interface TLSInspectionConfigurationProperty
Language | Type name |
---|---|
.NET | Amazon.CDK.AWS.NetworkFirewall.CfnTLSInspectionConfiguration.TLSInspectionConfigurationProperty |
Go | github.com/aws/aws-cdk-go/awscdk/v2/awsnetworkfirewall#CfnTLSInspectionConfiguration_TLSInspectionConfigurationProperty |
Java | software.amazon.awscdk.services.networkfirewall.CfnTLSInspectionConfiguration.TLSInspectionConfigurationProperty |
Python | aws_cdk.aws_networkfirewall.CfnTLSInspectionConfiguration.TLSInspectionConfigurationProperty |
TypeScript | aws-cdk-lib » aws_networkfirewall » CfnTLSInspectionConfiguration » TLSInspectionConfigurationProperty |
The object that defines a TLS inspection configuration. This defines the TLS inspection configuration.
AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.
To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_networkfirewall as networkfirewall } from 'aws-cdk-lib';
const tLSInspectionConfigurationProperty: networkfirewall.CfnTLSInspectionConfiguration.TLSInspectionConfigurationProperty = {
serverCertificateConfigurations: [{
certificateAuthorityArn: 'certificateAuthorityArn',
checkCertificateRevocationStatus: {
revokedStatusAction: 'revokedStatusAction',
unknownStatusAction: 'unknownStatusAction',
},
scopes: [{
destinationPorts: [{
fromPort: 123,
toPort: 123,
}],
destinations: [{
addressDefinition: 'addressDefinition',
}],
protocols: [123],
sourcePorts: [{
fromPort: 123,
toPort: 123,
}],
sources: [{
addressDefinition: 'addressDefinition',
}],
}],
serverCertificates: [{
resourceArn: 'resourceArn',
}],
}],
};
Properties
Name | Type | Description |
---|---|---|
server | IResolvable | IResolvable | Server [] | Lists the server certificate configurations that are associated with the TLS configuration. |
serverCertificateConfigurations?
Type:
IResolvable
|
IResolvable
|
Server
[]
(optional)
Lists the server certificate configurations that are associated with the TLS configuration.