Class CfnVirtualNode
- All Implemented Interfaces:
IInspectable
,ITaggable
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
,software.constructs.IDependable
A virtual node acts as a logical pointer to a particular task group, such as an Amazon ECS service or a Kubernetes deployment. When you create a virtual node, you can specify the service discovery information for your task group, and whether the proxy running in a task group will communicate with other proxies using Transport Layer Security (TLS).
You define a listener
for any inbound traffic that your virtual node expects. Any virtual service that your virtual node expects to communicate to is specified as a backend
.
The response metadata for your new virtual node contains the arn
that is associated with the virtual node. Set this value to the full ARN; for example, arn:aws:appmesh:us-west-2:123456789012:myMesh/default/virtualNode/myApp
) as the APPMESH_RESOURCE_ARN
environment variable for your task group's Envoy proxy container in your task definition or pod spec. This is then mapped to the node.id
and node.cluster
Envoy parameters.
By default, App Mesh uses the name of the resource you specified in
APPMESH_RESOURCE_ARN
when Envoy is referring to itself in metrics and traces. You can override this behavior by setting theAPPMESH_RESOURCE_CLUSTER
environment variable with your own name.
For more information about virtual nodes, see Virtual nodes . You must be using 1.15.0
or later of the Envoy image when setting these variables. For more information aboutApp Mesh Envoy variables, see Envoy image in the AWS App Mesh User Guide.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.appmesh.*; CfnVirtualNode cfnVirtualNode = CfnVirtualNode.Builder.create(this, "MyCfnVirtualNode") .meshName("meshName") .spec(VirtualNodeSpecProperty.builder() .backendDefaults(BackendDefaultsProperty.builder() .clientPolicy(ClientPolicyProperty.builder() .tls(ClientPolicyTlsProperty.builder() .validation(TlsValidationContextProperty.builder() .trust(TlsValidationContextTrustProperty.builder() .acm(TlsValidationContextAcmTrustProperty.builder() .certificateAuthorityArns(List.of("certificateAuthorityArns")) .build()) .file(TlsValidationContextFileTrustProperty.builder() .certificateChain("certificateChain") .build()) .sds(TlsValidationContextSdsTrustProperty.builder() .secretName("secretName") .build()) .build()) // the properties below are optional .subjectAlternativeNames(SubjectAlternativeNamesProperty.builder() .match(SubjectAlternativeNameMatchersProperty.builder() .exact(List.of("exact")) .build()) .build()) .build()) // the properties below are optional .certificate(ClientTlsCertificateProperty.builder() .file(ListenerTlsFileCertificateProperty.builder() .certificateChain("certificateChain") .privateKey("privateKey") .build()) .sds(ListenerTlsSdsCertificateProperty.builder() .secretName("secretName") .build()) .build()) .enforce(false) .ports(List.of(123)) .build()) .build()) .build()) .backends(List.of(BackendProperty.builder() .virtualService(VirtualServiceBackendProperty.builder() .virtualServiceName("virtualServiceName") // the properties below are optional .clientPolicy(ClientPolicyProperty.builder() .tls(ClientPolicyTlsProperty.builder() .validation(TlsValidationContextProperty.builder() .trust(TlsValidationContextTrustProperty.builder() .acm(TlsValidationContextAcmTrustProperty.builder() .certificateAuthorityArns(List.of("certificateAuthorityArns")) .build()) .file(TlsValidationContextFileTrustProperty.builder() .certificateChain("certificateChain") .build()) .sds(TlsValidationContextSdsTrustProperty.builder() .secretName("secretName") .build()) .build()) // the properties below are optional .subjectAlternativeNames(SubjectAlternativeNamesProperty.builder() .match(SubjectAlternativeNameMatchersProperty.builder() .exact(List.of("exact")) .build()) .build()) .build()) // the properties below are optional .certificate(ClientTlsCertificateProperty.builder() .file(ListenerTlsFileCertificateProperty.builder() .certificateChain("certificateChain") .privateKey("privateKey") .build()) .sds(ListenerTlsSdsCertificateProperty.builder() .secretName("secretName") .build()) .build()) .enforce(false) .ports(List.of(123)) .build()) .build()) .build()) .build())) .listeners(List.of(ListenerProperty.builder() .portMapping(PortMappingProperty.builder() .port(123) .protocol("protocol") .build()) // the properties below are optional .connectionPool(VirtualNodeConnectionPoolProperty.builder() .grpc(VirtualNodeGrpcConnectionPoolProperty.builder() .maxRequests(123) .build()) .http(VirtualNodeHttpConnectionPoolProperty.builder() .maxConnections(123) // the properties below are optional .maxPendingRequests(123) .build()) .http2(VirtualNodeHttp2ConnectionPoolProperty.builder() .maxRequests(123) .build()) .tcp(VirtualNodeTcpConnectionPoolProperty.builder() .maxConnections(123) .build()) .build()) .healthCheck(HealthCheckProperty.builder() .healthyThreshold(123) .intervalMillis(123) .protocol("protocol") .timeoutMillis(123) .unhealthyThreshold(123) // the properties below are optional .path("path") .port(123) .build()) .outlierDetection(OutlierDetectionProperty.builder() .baseEjectionDuration(DurationProperty.builder() .unit("unit") .value(123) .build()) .interval(DurationProperty.builder() .unit("unit") .value(123) .build()) .maxEjectionPercent(123) .maxServerErrors(123) .build()) .timeout(ListenerTimeoutProperty.builder() .grpc(GrpcTimeoutProperty.builder() .idle(DurationProperty.builder() .unit("unit") .value(123) .build()) .perRequest(DurationProperty.builder() .unit("unit") .value(123) .build()) .build()) .http(HttpTimeoutProperty.builder() .idle(DurationProperty.builder() .unit("unit") .value(123) .build()) .perRequest(DurationProperty.builder() .unit("unit") .value(123) .build()) .build()) .http2(HttpTimeoutProperty.builder() .idle(DurationProperty.builder() .unit("unit") .value(123) .build()) .perRequest(DurationProperty.builder() .unit("unit") .value(123) .build()) .build()) .tcp(TcpTimeoutProperty.builder() .idle(DurationProperty.builder() .unit("unit") .value(123) .build()) .build()) .build()) .tls(ListenerTlsProperty.builder() .certificate(ListenerTlsCertificateProperty.builder() .acm(ListenerTlsAcmCertificateProperty.builder() .certificateArn("certificateArn") .build()) .file(ListenerTlsFileCertificateProperty.builder() .certificateChain("certificateChain") .privateKey("privateKey") .build()) .sds(ListenerTlsSdsCertificateProperty.builder() .secretName("secretName") .build()) .build()) .mode("mode") // the properties below are optional .validation(ListenerTlsValidationContextProperty.builder() .trust(ListenerTlsValidationContextTrustProperty.builder() .file(TlsValidationContextFileTrustProperty.builder() .certificateChain("certificateChain") .build()) .sds(TlsValidationContextSdsTrustProperty.builder() .secretName("secretName") .build()) .build()) // the properties below are optional .subjectAlternativeNames(SubjectAlternativeNamesProperty.builder() .match(SubjectAlternativeNameMatchersProperty.builder() .exact(List.of("exact")) .build()) .build()) .build()) .build()) .build())) .logging(LoggingProperty.builder() .accessLog(AccessLogProperty.builder() .file(FileAccessLogProperty.builder() .path("path") // the properties below are optional .format(LoggingFormatProperty.builder() .json(List.of(JsonFormatRefProperty.builder() .key("key") .value("value") .build())) .text("text") .build()) .build()) .build()) .build()) .serviceDiscovery(ServiceDiscoveryProperty.builder() .awsCloudMap(AwsCloudMapServiceDiscoveryProperty.builder() .namespaceName("namespaceName") .serviceName("serviceName") // the properties below are optional .attributes(List.of(AwsCloudMapInstanceAttributeProperty.builder() .key("key") .value("value") .build())) .ipPreference("ipPreference") .build()) .dns(DnsServiceDiscoveryProperty.builder() .hostname("hostname") // the properties below are optional .ipPreference("ipPreference") .responseType("responseType") .build()) .build()) .build()) // the properties below are optional .meshOwner("meshOwner") .tags(List.of(CfnTag.builder() .key("key") .value("value") .build())) .virtualNodeName("virtualNodeName") .build();
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
An object that represents the access logging information for a virtual node.static interface
An object that represents the AWS Cloud Map attribute information for your virtual node.static interface
An object that represents the AWS Cloud Map service discovery information for your virtual node.static interface
An object that represents the default properties for a backend.static interface
An object that represents the backends that a virtual node is expected to send outbound traffic to.static final class
A fluent builder forCfnVirtualNode
.static interface
An object that represents a client policy.static interface
A reference to an object that represents a Transport Layer Security (TLS) client policy.static interface
An object that represents the client's certificate.static interface
An object that represents the DNS service discovery information for your virtual node.static interface
An object that represents a duration of time.static interface
An object that represents an access log file.static interface
An object that represents types of timeouts.static interface
An object that represents the health check policy for a virtual node's listener.static interface
An object that represents types of timeouts.static interface
An object that represents the key value pairs for the JSON.static interface
An object that represents a listener for a virtual node.static interface
An object that represents timeouts for different protocols.static interface
An object that represents an AWS Certificate Manager certificate.static interface
An object that represents a listener's Transport Layer Security (TLS) certificate.static interface
An object that represents a local file certificate.static interface
An object that represents the Transport Layer Security (TLS) properties for a listener.static interface
An object that represents the listener's Secret Discovery Service certificate.static interface
An object that represents a listener's Transport Layer Security (TLS) validation context.static interface
An object that represents a listener's Transport Layer Security (TLS) validation context trust.static interface
An object that represents the format for the logs.static interface
An object that represents the logging information for a virtual node.static interface
An object that represents the outlier detection for a virtual node's listener.static interface
An object representing a virtual node or virtual router listener port mapping.static interface
An object that represents the service discovery information for a virtual node.static interface
An object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.static interface
An object that represents the subject alternative names secured by the certificate.static interface
An object that represents types of timeouts.static interface
An object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.static interface
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.static interface
An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.static interface
An object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.static interface
An object that represents a Transport Layer Security (TLS) validation context trust.static interface
An object that represents the type of virtual node connection pool.static interface
An object that represents a type of connection pool.static interface
An object that represents a type of connection pool.static interface
An object that represents a type of connection pool.static interface
An object that represents the specification of a virtual node.static interface
An object that represents a type of connection pool.static interface
An object that represents a virtual service backend for a virtual node.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.ITaggable
ITaggable.Jsii$Default, ITaggable.Jsii$Proxy
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The CloudFormation resource type name for this resource class. -
Constructor Summary
ModifierConstructorDescriptionprotected
CfnVirtualNode
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
CfnVirtualNode
(software.amazon.jsii.JsiiObjectRef objRef) CfnVirtualNode
(software.constructs.Construct scope, String id, CfnVirtualNodeProps props) -
Method Summary
Modifier and TypeMethodDescriptionThe full Amazon Resource Name (ARN) for the virtual node.The name of the service mesh that the virtual node resides in.The AWS IAM account ID of the service mesh owner.The AWS IAM account ID of the resource owner.The unique identifier for the virtual node.The name of the virtual node.The name of the service mesh to create the virtual node in.The AWS IAM account ID of the service mesh owner.getSpec()
The virtual node specification to apply.getTags()
Tag Manager which manages the tags for this resource.Optional metadata that you can apply to the virtual node to assist with categorization and organization.The name to use for the virtual node.void
inspect
(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties
(Map<String, Object> props) void
setMeshName
(String value) The name of the service mesh to create the virtual node in.void
setMeshOwner
(String value) The AWS IAM account ID of the service mesh owner.void
setSpec
(IResolvable value) The virtual node specification to apply.void
The virtual node specification to apply.void
setTagsRaw
(List<CfnTag> value) Optional metadata that you can apply to the virtual node to assist with categorization and organization.void
setVirtualNodeName
(String value) The name to use for the virtual node.Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validateProperties
Methods inherited from class software.amazon.awscdk.CfnRefElement
getRef
Methods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
Methods inherited from class software.constructs.Construct
getNode, isConstruct
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnVirtualNode
protected CfnVirtualNode(software.amazon.jsii.JsiiObjectRef objRef) -
CfnVirtualNode
protected CfnVirtualNode(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnVirtualNode
@Stability(Stable) public CfnVirtualNode(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnVirtualNodeProps props) - Parameters:
scope
- Scope in which this resource is defined. This parameter is required.id
- Construct identifier for this resource (unique in its scope). This parameter is required.props
- Resource properties. This parameter is required.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspect
in interfaceIInspectable
- Parameters:
inspector
- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderProperties
in classCfnResource
- Parameters:
props
- This parameter is required.
-
getAttrArn
The full Amazon Resource Name (ARN) for the virtual node. -
getAttrId
-
getAttrMeshName
The name of the service mesh that the virtual node resides in. -
getAttrMeshOwner
The AWS IAM account ID of the service mesh owner.If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with Shared Meshes .
-
getAttrResourceOwner
The AWS IAM account ID of the resource owner.If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with Shared Meshes .
-
getAttrUid
The unique identifier for the virtual node. -
getAttrVirtualNodeName
The name of the virtual node. -
getCfnProperties
- Overrides:
getCfnProperties
in classCfnResource
-
getTags
Tag Manager which manages the tags for this resource. -
getMeshName
The name of the service mesh to create the virtual node in. -
setMeshName
The name of the service mesh to create the virtual node in. -
getSpec
The virtual node specification to apply. -
setSpec
The virtual node specification to apply. -
setSpec
The virtual node specification to apply. -
getMeshOwner
The AWS IAM account ID of the service mesh owner. -
setMeshOwner
The AWS IAM account ID of the service mesh owner. -
getTagsRaw
Optional metadata that you can apply to the virtual node to assist with categorization and organization. -
setTagsRaw
Optional metadata that you can apply to the virtual node to assist with categorization and organization. -
getVirtualNodeName
The name to use for the virtual node. -
setVirtualNodeName
The name to use for the virtual node.
-