Skip to content
Alchemy
GitHubXDiscord

VerifiedAccessTrustProvider

The VerifiedAccessTrustProvider resource allows you to create and manage AWS EC2 Verified Access Trust Providers. This resource is essential for implementing secure access policies for your applications.

Minimal Example

Section titled “Minimal Example”

Create a basic Verified Access Trust Provider with required properties and a common optional property.

import AWS from "alchemy/aws/control";


const basicTrustProvider = await AWS.EC2.VerifiedAccessTrustProvider("basicTrustProvider", {
  PolicyReferenceName: "MyTrustPolicy",
  TrustProviderType: "AWS",
  Description: "A basic Verified Access Trust Provider for AWS services"
});

Advanced Configuration

Section titled “Advanced Configuration”

Configure a Verified Access Trust Provider with advanced options such as device options and OIDC settings.

const advancedTrustProvider = await AWS.EC2.VerifiedAccessTrustProvider("advancedTrustProvider", {
  PolicyReferenceName: "MyAdvancedTrustPolicy",
  TrustProviderType: "AWS",
  DeviceOptions: {
    DeviceTrustProviderType: "AWS",
    DevicePolicy: {
      Version: "2012-10-17",
      Statement: [
        {
          Effect: "Allow",
          Action: "iot:Publish",
          Resource: "*"
        }
      ]
    }
  },
  OidcOptions: {
    AuthorizationEndpoint: "https://my-oidc-provider.com/auth",
    TokenEndpoint: "https://my-oidc-provider.com/token",
    ClientId: "my-client-id",
    ClientSecret: "my-client-secret"
  },
  Description: "An advanced Verified Access Trust Provider with device and OIDC options"
});

Device Trust Configuration

Section titled “Device Trust Configuration”

Create a Verified Access Trust Provider specifically for device trust configurations.

const deviceTrustProvider = await AWS.EC2.VerifiedAccessTrustProvider("deviceTrustProvider", {
  PolicyReferenceName: "DeviceTrustPolicy",
  TrustProviderType: "Device",
  DeviceOptions: {
    DeviceTrustProviderType: "Custom",
    DevicePolicy: {
      Version: "2012-10-17",
      Statement: [
        {
          Effect: "Allow",
          Action: "device:Authenticate",
          Resource: "*"
        }
      ]
    }
  },
  Description: "A Verified Access Trust Provider focused on device trust."
});

OIDC Configuration

Section titled “OIDC Configuration”

Set up a Verified Access Trust Provider that uses OIDC for authentication.

const oidcTrustProvider = await AWS.EC2.VerifiedAccessTrustProvider("oidcTrustProvider", {
  PolicyReferenceName: "OIDCAuthPolicy",
  TrustProviderType: "OIDC",
  OidcOptions: {
    AuthorizationEndpoint: "https://example-oidc.com/auth",
    TokenEndpoint: "https://example-oidc.com/token",
    ClientId: "my-oidc-client-id",
    ClientSecret: "my-oidc-client-secret"
  },
  Description: "A Verified Access Trust Provider using OIDC for authentication."
});