Files
Anthropic-Cybersecurity-Skills/skills/configuring-aws-verified-access-for-ztna/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

47 lines
1.6 KiB
Markdown

# AWS Verified Access ZTNA — API Reference
## Libraries
| Library | Install | Purpose |
|---------|---------|---------|
| boto3 | `pip install boto3` | AWS SDK — EC2 Verified Access API |
## Key boto3 EC2 Methods
| Method | Description |
|--------|-------------|
| `describe_verified_access_instances()` | List VA instances |
| `describe_verified_access_groups()` | List VA groups with policies |
| `describe_verified_access_endpoints()` | List VA application endpoints |
| `describe_verified_access_trust_providers()` | List identity/device trust providers |
| `create_verified_access_instance()` | Create new VA instance |
| `create_verified_access_group(VerifiedAccessInstanceId=)` | Create group under instance |
| `create_verified_access_endpoint()` | Expose application via VA |
| `modify_verified_access_group_policy()` | Update Cedar policy document |
## Cedar Policy Language
```cedar
permit(principal, action, resource)
when {
context.identity.groups has "engineering" &&
context.identity.email.address like "*@company.com" &&
context.device.status == "compliant"
};
```
## Trust Provider Types
| Type | Description |
|------|-------------|
| user / iam-identity-center | AWS IAM Identity Center OIDC |
| user / oidc | Third-party OIDC provider |
| device / jamf | Jamf device trust |
| device / crowdstrike | CrowdStrike device posture |
## External References
- [AWS Verified Access Docs](https://docs.aws.amazon.com/verified-access/)
- [Cedar Policy Language](https://www.cedarpolicy.com/en)
- [boto3 EC2 Verified Access](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2/client/describe_verified_access_instances.html)