Class CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty
The object that defines a TLS inspection configuration. This defines the TLS inspection configuration.
Inherited Members
Namespace: Amazon.CDK.CfnPropertyMixins.AWS.NetworkFirewall
Assembly: Amazon.CDK.CfnPropertyMixins.dll
Syntax (csharp)
public class CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty : CfnTLSInspectionConfigurationPropsMixin.ITLSInspectionConfigurationPropertySyntax (vb)
Public Class CfnTLSInspectionConfigurationPropsMixin.TLSInspectionConfigurationProperty Implements CfnTLSInspectionConfigurationPropsMixin.ITLSInspectionConfigurationPropertyRemarks
AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.
To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.CfnPropertyMixins.AWS.NetworkFirewall;
var tLSInspectionConfigurationProperty = new TLSInspectionConfigurationProperty {
ServerCertificateConfigurations = new [] { new ServerCertificateConfigurationProperty {
CertificateAuthorityArn = "certificateAuthorityArn",
CheckCertificateRevocationStatus = new CheckCertificateRevocationStatusProperty {
RevokedStatusAction = "revokedStatusAction",
UnknownStatusAction = "unknownStatusAction"
},
Scopes = new [] { new ServerCertificateScopeProperty {
DestinationPorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Destinations = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
Protocols = new [] { 123 },
SourcePorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Sources = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} }
} },
ServerCertificates = new [] { new ServerCertificateProperty {
ResourceArn = "resourceArn"
} }
} }
};Synopsis
Constructors
| TLSInspectionConfigurationProperty() | The object that defines a TLS inspection configuration. This defines the TLS inspection configuration. |
Properties
| ServerCertificateConfigurations | Lists the server certificate configurations that are associated with the TLS configuration. |
Constructors
TLSInspectionConfigurationProperty()
The object that defines a TLS inspection configuration. This defines the TLS inspection configuration.
public TLSInspectionConfigurationProperty()Remarks
AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.
To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.CfnPropertyMixins.AWS.NetworkFirewall;
var tLSInspectionConfigurationProperty = new TLSInspectionConfigurationProperty {
ServerCertificateConfigurations = new [] { new ServerCertificateConfigurationProperty {
CertificateAuthorityArn = "certificateAuthorityArn",
CheckCertificateRevocationStatus = new CheckCertificateRevocationStatusProperty {
RevokedStatusAction = "revokedStatusAction",
UnknownStatusAction = "unknownStatusAction"
},
Scopes = new [] { new ServerCertificateScopeProperty {
DestinationPorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Destinations = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
Protocols = new [] { 123 },
SourcePorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Sources = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} }
} },
ServerCertificates = new [] { new ServerCertificateProperty {
ResourceArn = "resourceArn"
} }
} }
};Properties
ServerCertificateConfigurations
Lists the server certificate configurations that are associated with the TLS configuration.
public object? ServerCertificateConfigurations { get; set; }Property Value
Remarks
Type union: either IResolvable or (either IResolvable or CfnTLSInspectionConfigurationPropsMixin.IServerCertificateConfigurationProperty)[]