:doc:`EC2 <../../ec2>` / Client / describe_verified_access_trust_providers

****************************************
describe_verified_access_trust_providers
****************************************



.. py:method:: EC2.Client.describe_verified_access_trust_providers(**kwargs)

  

  Describes the specified Amazon Web Services Verified Access trust providers.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVerifiedAccessTrustProviders>`_  


  **Request Syntax**
  ::

    response = client.describe_verified_access_trust_providers(
        VerifiedAccessTrustProviderIds=[
            'string',
        ],
        MaxResults=123,
        NextToken='string',
        Filters=[
            {
                'Name': 'string',
                'Values': [
                    'string',
                ]
            },
        ],
        DryRun=True|False
    )
    
  :type VerifiedAccessTrustProviderIds: list
  :param VerifiedAccessTrustProviderIds: 

    The IDs of the Verified Access trust providers.

    

  
    - *(string) --* 

    

  :type MaxResults: integer
  :param MaxResults: 

    The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned ``nextToken`` value.

    

  
  :type NextToken: string
  :param NextToken: 

    The token for the next page of results.

    

  
  :type Filters: list
  :param Filters: 

    One or more filters. Filter names and values are case-sensitive.

    

  
    - *(dict) --* 

      A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

       

      If you specify multiple filters, the filters are joined with an ``AND``, and the request returns only results that match all of the specified filters.

       

      For more information, see `List and filter using the CLI and API <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI>`__ in the *Amazon EC2 User Guide*.

      

    
      - **Name** *(string) --* 

        The name of the filter. Filter names are case-sensitive.

        

      
      - **Values** *(list) --* 

        The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an ``OR``, and the request returns all results that match any of the specified values.

        

      
        - *(string) --* 

        
    
    

  :type DryRun: boolean
  :param DryRun: 

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ``DryRunOperation``. Otherwise, it is ``UnauthorizedOperation``.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'VerifiedAccessTrustProviders': [
              {
                  'VerifiedAccessTrustProviderId': 'string',
                  'Description': 'string',
                  'TrustProviderType': 'user'|'device',
                  'UserTrustProviderType': 'iam-identity-center'|'oidc',
                  'DeviceTrustProviderType': 'jamf'|'crowdstrike'|'jumpcloud',
                  'OidcOptions': {
                      'Issuer': 'string',
                      'AuthorizationEndpoint': 'string',
                      'TokenEndpoint': 'string',
                      'UserInfoEndpoint': 'string',
                      'ClientId': 'string',
                      'ClientSecret': 'string',
                      'Scope': 'string'
                  },
                  'DeviceOptions': {
                      'TenantId': 'string',
                      'PublicSigningKeyUrl': 'string'
                  },
                  'PolicyReferenceName': 'string',
                  'CreationTime': 'string',
                  'LastUpdatedTime': 'string',
                  'Tags': [
                      {
                          'Key': 'string',
                          'Value': 'string'
                      },
                  ],
                  'SseSpecification': {
                      'CustomerManagedKeyEnabled': True|False,
                      'KmsKeyArn': 'string'
                  },
                  'NativeApplicationOidcOptions': {
                      'PublicSigningKeyEndpoint': 'string',
                      'Issuer': 'string',
                      'AuthorizationEndpoint': 'string',
                      'TokenEndpoint': 'string',
                      'UserInfoEndpoint': 'string',
                      'ClientId': 'string',
                      'Scope': 'string'
                  }
              },
          ],
          'NextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **VerifiedAccessTrustProviders** *(list) --* 

        Details about the Verified Access trust providers.

        
        

        - *(dict) --* 

          Describes a Verified Access trust provider.

          
          

          - **VerifiedAccessTrustProviderId** *(string) --* 

            The ID of the Amazon Web Services Verified Access trust provider.

            
          

          - **Description** *(string) --* 

            A description for the Amazon Web Services Verified Access trust provider.

            
          

          - **TrustProviderType** *(string) --* 

            The type of Verified Access trust provider.

            
          

          - **UserTrustProviderType** *(string) --* 

            The type of user-based trust provider.

            
          

          - **DeviceTrustProviderType** *(string) --* 

            The type of device-based trust provider.

            
          

          - **OidcOptions** *(dict) --* 

            The options for an OpenID Connect-compatible user-identity trust provider.

            
            

            - **Issuer** *(string) --* 

              The OIDC issuer.

              
            

            - **AuthorizationEndpoint** *(string) --* 

              The OIDC authorization endpoint.

              
            

            - **TokenEndpoint** *(string) --* 

              The OIDC token endpoint.

              
            

            - **UserInfoEndpoint** *(string) --* 

              The OIDC user info endpoint.

              
            

            - **ClientId** *(string) --* 

              The client identifier.

              
            

            - **ClientSecret** *(string) --* 

              The client secret.

              
            

            - **Scope** *(string) --* 

              The OpenID Connect (OIDC) scope specified.

              
        
          

          - **DeviceOptions** *(dict) --* 

            The options for device-identity trust provider.

            
            

            - **TenantId** *(string) --* 

              The ID of the tenant application with the device-identity provider.

              
            

            - **PublicSigningKeyUrl** *(string) --* 

              The URL Amazon Web Services Verified Access will use to verify the authenticity of the device tokens.

              
        
          

          - **PolicyReferenceName** *(string) --* 

            The identifier to be used when working with policy rules.

            
          

          - **CreationTime** *(string) --* 

            The creation time.

            
          

          - **LastUpdatedTime** *(string) --* 

            The last updated time.

            
          

          - **Tags** *(list) --* 

            The tags.

            
            

            - *(dict) --* 

              Describes a tag.

              
              

              - **Key** *(string) --* 

                The key of the tag.

                 

                Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with ``aws:``.

                
              

              - **Value** *(string) --* 

                The value of the tag.

                 

                Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

                
          
        
          

          - **SseSpecification** *(dict) --* 

            The options in use for server side encryption.

            
            

            - **CustomerManagedKeyEnabled** *(boolean) --* 

              Indicates whether customer managed KMS keys are in use for server side encryption.

               

              Valid values: ``True`` | ``False``

              
            

            - **KmsKeyArn** *(string) --* 

              The ARN of the KMS key.

              
        
          

          - **NativeApplicationOidcOptions** *(dict) --* 

            The OpenID Connect (OIDC) options.

            
            

            - **PublicSigningKeyEndpoint** *(string) --* 

              The public signing key endpoint.

              
            

            - **Issuer** *(string) --* 

              The OIDC issuer identifier of the IdP.

              
            

            - **AuthorizationEndpoint** *(string) --* 

              The authorization endpoint of the IdP.

              
            

            - **TokenEndpoint** *(string) --* 

              The token endpoint of the IdP.

              
            

            - **UserInfoEndpoint** *(string) --* 

              The user info endpoint of the IdP.

              
            

            - **ClientId** *(string) --* 

              The OAuth 2.0 client identifier.

              
            

            - **Scope** *(string) --* 

              The set of user claims to be requested from the IdP.

              
        
      
    
      

      - **NextToken** *(string) --* 

        The token to use to retrieve the next page of results. This value is ``null`` when there are no more results to return.

        
  