string",
        Port = 0,
        Protocol = "string",
    },
    PolicyDocument = "string",
    SecurityGroupIds = new[]
    {
        "string",
    },
    SseSpecification = new Aws.VerifiedAccess.Inputs.EndpointSseSpecificationArgs
    {
        CustomerManagedKeyEnabled = false,
        KmsKeyArn = "string",
    },
    Tags = 
    {
        { "string", "string" },
    },
    Description = "string",
});

example, err := verifiedaccess.NewEndpoint(ctx, "exampleendpointResourceResourceFromVerifiedaccessendpoint", &verifiedaccess.EndpointArgs{
	ApplicationDomain:     pulumi.String("string"),
	AttachmentType:        pulumi.String("string"),
	VerifiedAccessGroupId: pulumi.String("string"),
	DomainCertificateArn:  pulumi.String("string"),
	EndpointDomainPrefix:  pulumi.String("string"),
	EndpointType:          pulumi.String("string"),
	LoadBalancerOptions: &verifiedaccess.EndpointLoadBalancerOptionsArgs{
		LoadBalancerArn: pulumi.String("string"),
		Port:            pulumi.Int(0),
		Protocol:        pulumi.String("string"),
		SubnetIds: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
	NetworkInterfaceOptions: &verifiedaccess.EndpointNetworkInterfaceOptionsArgs{
		NetworkInterfaceId: pulumi.String("string"),
		Port:               pulumi.Int(0),
		Protocol:           pulumi.String("string"),
	},
	PolicyDocument: pulumi.String("string"),
	SecurityGroupIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	SseSpecification: &verifiedaccess.EndpointSseSpecificationArgs{
		CustomerManagedKeyEnabled: pulumi.Bool(false),
		KmsKeyArn:                 pulumi.String("string"),
	},
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Description: pulumi.String("string"),
})

var exampleendpointResourceResourceFromVerifiedaccessendpoint = new Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint", EndpointArgs.builder()
    .applicationDomain("string")
    .attachmentType("string")
    .verifiedAccessGroupId("string")
    .domainCertificateArn("string")
    .endpointDomainPrefix("string")
    .endpointType("string")
    .loadBalancerOptions(EndpointLoadBalancerOptionsArgs.builder()
        .loadBalancerArn("string")
        .port(0)
        .protocol("string")
        .subnetIds("string")
        .build())
    .networkInterfaceOptions(EndpointNetworkInterfaceOptionsArgs.builder()
        .networkInterfaceId("string")
        .port(0)
        .protocol("string")
        .build())
    .policyDocument("string")
    .securityGroupIds("string")
    .sseSpecification(EndpointSseSpecificationArgs.builder()
        .customerManagedKeyEnabled(false)
        .kmsKeyArn("string")
        .build())
    .tags(Map.of("string", "string"))
    .description("string")
    .build());

exampleendpoint_resource_resource_from_verifiedaccessendpoint = aws.verifiedaccess.Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint",
    application_domain="string",
    attachment_type="string",
    verified_access_group_id="string",
    domain_certificate_arn="string",
    endpoint_domain_prefix="string",
    endpoint_type="string",
    load_balancer_options={
        "loadBalancerArn": "string",
        "port": 0,
        "protocol": "string",
        "subnetIds": ["string"],
    },
    network_interface_options={
        "networkInterfaceId": "string",
        "port": 0,
        "protocol": "string",
    },
    policy_document="string",
    security_group_ids=["string"],
    sse_specification={
        "customerManagedKeyEnabled": False,
        "kmsKeyArn": "string",
    },
    tags={
        "string": "string",
    },
    description="string")

const exampleendpointResourceResourceFromVerifiedaccessendpoint = new aws.verifiedaccess.Endpoint("exampleendpointResourceResourceFromVerifiedaccessendpoint", {
    applicationDomain: "string",
    attachmentType: "string",
    verifiedAccessGroupId: "string",
    domainCertificateArn: "string",
    endpointDomainPrefix: "string",
    endpointType: "string",
    loadBalancerOptions: {
        loadBalancerArn: "string",
        port: 0,
        protocol: "string",
        subnetIds: ["string"],
    },
    networkInterfaceOptions: {
        networkInterfaceId: "string",
        port: 0,
        protocol: "string",
    },
    policyDocument: "string",
    securityGroupIds: ["string"],
    sseSpecification: {
        customerManagedKeyEnabled: false,
        kmsKeyArn: "string",
    },
    tags: {
        string: "string",
    },
    description: "string",
});

type: aws:verifiedaccess:Endpoint
properties:
    applicationDomain: string
    attachmentType: string
    description: string
    domainCertificateArn: string
    endpointDomainPrefix: string
    endpointType: string
    loadBalancerOptions:
        loadBalancerArn: string
        port: 0
        protocol: string
        subnetIds:
            - string
    networkInterfaceOptions:
        networkInterfaceId: string
        port: 0
        protocol: string
    policyDocument: string
    securityGroupIds:
        - string
    sseSpecification:
        customerManagedKeyEnabled: false
        kmsKeyArn: string
    tags:
        string: string
    verifiedAccessGroupId: string

Endpoint Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Endpoint resource accepts the following input properties:

ApplicationDomain string

The DNS name for users to reach your application.

AttachmentType string

The type of attachment. Currently, only vpc is supported.

DomainCertificateArn string

The ARN of the public TLS/SSL certificate in AWS Certificate Manager to associate with the endpoint. The CN in the certificate must match the DNS name your end users will use to reach your application.

EndpointDomainPrefix string

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

EndpointType string

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

VerifiedAccessGroupId string

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

Description string

A description for the Verified Access endpoint.

LoadBalancerOptions EndpointLoadBalancerOptions

The load balancer details. This parameter is required if the endpoint type is load-balancer.

NetworkInterfaceOptions EndpointNetworkInterfaceOptions

The network interface details. This parameter is required if the endpoint type is network-interface.

PolicyDocument string

The policy document that is associated with this resource.

SecurityGroupIds List<string>

List of the the security groups IDs to associate with the Verified Access endpoint.

SseSpecification EndpointSseSpecification

The options in use for server side encryption.

Tags Dictionary<string, string>

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

ApplicationDomain string

The DNS name for users to reach your application.

AttachmentType string

The type of attachment. Currently, only vpc is supported.

DomainCertificateArn string

EndpointDomainPrefix string

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

EndpointType string

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

VerifiedAccessGroupId string

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

Description string

A description for the Verified Access endpoint.

LoadBalancerOptions EndpointLoadBalancerOptionsArgs

The load balancer details. This parameter is required if the endpoint type is load-balancer.

NetworkInterfaceOptions EndpointNetworkInterfaceOptionsArgs

The network interface details. This parameter is required if the endpoint type is network-interface.

PolicyDocument string

The policy document that is associated with this resource.

SecurityGroupIds []string

List of the the security groups IDs to associate with the Verified Access endpoint.

SseSpecification EndpointSseSpecificationArgs

The options in use for server side encryption.

Tags map[string]string

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

applicationDomain String

The DNS name for users to reach your application.

attachmentType String

The type of attachment. Currently, only vpc is supported.

domainCertificateArn String

endpointDomainPrefix String

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpointType String

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

verifiedAccessGroupId String

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

description String

A description for the Verified Access endpoint.

loadBalancerOptions EndpointLoadBalancerOptions

The load balancer details. This parameter is required if the endpoint type is load-balancer.

networkInterfaceOptions EndpointNetworkInterfaceOptions

The network interface details. This parameter is required if the endpoint type is network-interface.

policyDocument String

The policy document that is associated with this resource.

securityGroupIds List<String>

List of the the security groups IDs to associate with the Verified Access endpoint.

sseSpecification EndpointSseSpecification

The options in use for server side encryption.

tags Map<String,String>

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

applicationDomain string

The DNS name for users to reach your application.

attachmentType string

The type of attachment. Currently, only vpc is supported.

domainCertificateArn string

endpointDomainPrefix string

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpointType string

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

verifiedAccessGroupId string

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

description string

A description for the Verified Access endpoint.

loadBalancerOptions EndpointLoadBalancerOptions

The load balancer details. This parameter is required if the endpoint type is load-balancer.

networkInterfaceOptions EndpointNetworkInterfaceOptions

The network interface details. This parameter is required if the endpoint type is network-interface.

policyDocument string

The policy document that is associated with this resource.

securityGroupIds string[]

List of the the security groups IDs to associate with the Verified Access endpoint.

sseSpecification EndpointSseSpecification

The options in use for server side encryption.

tags {[key: string]: string}

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

application_domain str

The DNS name for users to reach your application.

attachment_type str

The type of attachment. Currently, only vpc is supported.

domain_certificate_arn str

endpoint_domain_prefix str

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpoint_type str

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

verified_access_group_id str

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

description str

A description for the Verified Access endpoint.

load_balancer_options EndpointLoadBalancerOptionsArgs

The load balancer details. This parameter is required if the endpoint type is load-balancer.

network_interface_options EndpointNetworkInterfaceOptionsArgs

The network interface details. This parameter is required if the endpoint type is network-interface.

policy_document str

The policy document that is associated with this resource.

security_group_ids Sequence[str]

List of the the security groups IDs to associate with the Verified Access endpoint.

sse_specification EndpointSseSpecificationArgs

The options in use for server side encryption.

tags Mapping[str, str]

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

applicationDomain String

The DNS name for users to reach your application.

attachmentType String

The type of attachment. Currently, only vpc is supported.

domainCertificateArn String

endpointDomainPrefix String

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpointType String

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

verifiedAccessGroupId String

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

description String

A description for the Verified Access endpoint.

loadBalancerOptions Property Map

The load balancer details. This parameter is required if the endpoint type is load-balancer.

networkInterfaceOptions Property Map

The network interface details. This parameter is required if the endpoint type is network-interface.

policyDocument String

The policy document that is associated with this resource.

securityGroupIds List<String>

List of the the security groups IDs to associate with the Verified Access endpoint.

sseSpecification Property Map

The options in use for server side encryption.

tags Map<String>

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Outputs

All input properties are implicitly available as output properties. Additionally, the Endpoint resource produces the following output properties:

DeviceValidationDomain string: Returned if endpoint has a device trust provider attached.
EndpointDomain string: A DNS name that is generated for the endpoint.
Id string: The provider-assigned unique ID for this managed resource.
TagsAll Dictionary<string, string>: Deprecated: Please use tags instead.
VerifiedAccessInstanceId string

DeviceValidationDomain string: Returned if endpoint has a device trust provider attached.
EndpointDomain string: A DNS name that is generated for the endpoint.
Id string: The provider-assigned unique ID for this managed resource.
TagsAll map[string]string: Deprecated: Please use tags instead.
VerifiedAccessInstanceId string

deviceValidationDomain String: Returned if endpoint has a device trust provider attached.
endpointDomain String: A DNS name that is generated for the endpoint.
id String: The provider-assigned unique ID for this managed resource.
tagsAll Map<String,String>: Deprecated: Please use tags instead.
verifiedAccessInstanceId String

deviceValidationDomain string: Returned if endpoint has a device trust provider attached.
endpointDomain string: A DNS name that is generated for the endpoint.
id string: The provider-assigned unique ID for this managed resource.
tagsAll {[key: string]: string}: Deprecated: Please use tags instead.
verifiedAccessInstanceId string

device_validation_domain str: Returned if endpoint has a device trust provider attached.
endpoint_domain str: A DNS name that is generated for the endpoint.
id str: The provider-assigned unique ID for this managed resource.
tags_all Mapping[str, str]: Deprecated: Please use tags instead.
verified_access_instance_id str

deviceValidationDomain String: Returned if endpoint has a device trust provider attached.
endpointDomain String: A DNS name that is generated for the endpoint.
id String: The provider-assigned unique ID for this managed resource.
tagsAll Map<String>: Deprecated: Please use tags instead.
verifiedAccessInstanceId String

Look up Existing Endpoint Resource

Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: EndpointState, opts?: CustomResourceOptions): Endpoint

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        application_domain: Optional[str] = None,
        attachment_type: Optional[str] = None,
        description: Optional[str] = None,
        device_validation_domain: Optional[str] = None,
        domain_certificate_arn: Optional[str] = None,
        endpoint_domain: Optional[str] = None,
        endpoint_domain_prefix: Optional[str] = None,
        endpoint_type: Optional[str] = None,
        load_balancer_options: Optional[EndpointLoadBalancerOptionsArgs] = None,
        network_interface_options: Optional[EndpointNetworkInterfaceOptionsArgs] = None,
        policy_document: Optional[str] = None,
        security_group_ids: Optional[Sequence[str]] = None,
        sse_specification: Optional[EndpointSseSpecificationArgs] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        verified_access_group_id: Optional[str] = None,
        verified_access_instance_id: Optional[str] = None) -> Endpoint

func GetEndpoint(ctx *Context, name string, id IDInput, state *EndpointState, opts ...ResourceOption) (*Endpoint, error)

public static Endpoint Get(string name, Input<string> id, EndpointState? state, CustomResourceOptions? opts = null)

public static Endpoint get(String name, Output<String> id, EndpointState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ApplicationDomain string

The DNS name for users to reach your application.

AttachmentType string

The type of attachment. Currently, only vpc is supported.

Description string

A description for the Verified Access endpoint.

DeviceValidationDomain string

Returned if endpoint has a device trust provider attached.

DomainCertificateArn string

EndpointDomain string

A DNS name that is generated for the endpoint.

EndpointDomainPrefix string

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

EndpointType string

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

LoadBalancerOptions EndpointLoadBalancerOptions

The load balancer details. This parameter is required if the endpoint type is load-balancer.

NetworkInterfaceOptions EndpointNetworkInterfaceOptions

The network interface details. This parameter is required if the endpoint type is network-interface.

PolicyDocument string

The policy document that is associated with this resource.

SecurityGroupIds List<string>

List of the the security groups IDs to associate with the Verified Access endpoint.

SseSpecification EndpointSseSpecification

The options in use for server side encryption.

Tags Dictionary<string, string>

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll Dictionary<string, string>

Deprecated: Please use tags instead.

VerifiedAccessGroupId string

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

VerifiedAccessInstanceId string

ApplicationDomain string

The DNS name for users to reach your application.

AttachmentType string

The type of attachment. Currently, only vpc is supported.

Description string

A description for the Verified Access endpoint.

DeviceValidationDomain string

Returned if endpoint has a device trust provider attached.

DomainCertificateArn string

EndpointDomain string

A DNS name that is generated for the endpoint.

EndpointDomainPrefix string

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

EndpointType string

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

LoadBalancerOptions EndpointLoadBalancerOptionsArgs

The load balancer details. This parameter is required if the endpoint type is load-balancer.

NetworkInterfaceOptions EndpointNetworkInterfaceOptionsArgs

The network interface details. This parameter is required if the endpoint type is network-interface.

PolicyDocument string

The policy document that is associated with this resource.

SecurityGroupIds []string

List of the the security groups IDs to associate with the Verified Access endpoint.

SseSpecification EndpointSseSpecificationArgs

The options in use for server side encryption.

Tags map[string]string

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll map[string]string

Deprecated: Please use tags instead.

VerifiedAccessGroupId string

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

VerifiedAccessInstanceId string

applicationDomain String

The DNS name for users to reach your application.

attachmentType String

The type of attachment. Currently, only vpc is supported.

description String

A description for the Verified Access endpoint.

deviceValidationDomain String

Returned if endpoint has a device trust provider attached.

domainCertificateArn String

endpointDomain String

A DNS name that is generated for the endpoint.

endpointDomainPrefix String

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpointType String

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

loadBalancerOptions EndpointLoadBalancerOptions

The load balancer details. This parameter is required if the endpoint type is load-balancer.

networkInterfaceOptions EndpointNetworkInterfaceOptions

The network interface details. This parameter is required if the endpoint type is network-interface.

policyDocument String

The policy document that is associated with this resource.

securityGroupIds List<String>

List of the the security groups IDs to associate with the Verified Access endpoint.

sseSpecification EndpointSseSpecification

The options in use for server side encryption.

tags Map<String,String>

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String,String>

Deprecated: Please use tags instead.

verifiedAccessGroupId String

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

verifiedAccessInstanceId String

applicationDomain string

The DNS name for users to reach your application.

attachmentType string

The type of attachment. Currently, only vpc is supported.

description string

A description for the Verified Access endpoint.

deviceValidationDomain string

Returned if endpoint has a device trust provider attached.

domainCertificateArn string

endpointDomain string

A DNS name that is generated for the endpoint.

endpointDomainPrefix string

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpointType string

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

loadBalancerOptions EndpointLoadBalancerOptions

The load balancer details. This parameter is required if the endpoint type is load-balancer.

networkInterfaceOptions EndpointNetworkInterfaceOptions

The network interface details. This parameter is required if the endpoint type is network-interface.

policyDocument string

The policy document that is associated with this resource.

securityGroupIds string[]

List of the the security groups IDs to associate with the Verified Access endpoint.

sseSpecification EndpointSseSpecification

The options in use for server side encryption.

tags {[key: string]: string}

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll {[key: string]: string}

Deprecated: Please use tags instead.

verifiedAccessGroupId string

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

verifiedAccessInstanceId string

application_domain str

The DNS name for users to reach your application.

attachment_type str

The type of attachment. Currently, only vpc is supported.

description str

A description for the Verified Access endpoint.

device_validation_domain str

Returned if endpoint has a device trust provider attached.

domain_certificate_arn str

endpoint_domain str

A DNS name that is generated for the endpoint.

endpoint_domain_prefix str

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpoint_type str

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

load_balancer_options EndpointLoadBalancerOptionsArgs

The load balancer details. This parameter is required if the endpoint type is load-balancer.

network_interface_options EndpointNetworkInterfaceOptionsArgs

The network interface details. This parameter is required if the endpoint type is network-interface.

policy_document str

The policy document that is associated with this resource.

security_group_ids Sequence[str]

List of the the security groups IDs to associate with the Verified Access endpoint.

sse_specification EndpointSseSpecificationArgs

The options in use for server side encryption.

tags Mapping[str, str]

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tags_all Mapping[str, str]

Deprecated: Please use tags instead.

verified_access_group_id str

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

verified_access_instance_id str

applicationDomain String

The DNS name for users to reach your application.

attachmentType String

The type of attachment. Currently, only vpc is supported.

description String

A description for the Verified Access endpoint.

deviceValidationDomain String

Returned if endpoint has a device trust provider attached.

domainCertificateArn String

endpointDomain String

A DNS name that is generated for the endpoint.

endpointDomainPrefix String

A custom identifier that is prepended to the DNS name that is generated for the endpoint.

endpointType String

The type of Verified Access endpoint to create. Currently load-balancer or network-interface are supported.

loadBalancerOptions Property Map

The load balancer details. This parameter is required if the endpoint type is load-balancer.

networkInterfaceOptions Property Map

The network interface details. This parameter is required if the endpoint type is network-interface.

policyDocument String

The policy document that is associated with this resource.

securityGroupIds List<String>

List of the the security groups IDs to associate with the Verified Access endpoint.

sseSpecification Property Map

The options in use for server side encryption.

tags Map<String>

Key-value tags for the Verified Access Endpoint. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String>

Deprecated: Please use tags instead.

verifiedAccessGroupId String

The ID of the Verified Access group to associate the endpoint with.

The following arguments are optional:

verifiedAccessInstanceId String

Supporting Types

EndpointLoadBalancerOptions, EndpointLoadBalancerOptionsArgs

LoadBalancerArn string
Port int
Protocol string
SubnetIds List<string>

LoadBalancerArn string
Port int
Protocol string
SubnetIds []string

loadBalancerArn String
port Integer
protocol String
subnetIds List<String>

loadBalancerArn string
port number
protocol string
subnetIds string[]

load_balancer_arn str
port int
protocol str
subnet_ids Sequence[str]

loadBalancerArn String
port Number
protocol String
subnetIds List<String>

EndpointNetworkInterfaceOptions, EndpointNetworkInterfaceOptionsArgs

NetworkInterfaceId string
Port int
Protocol string

NetworkInterfaceId string
Port int
Protocol string

networkInterfaceId String
port Integer
protocol String

networkInterfaceId string
port number
protocol string

network_interface_id str
port int
protocol str

networkInterfaceId String
port Number
protocol String

EndpointSseSpecification, EndpointSseSpecificationArgs

CustomerManagedKeyEnabled bool
KmsKeyArn string

CustomerManagedKeyEnabled bool
KmsKeyArn string

customerManagedKeyEnabled Boolean
kmsKeyArn String

customerManagedKeyEnabled boolean
kmsKeyArn string

customer_managed_key_enabled bool
kms_key_arn str

customerManagedKeyEnabled Boolean
kmsKeyArn String

Import

Using pulumi import, import Verified Access Instances using the id. For example:

$ pulumi import aws:verifiedaccess/endpoint:Endpoint example vae-8012925589

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws

aws.verifiedaccess.Endpoint

On this page

On this page

Example Usage

ALB Example

Network Interface Example

Create Endpoint Resource

Constructor syntax

Parameters

Constructor example

Endpoint Resource Properties

Inputs

Outputs

Look up Existing Endpoint Resource

Supporting Types

EndpointLoadBalancerOptions, EndpointLoadBalancerOptionsArgs

EndpointNetworkInterfaceOptions, EndpointNetworkInterfaceOptionsArgs

EndpointSseSpecification, EndpointSseSpecificationArgs

Import

Package Details

On this page

On this page