Verified Access endpoints
A Verified Access endpoint represents an application. Each endpoint is associated with a Verified Access group and inherits the access policy for the group. You can optionally attach an application-specific endpoint policy to each endpoint.
Contents
- Verified Access endpoint types
- How Verified Access works with shared VPCs and subnets
- Create a load balancer endpoint for Verified Access
- Create a network interface endpoint for Verified Access
- Allow traffic that originates from your Verified Access endpoint
- Modify a Verified Access endpoint
- Modify a Verified Access endpoint policy
- Delete a Verified Access endpoint
Verified Access endpoint types
The following are the possible Verified Access endpoint types:
-
Load balancer – Application requests are sent to a load balancer to distribute to your application.
-
Network interface – Application requests are sent to a network interface using the specified protocol and port.
How Verified Access works with shared VPCs and subnets
The following are the behaviors regarding shared VPC subnets:
-
Verified Access endpoints are supported by VPC subnet sharing. A participant can create a Verified Access endpoint in a shared subnet.
-
The participant who created the endpoint will be the endpoint owner, and the only party allowed to modify the endpoint. The VPC owner will not be allowed to modify the endpoint.
-
Verified Access endpoints cannot be created in an AWS Local Zone and therefore sharing via Local Zones is not possible.
For more information see, Share your VPC with other accounts in the Amazon VPC User Guide.
