Class: AWSCDK::AppMesh::CfnVirtualNode::TLSValidationContextProperty
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::AppMesh::CfnVirtualNode::TLSValidationContextProperty
- Defined in:
- app_mesh/cfn_virtual_node.rb
Overview
An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.
Instance Attribute Summary collapse
-
#subject_alternative_names ⇒ AWSCDK::IResolvable, ...
readonly
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
-
#trust ⇒ AWSCDK::IResolvable, AWSCDK::AppMesh::CfnVirtualNode::TLSValidationContextTrustProperty
readonly
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(trust:, subject_alternative_names: nil) ⇒ TLSValidationContextProperty
constructor
A new instance of TLSValidationContextProperty.
- #to_jsii ⇒ Object
Constructor Details
#initialize(trust:, subject_alternative_names: nil) ⇒ TLSValidationContextProperty
Returns a new instance of TLSValidationContextProperty.
2227 2228 2229 2230 2231 2232 |
# File 'app_mesh/cfn_virtual_node.rb', line 2227 def initialize(trust:, subject_alternative_names: nil) @trust = trust.is_a?(Hash) ? ::AWSCDK::AppMesh::CfnVirtualNode::TLSValidationContextTrustProperty.new(**trust.transform_keys(&:to_sym)) : trust Jsii::Type.check_type(@trust, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19hcHBtZXNoLkNmblZpcnR1YWxOb2RlLlRsc1ZhbGlkYXRpb25Db250ZXh0VHJ1c3RQcm9wZXJ0eSJ9XX19")), "trust") @subject_alternative_names = subject_alternative_names.is_a?(Hash) ? ::AWSCDK::AppMesh::CfnVirtualNode::SubjectAlternativeNamesProperty.new(**subject_alternative_names.transform_keys(&:to_sym)) : subject_alternative_names Jsii::Type.check_type(@subject_alternative_names, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19hcHBtZXNoLkNmblZpcnR1YWxOb2RlLlN1YmplY3RBbHRlcm5hdGl2ZU5hbWVzUHJvcGVydHkifV19fQ==")), "subjectAlternativeNames") unless @subject_alternative_names.nil? end |
Instance Attribute Details
#subject_alternative_names ⇒ AWSCDK::IResolvable, ... (readonly)
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
2245 2246 2247 |
# File 'app_mesh/cfn_virtual_node.rb', line 2245 def subject_alternative_names @subject_alternative_names end |
#trust ⇒ AWSCDK::IResolvable, AWSCDK::AppMesh::CfnVirtualNode::TLSValidationContextTrustProperty (readonly)
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
2238 2239 2240 |
# File 'app_mesh/cfn_virtual_node.rb', line 2238 def trust @trust end |
Class Method Details
.jsii_properties ⇒ Object
2247 2248 2249 2250 2251 2252 |
# File 'app_mesh/cfn_virtual_node.rb', line 2247 def self.jsii_properties { :trust => "trust", :subject_alternative_names => "subjectAlternativeNames", } end |
Instance Method Details
#to_jsii ⇒ Object
2254 2255 2256 2257 2258 2259 2260 2261 |
# File 'app_mesh/cfn_virtual_node.rb', line 2254 def to_jsii result = {} result.merge!({ "trust" => @trust, "subjectAlternativeNames" => @subject_alternative_names, }) result.compact end |