AWS::EC2::VerifiedAccessEndpointEC2 VerifiedAccessEndpoint
The AWS::EC2::VerifiedAccessEndpoint resource creates an AWS EC2 Verified Access Endpoint.
Properties
16 configurable properties. 3 required. Click a row to see details.
Filter:
| Property | Type | Flags |
|---|---|---|
AttachmentType | string | RequiredCreate-only |
EndpointType | string | RequiredCreate-only |
VerifiedAccessGroupId | string | Required |
ApplicationDomain | string | Create-only |
CidrOptions | CidrOptions | |
Description | string | |
DomainCertificateArn | string | Create-only |
EndpointDomainPrefix | string | Create-only |
LoadBalancerOptions | LoadBalancerOptions | |
NetworkInterfaceOptions | NetworkInterfaceOptions | |
PolicyDocument | string | |
PolicyEnabled | boolean | |
RdsOptions | RdsOptions | |
SecurityGroupIds | Array<string> | Create-only |
SseSpecification | SseSpecification | |
Tags | Array<Tag> |
Return Values
Values returned after the resource is created. Access these with Fn::GetAtt.
| Attribute | Type | Description |
|---|---|---|
CreationTime | string | The creation time. |
DeviceValidationDomain | string | Returned if endpoint has a device trust provider attached. |
EndpointDomain | string | A DNS name that is generated for the endpoint. |
LastUpdatedTime | string | The last updated time. |
Status | string | The endpoint status. |
VerifiedAccessEndpointId | string | The ID of the AWS Verified Access endpoint. |
VerifiedAccessInstanceId | string | The ID of the AWS Verified Access instance. |
Sample CloudFormation Template
A minimal template with required properties and common optional ones.
template.yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::EC2::VerifiedAccessEndpoint
Resources:
MyResource:
Type: AWS::EC2::VerifiedAccessEndpoint
Properties:
AttachmentType: "value"
EndpointType: "value"
VerifiedAccessGroupId: "my-verifiedaccessgroupid"
Tags:
- Key: Environment
Value: Production
Description: !Ref "AWS::StackName"Required IAM Permissions
Permissions CloudFormation needs in your IAM role to manage this resource.
create
ec2:CreateVerifiedAccessEndpointec2:DescribeVerifiedAccessEndpointsec2:DescribeSubnetsec2:DescribeSecurityGroupsec2:DescribeNetworkInterfacesec2:DescribeAccountAttributesec2:CreateTagsec2:DescribeTagsread
ec2:DescribeVerifiedAccessEndpointsec2:GetVerifiedAccessEndpointPolicyec2:DescribeTagskms:DescribeKeykms:Decryptkms:GenerateDataKeyupdate
ec2:ModifyVerifiedAccessEndpointec2:ModifyVerifiedAccessEndpointPolicyec2:DescribeVerifiedAccessEndpointsec2:GetVerifiedAccessEndpointPolicyec2:DescribeSubnetsec2:DescribeSecurityGroupsec2:DescribeNetworkInterfacesec2:DescribeVpcsdelete
ec2:DescribeVerifiedAccessEndpointsec2:DeleteVerifiedAccessEndpointec2:GetVerifiedAccessEndpointPolicyec2:DescribeTagsec2:DeleteTagssso:DeleteManagedApplicationInstancekms:DescribeKeykms:RetireGrantlist
ec2:DescribeVerifiedAccessEndpointsec2:GetVerifiedAccessEndpointPolicyec2:DescribeTagskms:DescribeKeykms:Decryptkms:GenerateDataKeyGet the EC2 Cheat Sheet
Everything you need to know about EC2 on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
ServiceEC2
Properties23
Required3
TaggingSupported
Primary ID
VerifiedAccessEndpointIdSupported Operations
CreateReadUpdateDeleteList
Immutable After Creation
These properties cannot be changed after the resource is created. Updating them triggers a replacement.
ApplicationDomainAttachmentTypeDomainCertificateArnEndpointDomainPrefixEndpointTypeSecurityGroupIdsNetworkInterfaceOptions/NetworkInterfaceIdLoadBalancerOptions/LoadBalancerArnRdsOptions/ProtocolRdsOptions/RdsDbInstanceArnRdsOptions/RdsDbClusterArnRdsOptions/RdsDbProxyArnCidrOptions/CidrCidrOptions/ProtocolCidrOptions/SubnetIds