Class MutualTlsValidationTrust

Represents a TLS Validation Context Trust that is supported for mutual TLS authentication.

Inheritance

System.Object

TlsValidationTrust

MutualTlsValidationTrust

Inherited Members

TlsValidationTrust.Acm(ICertificateAuthority[])

TlsValidationTrust.File(String)

TlsValidationTrust.Sds(String)

TlsValidationTrust.Bind(Construct)

Namespace: Amazon.CDK.AWS.AppMesh

Assembly: Amazon.CDK.AWS.AppMesh.dll

Syntax (csharp)

public abstract class MutualTlsValidationTrust : TlsValidationTrust

Syntax (vb)

Public MustInherit Class MutualTlsValidationTrust
    Inherits TlsValidationTrust

Remarks

ExampleMetadata: infused

Examples

Mesh mesh;


var node1 = new VirtualNode(this, "node1", new VirtualNodeProps {
    Mesh = mesh,
    ServiceDiscovery = ServiceDiscovery.Dns("node"),
    Listeners = new [] { VirtualNodeListener.Grpc(new GrpcVirtualNodeListenerOptions {
        Port = 80,
        Tls = new ListenerTlsOptions {
            Mode = TlsMode.STRICT,
            Certificate = TlsCertificate.File("path/to/certChain", "path/to/privateKey"),
            // Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
            MutualTlsValidation = new MutualTlsValidation {
                Trust = TlsValidationTrust.File("path-to-certificate")
            }
        }
    }) }
});

var certificateAuthorityArn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012";
var node2 = new VirtualNode(this, "node2", new VirtualNodeProps {
    Mesh = mesh,
    ServiceDiscovery = ServiceDiscovery.Dns("node2"),
    BackendDefaults = new BackendDefaults {
        TlsClientPolicy = new TlsClientPolicy {
            Ports = new [] { 8080, 8081 },
            Validation = new TlsValidation {
                SubjectAlternativeNames = SubjectAlternativeNames.MatchingExactly("mesh-endpoint.apps.local"),
                Trust = TlsValidationTrust.Acm(new [] { CertificateAuthority.FromCertificateAuthorityArn(this, "certificate", certificateAuthorityArn) })
            },
            // Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
            MutualTlsCertificate = TlsCertificate.Sds("secret_certificate")
        }
    }
});

Synopsis

Constructors

MutualTlsValidationTrust()
MutualTlsValidationTrust(ByRefValue)	Used by jsii to construct an instance of this class from a Javascript-owned object reference
MutualTlsValidationTrust(DeputyBase.DeputyProps)	Used by jsii to construct an instance of this class from DeputyProps

Properties

Differentiator

Constructors

MutualTlsValidationTrust()

protected MutualTlsValidationTrust()

MutualTlsValidationTrust(ByRefValue)

Used by jsii to construct an instance of this class from a Javascript-owned object reference

protected MutualTlsValidationTrust(ByRefValue reference)

Parameters

reference Amazon.JSII.Runtime.Deputy.ByRefValue

The Javascript-owned object reference

MutualTlsValidationTrust(DeputyBase.DeputyProps)

Used by jsii to construct an instance of this class from DeputyProps

protected MutualTlsValidationTrust(DeputyBase.DeputyProps props)

Parameters

props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps

The deputy props

Properties

Differentiator

protected virtual bool Differentiator { get; }

Property Value

System.Boolean