Interface TlsClientPolicy
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
TlsClientPolicy.Jsii$Proxy
@Generated(value="jsii-pacmak/1.103.1 (build bef2dea)",
date="2024-10-11T15:55:53.246Z")
@Stability(Stable)
public interface TlsClientPolicy
extends software.amazon.jsii.JsiiSerializable
Represents the properties needed to define client policy.
Example:
Mesh mesh; Service service; VirtualNode node = VirtualNode.Builder.create(this, "node") .mesh(mesh) .serviceDiscovery(ServiceDiscovery.cloudMap(service)) .listeners(List.of(VirtualNodeListener.http(HttpVirtualNodeListenerOptions.builder() .port(8080) .healthCheck(HealthCheck.http(HttpHealthCheckOptions.builder() .healthyThreshold(3) .interval(Duration.seconds(5)) .path("/ping") .timeout(Duration.seconds(2)) .unhealthyThreshold(2) .build())) .timeout(HttpTimeout.builder() .idle(Duration.seconds(5)) .build()) .build()))) .backendDefaults(BackendDefaults.builder() .tlsClientPolicy(TlsClientPolicy.builder() .validation(TlsValidation.builder() .trust(TlsValidationTrust.file("/keys/local_cert_chain.pem")) .build()) .build()) .build()) .accessLog(AccessLog.fromFilePath("/dev/stdout")) .build(); Tags.of(node).add("Environment", "Dev");
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forTlsClientPolicy
static final class
An implementation forTlsClientPolicy
-
Method Summary
Modifier and TypeMethodDescriptionstatic TlsClientPolicy.Builder
builder()
default Boolean
Whether the policy is enforced.default MutualTlsCertificate
Represents a client TLS certificate.getPorts()
TLS is enforced on the ports specified here.Represents the object for TLS validation context.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getValidation
Represents the object for TLS validation context. -
getEnforce
Whether the policy is enforced.Default: true
-
getMutualTlsCertificate
Represents a client TLS certificate.The certificate will be sent only if the server requests it, enabling mutual TLS.
Default: - client TLS certificate is not provided
-
getPorts
TLS is enforced on the ports specified here.If no ports are specified, TLS will be enforced on all the ports.
Default: - all ports
-
builder
- Returns:
- a
TlsClientPolicy.Builder
ofTlsClientPolicy
-