class SubjectAlternativeNames
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.AppMesh.SubjectAlternativeNames |
 Java | software.amazon.awscdk.services.appmesh.SubjectAlternativeNames |
 Python | aws_cdk.aws_appmesh.SubjectAlternativeNames |
 TypeScript (source) | @aws-cdk/aws-appmesh » SubjectAlternativeNames |
Used to generate Subject Alternative Names Matchers.
Example
declare const mesh: appmesh.Mesh;
const node1 = new appmesh.VirtualNode(this, 'node1', {
mesh,
serviceDiscovery: appmesh.ServiceDiscovery.dns('node'),
listeners: [appmesh.VirtualNodeListener.grpc({
port: 80,
tls: {
mode: appmesh.TlsMode.STRICT,
certificate: appmesh.TlsCertificate.file('path/to/certChain', 'path/to/privateKey'),
// Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
mutualTlsValidation: {
trust: appmesh.TlsValidationTrust.file('path-to-certificate'),
},
},
})],
});
const certificateAuthorityArn = 'arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012';
const node2 = new appmesh.VirtualNode(this, 'node2', {
mesh,
serviceDiscovery: appmesh.ServiceDiscovery.dns('node2'),
backendDefaults: {
tlsClientPolicy: {
ports: [8080, 8081],
validation: {
subjectAlternativeNames: appmesh.SubjectAlternativeNames.matchingExactly('mesh-endpoint.apps.local'),
trust: appmesh.TlsValidationTrust.acm([
acmpca.CertificateAuthority.fromCertificateAuthorityArn(this, 'certificate', certificateAuthorityArn)]),
},
// Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
mutualTlsCertificate: appmesh.TlsCertificate.sds('secret_certificate'),
},
},
});
Initializer
new SubjectAlternativeNames()
Methods
| Name | Description |
|---|---|
| bind(scope) | Returns Subject Alternative Names Matcher based on method type. |
| static matching | The values of the SAN must match the specified values exactly. |
bind(scope)
public bind(scope: Construct): SubjectAlternativeNamesMatcherConfig
Parameters
- scope
Construct
Returns
Returns Subject Alternative Names Matcher based on method type.
static matchingExactly(...names)
public static matchingExactly(...names: string[]): SubjectAlternativeNames
Parameters
- names
string— The exact values to test against.
Returns
The values of the SAN must match the specified values exactly.