Class CfnTLSInspectionConfigurationProps
Properties for defining a CfnTLSInspectionConfiguration.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.NetworkFirewall
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnTLSInspectionConfigurationProps : ICfnTLSInspectionConfigurationPropsSyntax (vb)
Public Class CfnTLSInspectionConfigurationProps Implements ICfnTLSInspectionConfigurationPropsRemarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var cfnTLSInspectionConfigurationProps = new CfnTLSInspectionConfigurationProps {
TlsInspectionConfiguration = new TLSInspectionConfigurationProperty {
ServerCertificateConfigurations = new [] { new ServerCertificateConfigurationProperty {
CertificateAuthorityArn = "certificateAuthorityArn",
CheckCertificateRevocationStatus = new CheckCertificateRevocationStatusProperty {
RevokedStatusAction = "revokedStatusAction",
UnknownStatusAction = "unknownStatusAction"
},
Scopes = new [] { new ServerCertificateScopeProperty {
DestinationPorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Destinations = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
Protocols = new [] { 123 },
SourcePorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Sources = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} }
} },
ServerCertificates = new [] { new ServerCertificateProperty {
ResourceArn = "resourceArn"
} }
} }
},
TlsInspectionConfigurationName = "tlsInspectionConfigurationName",
// the properties below are optional
Description = "description",
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
};Synopsis
Constructors
| CfnTLSInspectionConfigurationProps() | Properties for defining a |
Properties
| Description | A description of the TLS inspection configuration. |
| Tags | The key:value pairs to associate with the resource. |
| TlsInspectionConfiguration | The object that defines a TLS inspection configuration. |
| TlsInspectionConfigurationName | The descriptive name of the TLS inspection configuration. |
Constructors
CfnTLSInspectionConfigurationProps()
Properties for defining a CfnTLSInspectionConfiguration.
public CfnTLSInspectionConfigurationProps()Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var cfnTLSInspectionConfigurationProps = new CfnTLSInspectionConfigurationProps {
TlsInspectionConfiguration = new TLSInspectionConfigurationProperty {
ServerCertificateConfigurations = new [] { new ServerCertificateConfigurationProperty {
CertificateAuthorityArn = "certificateAuthorityArn",
CheckCertificateRevocationStatus = new CheckCertificateRevocationStatusProperty {
RevokedStatusAction = "revokedStatusAction",
UnknownStatusAction = "unknownStatusAction"
},
Scopes = new [] { new ServerCertificateScopeProperty {
DestinationPorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Destinations = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
Protocols = new [] { 123 },
SourcePorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Sources = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} }
} },
ServerCertificates = new [] { new ServerCertificateProperty {
ResourceArn = "resourceArn"
} }
} }
},
TlsInspectionConfigurationName = "tlsInspectionConfigurationName",
// the properties below are optional
Description = "description",
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
};Properties
Description
A description of the TLS inspection configuration.
public string? Description { get; set; }Property Value
Remarks
Tags
The key:value pairs to associate with the resource.
public ICfnTag[]? Tags { get; set; }Property Value
ICfnTag[]
Remarks
TlsInspectionConfiguration
The object that defines a TLS inspection configuration.
public object TlsInspectionConfiguration { get; set; }Property Value
Remarks
AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .
TlsInspectionConfigurationName
The descriptive name of the TLS inspection configuration.
public string TlsInspectionConfigurationName { get; set; }Property Value
Remarks
You can't change the name of a TLS inspection configuration after you create it.