VerifiedAccessEndpoint
The VerifiedAccessEndpoint resource allows you to manage AWS EC2 Verified Access Endpoints for secure access to your AWS resources.
Minimal Example
Section titled “Minimal Example”Create a basic Verified Access Endpoint with required properties and a common optional property.
import AWS from "alchemy/aws/control";
const verifiedAccessEndpoint = await AWS.EC2.VerifiedAccessEndpoint("myVerifiedAccessEndpoint", { AttachmentType: "load-balancer", VerifiedAccessGroupId: "vag-0123456789abcdef0", SecurityGroupIds: ["sg-0123456789abcdef0"], ApplicationDomain: "app.example.com"});Advanced Configuration
Section titled “Advanced Configuration”Configure a Verified Access Endpoint with additional options such as load balancer settings and optional policy document.
const advancedVerifiedAccessEndpoint = await AWS.EC2.VerifiedAccessEndpoint("advancedVerifiedAccessEndpoint", { AttachmentType: "network-interface", VerifiedAccessGroupId: "vag-0123456789abcdef0", SecurityGroupIds: ["sg-0123456789abcdef0"], LoadBalancerOptions: { TargetGroupArn: "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-target-group/abcdef123456", ListenerArn: "arn:aws:elasticloadbalancing:us-west-2:123456789012:listener/app/my-load-balancer/abcdef123456" }, PolicyDocument: JSON.stringify({ Version: "2012-10-17", Statement: [ { Effect: "Allow", Action: "ec2:DescribeInstances", Resource: "*" } ] })});Custom Network Interface Configuration
Section titled “Custom Network Interface Configuration”Set up a Verified Access Endpoint with specific network interface options.
const networkInterfaceVerifiedAccessEndpoint = await AWS.EC2.VerifiedAccessEndpoint("networkInterfaceVerifiedAccessEndpoint", { AttachmentType: "network-interface", VerifiedAccessGroupId: "vag-0123456789abcdef0", SecurityGroupIds: ["sg-0123456789abcdef0"], NetworkInterfaceOptions: { AssociatePublicIpAddress: true, PrivateIpAddress: "10.0.1.100" }, CidrOptions: { CidrBlock: "10.0.0.0/24" }});Database Endpoint Configuration
Section titled “Database Endpoint Configuration”Create a Verified Access Endpoint specifically for an RDS instance.
const rdsVerifiedAccessEndpoint = await AWS.EC2.VerifiedAccessEndpoint("rdsVerifiedAccessEndpoint", { AttachmentType: "database", VerifiedAccessGroupId: "vag-0123456789abcdef0", RdsOptions: { DbInstanceIdentifier: "my-db-instance", SecurityGroupIds: ["sg-0123456789abcdef0"], DbClusterIdentifier: "my-db-cluster" }, PolicyEnabled: true});