ListenerTlsOptions
- class aws_cdk.aws_appmesh.ListenerTlsOptions(*, certificate, mode, mutual_tls_validation=None)
Bases:
objectRepresents TLS properties for listener.
- Parameters:
certificate (
TlsCertificate) – Represents TLS certificate.mode (
TlsMode) – The TLS mode.mutual_tls_validation (
Union[MutualTlsValidation,Dict[str,Any],None]) – Represents a listener’s TLS validation context. The client certificate will only be validated if the client provides it, enabling mutual TLS. Default: - client TLS certificate is not required
- ExampleMetadata:
infused
Example:
# A Virtual Node with listener TLS from an ACM provided certificate # cert: certificatemanager.Certificate # mesh: appmesh.Mesh node = appmesh.VirtualNode(self, "node", mesh=mesh, service_discovery=appmesh.ServiceDiscovery.dns("node"), listeners=[appmesh.VirtualNodeListener.grpc( port=80, tls=appmesh.ListenerTlsOptions( mode=appmesh.TlsMode.STRICT, certificate=appmesh.TlsCertificate.acm(cert) ) )] ) # A Virtual Gateway with listener TLS from a customer provided file certificate gateway = appmesh.VirtualGateway(self, "gateway", mesh=mesh, listeners=[appmesh.VirtualGatewayListener.grpc( port=8080, tls=appmesh.ListenerTlsOptions( mode=appmesh.TlsMode.STRICT, certificate=appmesh.TlsCertificate.file("path/to/certChain", "path/to/privateKey") ) )], virtual_gateway_name="gateway" ) # A Virtual Gateway with listener TLS from a SDS provided certificate gateway2 = appmesh.VirtualGateway(self, "gateway2", mesh=mesh, listeners=[appmesh.VirtualGatewayListener.http2( port=8080, tls=appmesh.ListenerTlsOptions( mode=appmesh.TlsMode.STRICT, certificate=appmesh.TlsCertificate.sds("secrete_certificate") ) )], virtual_gateway_name="gateway2" )
Attributes
- certificate
Represents TLS certificate.
- mode
The TLS mode.
- mutual_tls_validation
Represents a listener’s TLS validation context.
The client certificate will only be validated if the client provides it, enabling mutual TLS.
- Default:
client TLS certificate is not required