CfnVirtualNode
- class aws_cdk.aws_appmesh.CfnVirtualNode(scope, id, *, mesh_name, spec, mesh_owner=None, tags=None, virtual_node_name=None)
Bases:
CfnResourceCreates a virtual node within a service mesh.
A virtual node acts as a logical pointer to a particular task group, such as an Amazon ECS service or a Kubernetes deployment. When you create a virtual node, you can specify the service discovery information for your task group, and whether the proxy running in a task group will communicate with other proxies using Transport Layer Security (TLS).
You define a
listenerfor any inbound traffic that your virtual node expects. Any virtual service that your virtual node expects to communicate to is specified as abackend.The response metadata for your new virtual node contains the
arnthat is associated with the virtual node. Set this value to the full ARN; for example,arn:aws:appmesh:us-west-2:123456789012:myMesh/default/virtualNode/myApp) as theAPPMESH_RESOURCE_ARNenvironment variable for your task group’s Envoy proxy container in your task definition or pod spec. This is then mapped to thenode.idandnode.clusterEnvoy parameters. .. epigraph:By default, App Mesh uses the name of the resource you specified in ``APPMESH_RESOURCE_ARN`` when Envoy is referring to itself in metrics and traces. You can override this behavior by setting the ``APPMESH_RESOURCE_CLUSTER`` environment variable with your own name.
For more information about virtual nodes, see Virtual nodes . You must be using
1.15.0or later of the Envoy image when setting these variables. For more information aboutApp Mesh Envoy variables, see Envoy image in the AWS App Mesh User Guide.- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appmesh-virtualnode.html
- CloudformationResource:
AWS::AppMesh::VirtualNode
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh cfn_virtual_node = appmesh.CfnVirtualNode(self, "MyCfnVirtualNode", mesh_name="meshName", spec=appmesh.CfnVirtualNode.VirtualNodeSpecProperty( backend_defaults=appmesh.CfnVirtualNode.BackendDefaultsProperty( client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ), backends=[appmesh.CfnVirtualNode.BackendProperty( virtual_service=appmesh.CfnVirtualNode.VirtualServiceBackendProperty( virtual_service_name="virtualServiceName", # the properties below are optional client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ) )], listeners=[appmesh.CfnVirtualNode.ListenerProperty( port_mapping=appmesh.CfnVirtualNode.PortMappingProperty( port=123, protocol="protocol" ), # the properties below are optional connection_pool=appmesh.CfnVirtualNode.VirtualNodeConnectionPoolProperty( grpc=appmesh.CfnVirtualNode.VirtualNodeGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualNode.VirtualNodeHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualNode.VirtualNodeHttp2ConnectionPoolProperty( max_requests=123 ), tcp=appmesh.CfnVirtualNode.VirtualNodeTcpConnectionPoolProperty( max_connections=123 ) ), health_check=appmesh.CfnVirtualNode.HealthCheckProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 ), outlier_detection=appmesh.CfnVirtualNode.OutlierDetectionProperty( base_ejection_duration=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), interval=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), max_ejection_percent=123, max_server_errors=123 ), timeout=appmesh.CfnVirtualNode.ListenerTimeoutProperty( grpc=appmesh.CfnVirtualNode.GrpcTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http2=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), tcp=appmesh.CfnVirtualNode.TcpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ) ), tls=appmesh.CfnVirtualNode.ListenerTlsProperty( certificate=appmesh.CfnVirtualNode.ListenerTlsCertificateProperty( acm=appmesh.CfnVirtualNode.ListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualNode.ListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualNode.ListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) ) )], logging=appmesh.CfnVirtualNode.LoggingProperty( access_log=appmesh.CfnVirtualNode.AccessLogProperty( file=appmesh.CfnVirtualNode.FileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualNode.LoggingFormatProperty( json=[appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) ) ), service_discovery=appmesh.CfnVirtualNode.ServiceDiscoveryProperty( aws_cloud_map=appmesh.CfnVirtualNode.AwsCloudMapServiceDiscoveryProperty( namespace_name="namespaceName", service_name="serviceName", # the properties below are optional attributes=[appmesh.CfnVirtualNode.AwsCloudMapInstanceAttributeProperty( key="key", value="value" )], ip_preference="ipPreference" ), dns=appmesh.CfnVirtualNode.DnsServiceDiscoveryProperty( hostname="hostname", # the properties below are optional ip_preference="ipPreference", response_type="responseType" ) ) ), # the properties below are optional mesh_owner="meshOwner", tags=[CfnTag( key="key", value="value" )], virtual_node_name="virtualNodeName" )
- Parameters:
scope (
Construct) – Scope in which this resource is defined.id (
str) – Construct identifier for this resource (unique in its scope).mesh_name (
str) – The name of the service mesh to create the virtual node in.spec (
Union[IResolvable,VirtualNodeSpecProperty,Dict[str,Any]]) – The virtual node specification to apply.mesh_owner (
Optional[str]) – The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes .tags (
Optional[Sequence[Union[CfnTag,Dict[str,Any]]]]) – Optional metadata that you can apply to the virtual node to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.virtual_node_name (
Optional[str]) – The name to use for the virtual node.
Methods
- add_deletion_override(path)
Syntactic sugar for
addOverride(path, undefined).- Parameters:
path (
str) – The path of the value to delete.- Return type:
None
- add_dependency(target)
Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
This can be used for resources across stacks (or nested stack) boundaries and the dependency will automatically be transferred to the relevant scope.
- Parameters:
target (
CfnResource) –- Return type:
None
- add_depends_on(target)
(deprecated) Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
- Parameters:
target (
CfnResource) –- Deprecated:
use addDependency
- Stability:
deprecated
- Return type:
None
- add_metadata(key, value)
Add a value to the CloudFormation Resource Metadata.
- Parameters:
key (
str) –value (
Any) –
- See:
- Return type:
None
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.
- add_override(path, value)
Adds an override to the synthesized CloudFormation resource.
To add a property override, either use
addPropertyOverrideor prefixpathwith “Properties.” (i.e.Properties.TopicName).If the override is nested, separate each nested level using a dot (.) in the path parameter. If there is an array as part of the nesting, specify the index in the path.
To include a literal
.in the property name, prefix with a\. In most programming languages you will need to write this as"\\."because the\itself will need to be escaped.For example:
cfn_resource.add_override("Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes", ["myattribute"]) cfn_resource.add_override("Properties.GlobalSecondaryIndexes.1.ProjectionType", "INCLUDE")
would add the overrides Example:
"Properties": { "GlobalSecondaryIndexes": [ { "Projection": { "NonKeyAttributes": [ "myattribute" ] ... } ... }, { "ProjectionType": "INCLUDE" ... }, ] ... }
The
valueargument toaddOverridewill not be processed or translated in any way. Pass raw JSON values in here with the correct capitalization for CloudFormation. If you pass CDK classes or structs, they will be rendered with lowercased key names, and CloudFormation will reject the template.- Parameters:
path (
str) –The path of the property, you can use dot notation to override values in complex types. Any intermediate keys will be created as needed.
value (
Any) –The value. Could be primitive or complex.
- Return type:
None
- add_property_deletion_override(property_path)
Adds an override that deletes the value of a property from the resource definition.
- Parameters:
property_path (
str) – The path to the property.- Return type:
None
- add_property_override(property_path, value)
Adds an override to a resource property.
Syntactic sugar for
addOverride("Properties.<...>", value).- Parameters:
property_path (
str) – The path of the property.value (
Any) – The value.
- Return type:
None
- apply_removal_policy(policy=None, *, apply_to_update_replace_policy=None, default=None)
Sets the deletion policy of the resource based on the removal policy specified.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.
The resource can be deleted (
RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN). In some cases, a snapshot can be taken of the resource prior to deletion (RemovalPolicy.SNAPSHOT). A list of resources that support this policy can be found in the following link:- Parameters:
policy (
Optional[RemovalPolicy]) –apply_to_update_replace_policy (
Optional[bool]) – Apply the same deletion policy to the resource’s “UpdateReplacePolicy”. Default: truedefault (
Optional[RemovalPolicy]) – The default policy to apply in case the removal policy is not defined. Default: - Default value is resource specific. To determine the default value for a resource, please consult that specific resource’s documentation.
- See:
- Return type:
None
- get_att(attribute_name, type_hint=None)
Returns a token for an runtime attribute of this resource.
Ideally, use generated attribute accessors (e.g.
resource.arn), but this can be used for future compatibility in case there is no generated attribute.- Parameters:
attribute_name (
str) – The name of the attribute.type_hint (
Optional[ResolutionTypeHint]) –
- Return type:
- get_metadata(key)
Retrieve a value value from the CloudFormation Resource Metadata.
- Parameters:
key (
str) –- See:
- Return type:
Any
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.
- inspect(inspector)
Examines the CloudFormation resource and discloses attributes.
- Parameters:
inspector (
TreeInspector) – tree inspector to collect and process attributes.- Return type:
None
- obtain_dependencies()
Retrieves an array of resources this resource depends on.
This assembles dependencies on resources across stacks (including nested stacks) automatically.
- Return type:
List[Union[Stack,CfnResource]]
- obtain_resource_dependencies()
Get a shallow copy of dependencies between this resource and other resources in the same stack.
- Return type:
List[CfnResource]
- override_logical_id(new_logical_id)
Overrides the auto-generated logical ID with a specific ID.
- Parameters:
new_logical_id (
str) – The new logical ID to use for this stack element.- Return type:
None
- remove_dependency(target)
Indicates that this resource no longer depends on another resource.
This can be used for resources across stacks (including nested stacks) and the dependency will automatically be removed from the relevant scope.
- Parameters:
target (
CfnResource) –- Return type:
None
- replace_dependency(target, new_target)
Replaces one dependency with another.
- Parameters:
target (
CfnResource) – The dependency to replace.new_target (
CfnResource) – The new dependency to add.
- Return type:
None
- to_string()
Returns a string representation of this construct.
- Return type:
str- Returns:
a string representation of this resource
Attributes
- CFN_RESOURCE_TYPE_NAME = 'AWS::AppMesh::VirtualNode'
- attr_arn
The full Amazon Resource Name (ARN) for the virtual node.
- CloudformationAttribute:
Arn
- attr_id
Id
- Type:
cloudformationAttribute
- attr_mesh_name
The name of the service mesh that the virtual node resides in.
- CloudformationAttribute:
MeshName
- attr_mesh_owner
The AWS IAM account ID of the service mesh owner.
If the account ID is not your own, then it’s the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with Shared Meshes .
- CloudformationAttribute:
MeshOwner
- attr_resource_owner
The AWS IAM account ID of the resource owner.
If the account ID is not your own, then it’s the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with Shared Meshes .
- CloudformationAttribute:
ResourceOwner
- attr_uid
The unique identifier for the virtual node.
- CloudformationAttribute:
Uid
- attr_virtual_node_name
The name of the virtual node.
- CloudformationAttribute:
VirtualNodeName
- cfn_options
Options for this resource, such as condition, update policy etc.
- cfn_resource_type
AWS resource type.
- creation_stack
return:
the stack trace of the point where this Resource was created from, sourced from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most node +internal+ entries filtered.
- logical_id
The logical ID for this CloudFormation stack element.
The logical ID of the element is calculated from the path of the resource node in the construct tree.
To override this value, use
overrideLogicalId(newLogicalId).- Returns:
the logical ID as a stringified token. This value will only get resolved during synthesis.
- mesh_name
The name of the service mesh to create the virtual node in.
- mesh_owner
The AWS IAM account ID of the service mesh owner.
- node
The tree node.
- ref
Return a string that will be resolved to a CloudFormation
{ Ref }for this element.If, by any chance, the intrinsic reference of a resource is not a string, you could coerce it to an IResolvable through
Lazy.any({ produce: resource.ref }).
- spec
The virtual node specification to apply.
- stack
The stack in which this element is defined.
CfnElements must be defined within a stack scope (directly or indirectly).
- tags
Tag Manager which manages the tags for this resource.
- tags_raw
Optional metadata that you can apply to the virtual node to assist with categorization and organization.
- virtual_node_name
The name to use for the virtual node.
Static Methods
- classmethod is_cfn_element(x)
Returns
trueif a construct is a stack element (i.e. part of the synthesized cloudformation template).Uses duck-typing instead of
instanceofto allow stack elements from different versions of this library to be included in the same stack.- Parameters:
x (
Any) –- Return type:
bool- Returns:
The construct as a stack element or undefined if it is not a stack element.
- classmethod is_cfn_resource(x)
Check whether the given object is a CfnResource.
- Parameters:
x (
Any) –- Return type:
bool
- classmethod is_construct(x)
Checks if
xis a construct.Use this method instead of
instanceofto properly detectConstructinstances, even when the construct library is symlinked.Explanation: in JavaScript, multiple copies of the
constructslibrary on disk are seen as independent, completely different libraries. As a consequence, the classConstructin each copy of theconstructslibrary is seen as a different class, and an instance of one class will not test asinstanceofthe other class.npm installwill not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of theconstructslibrary can be accidentally installed, andinstanceofwill behave unpredictably. It is safest to avoid usinginstanceof, and using this type-testing method instead.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsConstruct.
AccessLogProperty
- class CfnVirtualNode.AccessLogProperty(*, file=None)
Bases:
objectAn object that represents the access logging information for a virtual node.
- Parameters:
file (
Union[IResolvable,FileAccessLogProperty,Dict[str,Any],None]) – The file object to send virtual node access logs to.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh access_log_property = appmesh.CfnVirtualNode.AccessLogProperty( file=appmesh.CfnVirtualNode.FileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualNode.LoggingFormatProperty( json=[appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) )
Attributes
- file
The file object to send virtual node access logs to.
AwsCloudMapInstanceAttributeProperty
- class CfnVirtualNode.AwsCloudMapInstanceAttributeProperty(*, key, value)
Bases:
objectAn object that represents the AWS Cloud Map attribute information for your virtual node.
AWS Cloud Map is not available in the eu-south-1 Region.
- Parameters:
key (
str) – The name of an AWS Cloud Map service instance attribute key. Any AWS Cloud Map service instance that contains the specified key and value is returned.value (
str) – The value of an AWS Cloud Map service instance attribute key. Any AWS Cloud Map service instance that contains the specified key and value is returned.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh aws_cloud_map_instance_attribute_property = appmesh.CfnVirtualNode.AwsCloudMapInstanceAttributeProperty( key="key", value="value" )
Attributes
- key
The name of an AWS Cloud Map service instance attribute key.
Any AWS Cloud Map service instance that contains the specified key and value is returned.
- value
The value of an AWS Cloud Map service instance attribute key.
Any AWS Cloud Map service instance that contains the specified key and value is returned.
AwsCloudMapServiceDiscoveryProperty
- class CfnVirtualNode.AwsCloudMapServiceDiscoveryProperty(*, namespace_name, service_name, attributes=None, ip_preference=None)
Bases:
objectAn object that represents the AWS Cloud Map service discovery information for your virtual node.
AWS Cloud Map is not available in the eu-south-1 Region.
- Parameters:
namespace_name (
str) – The HTTP name of the AWS Cloud Map namespace to use.service_name (
str) – The name of the AWS Cloud Map service to use.attributes (
Union[IResolvable,Sequence[Union[IResolvable,AwsCloudMapInstanceAttributeProperty,Dict[str,Any]]],None]) – A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned.ip_preference (
Optional[str]) – The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh aws_cloud_map_service_discovery_property = appmesh.CfnVirtualNode.AwsCloudMapServiceDiscoveryProperty( namespace_name="namespaceName", service_name="serviceName", # the properties below are optional attributes=[appmesh.CfnVirtualNode.AwsCloudMapInstanceAttributeProperty( key="key", value="value" )], ip_preference="ipPreference" )
Attributes
- attributes
A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance.
Only instances that match all of the specified key/value pairs will be returned.
- ip_preference
The preferred IP version that this virtual node uses.
Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
- namespace_name
The HTTP name of the AWS Cloud Map namespace to use.
- service_name
The name of the AWS Cloud Map service to use.
BackendDefaultsProperty
- class CfnVirtualNode.BackendDefaultsProperty(*, client_policy=None)
Bases:
objectAn object that represents the default properties for a backend.
- Parameters:
client_policy (
Union[IResolvable,ClientPolicyProperty,Dict[str,Any],None]) – A reference to an object that represents a client policy.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh backend_defaults_property = appmesh.CfnVirtualNode.BackendDefaultsProperty( client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) )
Attributes
- client_policy
A reference to an object that represents a client policy.
BackendProperty
- class CfnVirtualNode.BackendProperty(*, virtual_service=None)
Bases:
objectAn object that represents the backends that a virtual node is expected to send outbound traffic to.
- Parameters:
virtual_service (
Union[IResolvable,VirtualServiceBackendProperty,Dict[str,Any],None]) – Specifies a virtual service to use as a backend.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh backend_property = appmesh.CfnVirtualNode.BackendProperty( virtual_service=appmesh.CfnVirtualNode.VirtualServiceBackendProperty( virtual_service_name="virtualServiceName", # the properties below are optional client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ) )
Attributes
- virtual_service
Specifies a virtual service to use as a backend.
ClientPolicyProperty
- class CfnVirtualNode.ClientPolicyProperty(*, tls=None)
Bases:
objectAn object that represents a client policy.
- Parameters:
tls (
Union[IResolvable,ClientPolicyTlsProperty,Dict[str,Any],None]) – A reference to an object that represents a Transport Layer Security (TLS) client policy.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh client_policy_property = appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) )
Attributes
- tls
A reference to an object that represents a Transport Layer Security (TLS) client policy.
ClientPolicyTlsProperty
- class CfnVirtualNode.ClientPolicyTlsProperty(*, validation, certificate=None, enforce=None, ports=None)
Bases:
objectA reference to an object that represents a Transport Layer Security (TLS) client policy.
- Parameters:
validation (
Union[IResolvable,TlsValidationContextProperty,Dict[str,Any]]) – A reference to an object that represents a TLS validation context.certificate (
Union[IResolvable,ClientTlsCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a client’s TLS certificate.enforce (
Union[bool,IResolvable,None]) – Whether the policy is enforced. The default isTrue, if a value isn’t specified.ports (
Union[IResolvable,Sequence[Union[int,float]],None]) – One or more ports that the policy is enforced for.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh client_policy_tls_property = appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] )
Attributes
- certificate
A reference to an object that represents a client’s TLS certificate.
- enforce
Whether the policy is enforced.
The default is
True, if a value isn’t specified.
- ports
One or more ports that the policy is enforced for.
- validation
A reference to an object that represents a TLS validation context.
ClientTlsCertificateProperty
- class CfnVirtualNode.ClientTlsCertificateProperty(*, file=None, sds=None)
Bases:
objectAn object that represents the client’s certificate.
- Parameters:
file (
Union[IResolvable,ListenerTlsFileCertificateProperty,Dict[str,Any],None]) – An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .sds (
Union[IResolvable,ListenerTlsSdsCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a client’s TLS Secret Discovery Service certificate.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh client_tls_certificate_property = appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) )
Attributes
- file
An object that represents a local file certificate.
The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
- sds
A reference to an object that represents a client’s TLS Secret Discovery Service certificate.
DnsServiceDiscoveryProperty
- class CfnVirtualNode.DnsServiceDiscoveryProperty(*, hostname, ip_preference=None, response_type=None)
Bases:
objectAn object that represents the DNS service discovery information for your virtual node.
- Parameters:
hostname (
str) – Specifies the DNS service discovery hostname for the virtual node.ip_preference (
Optional[str]) – The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.response_type (
Optional[str]) – Specifies the DNS response type for the virtual node.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh dns_service_discovery_property = appmesh.CfnVirtualNode.DnsServiceDiscoveryProperty( hostname="hostname", # the properties below are optional ip_preference="ipPreference", response_type="responseType" )
Attributes
- hostname
Specifies the DNS service discovery hostname for the virtual node.
- ip_preference
The preferred IP version that this virtual node uses.
Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
- response_type
Specifies the DNS response type for the virtual node.
DurationProperty
- class CfnVirtualNode.DurationProperty(*, unit, value)
Bases:
objectAn object that represents a duration of time.
- Parameters:
unit (
str) – A unit of time.value (
Union[int,float]) – A number of time units.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh duration_property = appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 )
Attributes
- unit
A unit of time.
FileAccessLogProperty
- class CfnVirtualNode.FileAccessLogProperty(*, path, format=None)
Bases:
objectAn object that represents an access log file.
- Parameters:
path (
str) – The file path to write access logs to. You can use/dev/stdoutto send access logs to standard out and configure your Envoy container to use a log driver, such asawslogs, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container’s file system to write the files to disk. .. epigraph:: The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.format (
Union[IResolvable,LoggingFormatProperty,Dict[str,Any],None]) – The specified format for the logs. The format is eitherjson_formatortext_format.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh file_access_log_property = appmesh.CfnVirtualNode.FileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualNode.LoggingFormatProperty( json=[appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )], text="text" ) )
Attributes
- format
The specified format for the logs.
The format is either
json_formatortext_format.
- path
The file path to write access logs to.
You can use
/dev/stdoutto send access logs to standard out and configure your Envoy container to use a log driver, such asawslogs, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container’s file system to write the files to disk. .. epigraph:The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.
GrpcTimeoutProperty
- class CfnVirtualNode.GrpcTimeoutProperty(*, idle=None, per_request=None)
Bases:
objectAn object that represents types of timeouts.
- Parameters:
idle (
Union[IResolvable,DurationProperty,Dict[str,Any],None]) – An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.per_request (
Union[IResolvable,DurationProperty,Dict[str,Any],None]) – An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh grpc_timeout_property = appmesh.CfnVirtualNode.GrpcTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) )
Attributes
- idle
An object that represents an idle timeout.
An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
- per_request
An object that represents a per request timeout.
The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
HealthCheckProperty
- class CfnVirtualNode.HealthCheckProperty(*, healthy_threshold, interval_millis, protocol, timeout_millis, unhealthy_threshold, path=None, port=None)
Bases:
objectAn object that represents the health check policy for a virtual node’s listener.
- Parameters:
healthy_threshold (
Union[int,float]) – The number of consecutive successful health checks that must occur before declaring listener healthy.interval_millis (
Union[int,float]) – The time period in milliseconds between each health check execution.protocol (
str) – The protocol for the health check request. If you specifygrpc, then your service must conform to the GRPC Health Checking Protocol .timeout_millis (
Union[int,float]) – The amount of time to wait when receiving a response from the health check, in milliseconds.unhealthy_threshold (
Union[int,float]) – The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.path (
Optional[str]) – The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.port (
Union[int,float,None]) – The destination port for the health check request. This port must match the port defined in thePortMappingfor the listener.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh health_check_property = appmesh.CfnVirtualNode.HealthCheckProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 )
Attributes
- healthy_threshold
The number of consecutive successful health checks that must occur before declaring listener healthy.
- interval_millis
The time period in milliseconds between each health check execution.
- path
The destination path for the health check request.
This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.
- port
The destination port for the health check request.
This port must match the port defined in the
PortMappingfor the listener.
- protocol
The protocol for the health check request.
If you specify
grpc, then your service must conform to the GRPC Health Checking Protocol .
- timeout_millis
The amount of time to wait when receiving a response from the health check, in milliseconds.
- unhealthy_threshold
The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.
HttpTimeoutProperty
- class CfnVirtualNode.HttpTimeoutProperty(*, idle=None, per_request=None)
Bases:
objectAn object that represents types of timeouts.
- Parameters:
idle (
Union[IResolvable,DurationProperty,Dict[str,Any],None]) – An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.per_request (
Union[IResolvable,DurationProperty,Dict[str,Any],None]) – An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh http_timeout_property = appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) )
Attributes
- idle
An object that represents an idle timeout.
An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
- per_request
An object that represents a per request timeout.
The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
JsonFormatRefProperty
- class CfnVirtualNode.JsonFormatRefProperty(*, key, value)
Bases:
objectAn object that represents the key value pairs for the JSON.
- Parameters:
key (
str) – The specified key for the JSON.value (
str) – The specified value for the JSON.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh json_format_ref_property = appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )
Attributes
- key
The specified key for the JSON.
- value
The specified value for the JSON.
ListenerProperty
- class CfnVirtualNode.ListenerProperty(*, port_mapping, connection_pool=None, health_check=None, outlier_detection=None, timeout=None, tls=None)
Bases:
objectAn object that represents a listener for a virtual node.
- Parameters:
port_mapping (
Union[IResolvable,PortMappingProperty,Dict[str,Any]]) – The port mapping information for the listener.connection_pool (
Union[IResolvable,VirtualNodeConnectionPoolProperty,Dict[str,Any],None]) – The connection pool information for the listener.health_check (
Union[IResolvable,HealthCheckProperty,Dict[str,Any],None]) – The health check information for the listener.outlier_detection (
Union[IResolvable,OutlierDetectionProperty,Dict[str,Any],None]) – The outlier detection information for the listener.timeout (
Union[IResolvable,ListenerTimeoutProperty,Dict[str,Any],None]) – An object that represents timeouts for different protocols.tls (
Union[IResolvable,ListenerTlsProperty,Dict[str,Any],None]) – A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_property = appmesh.CfnVirtualNode.ListenerProperty( port_mapping=appmesh.CfnVirtualNode.PortMappingProperty( port=123, protocol="protocol" ), # the properties below are optional connection_pool=appmesh.CfnVirtualNode.VirtualNodeConnectionPoolProperty( grpc=appmesh.CfnVirtualNode.VirtualNodeGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualNode.VirtualNodeHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualNode.VirtualNodeHttp2ConnectionPoolProperty( max_requests=123 ), tcp=appmesh.CfnVirtualNode.VirtualNodeTcpConnectionPoolProperty( max_connections=123 ) ), health_check=appmesh.CfnVirtualNode.HealthCheckProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 ), outlier_detection=appmesh.CfnVirtualNode.OutlierDetectionProperty( base_ejection_duration=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), interval=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), max_ejection_percent=123, max_server_errors=123 ), timeout=appmesh.CfnVirtualNode.ListenerTimeoutProperty( grpc=appmesh.CfnVirtualNode.GrpcTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http2=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), tcp=appmesh.CfnVirtualNode.TcpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ) ), tls=appmesh.CfnVirtualNode.ListenerTlsProperty( certificate=appmesh.CfnVirtualNode.ListenerTlsCertificateProperty( acm=appmesh.CfnVirtualNode.ListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualNode.ListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualNode.ListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) ) )
Attributes
- connection_pool
The connection pool information for the listener.
- health_check
The health check information for the listener.
- outlier_detection
The outlier detection information for the listener.
- port_mapping
The port mapping information for the listener.
- timeout
An object that represents timeouts for different protocols.
- tls
A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.
ListenerTimeoutProperty
- class CfnVirtualNode.ListenerTimeoutProperty(*, grpc=None, http=None, http2=None, tcp=None)
Bases:
objectAn object that represents timeouts for different protocols.
- Parameters:
grpc (
Union[IResolvable,GrpcTimeoutProperty,Dict[str,Any],None]) – An object that represents types of timeouts.http (
Union[IResolvable,HttpTimeoutProperty,Dict[str,Any],None]) – An object that represents types of timeouts.http2 (
Union[IResolvable,HttpTimeoutProperty,Dict[str,Any],None]) – An object that represents types of timeouts.tcp (
Union[IResolvable,TcpTimeoutProperty,Dict[str,Any],None]) – An object that represents types of timeouts.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_timeout_property = appmesh.CfnVirtualNode.ListenerTimeoutProperty( grpc=appmesh.CfnVirtualNode.GrpcTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http2=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), tcp=appmesh.CfnVirtualNode.TcpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ) )
Attributes
- grpc
An object that represents types of timeouts.
- http
An object that represents types of timeouts.
- http2
An object that represents types of timeouts.
- tcp
An object that represents types of timeouts.
ListenerTlsAcmCertificateProperty
- class CfnVirtualNode.ListenerTlsAcmCertificateProperty(*, certificate_arn)
Bases:
objectAn object that represents an AWS Certificate Manager certificate.
- Parameters:
certificate_arn (
str) –The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_acm_certificate_property = appmesh.CfnVirtualNode.ListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" )
Attributes
- certificate_arn
The Amazon Resource Name (ARN) for the certificate.
The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
ListenerTlsCertificateProperty
- class CfnVirtualNode.ListenerTlsCertificateProperty(*, acm=None, file=None, sds=None)
Bases:
objectAn object that represents a listener’s Transport Layer Security (TLS) certificate.
- Parameters:
acm (
Union[IResolvable,ListenerTlsAcmCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents an AWS Certificate Manager certificate.file (
Union[IResolvable,ListenerTlsFileCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a local file certificate.sds (
Union[IResolvable,ListenerTlsSdsCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a listener’s Secret Discovery Service certificate.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_certificate_property = appmesh.CfnVirtualNode.ListenerTlsCertificateProperty( acm=appmesh.CfnVirtualNode.ListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) )
Attributes
- acm
A reference to an object that represents an AWS Certificate Manager certificate.
- file
A reference to an object that represents a local file certificate.
- sds
A reference to an object that represents a listener’s Secret Discovery Service certificate.
ListenerTlsFileCertificateProperty
- class CfnVirtualNode.ListenerTlsFileCertificateProperty(*, certificate_chain, private_key)
Bases:
objectAn object that represents a local file certificate.
The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
- Parameters:
certificate_chain (
str) – The certificate chain for the certificate.private_key (
str) – The private key for a certificate stored on the file system of the virtual node that the proxy is running on.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_file_certificate_property = appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" )
Attributes
- certificate_chain
The certificate chain for the certificate.
- private_key
The private key for a certificate stored on the file system of the virtual node that the proxy is running on.
ListenerTlsProperty
- class CfnVirtualNode.ListenerTlsProperty(*, certificate, mode, validation=None)
Bases:
objectAn object that represents the Transport Layer Security (TLS) properties for a listener.
- Parameters:
certificate (
Union[IResolvable,ListenerTlsCertificateProperty,Dict[str,Any]]) – A reference to an object that represents a listener’s Transport Layer Security (TLS) certificate.mode (
str) – Specify one of the following modes. - ** STRICT – Listener only accepts connections with TLS enabled. - ** PERMISSIVE – Listener accepts connections with or without TLS enabled. - ** DISABLED – Listener only accepts connections without TLS.validation (
Union[IResolvable,ListenerTlsValidationContextProperty,Dict[str,Any],None]) – A reference to an object that represents a listener’s Transport Layer Security (TLS) validation context.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_property = appmesh.CfnVirtualNode.ListenerTlsProperty( certificate=appmesh.CfnVirtualNode.ListenerTlsCertificateProperty( acm=appmesh.CfnVirtualNode.ListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualNode.ListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualNode.ListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) )
Attributes
- certificate
A reference to an object that represents a listener’s Transport Layer Security (TLS) certificate.
- mode
Specify one of the following modes.
** STRICT – Listener only accepts connections with TLS enabled.
** PERMISSIVE – Listener accepts connections with or without TLS enabled.
** DISABLED – Listener only accepts connections without TLS.
- validation
A reference to an object that represents a listener’s Transport Layer Security (TLS) validation context.
ListenerTlsSdsCertificateProperty
- class CfnVirtualNode.ListenerTlsSdsCertificateProperty(*, secret_name)
Bases:
objectAn object that represents the listener’s Secret Discovery Service certificate.
The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh TLS documentation for more info.
- Parameters:
secret_name (
str) – A reference to an object that represents the name of the secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_sds_certificate_property = appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" )
Attributes
- secret_name
A reference to an object that represents the name of the secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.
ListenerTlsValidationContextProperty
- class CfnVirtualNode.ListenerTlsValidationContextProperty(*, trust, subject_alternative_names=None)
Bases:
objectAn object that represents a listener’s Transport Layer Security (TLS) validation context.
- Parameters:
trust (
Union[IResolvable,ListenerTlsValidationContextTrustProperty,Dict[str,Any]]) – A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.subject_alternative_names (
Union[IResolvable,SubjectAlternativeNamesProperty,Dict[str,Any],None]) – A reference to an object that represents the SANs for a listener’s Transport Layer Security (TLS) validation context.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_validation_context_property = appmesh.CfnVirtualNode.ListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualNode.ListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) )
Attributes
- subject_alternative_names
A reference to an object that represents the SANs for a listener’s Transport Layer Security (TLS) validation context.
- trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
ListenerTlsValidationContextTrustProperty
- class CfnVirtualNode.ListenerTlsValidationContextTrustProperty(*, file=None, sds=None)
Bases:
objectAn object that represents a listener’s Transport Layer Security (TLS) validation context trust.
- Parameters:
file (
Union[IResolvable,TlsValidationContextFileTrustProperty,Dict[str,Any],None]) – An object that represents a Transport Layer Security (TLS) validation context trust for a local file.sds (
Union[IResolvable,TlsValidationContextSdsTrustProperty,Dict[str,Any],None]) – A reference to an object that represents a listener’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh listener_tls_validation_context_trust_property = appmesh.CfnVirtualNode.ListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) )
Attributes
- file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
- sds
A reference to an object that represents a listener’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
LoggingFormatProperty
- class CfnVirtualNode.LoggingFormatProperty(*, json=None, text=None)
Bases:
objectAn object that represents the format for the logs.
- Parameters:
json (
Union[IResolvable,Sequence[Union[IResolvable,JsonFormatRefProperty,Dict[str,Any]]],None]) – The logging format for JSON.text (
Optional[str]) – The logging format for text.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh logging_format_property = appmesh.CfnVirtualNode.LoggingFormatProperty( json=[appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )], text="text" )
Attributes
- json
The logging format for JSON.
LoggingProperty
- class CfnVirtualNode.LoggingProperty(*, access_log=None)
Bases:
objectAn object that represents the logging information for a virtual node.
- Parameters:
access_log (
Union[IResolvable,AccessLogProperty,Dict[str,Any],None]) – The access log configuration for a virtual node.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh logging_property = appmesh.CfnVirtualNode.LoggingProperty( access_log=appmesh.CfnVirtualNode.AccessLogProperty( file=appmesh.CfnVirtualNode.FileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualNode.LoggingFormatProperty( json=[appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) ) )
Attributes
- access_log
The access log configuration for a virtual node.
OutlierDetectionProperty
- class CfnVirtualNode.OutlierDetectionProperty(*, base_ejection_duration, interval, max_ejection_percent, max_server_errors)
Bases:
objectAn object that represents the outlier detection for a virtual node’s listener.
- Parameters:
base_ejection_duration (
Union[IResolvable,DurationProperty,Dict[str,Any]]) – The base amount of time for which a host is ejected.interval (
Union[IResolvable,DurationProperty,Dict[str,Any]]) – The time interval between ejection sweep analysis.max_ejection_percent (
Union[int,float]) – Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value.max_server_errors (
Union[int,float]) – Number of consecutive5xxerrors required for ejection.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh outlier_detection_property = appmesh.CfnVirtualNode.OutlierDetectionProperty( base_ejection_duration=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), interval=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), max_ejection_percent=123, max_server_errors=123 )
Attributes
- base_ejection_duration
The base amount of time for which a host is ejected.
- interval
The time interval between ejection sweep analysis.
- max_ejection_percent
Maximum percentage of hosts in load balancing pool for upstream service that can be ejected.
Will eject at least one host regardless of the value.
- max_server_errors
Number of consecutive
5xxerrors required for ejection.
PortMappingProperty
- class CfnVirtualNode.PortMappingProperty(*, port, protocol)
Bases:
objectAn object representing a virtual node or virtual router listener port mapping.
- Parameters:
port (
Union[int,float]) – The port used for the port mapping.protocol (
str) – The protocol used for the port mapping. Specifyhttp,http2,grpc, ortcp.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh port_mapping_property = appmesh.CfnVirtualNode.PortMappingProperty( port=123, protocol="protocol" )
Attributes
- port
The port used for the port mapping.
- protocol
The protocol used for the port mapping.
Specify
http,http2,grpc, ortcp.
ServiceDiscoveryProperty
- class CfnVirtualNode.ServiceDiscoveryProperty(*, aws_cloud_map=None, dns=None)
Bases:
objectAn object that represents the service discovery information for a virtual node.
- Parameters:
aws_cloud_map (
Union[IResolvable,AwsCloudMapServiceDiscoveryProperty,Dict[str,Any],None]) – Specifies any AWS Cloud Map information for the virtual node.dns (
Union[IResolvable,DnsServiceDiscoveryProperty,Dict[str,Any],None]) – Specifies the DNS information for the virtual node.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh service_discovery_property = appmesh.CfnVirtualNode.ServiceDiscoveryProperty( aws_cloud_map=appmesh.CfnVirtualNode.AwsCloudMapServiceDiscoveryProperty( namespace_name="namespaceName", service_name="serviceName", # the properties below are optional attributes=[appmesh.CfnVirtualNode.AwsCloudMapInstanceAttributeProperty( key="key", value="value" )], ip_preference="ipPreference" ), dns=appmesh.CfnVirtualNode.DnsServiceDiscoveryProperty( hostname="hostname", # the properties below are optional ip_preference="ipPreference", response_type="responseType" ) )
Attributes
- aws_cloud_map
Specifies any AWS Cloud Map information for the virtual node.
- dns
Specifies the DNS information for the virtual node.
SubjectAlternativeNameMatchersProperty
- class CfnVirtualNode.SubjectAlternativeNameMatchersProperty(*, exact=None)
Bases:
objectAn object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.
- Parameters:
exact (
Optional[Sequence[str]]) – The values sent must match the specified values exactly.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh subject_alternative_name_matchers_property = appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] )
Attributes
- exact
The values sent must match the specified values exactly.
SubjectAlternativeNamesProperty
- class CfnVirtualNode.SubjectAlternativeNamesProperty(*, match)
Bases:
objectAn object that represents the subject alternative names secured by the certificate.
- Parameters:
match (
Union[IResolvable,SubjectAlternativeNameMatchersProperty,Dict[str,Any]]) – An object that represents the criteria for determining a SANs match.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh subject_alternative_names_property = appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) )
Attributes
- match
An object that represents the criteria for determining a SANs match.
TcpTimeoutProperty
- class CfnVirtualNode.TcpTimeoutProperty(*, idle=None)
Bases:
objectAn object that represents types of timeouts.
- Parameters:
idle (
Union[IResolvable,DurationProperty,Dict[str,Any],None]) – An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh tcp_timeout_property = appmesh.CfnVirtualNode.TcpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) )
Attributes
- idle
An object that represents an idle timeout.
An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
TlsValidationContextAcmTrustProperty
- class CfnVirtualNode.TlsValidationContextAcmTrustProperty(*, certificate_authority_arns)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.
- Parameters:
certificate_authority_arns (
Sequence[str]) – One or more ACM Amazon Resource Name (ARN)s.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh tls_validation_context_acm_trust_property = appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] )
Attributes
- certificate_authority_arns
One or more ACM Amazon Resource Name (ARN)s.
TlsValidationContextFileTrustProperty
- class CfnVirtualNode.TlsValidationContextFileTrustProperty(*, certificate_chain)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context trust for a local file.
- Parameters:
certificate_chain (
str) – The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh tls_validation_context_file_trust_property = appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" )
Attributes
- certificate_chain
The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.
TlsValidationContextProperty
- class CfnVirtualNode.TlsValidationContextProperty(*, trust, subject_alternative_names=None)
Bases:
objectAn object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.
- Parameters:
trust (
Union[IResolvable,TlsValidationContextTrustProperty,Dict[str,Any]]) – A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.subject_alternative_names (
Union[IResolvable,SubjectAlternativeNamesProperty,Dict[str,Any],None]) – A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don’t specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn’t verify the SAN on a peer client certificate. If you don’t specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn’t match the service discovery name.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh tls_validation_context_property = appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) )
Attributes
- subject_alternative_names
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
If you don’t specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn’t verify the SAN on a peer client certificate. If you don’t specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn’t match the service discovery name.
- trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
TlsValidationContextSdsTrustProperty
- class CfnVirtualNode.TlsValidationContextSdsTrustProperty(*, secret_name)
Bases:
objectAn object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh TLS documentation for more info.
- Parameters:
secret_name (
str) – A reference to an object that represents the name of the secret for a Transport Layer Security (TLS) Secret Discovery Service validation context trust.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh tls_validation_context_sds_trust_property = appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" )
Attributes
- secret_name
A reference to an object that represents the name of the secret for a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
TlsValidationContextTrustProperty
- class CfnVirtualNode.TlsValidationContextTrustProperty(*, acm=None, file=None, sds=None)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context trust.
- Parameters:
acm (
Union[IResolvable,TlsValidationContextAcmTrustProperty,Dict[str,Any],None]) – A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.file (
Union[IResolvable,TlsValidationContextFileTrustProperty,Dict[str,Any],None]) – An object that represents a Transport Layer Security (TLS) validation context trust for a local file.sds (
Union[IResolvable,TlsValidationContextSdsTrustProperty,Dict[str,Any],None]) – A reference to an object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh tls_validation_context_trust_property = appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) )
Attributes
- acm
A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.
- file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
- sds
A reference to an object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
VirtualNodeConnectionPoolProperty
- class CfnVirtualNode.VirtualNodeConnectionPoolProperty(*, grpc=None, http=None, http2=None, tcp=None)
Bases:
objectAn object that represents the type of virtual node connection pool.
Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping.
If not present the default value for
maxPendingRequestsis2147483647.- Parameters:
grpc (
Union[IResolvable,VirtualNodeGrpcConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.http (
Union[IResolvable,VirtualNodeHttpConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.http2 (
Union[IResolvable,VirtualNodeHttp2ConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.tcp (
Union[IResolvable,VirtualNodeTcpConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_node_connection_pool_property = appmesh.CfnVirtualNode.VirtualNodeConnectionPoolProperty( grpc=appmesh.CfnVirtualNode.VirtualNodeGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualNode.VirtualNodeHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualNode.VirtualNodeHttp2ConnectionPoolProperty( max_requests=123 ), tcp=appmesh.CfnVirtualNode.VirtualNodeTcpConnectionPoolProperty( max_connections=123 ) )
Attributes
- grpc
An object that represents a type of connection pool.
- http
An object that represents a type of connection pool.
- http2
An object that represents a type of connection pool.
- tcp
An object that represents a type of connection pool.
VirtualNodeGrpcConnectionPoolProperty
- class CfnVirtualNode.VirtualNodeGrpcConnectionPoolProperty(*, max_requests)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_requests (
Union[int,float]) – Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_node_grpc_connection_pool_property = appmesh.CfnVirtualNode.VirtualNodeGrpcConnectionPoolProperty( max_requests=123 )
Attributes
- max_requests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
VirtualNodeHttp2ConnectionPoolProperty
- class CfnVirtualNode.VirtualNodeHttp2ConnectionPoolProperty(*, max_requests)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_requests (
Union[int,float]) – Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_node_http2_connection_pool_property = appmesh.CfnVirtualNode.VirtualNodeHttp2ConnectionPoolProperty( max_requests=123 )
Attributes
- max_requests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
VirtualNodeHttpConnectionPoolProperty
- class CfnVirtualNode.VirtualNodeHttpConnectionPoolProperty(*, max_connections, max_pending_requests=None)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_connections (
Union[int,float]) – Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.max_pending_requests (
Union[int,float,None]) – Number of overflowing requests aftermax_connectionsEnvoy will queue to upstream cluster.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_node_http_connection_pool_property = appmesh.CfnVirtualNode.VirtualNodeHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 )
Attributes
- max_connections
Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
- max_pending_requests
Number of overflowing requests after
max_connectionsEnvoy will queue to upstream cluster.
VirtualNodeSpecProperty
- class CfnVirtualNode.VirtualNodeSpecProperty(*, backend_defaults=None, backends=None, listeners=None, logging=None, service_discovery=None)
Bases:
objectAn object that represents the specification of a virtual node.
- Parameters:
backend_defaults (
Union[IResolvable,BackendDefaultsProperty,Dict[str,Any],None]) – A reference to an object that represents the defaults for backends.backends (
Union[IResolvable,Sequence[Union[IResolvable,BackendProperty,Dict[str,Any]]],None]) – The backends that the virtual node is expected to send outbound traffic to. .. epigraph:: App Mesh doesn’t validate the existence of those virtual services specified in backends. This is to prevent a cyclic dependency between virtual nodes and virtual services creation. Make sure the virtual service name is correct. The virtual service can be created afterwards if it doesn’t already exist.listeners (
Union[IResolvable,Sequence[Union[IResolvable,ListenerProperty,Dict[str,Any]]],None]) – The listener that the virtual node is expected to receive inbound traffic from. You can specify one listener.logging (
Union[IResolvable,LoggingProperty,Dict[str,Any],None]) – The inbound and outbound access logging information for the virtual node.service_discovery (
Union[IResolvable,ServiceDiscoveryProperty,Dict[str,Any],None]) – The service discovery information for the virtual node. If your virtual node does not expect ingress traffic, you can omit this parameter. If you specify alistener, then you must specify service discovery information.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_node_spec_property = appmesh.CfnVirtualNode.VirtualNodeSpecProperty( backend_defaults=appmesh.CfnVirtualNode.BackendDefaultsProperty( client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ), backends=[appmesh.CfnVirtualNode.BackendProperty( virtual_service=appmesh.CfnVirtualNode.VirtualServiceBackendProperty( virtual_service_name="virtualServiceName", # the properties below are optional client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ) )], listeners=[appmesh.CfnVirtualNode.ListenerProperty( port_mapping=appmesh.CfnVirtualNode.PortMappingProperty( port=123, protocol="protocol" ), # the properties below are optional connection_pool=appmesh.CfnVirtualNode.VirtualNodeConnectionPoolProperty( grpc=appmesh.CfnVirtualNode.VirtualNodeGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualNode.VirtualNodeHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualNode.VirtualNodeHttp2ConnectionPoolProperty( max_requests=123 ), tcp=appmesh.CfnVirtualNode.VirtualNodeTcpConnectionPoolProperty( max_connections=123 ) ), health_check=appmesh.CfnVirtualNode.HealthCheckProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 ), outlier_detection=appmesh.CfnVirtualNode.OutlierDetectionProperty( base_ejection_duration=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), interval=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), max_ejection_percent=123, max_server_errors=123 ), timeout=appmesh.CfnVirtualNode.ListenerTimeoutProperty( grpc=appmesh.CfnVirtualNode.GrpcTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), http2=appmesh.CfnVirtualNode.HttpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ), per_request=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ), tcp=appmesh.CfnVirtualNode.TcpTimeoutProperty( idle=appmesh.CfnVirtualNode.DurationProperty( unit="unit", value=123 ) ) ), tls=appmesh.CfnVirtualNode.ListenerTlsProperty( certificate=appmesh.CfnVirtualNode.ListenerTlsCertificateProperty( acm=appmesh.CfnVirtualNode.ListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualNode.ListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualNode.ListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) ) )], logging=appmesh.CfnVirtualNode.LoggingProperty( access_log=appmesh.CfnVirtualNode.AccessLogProperty( file=appmesh.CfnVirtualNode.FileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualNode.LoggingFormatProperty( json=[appmesh.CfnVirtualNode.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) ) ), service_discovery=appmesh.CfnVirtualNode.ServiceDiscoveryProperty( aws_cloud_map=appmesh.CfnVirtualNode.AwsCloudMapServiceDiscoveryProperty( namespace_name="namespaceName", service_name="serviceName", # the properties below are optional attributes=[appmesh.CfnVirtualNode.AwsCloudMapInstanceAttributeProperty( key="key", value="value" )], ip_preference="ipPreference" ), dns=appmesh.CfnVirtualNode.DnsServiceDiscoveryProperty( hostname="hostname", # the properties below are optional ip_preference="ipPreference", response_type="responseType" ) ) )
Attributes
- backend_defaults
A reference to an object that represents the defaults for backends.
- backends
The backends that the virtual node is expected to send outbound traffic to.
App Mesh doesn’t validate the existence of those virtual services specified in backends. This is to prevent a cyclic dependency between virtual nodes and virtual services creation. Make sure the virtual service name is correct. The virtual service can be created afterwards if it doesn’t already exist.
- listeners
The listener that the virtual node is expected to receive inbound traffic from.
You can specify one listener.
- logging
The inbound and outbound access logging information for the virtual node.
- service_discovery
The service discovery information for the virtual node.
If your virtual node does not expect ingress traffic, you can omit this parameter. If you specify a
listener, then you must specify service discovery information.
VirtualNodeTcpConnectionPoolProperty
- class CfnVirtualNode.VirtualNodeTcpConnectionPoolProperty(*, max_connections)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_connections (
Union[int,float]) – Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_node_tcp_connection_pool_property = appmesh.CfnVirtualNode.VirtualNodeTcpConnectionPoolProperty( max_connections=123 )
Attributes
- max_connections
Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
VirtualServiceBackendProperty
- class CfnVirtualNode.VirtualServiceBackendProperty(*, virtual_service_name, client_policy=None)
Bases:
objectAn object that represents a virtual service backend for a virtual node.
- Parameters:
virtual_service_name (
str) – The name of the virtual service that is acting as a virtual node backend. .. epigraph:: App Mesh doesn’t validate the existence of those virtual services specified in backends. This is to prevent a cyclic dependency between virtual nodes and virtual services creation. Make sure the virtual service name is correct. The virtual service can be created afterwards if it doesn’t already exist.client_policy (
Union[IResolvable,ClientPolicyProperty,Dict[str,Any],None]) – A reference to an object that represents the client policy for a backend.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_service_backend_property = appmesh.CfnVirtualNode.VirtualServiceBackendProperty( virtual_service_name="virtualServiceName", # the properties below are optional client_policy=appmesh.CfnVirtualNode.ClientPolicyProperty( tls=appmesh.CfnVirtualNode.ClientPolicyTlsProperty( validation=appmesh.CfnVirtualNode.TlsValidationContextProperty( trust=appmesh.CfnVirtualNode.TlsValidationContextTrustProperty( acm=appmesh.CfnVirtualNode.TlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualNode.TlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualNode.TlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualNode.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualNode.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualNode.ClientTlsCertificateProperty( file=appmesh.CfnVirtualNode.ListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualNode.ListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) )
Attributes
- client_policy
A reference to an object that represents the client policy for a backend.
- virtual_service_name
The name of the virtual service that is acting as a virtual node backend.
App Mesh doesn’t validate the existence of those virtual services specified in backends. This is to prevent a cyclic dependency between virtual nodes and virtual services creation. Make sure the virtual service name is correct. The virtual service can be created afterwards if it doesn’t already exist.