CfnVirtualGateway
- class aws_cdk.aws_appmesh.CfnVirtualGateway(scope, id, *, mesh_name, spec, mesh_owner=None, tags=None, virtual_gateway_name=None)
Bases:
CfnResourceCreates a virtual gateway.
A virtual gateway allows resources outside your mesh to communicate to resources that are inside your mesh. The virtual gateway represents an Envoy proxy running in an Amazon ECS task, in a Kubernetes service, or on an Amazon EC2 instance. Unlike a virtual node, which represents an Envoy running with an application, a virtual gateway represents Envoy deployed by itself.
For more information about virtual gateways, see Virtual gateways .
- See:
- CloudformationResource:
AWS::AppMesh::VirtualGateway
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh cfn_virtual_gateway = appmesh.CfnVirtualGateway(self, "MyCfnVirtualGateway", mesh_name="meshName", spec=appmesh.CfnVirtualGateway.VirtualGatewaySpecProperty( listeners=[appmesh.CfnVirtualGateway.VirtualGatewayListenerProperty( port_mapping=appmesh.CfnVirtualGateway.VirtualGatewayPortMappingProperty( port=123, protocol="protocol" ), # the properties below are optional connection_pool=appmesh.CfnVirtualGateway.VirtualGatewayConnectionPoolProperty( grpc=appmesh.CfnVirtualGateway.VirtualGatewayGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualGateway.VirtualGatewayHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualGateway.VirtualGatewayHttp2ConnectionPoolProperty( max_requests=123 ) ), health_check=appmesh.CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 ), tls=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsProperty( certificate=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsCertificateProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) ) )], # the properties below are optional backend_defaults=appmesh.CfnVirtualGateway.VirtualGatewayBackendDefaultsProperty( client_policy=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyProperty( tls=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyTlsProperty( validation=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ), logging=appmesh.CfnVirtualGateway.VirtualGatewayLoggingProperty( access_log=appmesh.CfnVirtualGateway.VirtualGatewayAccessLogProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayFileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualGateway.LoggingFormatProperty( json=[appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) ) ) ), # the properties below are optional mesh_owner="meshOwner", tags=[CfnTag( key="key", value="value" )], virtual_gateway_name="virtualGatewayName" )
- Parameters:
scope (
Construct) – Scope in which this resource is defined.id (
str) – Construct identifier for this resource (unique in its scope).mesh_name (
str) – The name of the service mesh that the virtual gateway resides in.spec (
Union[IResolvable,VirtualGatewaySpecProperty,Dict[str,Any]]) – The specifications of the virtual gateway.mesh_owner (
Optional[str]) – The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it’s the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes .tags (
Optional[Sequence[Union[CfnTag,Dict[str,Any]]]]) – Optional metadata that you can apply to the virtual gateway to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.virtual_gateway_name (
Optional[str]) – The name of the virtual gateway.
Methods
- add_deletion_override(path)
Syntactic sugar for
addOverride(path, undefined).- Parameters:
path (
str) – The path of the value to delete.- Return type:
None
- add_dependency(target)
Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
This can be used for resources across stacks (or nested stack) boundaries and the dependency will automatically be transferred to the relevant scope.
- Parameters:
target (
CfnResource) –- Return type:
None
- add_depends_on(target)
(deprecated) Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
- Parameters:
target (
CfnResource) –- Deprecated:
use addDependency
- Stability:
deprecated
- Return type:
None
- add_metadata(key, value)
Add a value to the CloudFormation Resource Metadata.
- Parameters:
key (
str) –value (
Any) –
- See:
- Return type:
None
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.
- add_override(path, value)
Adds an override to the synthesized CloudFormation resource.
To add a property override, either use
addPropertyOverrideor prefixpathwith “Properties.” (i.e.Properties.TopicName).If the override is nested, separate each nested level using a dot (.) in the path parameter. If there is an array as part of the nesting, specify the index in the path.
To include a literal
.in the property name, prefix with a\. In most programming languages you will need to write this as"\\."because the\itself will need to be escaped.For example:
cfn_resource.add_override("Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes", ["myattribute"]) cfn_resource.add_override("Properties.GlobalSecondaryIndexes.1.ProjectionType", "INCLUDE")
would add the overrides Example:
"Properties": { "GlobalSecondaryIndexes": [ { "Projection": { "NonKeyAttributes": [ "myattribute" ] ... } ... }, { "ProjectionType": "INCLUDE" ... }, ] ... }
The
valueargument toaddOverridewill not be processed or translated in any way. Pass raw JSON values in here with the correct capitalization for CloudFormation. If you pass CDK classes or structs, they will be rendered with lowercased key names, and CloudFormation will reject the template.- Parameters:
path (
str) –The path of the property, you can use dot notation to override values in complex types. Any intermediate keys will be created as needed.
value (
Any) –The value. Could be primitive or complex.
- Return type:
None
- add_property_deletion_override(property_path)
Adds an override that deletes the value of a property from the resource definition.
- Parameters:
property_path (
str) – The path to the property.- Return type:
None
- add_property_override(property_path, value)
Adds an override to a resource property.
Syntactic sugar for
addOverride("Properties.<...>", value).- Parameters:
property_path (
str) – The path of the property.value (
Any) – The value.
- Return type:
None
- apply_removal_policy(policy=None, *, apply_to_update_replace_policy=None, default=None)
Sets the deletion policy of the resource based on the removal policy specified.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.
The resource can be deleted (
RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN). In some cases, a snapshot can be taken of the resource prior to deletion (RemovalPolicy.SNAPSHOT). A list of resources that support this policy can be found in the following link:- Parameters:
policy (
Optional[RemovalPolicy]) –apply_to_update_replace_policy (
Optional[bool]) – Apply the same deletion policy to the resource’s “UpdateReplacePolicy”. Default: truedefault (
Optional[RemovalPolicy]) – The default policy to apply in case the removal policy is not defined. Default: - Default value is resource specific. To determine the default value for a resource, please consult that specific resource’s documentation.
- See:
- Return type:
None
- get_att(attribute_name, type_hint=None)
Returns a token for an runtime attribute of this resource.
Ideally, use generated attribute accessors (e.g.
resource.arn), but this can be used for future compatibility in case there is no generated attribute.- Parameters:
attribute_name (
str) – The name of the attribute.type_hint (
Optional[ResolutionTypeHint]) –
- Return type:
- get_metadata(key)
Retrieve a value value from the CloudFormation Resource Metadata.
- Parameters:
key (
str) –- See:
- Return type:
Any
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.
- inspect(inspector)
Examines the CloudFormation resource and discloses attributes.
- Parameters:
inspector (
TreeInspector) – tree inspector to collect and process attributes.- Return type:
None
- obtain_dependencies()
Retrieves an array of resources this resource depends on.
This assembles dependencies on resources across stacks (including nested stacks) automatically.
- Return type:
List[Union[Stack,CfnResource]]
- obtain_resource_dependencies()
Get a shallow copy of dependencies between this resource and other resources in the same stack.
- Return type:
List[CfnResource]
- override_logical_id(new_logical_id)
Overrides the auto-generated logical ID with a specific ID.
- Parameters:
new_logical_id (
str) – The new logical ID to use for this stack element.- Return type:
None
- remove_dependency(target)
Indicates that this resource no longer depends on another resource.
This can be used for resources across stacks (including nested stacks) and the dependency will automatically be removed from the relevant scope.
- Parameters:
target (
CfnResource) –- Return type:
None
- replace_dependency(target, new_target)
Replaces one dependency with another.
- Parameters:
target (
CfnResource) – The dependency to replace.new_target (
CfnResource) – The new dependency to add.
- Return type:
None
- to_string()
Returns a string representation of this construct.
- Return type:
str- Returns:
a string representation of this resource
Attributes
- CFN_RESOURCE_TYPE_NAME = 'AWS::AppMesh::VirtualGateway'
- attr_arn
The full Amazon Resource Name (ARN) for the virtual gateway.
- CloudformationAttribute:
Arn
- attr_id
Id
- Type:
cloudformationAttribute
- attr_mesh_name
The name of the service mesh that the virtual gateway resides in.
- CloudformationAttribute:
MeshName
- attr_mesh_owner
The AWS IAM account ID of the service mesh owner.
If the account ID is not your own, then it’s the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with Shared Meshes .
- CloudformationAttribute:
MeshOwner
- attr_resource_owner
The AWS IAM account ID of the resource owner.
If the account ID is not your own, then it’s the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with Shared Meshes .
- CloudformationAttribute:
ResourceOwner
- attr_uid
The unique identifier for the virtual gateway.
- CloudformationAttribute:
Uid
- attr_virtual_gateway_name
The name of the virtual gateway.
- CloudformationAttribute:
VirtualGatewayName
- cfn_options
Options for this resource, such as condition, update policy etc.
- cfn_resource_type
AWS resource type.
- creation_stack
return:
the stack trace of the point where this Resource was created from, sourced from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most node +internal+ entries filtered.
- logical_id
The logical ID for this CloudFormation stack element.
The logical ID of the element is calculated from the path of the resource node in the construct tree.
To override this value, use
overrideLogicalId(newLogicalId).- Returns:
the logical ID as a stringified token. This value will only get resolved during synthesis.
- mesh_name
The name of the service mesh that the virtual gateway resides in.
- mesh_owner
The AWS IAM account ID of the service mesh owner.
- node
The tree node.
- ref
Return a string that will be resolved to a CloudFormation
{ Ref }for this element.If, by any chance, the intrinsic reference of a resource is not a string, you could coerce it to an IResolvable through
Lazy.any({ produce: resource.ref }).
- spec
The specifications of the virtual gateway.
- stack
The stack in which this element is defined.
CfnElements must be defined within a stack scope (directly or indirectly).
- tags
Tag Manager which manages the tags for this resource.
- tags_raw
Optional metadata that you can apply to the virtual gateway to assist with categorization and organization.
- virtual_gateway_name
The name of the virtual gateway.
Static Methods
- classmethod is_cfn_element(x)
Returns
trueif a construct is a stack element (i.e. part of the synthesized cloudformation template).Uses duck-typing instead of
instanceofto allow stack elements from different versions of this library to be included in the same stack.- Parameters:
x (
Any) –- Return type:
bool- Returns:
The construct as a stack element or undefined if it is not a stack element.
- classmethod is_cfn_resource(x)
Check whether the given object is a CfnResource.
- Parameters:
x (
Any) –- Return type:
bool
- classmethod is_construct(x)
Checks if
xis a construct.Use this method instead of
instanceofto properly detectConstructinstances, even when the construct library is symlinked.Explanation: in JavaScript, multiple copies of the
constructslibrary on disk are seen as independent, completely different libraries. As a consequence, the classConstructin each copy of theconstructslibrary is seen as a different class, and an instance of one class will not test asinstanceofthe other class.npm installwill not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of theconstructslibrary can be accidentally installed, andinstanceofwill behave unpredictably. It is safest to avoid usinginstanceof, and using this type-testing method instead.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsConstruct.
JsonFormatRefProperty
- class CfnVirtualGateway.JsonFormatRefProperty(*, key, value)
Bases:
objectAn object that represents the key value pairs for the JSON.
- Parameters:
key (
str) – The specified key for the JSON.value (
str) – The specified value for the JSON.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh json_format_ref_property = appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )
Attributes
- key
The specified key for the JSON.
- value
The specified value for the JSON.
LoggingFormatProperty
- class CfnVirtualGateway.LoggingFormatProperty(*, json=None, text=None)
Bases:
objectAn object that represents the format for the logs.
- Parameters:
json (
Union[IResolvable,Sequence[Union[IResolvable,JsonFormatRefProperty,Dict[str,Any]]],None]) – The logging format for JSON.text (
Optional[str]) – The logging format for text.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh logging_format_property = appmesh.CfnVirtualGateway.LoggingFormatProperty( json=[appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )], text="text" )
Attributes
- json
The logging format for JSON.
SubjectAlternativeNameMatchersProperty
- class CfnVirtualGateway.SubjectAlternativeNameMatchersProperty(*, exact=None)
Bases:
objectAn object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.
- Parameters:
exact (
Optional[Sequence[str]]) – The values sent must match the specified values exactly.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh subject_alternative_name_matchers_property = appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] )
Attributes
- exact
The values sent must match the specified values exactly.
SubjectAlternativeNamesProperty
- class CfnVirtualGateway.SubjectAlternativeNamesProperty(*, match)
Bases:
objectAn object that represents the subject alternative names secured by the certificate.
- Parameters:
match (
Union[IResolvable,SubjectAlternativeNameMatchersProperty,Dict[str,Any]]) – An object that represents the criteria for determining a SANs match.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh subject_alternative_names_property = appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) )
Attributes
- match
An object that represents the criteria for determining a SANs match.
VirtualGatewayAccessLogProperty
- class CfnVirtualGateway.VirtualGatewayAccessLogProperty(*, file=None)
Bases:
objectThe access log configuration for a virtual gateway.
- Parameters:
file (
Union[IResolvable,VirtualGatewayFileAccessLogProperty,Dict[str,Any],None]) – The file object to send virtual gateway access logs to.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_access_log_property = appmesh.CfnVirtualGateway.VirtualGatewayAccessLogProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayFileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualGateway.LoggingFormatProperty( json=[appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) )
Attributes
- file
The file object to send virtual gateway access logs to.
VirtualGatewayBackendDefaultsProperty
- class CfnVirtualGateway.VirtualGatewayBackendDefaultsProperty(*, client_policy=None)
Bases:
objectAn object that represents the default properties for a backend.
- Parameters:
client_policy (
Union[IResolvable,VirtualGatewayClientPolicyProperty,Dict[str,Any],None]) – A reference to an object that represents a client policy.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_backend_defaults_property = appmesh.CfnVirtualGateway.VirtualGatewayBackendDefaultsProperty( client_policy=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyProperty( tls=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyTlsProperty( validation=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) )
Attributes
- client_policy
A reference to an object that represents a client policy.
VirtualGatewayClientPolicyProperty
- class CfnVirtualGateway.VirtualGatewayClientPolicyProperty(*, tls=None)
Bases:
objectAn object that represents a client policy.
- Parameters:
tls (
Union[IResolvable,VirtualGatewayClientPolicyTlsProperty,Dict[str,Any],None]) – A reference to an object that represents a Transport Layer Security (TLS) client policy.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_client_policy_property = appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyProperty( tls=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyTlsProperty( validation=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) )
Attributes
- tls
A reference to an object that represents a Transport Layer Security (TLS) client policy.
VirtualGatewayClientPolicyTlsProperty
- class CfnVirtualGateway.VirtualGatewayClientPolicyTlsProperty(*, validation, certificate=None, enforce=None, ports=None)
Bases:
objectAn object that represents a Transport Layer Security (TLS) client policy.
- Parameters:
validation (
Union[IResolvable,VirtualGatewayTlsValidationContextProperty,Dict[str,Any]]) – A reference to an object that represents a Transport Layer Security (TLS) validation context.certificate (
Union[IResolvable,VirtualGatewayClientTlsCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a virtual gateway’s client’s Transport Layer Security (TLS) certificate.enforce (
Union[bool,IResolvable,None]) – Whether the policy is enforced. The default isTrue, if a value isn’t specified.ports (
Union[IResolvable,Sequence[Union[int,float]],None]) – One or more ports that the policy is enforced for.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_client_policy_tls_property = appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyTlsProperty( validation=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] )
Attributes
- certificate
A reference to an object that represents a virtual gateway’s client’s Transport Layer Security (TLS) certificate.
- enforce
Whether the policy is enforced.
The default is
True, if a value isn’t specified.
- ports
One or more ports that the policy is enforced for.
- validation
A reference to an object that represents a Transport Layer Security (TLS) validation context.
VirtualGatewayClientTlsCertificateProperty
- class CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty(*, file=None, sds=None)
Bases:
objectAn object that represents the virtual gateway’s client’s Transport Layer Security (TLS) certificate.
- Parameters:
file (
Union[IResolvable,VirtualGatewayListenerTlsFileCertificateProperty,Dict[str,Any],None]) – An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .sds (
Union[IResolvable,VirtualGatewayListenerTlsSdsCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a virtual gateway’s client’s Secret Discovery Service certificate.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_client_tls_certificate_property = appmesh.CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) )
Attributes
- file
An object that represents a local file certificate.
The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
- sds
A reference to an object that represents a virtual gateway’s client’s Secret Discovery Service certificate.
VirtualGatewayConnectionPoolProperty
- class CfnVirtualGateway.VirtualGatewayConnectionPoolProperty(*, grpc=None, http=None, http2=None)
Bases:
objectAn object that represents the type of virtual gateway connection pool.
Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping.
If not present the default value for
maxPendingRequestsis2147483647.- Parameters:
grpc (
Union[IResolvable,VirtualGatewayGrpcConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.http (
Union[IResolvable,VirtualGatewayHttpConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.http2 (
Union[IResolvable,VirtualGatewayHttp2ConnectionPoolProperty,Dict[str,Any],None]) – An object that represents a type of connection pool.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_connection_pool_property = appmesh.CfnVirtualGateway.VirtualGatewayConnectionPoolProperty( grpc=appmesh.CfnVirtualGateway.VirtualGatewayGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualGateway.VirtualGatewayHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualGateway.VirtualGatewayHttp2ConnectionPoolProperty( max_requests=123 ) )
Attributes
- grpc
An object that represents a type of connection pool.
- http
An object that represents a type of connection pool.
- http2
An object that represents a type of connection pool.
VirtualGatewayFileAccessLogProperty
- class CfnVirtualGateway.VirtualGatewayFileAccessLogProperty(*, path, format=None)
Bases:
objectAn object that represents an access log file.
- Parameters:
path (
str) – The file path to write access logs to. You can use/dev/stdoutto send access logs to standard out and configure your Envoy container to use a log driver, such asawslogs, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container’s file system to write the files to disk.format (
Union[IResolvable,LoggingFormatProperty,Dict[str,Any],None]) – The specified format for the virtual gateway access logs. It can be eitherjson_formatortext_format.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_file_access_log_property = appmesh.CfnVirtualGateway.VirtualGatewayFileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualGateway.LoggingFormatProperty( json=[appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )], text="text" ) )
Attributes
- format
The specified format for the virtual gateway access logs.
It can be either
json_formatortext_format.
- path
The file path to write access logs to.
You can use
/dev/stdoutto send access logs to standard out and configure your Envoy container to use a log driver, such asawslogs, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container’s file system to write the files to disk.
VirtualGatewayGrpcConnectionPoolProperty
- class CfnVirtualGateway.VirtualGatewayGrpcConnectionPoolProperty(*, max_requests)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_requests (
Union[int,float]) – Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_grpc_connection_pool_property = appmesh.CfnVirtualGateway.VirtualGatewayGrpcConnectionPoolProperty( max_requests=123 )
Attributes
- max_requests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
VirtualGatewayHealthCheckPolicyProperty
- class CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty(*, healthy_threshold, interval_millis, protocol, timeout_millis, unhealthy_threshold, path=None, port=None)
Bases:
objectAn object that represents the health check policy for a virtual gateway’s listener.
- Parameters:
healthy_threshold (
Union[int,float]) – The number of consecutive successful health checks that must occur before declaring the listener healthy.interval_millis (
Union[int,float]) – The time period in milliseconds between each health check execution.protocol (
str) – The protocol for the health check request. If you specifygrpc, then your service must conform to the GRPC Health Checking Protocol .timeout_millis (
Union[int,float]) – The amount of time to wait when receiving a response from the health check, in milliseconds.unhealthy_threshold (
Union[int,float]) – The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.path (
Optional[str]) – The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.port (
Union[int,float,None]) – The destination port for the health check request. This port must match the port defined in thePortMappingfor the listener.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_health_check_policy_property = appmesh.CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 )
Attributes
- healthy_threshold
The number of consecutive successful health checks that must occur before declaring the listener healthy.
- interval_millis
The time period in milliseconds between each health check execution.
- path
The destination path for the health check request.
This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.
- port
The destination port for the health check request.
This port must match the port defined in the
PortMappingfor the listener.
- protocol
The protocol for the health check request.
If you specify
grpc, then your service must conform to the GRPC Health Checking Protocol .
- timeout_millis
The amount of time to wait when receiving a response from the health check, in milliseconds.
- unhealthy_threshold
The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.
VirtualGatewayHttp2ConnectionPoolProperty
- class CfnVirtualGateway.VirtualGatewayHttp2ConnectionPoolProperty(*, max_requests)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_requests (
Union[int,float]) – Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_http2_connection_pool_property = appmesh.CfnVirtualGateway.VirtualGatewayHttp2ConnectionPoolProperty( max_requests=123 )
Attributes
- max_requests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
VirtualGatewayHttpConnectionPoolProperty
- class CfnVirtualGateway.VirtualGatewayHttpConnectionPoolProperty(*, max_connections, max_pending_requests=None)
Bases:
objectAn object that represents a type of connection pool.
- Parameters:
max_connections (
Union[int,float]) – Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.max_pending_requests (
Union[int,float,None]) – Number of overflowing requests aftermax_connectionsEnvoy will queue to upstream cluster.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_http_connection_pool_property = appmesh.CfnVirtualGateway.VirtualGatewayHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 )
Attributes
- max_connections
Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
- max_pending_requests
Number of overflowing requests after
max_connectionsEnvoy will queue to upstream cluster.
VirtualGatewayListenerProperty
- class CfnVirtualGateway.VirtualGatewayListenerProperty(*, port_mapping, connection_pool=None, health_check=None, tls=None)
Bases:
objectAn object that represents a listener for a virtual gateway.
- Parameters:
port_mapping (
Union[IResolvable,VirtualGatewayPortMappingProperty,Dict[str,Any]]) – The port mapping information for the listener.connection_pool (
Union[IResolvable,VirtualGatewayConnectionPoolProperty,Dict[str,Any],None]) – The connection pool information for the listener.health_check (
Union[IResolvable,VirtualGatewayHealthCheckPolicyProperty,Dict[str,Any],None]) – The health check information for the listener.tls (
Union[IResolvable,VirtualGatewayListenerTlsProperty,Dict[str,Any],None]) – A reference to an object that represents the Transport Layer Security (TLS) properties for the listener.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerProperty( port_mapping=appmesh.CfnVirtualGateway.VirtualGatewayPortMappingProperty( port=123, protocol="protocol" ), # the properties below are optional connection_pool=appmesh.CfnVirtualGateway.VirtualGatewayConnectionPoolProperty( grpc=appmesh.CfnVirtualGateway.VirtualGatewayGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualGateway.VirtualGatewayHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualGateway.VirtualGatewayHttp2ConnectionPoolProperty( max_requests=123 ) ), health_check=appmesh.CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 ), tls=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsProperty( certificate=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsCertificateProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) ) )
Attributes
- connection_pool
The connection pool information for the listener.
- health_check
The health check information for the listener.
- port_mapping
The port mapping information for the listener.
- tls
A reference to an object that represents the Transport Layer Security (TLS) properties for the listener.
VirtualGatewayListenerTlsAcmCertificateProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty(*, certificate_arn)
Bases:
objectAn object that represents an AWS Certificate Manager certificate.
- Parameters:
certificate_arn (
str) –The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_acm_certificate_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" )
Attributes
- certificate_arn
The Amazon Resource Name (ARN) for the certificate.
The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
VirtualGatewayListenerTlsCertificateProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsCertificateProperty(*, acm=None, file=None, sds=None)
Bases:
objectAn object that represents a listener’s Transport Layer Security (TLS) certificate.
- Parameters:
acm (
Union[IResolvable,VirtualGatewayListenerTlsAcmCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents an AWS Certificate Manager certificate.file (
Union[IResolvable,VirtualGatewayListenerTlsFileCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a local file certificate.sds (
Union[IResolvable,VirtualGatewayListenerTlsSdsCertificateProperty,Dict[str,Any],None]) – A reference to an object that represents a virtual gateway’s listener’s Secret Discovery Service certificate.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_certificate_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsCertificateProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) )
Attributes
- acm
A reference to an object that represents an AWS Certificate Manager certificate.
- file
A reference to an object that represents a local file certificate.
- sds
A reference to an object that represents a virtual gateway’s listener’s Secret Discovery Service certificate.
VirtualGatewayListenerTlsFileCertificateProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty(*, certificate_chain, private_key)
Bases:
objectAn object that represents a local file certificate.
The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
- Parameters:
certificate_chain (
str) – The certificate chain for the certificate.private_key (
str) – The private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_file_certificate_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" )
Attributes
- certificate_chain
The certificate chain for the certificate.
- private_key
The private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on.
VirtualGatewayListenerTlsProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsProperty(*, certificate, mode, validation=None)
Bases:
objectAn object that represents the Transport Layer Security (TLS) properties for a listener.
- Parameters:
certificate (
Union[IResolvable,VirtualGatewayListenerTlsCertificateProperty,Dict[str,Any]]) – An object that represents a Transport Layer Security (TLS) certificate.mode (
str) – Specify one of the following modes. - ** STRICT – Listener only accepts connections with TLS enabled. - ** PERMISSIVE – Listener accepts connections with or without TLS enabled. - ** DISABLED – Listener only accepts connections without TLS.validation (
Union[IResolvable,VirtualGatewayListenerTlsValidationContextProperty,Dict[str,Any],None]) – A reference to an object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) validation context.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsProperty( certificate=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsCertificateProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) )
Attributes
- certificate
An object that represents a Transport Layer Security (TLS) certificate.
- mode
Specify one of the following modes.
** STRICT – Listener only accepts connections with TLS enabled.
** PERMISSIVE – Listener accepts connections with or without TLS enabled.
** DISABLED – Listener only accepts connections without TLS.
- validation
A reference to an object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) validation context.
VirtualGatewayListenerTlsSdsCertificateProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty(*, secret_name)
Bases:
objectAn object that represents the virtual gateway’s listener’s Secret Discovery Service certificate.The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh TLS documentation for more info.
- Parameters:
secret_name (
str) – A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_sds_certificate_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" )
Attributes
- secret_name
A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.
VirtualGatewayListenerTlsValidationContextProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextProperty(*, trust, subject_alternative_names=None)
Bases:
objectAn object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) validation context.
- Parameters:
trust (
Union[IResolvable,VirtualGatewayListenerTlsValidationContextTrustProperty,Dict[str,Any]]) – A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.subject_alternative_names (
Union[IResolvable,SubjectAlternativeNamesProperty,Dict[str,Any],None]) – A reference to an object that represents the SANs for a virtual gateway listener’s Transport Layer Security (TLS) validation context.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_validation_context_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) )
Attributes
- subject_alternative_names
A reference to an object that represents the SANs for a virtual gateway listener’s Transport Layer Security (TLS) validation context.
- trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
VirtualGatewayListenerTlsValidationContextTrustProperty
- class CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty(*, file=None, sds=None)
Bases:
objectAn object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) validation context trust.
- Parameters:
file (
Union[IResolvable,VirtualGatewayTlsValidationContextFileTrustProperty,Dict[str,Any],None]) – An object that represents a Transport Layer Security (TLS) validation context trust for a local file.sds (
Union[IResolvable,VirtualGatewayTlsValidationContextSdsTrustProperty,Dict[str,Any],None]) – A reference to an object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_listener_tls_validation_context_trust_property = appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) )
Attributes
- file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
- sds
A reference to an object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
VirtualGatewayLoggingProperty
- class CfnVirtualGateway.VirtualGatewayLoggingProperty(*, access_log=None)
Bases:
objectAn object that represents logging information.
- Parameters:
access_log (
Union[IResolvable,VirtualGatewayAccessLogProperty,Dict[str,Any],None]) – The access log configuration.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_logging_property = appmesh.CfnVirtualGateway.VirtualGatewayLoggingProperty( access_log=appmesh.CfnVirtualGateway.VirtualGatewayAccessLogProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayFileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualGateway.LoggingFormatProperty( json=[appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) ) )
Attributes
VirtualGatewayPortMappingProperty
- class CfnVirtualGateway.VirtualGatewayPortMappingProperty(*, port, protocol)
Bases:
objectAn object that represents a port mapping.
- Parameters:
port (
Union[int,float]) – The port used for the port mapping. Specify one protocol.protocol (
str) – The protocol used for the port mapping.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_port_mapping_property = appmesh.CfnVirtualGateway.VirtualGatewayPortMappingProperty( port=123, protocol="protocol" )
Attributes
- port
The port used for the port mapping.
Specify one protocol.
- protocol
The protocol used for the port mapping.
VirtualGatewaySpecProperty
- class CfnVirtualGateway.VirtualGatewaySpecProperty(*, listeners, backend_defaults=None, logging=None)
Bases:
objectAn object that represents the specification of a service mesh resource.
- Parameters:
listeners (
Union[IResolvable,Sequence[Union[IResolvable,VirtualGatewayListenerProperty,Dict[str,Any]]]]) – The listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener.backend_defaults (
Union[IResolvable,VirtualGatewayBackendDefaultsProperty,Dict[str,Any],None]) – A reference to an object that represents the defaults for backends.logging (
Union[IResolvable,VirtualGatewayLoggingProperty,Dict[str,Any],None]) – An object that represents logging information.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_spec_property = appmesh.CfnVirtualGateway.VirtualGatewaySpecProperty( listeners=[appmesh.CfnVirtualGateway.VirtualGatewayListenerProperty( port_mapping=appmesh.CfnVirtualGateway.VirtualGatewayPortMappingProperty( port=123, protocol="protocol" ), # the properties below are optional connection_pool=appmesh.CfnVirtualGateway.VirtualGatewayConnectionPoolProperty( grpc=appmesh.CfnVirtualGateway.VirtualGatewayGrpcConnectionPoolProperty( max_requests=123 ), http=appmesh.CfnVirtualGateway.VirtualGatewayHttpConnectionPoolProperty( max_connections=123, # the properties below are optional max_pending_requests=123 ), http2=appmesh.CfnVirtualGateway.VirtualGatewayHttp2ConnectionPoolProperty( max_requests=123 ) ), health_check=appmesh.CfnVirtualGateway.VirtualGatewayHealthCheckPolicyProperty( healthy_threshold=123, interval_millis=123, protocol="protocol", timeout_millis=123, unhealthy_threshold=123, # the properties below are optional path="path", port=123 ), tls=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsProperty( certificate=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsCertificateProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsAcmCertificateProperty( certificate_arn="certificateArn" ), file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), mode="mode", # the properties below are optional validation=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsValidationContextTrustProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ) ) )], # the properties below are optional backend_defaults=appmesh.CfnVirtualGateway.VirtualGatewayBackendDefaultsProperty( client_policy=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyProperty( tls=appmesh.CfnVirtualGateway.VirtualGatewayClientPolicyTlsProperty( validation=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) ), # the properties below are optional certificate=appmesh.CfnVirtualGateway.VirtualGatewayClientTlsCertificateProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsFileCertificateProperty( certificate_chain="certificateChain", private_key="privateKey" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayListenerTlsSdsCertificateProperty( secret_name="secretName" ) ), enforce=False, ports=[123] ) ) ), logging=appmesh.CfnVirtualGateway.VirtualGatewayLoggingProperty( access_log=appmesh.CfnVirtualGateway.VirtualGatewayAccessLogProperty( file=appmesh.CfnVirtualGateway.VirtualGatewayFileAccessLogProperty( path="path", # the properties below are optional format=appmesh.CfnVirtualGateway.LoggingFormatProperty( json=[appmesh.CfnVirtualGateway.JsonFormatRefProperty( key="key", value="value" )], text="text" ) ) ) ) )
Attributes
- backend_defaults
A reference to an object that represents the defaults for backends.
- listeners
The listeners that the mesh endpoint is expected to receive inbound traffic from.
You can specify one listener.
- logging
An object that represents logging information.
VirtualGatewayTlsValidationContextAcmTrustProperty
- class CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty(*, certificate_authority_arns)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.
- Parameters:
certificate_authority_arns (
Sequence[str]) – One or more ACM Amazon Resource Name (ARN)s.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_tls_validation_context_acm_trust_property = appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] )
Attributes
- certificate_authority_arns
One or more ACM Amazon Resource Name (ARN)s.
VirtualGatewayTlsValidationContextFileTrustProperty
- class CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty(*, certificate_chain)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context trust for a local file.
- Parameters:
certificate_chain (
str) – The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_tls_validation_context_file_trust_property = appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" )
Attributes
- certificate_chain
The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.
VirtualGatewayTlsValidationContextProperty
- class CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty(*, trust, subject_alternative_names=None)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context.
- Parameters:
trust (
Union[IResolvable,VirtualGatewayTlsValidationContextTrustProperty,Dict[str,Any]]) – A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.subject_alternative_names (
Union[IResolvable,SubjectAlternativeNamesProperty,Dict[str,Any],None]) – A reference to an object that represents the SANs for a virtual gateway’s listener’s Transport Layer Security (TLS) validation context.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_tls_validation_context_property = appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextProperty( trust=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) ), # the properties below are optional subject_alternative_names=appmesh.CfnVirtualGateway.SubjectAlternativeNamesProperty( match=appmesh.CfnVirtualGateway.SubjectAlternativeNameMatchersProperty( exact=["exact"] ) ) )
Attributes
- subject_alternative_names
A reference to an object that represents the SANs for a virtual gateway’s listener’s Transport Layer Security (TLS) validation context.
- trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
VirtualGatewayTlsValidationContextSdsTrustProperty
- class CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty(*, secret_name)
Bases:
objectAn object that represents a virtual gateway’s listener’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh TLS documentation for more info.
- Parameters:
secret_name (
str) – A reference to an object that represents the name of the secret for a virtual gateway’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_tls_validation_context_sds_trust_property = appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" )
Attributes
- secret_name
A reference to an object that represents the name of the secret for a virtual gateway’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
VirtualGatewayTlsValidationContextTrustProperty
- class CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty(*, acm=None, file=None, sds=None)
Bases:
objectAn object that represents a Transport Layer Security (TLS) validation context trust.
- Parameters:
acm (
Union[IResolvable,VirtualGatewayTlsValidationContextAcmTrustProperty,Dict[str,Any],None]) – A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.file (
Union[IResolvable,VirtualGatewayTlsValidationContextFileTrustProperty,Dict[str,Any],None]) – An object that represents a Transport Layer Security (TLS) validation context trust for a local file.sds (
Union[IResolvable,VirtualGatewayTlsValidationContextSdsTrustProperty,Dict[str,Any],None]) – A reference to an object that represents a virtual gateway’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_appmesh as appmesh virtual_gateway_tls_validation_context_trust_property = appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextTrustProperty( acm=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextAcmTrustProperty( certificate_authority_arns=["certificateAuthorityArns"] ), file=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextFileTrustProperty( certificate_chain="certificateChain" ), sds=appmesh.CfnVirtualGateway.VirtualGatewayTlsValidationContextSdsTrustProperty( secret_name="secretName" ) )
Attributes
- acm
A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.
- file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
- sds
A reference to an object that represents a virtual gateway’s Transport Layer Security (TLS) Secret Discovery Service validation context trust.