software.amazon.awscdk.services.appmesh

Class MutualTlsValidationTrust

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.appmesh.TlsValidationTrust

software.amazon.awscdk.services.appmesh.MutualTlsValidationTrust

@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)",
           date="2023-03-28T21:34:27.857Z")
public abstract class MutualTlsValidationTrust
extends TlsValidationTrust

Represents a TLS Validation Context Trust that is supported for mutual TLS authentication.

Example:

 Mesh mesh;
 VirtualNode node1 = VirtualNode.Builder.create(this, "node1")
         .mesh(mesh)
         .serviceDiscovery(ServiceDiscovery.dns("node"))
         .listeners(List.of(VirtualNodeListener.grpc(GrpcVirtualNodeListenerOptions.builder()
                 .port(80)
                 .tls(ListenerTlsOptions.builder()
                         .mode(TlsMode.STRICT)
                         .certificate(TlsCertificate.file("path/to/certChain", "path/to/privateKey"))
                         // Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
                         .mutualTlsValidation(MutualTlsValidation.builder()
                                 .trust(TlsValidationTrust.file("path-to-certificate"))
                                 .build())
                         .build())
                 .build())))
         .build();
 String certificateAuthorityArn = "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012";
 VirtualNode node2 = VirtualNode.Builder.create(this, "node2")
         .mesh(mesh)
         .serviceDiscovery(ServiceDiscovery.dns("node2"))
         .backendDefaults(BackendDefaults.builder()
                 .tlsClientPolicy(TlsClientPolicy.builder()
                         .ports(List.of(8080, 8081))
                         .validation(TlsValidation.builder()
                                 .subjectAlternativeNames(SubjectAlternativeNames.matchingExactly("mesh-endpoint.apps.local"))
                                 .trust(TlsValidationTrust.acm(List.of(CertificateAuthority.fromCertificateAuthorityArn(this, "certificate", certificateAuthorityArn))))
                                 .build())
                         // Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
                         .mutualTlsCertificate(TlsCertificate.sds("secret_certificate"))
                         .build())
                 .build())
         .build();
 

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	MutualTlsValidationTrust()
protected	MutualTlsValidationTrust(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	MutualTlsValidationTrust(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
protected java.lang.Boolean	getDifferentiator()

Methods inherited from class software.amazon.awscdk.services.appmesh.TlsValidationTrust

acm, bind, file, sds

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

MutualTlsValidationTrust

protected MutualTlsValidationTrust(software.amazon.jsii.JsiiObjectRef objRef)

MutualTlsValidationTrust

protected MutualTlsValidationTrust(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

MutualTlsValidationTrust

protected MutualTlsValidationTrust()

Method Detail

getDifferentiator

protected java.lang.Boolean getDifferentiator()