This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::AppMesh::VirtualGateway Creates a virtual gateway. A virtual gateway allows resources outside your mesh to communicate to resources that are inside your mesh. The virtual gateway represents an Envoy proxy running in an Amazon ECS task, in a Kubernetes service, or on an Amazon EC2 instance. Unlike a virtual node, which represents an Envoy running with an application, a virtual gateway represents Envoy deployed by itself. For more information about virtual gateways, see [Virtual gateways](https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html). ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "Type" : "AWS::AppMesh::VirtualGateway", "Properties" : { "[MeshName](#cfn-appmesh-virtualgateway-meshname)" : String, "[MeshOwner](#cfn-appmesh-virtualgateway-meshowner)" : String, "[Spec](#cfn-appmesh-virtualgateway-spec)" : VirtualGatewaySpec, "[Tags](#cfn-appmesh-virtualgateway-tags)" : [ Tag, ... ], "[VirtualGatewayName](#cfn-appmesh-virtualgateway-virtualgatewayname)" : String } } ``` ### YAML ``` Type: AWS::AppMesh::VirtualGateway Properties: [MeshName](#cfn-appmesh-virtualgateway-meshname): String [MeshOwner](#cfn-appmesh-virtualgateway-meshowner): String [Spec](#cfn-appmesh-virtualgateway-spec): VirtualGatewaySpec [Tags](#cfn-appmesh-virtualgateway-tags): - Tag [VirtualGatewayName](#cfn-appmesh-virtualgateway-virtualgatewayname): String ``` ## Properties `MeshName` The name of the service mesh that the virtual gateway resides in. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `255` *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `MeshOwner` The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html). *Required*: No *Type*: String *Minimum*: `12` *Maximum*: `12` *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) `Spec` The specifications of the virtual gateway. *Required*: Yes *Type*: [VirtualGatewaySpec](aws-properties-appmesh-virtualgateway-virtualgatewayspec.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Tags` Optional metadata that you can apply to the virtual gateway to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters. *Required*: No *Type*: Array of [Tag](aws-properties-appmesh-virtualgateway-tag.md) *Minimum*: `0` *Maximum*: `50` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `VirtualGatewayName` The name of the virtual gateway. *Required*: No *Type*: String *Minimum*: `1` *Maximum*: `255` *Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) ## Return values ### Ref When you pass the logical ID of this resource to the intrinsic `Ref` function, `Ref` returns the resource ARN. For example: `{ "Ref": "myVirtualGateway" }` When you pass the logical ID of an `AWS::AppMesh::VirtualGateway` resource to the intrinsic Ref function, the function returns the gateway route ARN, such as `arn:aws:appmesh:us-east-1:555555555555:virtualGateway/myVirtualGateway`. For more information about using the `Ref` function, see [https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html). ### Fn::GetAtt The `Fn::GetAtt` intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values. For more information about using the `Fn::GetAtt` intrinsic function, see [https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html). #### `Arn` The full Amazon Resource Name (ARN) for the virtual gateway. `MeshName` The name of the service mesh that the virtual gateway resides in. `MeshOwner` The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html). `ResourceOwner` The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html). `Uid` The unique identifier for the virtual gateway. `VirtualGatewayName` The name of the virtual gateway. ## See also + [Virtual gateways](https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html) in the * AWS App Mesh User Guide *. + [CreateVirtualGateway](https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_CreateVirtualGateway.html) in the * AWS App Mesh API Reference *. # AWS::AppMesh::VirtualGateway JsonFormatRef An object that represents the key value pairs for the JSON. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Key](#cfn-appmesh-virtualgateway-jsonformatref-key)" : String, "[Value](#cfn-appmesh-virtualgateway-jsonformatref-value)" : String } ``` ### YAML ``` [Key](#cfn-appmesh-virtualgateway-jsonformatref-key): String [Value](#cfn-appmesh-virtualgateway-jsonformatref-value): String ``` ## Properties `Key` The specified key for the JSON. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `100` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Value` The specified value for the JSON. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `100` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway LoggingFormat An object that represents the format for the logs. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Json](#cfn-appmesh-virtualgateway-loggingformat-json)" : [ JsonFormatRef, ... ], "[Text](#cfn-appmesh-virtualgateway-loggingformat-text)" : String } ``` ### YAML ``` [Json](#cfn-appmesh-virtualgateway-loggingformat-json): - JsonFormatRef [Text](#cfn-appmesh-virtualgateway-loggingformat-text): String ``` ## Properties `Json` The logging format for JSON. *Required*: No *Type*: Array of [JsonFormatRef](aws-properties-appmesh-virtualgateway-jsonformatref.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Text` The logging format for text. *Required*: No *Type*: String *Minimum*: `1` *Maximum*: `1000` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway SubjectAlternativeNameMatchers An object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Exact](#cfn-appmesh-virtualgateway-subjectalternativenamematchers-exact)" : [ String, ... ] } ``` ### YAML ``` [Exact](#cfn-appmesh-virtualgateway-subjectalternativenamematchers-exact): - String ``` ## Properties `Exact` The values sent must match the specified values exactly. *Required*: No *Type*: Array of String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway SubjectAlternativeNames An object that represents the subject alternative names secured by the certificate. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Match](#cfn-appmesh-virtualgateway-subjectalternativenames-match)" : SubjectAlternativeNameMatchers } ``` ### YAML ``` [Match](#cfn-appmesh-virtualgateway-subjectalternativenames-match): SubjectAlternativeNameMatchers ``` ## Properties `Match` An object that represents the criteria for determining a SANs match. *Required*: Yes *Type*: [SubjectAlternativeNameMatchers](aws-properties-appmesh-virtualgateway-subjectalternativenamematchers.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway Tag Optional metadata that you can apply to the virtual gateway to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Key](#cfn-appmesh-virtualgateway-tag-key)" : String, "[Value](#cfn-appmesh-virtualgateway-tag-value)" : String } ``` ### YAML ``` [Key](#cfn-appmesh-virtualgateway-tag-key): String [Value](#cfn-appmesh-virtualgateway-tag-value): String ``` ## Properties `Key` One part of a key-value pair that make up a tag. A `key` is a general label that acts like a category for more specific tag values. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `128` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Value` The optional part of a key-value pair that make up a tag. A `value` acts as a descriptor within a tag category (key). *Required*: Yes *Type*: String *Minimum*: `0` *Maximum*: `256` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayAccessLog The access log configuration for a virtual gateway. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[File](#cfn-appmesh-virtualgateway-virtualgatewayaccesslog-file)" : VirtualGatewayFileAccessLog } ``` ### YAML ``` [File](#cfn-appmesh-virtualgateway-virtualgatewayaccesslog-file): VirtualGatewayFileAccessLog ``` ## Properties `File` The file object to send virtual gateway access logs to. *Required*: No *Type*: [VirtualGatewayFileAccessLog](aws-properties-appmesh-virtualgateway-virtualgatewayfileaccesslog.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayBackendDefaults An object that represents the default properties for a backend. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ClientPolicy](#cfn-appmesh-virtualgateway-virtualgatewaybackenddefaults-clientpolicy)" : VirtualGatewayClientPolicy } ``` ### YAML ``` [ClientPolicy](#cfn-appmesh-virtualgateway-virtualgatewaybackenddefaults-clientpolicy): VirtualGatewayClientPolicy ``` ## Properties `ClientPolicy` A reference to an object that represents a client policy. *Required*: No *Type*: [VirtualGatewayClientPolicy](aws-properties-appmesh-virtualgateway-virtualgatewayclientpolicy.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayClientPolicy An object that represents a client policy. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[TLS](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicy-tls)" : VirtualGatewayClientPolicyTls } ``` ### YAML ``` [TLS](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicy-tls): VirtualGatewayClientPolicyTls ``` ## Properties `TLS` A reference to an object that represents a Transport Layer Security (TLS) client policy. *Required*: No *Type*: [VirtualGatewayClientPolicyTls](aws-properties-appmesh-virtualgateway-virtualgatewayclientpolicytls.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayClientPolicyTls An object that represents a Transport Layer Security (TLS) client policy. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Certificate](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-certificate)" : VirtualGatewayClientTlsCertificate, "[Enforce](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-enforce)" : Boolean, "[Ports](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-ports)" : [ Integer, ... ], "[Validation](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-validation)" : VirtualGatewayTlsValidationContext } ``` ### YAML ``` [Certificate](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-certificate): VirtualGatewayClientTlsCertificate [Enforce](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-enforce): Boolean [Ports](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-ports): - Integer [Validation](#cfn-appmesh-virtualgateway-virtualgatewayclientpolicytls-validation): VirtualGatewayTlsValidationContext ``` ## Properties `Certificate` A reference to an object that represents a virtual gateway's client's Transport Layer Security (TLS) certificate. *Required*: No *Type*: [VirtualGatewayClientTlsCertificate](aws-properties-appmesh-virtualgateway-virtualgatewayclienttlscertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Enforce` Whether the policy is enforced. The default is `True`, if a value isn't specified. *Required*: No *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Ports` One or more ports that the policy is enforced for. *Required*: No *Type*: Array of Integer *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Validation` A reference to an object that represents a Transport Layer Security (TLS) validation context. *Required*: Yes *Type*: [VirtualGatewayTlsValidationContext](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontext.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayClientTlsCertificate An object that represents the virtual gateway's client's Transport Layer Security (TLS) certificate. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[File](#cfn-appmesh-virtualgateway-virtualgatewayclienttlscertificate-file)" : VirtualGatewayListenerTlsFileCertificate, "[SDS](#cfn-appmesh-virtualgateway-virtualgatewayclienttlscertificate-sds)" : VirtualGatewayListenerTlsSdsCertificate } ``` ### YAML ``` [File](#cfn-appmesh-virtualgateway-virtualgatewayclienttlscertificate-file): VirtualGatewayListenerTlsFileCertificate [SDS](#cfn-appmesh-virtualgateway-virtualgatewayclienttlscertificate-sds): VirtualGatewayListenerTlsSdsCertificate ``` ## Properties `File` An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [ Transport Layer Security (TLS) ](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html). *Required*: No *Type*: [VirtualGatewayListenerTlsFileCertificate](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlsfilecertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `SDS` A reference to an object that represents a virtual gateway's client's Secret Discovery Service certificate. *Required*: No *Type*: [VirtualGatewayListenerTlsSdsCertificate](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlssdscertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayConnectionPool An object that represents the type of virtual gateway connection pool. Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping. If not present the default value for `maxPendingRequests` is `2147483647`. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[GRPC](#cfn-appmesh-virtualgateway-virtualgatewayconnectionpool-grpc)" : VirtualGatewayGrpcConnectionPool, "[HTTP](#cfn-appmesh-virtualgateway-virtualgatewayconnectionpool-http)" : VirtualGatewayHttpConnectionPool, "[HTTP2](#cfn-appmesh-virtualgateway-virtualgatewayconnectionpool-http2)" : VirtualGatewayHttp2ConnectionPool } ``` ### YAML ``` [GRPC](#cfn-appmesh-virtualgateway-virtualgatewayconnectionpool-grpc): VirtualGatewayGrpcConnectionPool [HTTP](#cfn-appmesh-virtualgateway-virtualgatewayconnectionpool-http): VirtualGatewayHttpConnectionPool [HTTP2](#cfn-appmesh-virtualgateway-virtualgatewayconnectionpool-http2): VirtualGatewayHttp2ConnectionPool ``` ## Properties `GRPC` An object that represents a type of connection pool. *Required*: No *Type*: [VirtualGatewayGrpcConnectionPool](aws-properties-appmesh-virtualgateway-virtualgatewaygrpcconnectionpool.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `HTTP` An object that represents a type of connection pool. *Required*: No *Type*: [VirtualGatewayHttpConnectionPool](aws-properties-appmesh-virtualgateway-virtualgatewayhttpconnectionpool.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `HTTP2` An object that represents a type of connection pool. *Required*: No *Type*: [VirtualGatewayHttp2ConnectionPool](aws-properties-appmesh-virtualgateway-virtualgatewayhttp2connectionpool.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayFileAccessLog An object that represents an access log file. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Format](#cfn-appmesh-virtualgateway-virtualgatewayfileaccesslog-format)" : LoggingFormat, "[Path](#cfn-appmesh-virtualgateway-virtualgatewayfileaccesslog-path)" : String } ``` ### YAML ``` [Format](#cfn-appmesh-virtualgateway-virtualgatewayfileaccesslog-format): LoggingFormat [Path](#cfn-appmesh-virtualgateway-virtualgatewayfileaccesslog-path): String ``` ## Properties `Format` The specified format for the virtual gateway access logs. It can be either `json_format` or `text_format`. *Required*: No *Type*: [LoggingFormat](aws-properties-appmesh-virtualgateway-loggingformat.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Path` The file path to write access logs to. You can use `/dev/stdout` to send access logs to standard out and configure your Envoy container to use a log driver, such as `awslogs`, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `255` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayGrpcConnectionPool An object that represents a type of connection pool. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[MaxRequests](#cfn-appmesh-virtualgateway-virtualgatewaygrpcconnectionpool-maxrequests)" : Integer } ``` ### YAML ``` [MaxRequests](#cfn-appmesh-virtualgateway-virtualgatewaygrpcconnectionpool-maxrequests): Integer ``` ## Properties `MaxRequests` Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. *Required*: Yes *Type*: Integer *Minimum*: `1` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayHealthCheckPolicy An object that represents the health check policy for a virtual gateway's listener. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[HealthyThreshold](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-healthythreshold)" : Integer, "[IntervalMillis](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-intervalmillis)" : Integer, "[Path](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-path)" : String, "[Port](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-port)" : Integer, "[Protocol](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-protocol)" : String, "[TimeoutMillis](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-timeoutmillis)" : Integer, "[UnhealthyThreshold](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-unhealthythreshold)" : Integer } ``` ### YAML ``` [HealthyThreshold](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-healthythreshold): Integer [IntervalMillis](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-intervalmillis): Integer [Path](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-path): String [Port](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-port): Integer [Protocol](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-protocol): String [TimeoutMillis](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-timeoutmillis): Integer [UnhealthyThreshold](#cfn-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy-unhealthythreshold): Integer ``` ## Properties `HealthyThreshold` The number of consecutive successful health checks that must occur before declaring the listener healthy. *Required*: Yes *Type*: Integer *Minimum*: `2` *Maximum*: `10` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `IntervalMillis` The time period in milliseconds between each health check execution. *Required*: Yes *Type*: Integer *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Path` The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Port` The destination port for the health check request. This port must match the port defined in the [PortMapping](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appmesh-virtualnode-listener.html#cfn-appmesh-virtualnode-listener-portmapping) for the listener. *Required*: No *Type*: Integer *Minimum*: `1` *Maximum*: `65535` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Protocol` The protocol for the health check request. If you specify `grpc`, then your service must conform to the [GRPC Health Checking Protocol](https://github.com/grpc/grpc/blob/master/doc/health-checking.md). *Required*: Yes *Type*: String *Allowed values*: `http | http2 | grpc` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `TimeoutMillis` The amount of time to wait when receiving a response from the health check, in milliseconds. *Required*: Yes *Type*: Integer *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `UnhealthyThreshold` The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy. *Required*: Yes *Type*: Integer *Minimum*: `2` *Maximum*: `10` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayHttp2ConnectionPool An object that represents a type of connection pool. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[MaxRequests](#cfn-appmesh-virtualgateway-virtualgatewayhttp2connectionpool-maxrequests)" : Integer } ``` ### YAML ``` [MaxRequests](#cfn-appmesh-virtualgateway-virtualgatewayhttp2connectionpool-maxrequests): Integer ``` ## Properties `MaxRequests` Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. *Required*: Yes *Type*: Integer *Minimum*: `1` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayHttpConnectionPool An object that represents a type of connection pool. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[MaxConnections](#cfn-appmesh-virtualgateway-virtualgatewayhttpconnectionpool-maxconnections)" : Integer, "[MaxPendingRequests](#cfn-appmesh-virtualgateway-virtualgatewayhttpconnectionpool-maxpendingrequests)" : Integer } ``` ### YAML ``` [MaxConnections](#cfn-appmesh-virtualgateway-virtualgatewayhttpconnectionpool-maxconnections): Integer [MaxPendingRequests](#cfn-appmesh-virtualgateway-virtualgatewayhttpconnectionpool-maxpendingrequests): Integer ``` ## Properties `MaxConnections` Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. *Required*: Yes *Type*: Integer *Minimum*: `1` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `MaxPendingRequests` Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster. *Required*: No *Type*: Integer *Minimum*: `1` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListener An object that represents a listener for a virtual gateway. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ConnectionPool](#cfn-appmesh-virtualgateway-virtualgatewaylistener-connectionpool)" : VirtualGatewayConnectionPool, "[HealthCheck](#cfn-appmesh-virtualgateway-virtualgatewaylistener-healthcheck)" : VirtualGatewayHealthCheckPolicy, "[PortMapping](#cfn-appmesh-virtualgateway-virtualgatewaylistener-portmapping)" : VirtualGatewayPortMapping, "[TLS](#cfn-appmesh-virtualgateway-virtualgatewaylistener-tls)" : VirtualGatewayListenerTls } ``` ### YAML ``` [ConnectionPool](#cfn-appmesh-virtualgateway-virtualgatewaylistener-connectionpool): VirtualGatewayConnectionPool [HealthCheck](#cfn-appmesh-virtualgateway-virtualgatewaylistener-healthcheck): VirtualGatewayHealthCheckPolicy [PortMapping](#cfn-appmesh-virtualgateway-virtualgatewaylistener-portmapping): VirtualGatewayPortMapping [TLS](#cfn-appmesh-virtualgateway-virtualgatewaylistener-tls): VirtualGatewayListenerTls ``` ## Properties `ConnectionPool` The connection pool information for the listener. *Required*: No *Type*: [VirtualGatewayConnectionPool](aws-properties-appmesh-virtualgateway-virtualgatewayconnectionpool.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `HealthCheck` The health check information for the listener. *Required*: No *Type*: [VirtualGatewayHealthCheckPolicy](aws-properties-appmesh-virtualgateway-virtualgatewayhealthcheckpolicy.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `PortMapping` The port mapping information for the listener. *Required*: Yes *Type*: [VirtualGatewayPortMapping](aws-properties-appmesh-virtualgateway-virtualgatewayportmapping.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `TLS` A reference to an object that represents the Transport Layer Security (TLS) properties for the listener. *Required*: No *Type*: [VirtualGatewayListenerTls](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertls.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTls An object that represents the Transport Layer Security (TLS) properties for a listener. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Certificate](#cfn-appmesh-virtualgateway-virtualgatewaylistenertls-certificate)" : VirtualGatewayListenerTlsCertificate, "[Mode](#cfn-appmesh-virtualgateway-virtualgatewaylistenertls-mode)" : String, "[Validation](#cfn-appmesh-virtualgateway-virtualgatewaylistenertls-validation)" : VirtualGatewayListenerTlsValidationContext } ``` ### YAML ``` [Certificate](#cfn-appmesh-virtualgateway-virtualgatewaylistenertls-certificate): VirtualGatewayListenerTlsCertificate [Mode](#cfn-appmesh-virtualgateway-virtualgatewaylistenertls-mode): String [Validation](#cfn-appmesh-virtualgateway-virtualgatewaylistenertls-validation): VirtualGatewayListenerTlsValidationContext ``` ## Properties `Certificate` An object that represents a Transport Layer Security (TLS) certificate. *Required*: Yes *Type*: [VirtualGatewayListenerTlsCertificate](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlscertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Mode` Specify one of the following modes. + ****STRICT – Listener only accepts connections with TLS enabled. + ****PERMISSIVE – Listener accepts connections with or without TLS enabled. + ****DISABLED – Listener only accepts connections without TLS. *Required*: Yes *Type*: String *Allowed values*: `STRICT | PERMISSIVE | DISABLED` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Validation` A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context. *Required*: No *Type*: [VirtualGatewayListenerTlsValidationContext](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontext.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTlsAcmCertificate An object that represents an AWS Certificate Manager certificate. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CertificateArn](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsacmcertificate-certificatearn)" : String } ``` ### YAML ``` [CertificateArn](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsacmcertificate-certificatearn): String ``` ## Properties `CertificateArn` The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites). *Required*: Yes *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTlsCertificate An object that represents a listener's Transport Layer Security (TLS) certificate. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ACM](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlscertificate-acm)" : VirtualGatewayListenerTlsAcmCertificate, "[File](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlscertificate-file)" : VirtualGatewayListenerTlsFileCertificate, "[SDS](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlscertificate-sds)" : VirtualGatewayListenerTlsSdsCertificate } ``` ### YAML ``` [ACM](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlscertificate-acm): VirtualGatewayListenerTlsAcmCertificate [File](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlscertificate-file): VirtualGatewayListenerTlsFileCertificate [SDS](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlscertificate-sds): VirtualGatewayListenerTlsSdsCertificate ``` ## Properties `ACM` A reference to an object that represents an AWS Certificate Manager certificate. *Required*: No *Type*: [VirtualGatewayListenerTlsAcmCertificate](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlsacmcertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `File` A reference to an object that represents a local file certificate. *Required*: No *Type*: [VirtualGatewayListenerTlsFileCertificate](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlsfilecertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `SDS` A reference to an object that represents a virtual gateway's listener's Secret Discovery Service certificate. *Required*: No *Type*: [VirtualGatewayListenerTlsSdsCertificate](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlssdscertificate.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTlsFileCertificate An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites). ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CertificateChain](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsfilecertificate-certificatechain)" : String, "[PrivateKey](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsfilecertificate-privatekey)" : String } ``` ### YAML ``` [CertificateChain](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsfilecertificate-certificatechain): String [PrivateKey](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsfilecertificate-privatekey): String ``` ## Properties `CertificateChain` The certificate chain for the certificate. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `255` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `PrivateKey` The private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `255` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTlsSdsCertificate An object that represents the virtual gateway's listener's Secret Discovery Service certificate.The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh[TLS documentation](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) for more info. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[SecretName](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlssdscertificate-secretname)" : String } ``` ### YAML ``` [SecretName](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlssdscertificate-secretname): String ``` ## Properties `SecretName` A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain. *Required*: Yes *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTlsValidationContext An object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[SubjectAlternativeNames](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontext-subjectalternativenames)" : SubjectAlternativeNames, "[Trust](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontext-trust)" : VirtualGatewayListenerTlsValidationContextTrust } ``` ### YAML ``` [SubjectAlternativeNames](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontext-subjectalternativenames): SubjectAlternativeNames [Trust](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontext-trust): VirtualGatewayListenerTlsValidationContextTrust ``` ## Properties `SubjectAlternativeNames` A reference to an object that represents the SANs for a virtual gateway listener's Transport Layer Security (TLS) validation context. *Required*: No *Type*: [SubjectAlternativeNames](aws-properties-appmesh-virtualgateway-subjectalternativenames.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Trust` A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate. *Required*: Yes *Type*: [VirtualGatewayListenerTlsValidationContextTrust](aws-properties-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontexttrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayListenerTlsValidationContextTrust An object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context trust. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[File](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontexttrust-file)" : VirtualGatewayTlsValidationContextFileTrust, "[SDS](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontexttrust-sds)" : VirtualGatewayTlsValidationContextSdsTrust } ``` ### YAML ``` [File](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontexttrust-file): VirtualGatewayTlsValidationContextFileTrust [SDS](#cfn-appmesh-virtualgateway-virtualgatewaylistenertlsvalidationcontexttrust-sds): VirtualGatewayTlsValidationContextSdsTrust ``` ## Properties `File` An object that represents a Transport Layer Security (TLS) validation context trust for a local file. *Required*: No *Type*: [VirtualGatewayTlsValidationContextFileTrust](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextfiletrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `SDS` A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust. *Required*: No *Type*: [VirtualGatewayTlsValidationContextSdsTrust](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextsdstrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayLogging An object that represents logging information. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[AccessLog](#cfn-appmesh-virtualgateway-virtualgatewaylogging-accesslog)" : VirtualGatewayAccessLog } ``` ### YAML ``` [AccessLog](#cfn-appmesh-virtualgateway-virtualgatewaylogging-accesslog): VirtualGatewayAccessLog ``` ## Properties `AccessLog` The access log configuration. *Required*: No *Type*: [VirtualGatewayAccessLog](aws-properties-appmesh-virtualgateway-virtualgatewayaccesslog.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayPortMapping An object that represents a port mapping. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Port](#cfn-appmesh-virtualgateway-virtualgatewayportmapping-port)" : Integer, "[Protocol](#cfn-appmesh-virtualgateway-virtualgatewayportmapping-protocol)" : String } ``` ### YAML ``` [Port](#cfn-appmesh-virtualgateway-virtualgatewayportmapping-port): Integer [Protocol](#cfn-appmesh-virtualgateway-virtualgatewayportmapping-protocol): String ``` ## Properties `Port` The port used for the port mapping. Specify one protocol. *Required*: Yes *Type*: Integer *Minimum*: `1` *Maximum*: `65535` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Protocol` The protocol used for the port mapping. *Required*: Yes *Type*: String *Allowed values*: `http | http2 | grpc` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewaySpec An object that represents the specification of a service mesh resource. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[BackendDefaults](#cfn-appmesh-virtualgateway-virtualgatewayspec-backenddefaults)" : VirtualGatewayBackendDefaults, "[Listeners](#cfn-appmesh-virtualgateway-virtualgatewayspec-listeners)" : [ VirtualGatewayListener, ... ], "[Logging](#cfn-appmesh-virtualgateway-virtualgatewayspec-logging)" : VirtualGatewayLogging } ``` ### YAML ``` [BackendDefaults](#cfn-appmesh-virtualgateway-virtualgatewayspec-backenddefaults): VirtualGatewayBackendDefaults [Listeners](#cfn-appmesh-virtualgateway-virtualgatewayspec-listeners): - VirtualGatewayListener [Logging](#cfn-appmesh-virtualgateway-virtualgatewayspec-logging): VirtualGatewayLogging ``` ## Properties `BackendDefaults` A reference to an object that represents the defaults for backends. *Required*: No *Type*: [VirtualGatewayBackendDefaults](aws-properties-appmesh-virtualgateway-virtualgatewaybackenddefaults.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Listeners` The listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener. *Required*: Yes *Type*: Array of [VirtualGatewayListener](aws-properties-appmesh-virtualgateway-virtualgatewaylistener.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Logging` An object that represents logging information. *Required*: No *Type*: [VirtualGatewayLogging](aws-properties-appmesh-virtualgateway-virtualgatewaylogging.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayTlsValidationContext An object that represents a Transport Layer Security (TLS) validation context. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[SubjectAlternativeNames](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontext-subjectalternativenames)" : SubjectAlternativeNames, "[Trust](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontext-trust)" : VirtualGatewayTlsValidationContextTrust } ``` ### YAML ``` [SubjectAlternativeNames](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontext-subjectalternativenames): SubjectAlternativeNames [Trust](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontext-trust): VirtualGatewayTlsValidationContextTrust ``` ## Properties `SubjectAlternativeNames` A reference to an object that represents the SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context. *Required*: No *Type*: [SubjectAlternativeNames](aws-properties-appmesh-virtualgateway-subjectalternativenames.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Trust` A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate. *Required*: Yes *Type*: [VirtualGatewayTlsValidationContextTrust](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayTlsValidationContextAcmTrust An object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CertificateAuthorityArns](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextacmtrust-certificateauthorityarns)" : [ String, ... ] } ``` ### YAML ``` [CertificateAuthorityArns](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextacmtrust-certificateauthorityarns): - String ``` ## Properties `CertificateAuthorityArns` One or more ACM Amazon Resource Name (ARN)s. *Required*: Yes *Type*: Array of String *Minimum*: `1` *Maximum*: `3` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayTlsValidationContextFileTrust An object that represents a Transport Layer Security (TLS) validation context trust for a local file. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CertificateChain](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextfiletrust-certificatechain)" : String } ``` ### YAML ``` [CertificateChain](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextfiletrust-certificatechain): String ``` ## Properties `CertificateChain` The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on. *Required*: Yes *Type*: String *Minimum*: `1` *Maximum*: `255` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayTlsValidationContextSdsTrust An object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust. The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh [TLS documentation](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) for more info. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[SecretName](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextsdstrust-secretname)" : String } ``` ### YAML ``` [SecretName](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextsdstrust-secretname): String ``` ## Properties `SecretName` A reference to an object that represents the name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. *Required*: Yes *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) # AWS::AppMesh::VirtualGateway VirtualGatewayTlsValidationContextTrust An object that represents a Transport Layer Security (TLS) validation context trust. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[ACM](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust-acm)" : VirtualGatewayTlsValidationContextAcmTrust, "[File](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust-file)" : VirtualGatewayTlsValidationContextFileTrust, "[SDS](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust-sds)" : VirtualGatewayTlsValidationContextSdsTrust } ``` ### YAML ``` [ACM](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust-acm): VirtualGatewayTlsValidationContextAcmTrust [File](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust-file): VirtualGatewayTlsValidationContextFileTrust [SDS](#cfn-appmesh-virtualgateway-virtualgatewaytlsvalidationcontexttrust-sds): VirtualGatewayTlsValidationContextSdsTrust ``` ## Properties `ACM` A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate. *Required*: No *Type*: [VirtualGatewayTlsValidationContextAcmTrust](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextacmtrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `File` An object that represents a Transport Layer Security (TLS) validation context trust for a local file. *Required*: No *Type*: [VirtualGatewayTlsValidationContextFileTrust](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextfiletrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `SDS` A reference to an object that represents a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. *Required*: No *Type*: [VirtualGatewayTlsValidationContextSdsTrust](aws-properties-appmesh-virtualgateway-virtualgatewaytlsvalidationcontextsdstrust.md) *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)