TrustStoreProps

class aws_cdk.aws_elasticloadbalancingv2.TrustStoreProps(*, bucket, key, trust_store_name=None, version=None)

Bases: object

Properties used for the Trust Store.

Parameters:
  • bucket (IBucket) – The bucket that the trust store is hosted in.

  • key (str) – The key in S3 to look at for the trust store.

  • trust_store_name (Optional[str]) – The name of the trust store. Default: - Auto generated

  • version (Optional[str]) – The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket. Default: - latest version

ExampleMetadata:

infused

Example:

import aws_cdk.aws_certificatemanager as acm

# certificate: acm.Certificate
# lb: elbv2.ApplicationLoadBalancer
# bucket: s3.Bucket


trust_store = elbv2.TrustStore(self, "Store",
    bucket=bucket,
    key="rootCA_cert.pem"
)

lb.add_listener("Listener",
    port=443,
    protocol=elbv2.ApplicationProtocol.HTTPS,
    certificates=[certificate],
    # mTLS settings
    mutual_authentication=elbv2.MutualAuthentication(
        ignore_client_certificate_expiry=False,
        mutual_authentication_mode=elbv2.MutualAuthenticationMode.VERIFY,
        trust_store=trust_store
    ),
    default_action=elbv2.ListenerAction.fixed_response(200, content_type="text/plain", message_body="Success mTLS")
)

Attributes

bucket

The bucket that the trust store is hosted in.

key

The key in S3 to look at for the trust store.

trust_store_name

The name of the trust store.

Default:
  • Auto generated

version

The version of the S3 object that contains your truststore.

To specify a version, you must have versioning enabled for the S3 bucket.

Default:
  • latest version