Interface CfnTLSInspectionConfiguration.ITLSInspectionConfigurationProperty

The object that defines a TLS inspection configuration. This defines the TLS inspection configuration.

Namespace: Amazon.CDK.AWS.NetworkFirewall

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public interface CfnTLSInspectionConfiguration.ITLSInspectionConfigurationProperty

Syntax (vb)

Public Interface CfnTLSInspectionConfiguration.ITLSInspectionConfigurationProperty

Remarks

AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.

To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-tlsinspectionconfiguration.html

ExampleMetadata: fixture=_generated

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.NetworkFirewall;

             var tLSInspectionConfigurationProperty = new TLSInspectionConfigurationProperty {
                 ServerCertificateConfigurations = new [] { new ServerCertificateConfigurationProperty {
                     CertificateAuthorityArn = "certificateAuthorityArn",
                     CheckCertificateRevocationStatus = new CheckCertificateRevocationStatusProperty {
                         RevokedStatusAction = "revokedStatusAction",
                         UnknownStatusAction = "unknownStatusAction"
                     },
                     Scopes = new [] { new ServerCertificateScopeProperty {
                         DestinationPorts = new [] { new PortRangeProperty {
                             FromPort = 123,
                             ToPort = 123
                         } },
                         Destinations = new [] { new AddressProperty {
                             AddressDefinition = "addressDefinition"
                         } },
                         Protocols = new [] { 123 },
                         SourcePorts = new [] { new PortRangeProperty {
                             FromPort = 123,
                             ToPort = 123
                         } },
                         Sources = new [] { new AddressProperty {
                             AddressDefinition = "addressDefinition"
                         } }
                     } },
                     ServerCertificates = new [] { new ServerCertificateProperty {
                         ResourceArn = "resourceArn"
                     } }
                 } }
             };

Synopsis

Properties

ServerCertificateConfigurations

Lists the server certificate configurations that are associated with the TLS configuration.

Properties

ServerCertificateConfigurations

Lists the server certificate configurations that are associated with the TLS configuration.

object? ServerCertificateConfigurations { get; }

Property Value

object

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-tlsinspectionconfiguration.html#cfn-networkfirewall-tlsinspectionconfiguration-tlsinspectionconfiguration-servercertificateconfigurations

Type union: either IResolvable or (either IResolvable or CfnTLSInspectionConfiguration.IServerCertificateConfigurationProperty)[]