Interface ITlsClientPolicy
Represents the properties needed to define client policy.
Namespace: Amazon.CDK.AWS.AppMesh
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ITlsClientPolicySyntax (vb)
Public Interface ITlsClientPolicyRemarks
ExampleMetadata: infused
Examples
Mesh mesh;
Service service;
var node = new VirtualNode(this, "node", new VirtualNodeProps {
Mesh = mesh,
ServiceDiscovery = ServiceDiscovery.CloudMap(service),
Listeners = new [] { VirtualNodeListener.Http(new HttpVirtualNodeListenerOptions {
Port = 8080,
HealthCheck = HealthCheck.Http(new HttpHealthCheckOptions {
HealthyThreshold = 3,
Interval = Duration.Seconds(5),
Path = "/ping",
Timeout = Duration.Seconds(2),
UnhealthyThreshold = 2
}),
Timeout = new HttpTimeout {
Idle = Duration.Seconds(5)
}
}) },
BackendDefaults = new BackendDefaults {
TlsClientPolicy = new TlsClientPolicy {
Validation = new TlsValidation {
Trust = TlsValidationTrust.File("/keys/local_cert_chain.pem")
}
}
},
AccessLog = AccessLog.FromFilePath("/dev/stdout")
});
Tags.Of(node).Add("Environment", "Dev");Synopsis
Properties
| Enforce | Whether the policy is enforced. |
| MutualTlsCertificate | Represents a client TLS certificate. |
| Ports | TLS is enforced on the ports specified here. |
| Validation | Represents the object for TLS validation context. |
Properties
Enforce
MutualTlsCertificate
Represents a client TLS certificate.
MutualTlsCertificate? MutualTlsCertificate { get; }Property Value
Remarks
The certificate will be sent only if the server requests it, enabling mutual TLS.
Default: - client TLS certificate is not provided
Ports
TLS is enforced on the ports specified here.
double[]? Ports { get; }Property Value
double[]
Remarks
If no ports are specified, TLS will be enforced on all the ports.
Default: - all ports
Validation
Represents the object for TLS validation context.
ITlsValidation Validation { get; }Property Value
Remarks
ExampleMetadata: infused