interface TLSInspectionConfigurationProperty

Language	Type name
.NET	Amazon.CDK.Mixins.Preview.AWS.NetworkFirewall.Mixins.CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty
Go	github.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awsnetworkfirewall/mixins#CfnTLSInspectionConfigurationPropsMixin_TLSInspectionConfigurationProperty
Java	software.amazon.awscdk.mixins.preview.services.networkfirewall.mixins.CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty
Python	aws_cdk.mixins_preview.aws_networkfirewall.mixins.CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty
TypeScript	@aws-cdk/mixins-preview » aws_networkfirewall » mixins » CfnTLSInspectionConfigurationPropsMixin » TLSInspectionConfigurationProperty

The object that defines a TLS inspection configuration. This defines the TLS inspection configuration.

AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.

To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-tlsinspectionconfiguration.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { mixins as networkfirewall_mixins } from '@aws-cdk/mixins-preview/aws-networkfirewall';
const tLSInspectionConfigurationProperty: networkfirewall_mixins.CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty = {
  serverCertificateConfigurations: [{
    certificateAuthorityArn: 'certificateAuthorityArn',
    checkCertificateRevocationStatus: {
      revokedStatusAction: 'revokedStatusAction',
      unknownStatusAction: 'unknownStatusAction',
    },
    scopes: [{
      destinationPorts: [{
        fromPort: 123,
        toPort: 123,
      }],
      destinations: [{
        addressDefinition: 'addressDefinition',
      }],
      protocols: [123],
      sourcePorts: [{
        fromPort: 123,
        toPort: 123,
      }],
      sources: [{
        addressDefinition: 'addressDefinition',
      }],
    }],
    serverCertificates: [{
      resourceArn: 'resourceArn',
    }],
  }],
};

Properties

Name	Type	Description
serverCertificateConfigurations?	IResolvable | (IResolvable | ServerCertificateConfigurationProperty)[]	Lists the server certificate configurations that are associated with the TLS configuration.

---

serverCertificateConfigurations?

Type: IResolvable | (IResolvable | ServerCertificateConfigurationProperty)[] (optional)

Lists the server certificate configurations that are associated with the TLS configuration.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-tlsinspectionconfiguration.html#cfn-networkfirewall-tlsinspectionconfiguration-tlsinspectionconfiguration-servercertificateconfigurations