Class TlsClientPolicy
Represents the properties needed to define client policy.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.AppMesh
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class TlsClientPolicy : ITlsClientPolicySyntax (vb)
Public Class TlsClientPolicy Implements ITlsClientPolicyRemarks
ExampleMetadata: infused
Examples
Mesh mesh;
Service service;
var node = new VirtualNode(this, "node", new VirtualNodeProps {
Mesh = mesh,
ServiceDiscovery = ServiceDiscovery.CloudMap(service),
Listeners = new [] { VirtualNodeListener.Http(new HttpVirtualNodeListenerOptions {
Port = 8080,
HealthCheck = HealthCheck.Http(new HttpHealthCheckOptions {
HealthyThreshold = 3,
Interval = Duration.Seconds(5),
Path = "/ping",
Timeout = Duration.Seconds(2),
UnhealthyThreshold = 2
}),
Timeout = new HttpTimeout {
Idle = Duration.Seconds(5)
}
}) },
BackendDefaults = new BackendDefaults {
TlsClientPolicy = new TlsClientPolicy {
Validation = new TlsValidation {
Trust = TlsValidationTrust.File("/keys/local_cert_chain.pem")
}
}
},
AccessLog = AccessLog.FromFilePath("/dev/stdout")
});
Tags.Of(node).Add("Environment", "Dev");Synopsis
Constructors
| TlsClientPolicy() | Represents the properties needed to define client policy. |
Properties
| Enforce | Whether the policy is enforced. |
| MutualTlsCertificate | Represents a client TLS certificate. |
| Ports | TLS is enforced on the ports specified here. |
| Validation | Represents the object for TLS validation context. |
Constructors
TlsClientPolicy()
Represents the properties needed to define client policy.
public TlsClientPolicy()Remarks
ExampleMetadata: infused
Examples
Mesh mesh;
Service service;
var node = new VirtualNode(this, "node", new VirtualNodeProps {
Mesh = mesh,
ServiceDiscovery = ServiceDiscovery.CloudMap(service),
Listeners = new [] { VirtualNodeListener.Http(new HttpVirtualNodeListenerOptions {
Port = 8080,
HealthCheck = HealthCheck.Http(new HttpHealthCheckOptions {
HealthyThreshold = 3,
Interval = Duration.Seconds(5),
Path = "/ping",
Timeout = Duration.Seconds(2),
UnhealthyThreshold = 2
}),
Timeout = new HttpTimeout {
Idle = Duration.Seconds(5)
}
}) },
BackendDefaults = new BackendDefaults {
TlsClientPolicy = new TlsClientPolicy {
Validation = new TlsValidation {
Trust = TlsValidationTrust.File("/keys/local_cert_chain.pem")
}
}
},
AccessLog = AccessLog.FromFilePath("/dev/stdout")
});
Tags.Of(node).Add("Environment", "Dev");Properties
Enforce
Whether the policy is enforced.
public bool? Enforce { get; set; }Property Value
bool?
Remarks
Default: true
MutualTlsCertificate
Represents a client TLS certificate.
public MutualTlsCertificate? MutualTlsCertificate { get; set; }Property Value
Remarks
The certificate will be sent only if the server requests it, enabling mutual TLS.
Default: - client TLS certificate is not provided
Ports
TLS is enforced on the ports specified here.
public double[]? Ports { get; set; }Property Value
double[]
Remarks
If no ports are specified, TLS will be enforced on all the ports.
Default: - all ports
Validation
Represents the object for TLS validation context.
public ITlsValidation Validation { get; set; }Property Value
Remarks
ExampleMetadata: infused