aws-cdk-lib.aws_appmesh.TlsValidationTrust

class TlsValidationTrust

LanguageType name
.NETAmazon.CDK.AWS.AppMesh.TlsValidationTrust
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsappmesh#TlsValidationTrust
Javasoftware.amazon.awscdk.services.appmesh.TlsValidationTrust
Pythonaws_cdk.aws_appmesh.TlsValidationTrust
TypeScript (source)aws-cdk-lib » aws_appmesh » TlsValidationTrust

Defines the TLS Validation Context Trust.

Example

declare const mesh: appmesh.Mesh;
declare const service: cloudmap.Service;

const node = new appmesh.VirtualNode(this, 'node', {
  mesh,
  serviceDiscovery: appmesh.ServiceDiscovery.cloudMap(service),
  listeners: [appmesh.VirtualNodeListener.http({
    port: 8080,
    healthCheck: appmesh.HealthCheck.http({
      healthyThreshold: 3,
      interval: Duration.seconds(5),
      path: '/ping',
      timeout: Duration.seconds(2),
      unhealthyThreshold: 2,
    }),
    timeout: {
      idle: Duration.seconds(5),
    },
  })],
  backendDefaults: {
    tlsClientPolicy: {
      validation: {
        trust: appmesh.TlsValidationTrust.file('/keys/local_cert_chain.pem'),
      },
    },
  },
  accessLog: appmesh.AccessLog.fromFilePath('/dev/stdout'),
});

cdk.Tags.of(node).add('Environment', 'Dev');

Initializer

new TlsValidationTrust()

Methods

NameDescription
bind(scope)Returns Trust context based on trust type.
static acm(certificateAuthorities)TLS Validation Context Trust for ACM Private Certificate Authority (CA).
static file(certificateChain)Tells envoy where to fetch the validation context from.
static sds(secretName)TLS Validation Context Trust for Envoy' service discovery service.

bind(scope)

public bind(scope: Construct): TlsValidationTrustConfig

Parameters

  • scope Construct

Returns

  • TlsValidationTrustConfig

Returns Trust context based on trust type.


static acm(certificateAuthorities)

public static acm(certificateAuthorities: ICertificateAuthority[]): TlsValidationTrust

Parameters

  • certificateAuthorities ICertificateAuthority[]

Returns

  • TlsValidationTrust

TLS Validation Context Trust for ACM Private Certificate Authority (CA).


static file(certificateChain)

public static file(certificateChain: string): MutualTlsValidationTrust

Parameters

  • certificateChain string

Returns

  • MutualTlsValidationTrust

Tells envoy where to fetch the validation context from.


static sds(secretName)

public static sds(secretName: string): MutualTlsValidationTrust

Parameters

  • secretName string

Returns

  • MutualTlsValidationTrust

TLS Validation Context Trust for Envoy' service discovery service.