Docs Home
AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi
aws.verifiedaccess.TrustProvider
Explore with Pulumi AI
Resource for managing a Verified Access Trust Provider.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.verifiedaccess.TrustProvider("example", {
policyReferenceName: "example",
trustProviderType: "user",
userTrustProviderType: "iam-identity-center",
});
import pulumi
import pulumi_aws as aws
example = aws.verifiedaccess.TrustProvider("example",
policy_reference_name="example",
trust_provider_type="user",
user_trust_provider_type="iam-identity-center")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := verifiedaccess.NewTrustProvider(ctx, "example", &verifiedaccess.TrustProviderArgs{
PolicyReferenceName: pulumi.String("example"),
TrustProviderType: pulumi.String("user"),
UserTrustProviderType: pulumi.String("iam-identity-center"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.VerifiedAccess.TrustProvider("example", new()
{
PolicyReferenceName = "example",
TrustProviderType = "user",
UserTrustProviderType = "iam-identity-center",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.verifiedaccess.TrustProvider;
import com.pulumi.aws.verifiedaccess.TrustProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TrustProvider("example", TrustProviderArgs.builder()
.policyReferenceName("example")
.trustProviderType("user")
.userTrustProviderType("iam-identity-center")
.build());
}
}
resources:
example:
type: aws:verifiedaccess:TrustProvider
properties:
policyReferenceName: example
trustProviderType: user
userTrustProviderType: iam-identity-center
Create TrustProvider Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TrustProvider(name: string, args: TrustProviderArgs, opts?: CustomResourceOptions);@overload
def TrustProvider(resource_name: str,
args: TrustProviderArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TrustProvider(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy_reference_name: Optional[str] = None,
trust_provider_type: Optional[str] = None,
description: Optional[str] = None,
device_options: Optional[TrustProviderDeviceOptionsArgs] = None,
device_trust_provider_type: Optional[str] = None,
oidc_options: Optional[TrustProviderOidcOptionsArgs] = None,
tags: Optional[Mapping[str, str]] = None,
user_trust_provider_type: Optional[str] = None)func NewTrustProvider(ctx *Context, name string, args TrustProviderArgs, opts ...ResourceOption) (*TrustProvider, error)public TrustProvider(string name, TrustProviderArgs args, CustomResourceOptions? opts = null)
public TrustProvider(String name, TrustProviderArgs args)
public TrustProvider(String name, TrustProviderArgs args, CustomResourceOptions options)
type: aws:verifiedaccess:TrustProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TrustProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TrustProviderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TrustProviderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TrustProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TrustProviderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var trustProviderResource = new Aws.VerifiedAccess.TrustProvider("trustProviderResource", new()
{
PolicyReferenceName = "string",
TrustProviderType = "string",
Description = "string",
DeviceOptions = new Aws.VerifiedAccess.Inputs.TrustProviderDeviceOptionsArgs
{
TenantId = "string",
},
DeviceTrustProviderType = "string",
OidcOptions = new Aws.VerifiedAccess.Inputs.TrustProviderOidcOptionsArgs
{
ClientSecret = "string",
AuthorizationEndpoint = "string",
ClientId = "string",
Issuer = "string",
Scope = "string",
TokenEndpoint = "string",
UserInfoEndpoint = "string",
},
Tags =
{
{ "string", "string" },
},
UserTrustProviderType = "string",
});
example, err := verifiedaccess.NewTrustProvider(ctx, "trustProviderResource", &verifiedaccess.TrustProviderArgs{
PolicyReferenceName: pulumi.String("string"),
TrustProviderType: pulumi.String("string"),
Description: pulumi.String("string"),
DeviceOptions: &verifiedaccess.TrustProviderDeviceOptionsArgs{
TenantId: pulumi.String("string"),
},
DeviceTrustProviderType: pulumi.String("string"),
OidcOptions: &verifiedaccess.TrustProviderOidcOptionsArgs{
ClientSecret: pulumi.String("string"),
AuthorizationEndpoint: pulumi.String("string"),
ClientId: pulumi.String("string"),
Issuer: pulumi.String("string"),
Scope: pulumi.String("string"),
TokenEndpoint: pulumi.String("string"),
UserInfoEndpoint: pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
UserTrustProviderType: pulumi.String("string"),
})
var trustProviderResource = new TrustProvider("trustProviderResource", TrustProviderArgs.builder()
.policyReferenceName("string")
.trustProviderType("string")
.description("string")
.deviceOptions(TrustProviderDeviceOptionsArgs.builder()
.tenantId("string")
.build())
.deviceTrustProviderType("string")
.oidcOptions(TrustProviderOidcOptionsArgs.builder()
.clientSecret("string")
.authorizationEndpoint("string")
.clientId("string")
.issuer("string")
.scope("string")
.tokenEndpoint("string")
.userInfoEndpoint("string")
.build())
.tags(Map.of("string", "string"))
.userTrustProviderType("string")
.build());
trust_provider_resource = aws.verifiedaccess.TrustProvider("trustProviderResource",
policy_reference_name="string",
trust_provider_type="string",
description="string",
device_options={
"tenant_id": "string",
},
device_trust_provider_type="string",
oidc_options={
"client_secret": "string",
"authorization_endpoint": "string",
"client_id": "string",
"issuer": "string",
"scope": "string",
"token_endpoint": "string",
"user_info_endpoint": "string",
},
tags={
"string": "string",
},
user_trust_provider_type="string")
const trustProviderResource = new aws.verifiedaccess.TrustProvider("trustProviderResource", {
policyReferenceName: "string",
trustProviderType: "string",
description: "string",
deviceOptions: {
tenantId: "string",
},
deviceTrustProviderType: "string",
oidcOptions: {
clientSecret: "string",
authorizationEndpoint: "string",
clientId: "string",
issuer: "string",
scope: "string",
tokenEndpoint: "string",
userInfoEndpoint: "string",
},
tags: {
string: "string",
},
userTrustProviderType: "string",
});
type: aws:verifiedaccess:TrustProvider
properties:
description: string
deviceOptions:
tenantId: string
deviceTrustProviderType: string
oidcOptions:
authorizationEndpoint: string
clientId: string
clientSecret: string
issuer: string
scope: string
tokenEndpoint: string
userInfoEndpoint: string
policyReferenceName: string
tags:
string: string
trustProviderType: string
userTrustProviderType: string
TrustProvider Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The TrustProvider resource accepts the following input properties:
- Policy
Reference stringName - The identifier to be used when working with policy rules.
- Trust
Provider stringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- Description string
- A description for the AWS Verified Access trust provider.
- Device
Options TrustProvider Device Options - A block of options for device identity based trust providers.
- Device
Trust stringProvider Type - The type of device-based trust provider.
- Oidc
Options TrustProvider Oidc Options - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- Dictionary<string, string>
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - User
Trust stringProvider Type - The type of user-based trust provider.
- Policy
Reference stringName - The identifier to be used when working with policy rules.
- Trust
Provider stringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- Description string
- A description for the AWS Verified Access trust provider.
- Device
Options TrustProvider Device Options Args - A block of options for device identity based trust providers.
- Device
Trust stringProvider Type - The type of device-based trust provider.
- Oidc
Options TrustProvider Oidc Options Args - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- map[string]string
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - User
Trust stringProvider Type - The type of user-based trust provider.
- policy
Reference StringName - The identifier to be used when working with policy rules.
- trust
Provider StringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- description String
- A description for the AWS Verified Access trust provider.
- device
Options TrustProvider Device Options - A block of options for device identity based trust providers.
- device
Trust StringProvider Type - The type of device-based trust provider.
- oidc
Options TrustProvider Oidc Options - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- Map<String,String>
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - user
Trust StringProvider Type - The type of user-based trust provider.
- policy
Reference stringName - The identifier to be used when working with policy rules.
- trust
Provider stringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- description string
- A description for the AWS Verified Access trust provider.
- device
Options TrustProvider Device Options - A block of options for device identity based trust providers.
- device
Trust stringProvider Type - The type of device-based trust provider.
- oidc
Options TrustProvider Oidc Options - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- {[key: string]: string}
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - user
Trust stringProvider Type - The type of user-based trust provider.
- policy_
reference_ strname - The identifier to be used when working with policy rules.
- trust_
provider_ strtype The type of trust provider can be either user or device-based.
The following arguments are optional:
- description str
- A description for the AWS Verified Access trust provider.
- device_
options TrustProvider Device Options Args - A block of options for device identity based trust providers.
- device_
trust_ strprovider_ type - The type of device-based trust provider.
- oidc_
options TrustProvider Oidc Options Args - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- Mapping[str, str]
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - user_
trust_ strprovider_ type - The type of user-based trust provider.
- policy
Reference StringName - The identifier to be used when working with policy rules.
- trust
Provider StringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- description String
- A description for the AWS Verified Access trust provider.
- device
Options Property Map - A block of options for device identity based trust providers.
- device
Trust StringProvider Type - The type of device-based trust provider.
- oidc
Options Property Map - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- Map<String>
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - user
Trust StringProvider Type - The type of user-based trust provider.
Outputs
All input properties are implicitly available as output properties. Additionally, the TrustProvider resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Dictionary<string, string>
- Id string
- The provider-assigned unique ID for this managed resource.
- map[string]string
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String,String>
- id string
- The provider-assigned unique ID for this managed resource.
- {[key: string]: string}
- id str
- The provider-assigned unique ID for this managed resource.
- Mapping[str, str]
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String>
Look up Existing TrustProvider Resource
Get an existing TrustProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TrustProviderState, opts?: CustomResourceOptions): TrustProvider@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
device_options: Optional[TrustProviderDeviceOptionsArgs] = None,
device_trust_provider_type: Optional[str] = None,
oidc_options: Optional[TrustProviderOidcOptionsArgs] = None,
policy_reference_name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
trust_provider_type: Optional[str] = None,
user_trust_provider_type: Optional[str] = None) -> TrustProviderfunc GetTrustProvider(ctx *Context, name string, id IDInput, state *TrustProviderState, opts ...ResourceOption) (*TrustProvider, error)public static TrustProvider Get(string name, Input<string> id, TrustProviderState? state, CustomResourceOptions? opts = null)public static TrustProvider get(String name, Output<String> id, TrustProviderState state, CustomResourceOptions options)resources: _: type: aws:verifiedaccess:TrustProvider get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- A description for the AWS Verified Access trust provider.
- Device
Options TrustProvider Device Options - A block of options for device identity based trust providers.
- Device
Trust stringProvider Type - The type of device-based trust provider.
- Oidc
Options TrustProvider Oidc Options - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- Policy
Reference stringName - The identifier to be used when working with policy rules.
- Dictionary<string, string>
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Trust
Provider stringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- User
Trust stringProvider Type - The type of user-based trust provider.
- Description string
- A description for the AWS Verified Access trust provider.
- Device
Options TrustProvider Device Options Args - A block of options for device identity based trust providers.
- Device
Trust stringProvider Type - The type of device-based trust provider.
- Oidc
Options TrustProvider Oidc Options Args - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- Policy
Reference stringName - The identifier to be used when working with policy rules.
- map[string]string
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- Trust
Provider stringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- User
Trust stringProvider Type - The type of user-based trust provider.
- description String
- A description for the AWS Verified Access trust provider.
- device
Options TrustProvider Device Options - A block of options for device identity based trust providers.
- device
Trust StringProvider Type - The type of device-based trust provider.
- oidc
Options TrustProvider Oidc Options - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- policy
Reference StringName - The identifier to be used when working with policy rules.
- Map<String,String>
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- trust
Provider StringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- user
Trust StringProvider Type - The type of user-based trust provider.
- description string
- A description for the AWS Verified Access trust provider.
- device
Options TrustProvider Device Options - A block of options for device identity based trust providers.
- device
Trust stringProvider Type - The type of device-based trust provider.
- oidc
Options TrustProvider Oidc Options - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- policy
Reference stringName - The identifier to be used when working with policy rules.
- {[key: string]: string}
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- trust
Provider stringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- user
Trust stringProvider Type - The type of user-based trust provider.
- description str
- A description for the AWS Verified Access trust provider.
- device_
options TrustProvider Device Options Args - A block of options for device identity based trust providers.
- device_
trust_ strprovider_ type - The type of device-based trust provider.
- oidc_
options TrustProvider Oidc Options Args - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- policy_
reference_ strname - The identifier to be used when working with policy rules.
- Mapping[str, str]
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- trust_
provider_ strtype The type of trust provider can be either user or device-based.
The following arguments are optional:
- user_
trust_ strprovider_ type - The type of user-based trust provider.
- description String
- A description for the AWS Verified Access trust provider.
- device
Options Property Map - A block of options for device identity based trust providers.
- device
Trust StringProvider Type - The type of device-based trust provider.
- oidc
Options Property Map - The OpenID Connect details for an oidc-type, user-identity based trust provider.
- policy
Reference StringName - The identifier to be used when working with policy rules.
- Map<String>
- Key-value mapping of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- trust
Provider StringType The type of trust provider can be either user or device-based.
The following arguments are optional:
- user
Trust StringProvider Type - The type of user-based trust provider.
Supporting Types
TrustProviderDeviceOptions, TrustProviderDeviceOptionsArgs
- Tenant
Id string
- Tenant
Id string
- tenant
Id String
- tenant
Id string
- tenant_
id str
- tenant
Id String
TrustProviderOidcOptions, TrustProviderOidcOptionsArgs
- Client
Secret string - string
- Client
Id string - Issuer string
- Scope string
- Token
Endpoint string - User
Info stringEndpoint
- Client
Secret string - string
- Client
Id string - Issuer string
- Scope string
- Token
Endpoint string - User
Info stringEndpoint
- client
Secret String - String
- client
Id String - issuer String
- scope String
- token
Endpoint String - user
Info StringEndpoint
- client
Secret string - string
- client
Id string - issuer string
- scope string
- token
Endpoint string - user
Info stringEndpoint
- client_
secret str - str
- client_
id str - issuer str
- scope str
- token_
endpoint str - user_
info_ strendpoint
- client
Secret String - String
- client
Id String - issuer String
- scope String
- token
Endpoint String - user
Info StringEndpoint
Import
Using pulumi import, import Transfer Workflows using the id. For example:
$ pulumi import aws:verifiedaccess/trustProvider:TrustProvider example vatp-8012925589
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.