Interface CfnTLSInspectionConfigurationProps
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
CfnTLSInspectionConfigurationProps.Jsii$Proxy
CfnTLSInspectionConfiguration.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.networkfirewall.*;
CfnTLSInspectionConfigurationProps cfnTLSInspectionConfigurationProps = CfnTLSInspectionConfigurationProps.builder()
.tlsInspectionConfiguration(TLSInspectionConfigurationProperty.builder()
.serverCertificateConfigurations(List.of(ServerCertificateConfigurationProperty.builder()
.certificateAuthorityArn("certificateAuthorityArn")
.checkCertificateRevocationStatus(CheckCertificateRevocationStatusProperty.builder()
.revokedStatusAction("revokedStatusAction")
.unknownStatusAction("unknownStatusAction")
.build())
.scopes(List.of(ServerCertificateScopeProperty.builder()
.destinationPorts(List.of(PortRangeProperty.builder()
.fromPort(123)
.toPort(123)
.build()))
.destinations(List.of(AddressProperty.builder()
.addressDefinition("addressDefinition")
.build()))
.protocols(List.of(123))
.sourcePorts(List.of(PortRangeProperty.builder()
.fromPort(123)
.toPort(123)
.build()))
.sources(List.of(AddressProperty.builder()
.addressDefinition("addressDefinition")
.build()))
.build()))
.serverCertificates(List.of(ServerCertificateProperty.builder()
.resourceArn("resourceArn")
.build()))
.build()))
.build())
.tlsInspectionConfigurationName("tlsInspectionConfigurationName")
// the properties below are optional
.description("description")
.tags(List.of(CfnTag.builder()
.key("key")
.value("value")
.build()))
.build();
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final classA builder forCfnTLSInspectionConfigurationPropsstatic final classAn implementation forCfnTLSInspectionConfigurationProps -
Method Summary
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getTlsInspectionConfiguration
The object that defines a TLS inspection configuration.This, along with
TLSInspectionConfigurationResponse, define the TLS inspection configuration. You can retrieve all objects for a TLS inspection configuration by callingDescribeTLSInspectionConfiguration.AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.
To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide .
- See Also:
-
getTlsInspectionConfigurationName
The descriptive name of the TLS inspection configuration.You can't change the name of a TLS inspection configuration after you create it.
- See Also:
-
getDescription
A description of the TLS inspection configuration.- See Also:
-
getTags
The key:value pairs to associate with the resource.- See Also:
-
builder
-