Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.AppMesh.Types.TlsValidationContext

Description

Synopsis

Documentation

data TlsValidationContext Source #

An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.

See: newTlsValidationContext smart constructor.

Constructors

TlsValidationContext'

Fields

subjectAlternativeNames :: Maybe SubjectAlternativeNames
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
trust :: TlsValidationContextTrust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.

Instances

Instances details

FromJSON TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods parseJSON :: Value -> Parser TlsValidationContext # parseJSONList :: Value -> Parser [TlsValidationContext] #
ToJSON TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods toJSON :: TlsValidationContext -> Value # toEncoding :: TlsValidationContext -> Encoding # toJSONList :: [TlsValidationContext] -> Value # toEncodingList :: [TlsValidationContext] -> Encoding #
Generic TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Associated Types type Rep TlsValidationContext :: Type -> Type # Methods from :: TlsValidationContext -> Rep TlsValidationContext x # to :: Rep TlsValidationContext x -> TlsValidationContext #
Read TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods readsPrec :: Int -> ReadS TlsValidationContext # readList :: ReadS [TlsValidationContext] # readPrec :: ReadPrec TlsValidationContext # readListPrec :: ReadPrec [TlsValidationContext] #
Show TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods showsPrec :: Int -> TlsValidationContext -> ShowS # show :: TlsValidationContext -> String # showList :: [TlsValidationContext] -> ShowS #
NFData TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods rnf :: TlsValidationContext -> () #
Eq TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods (==) :: TlsValidationContext -> TlsValidationContext -> Bool # (/=) :: TlsValidationContext -> TlsValidationContext -> Bool #
Hashable TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext Methods hashWithSalt :: Int -> TlsValidationContext -> Int # hash :: TlsValidationContext -> Int #
type Rep TlsValidationContext Source #
Instance details Defined in Amazonka.AppMesh.Types.TlsValidationContext type Rep TlsValidationContext = D1 ('MetaData "TlsValidationContext" "Amazonka.AppMesh.Types.TlsValidationContext" "amazonka-appmesh-2.0-GBIHUgXnP8s1LEJyvNe1ca" 'False) (C1 ('MetaCons "TlsValidationContext'" 'PrefixI 'True) (S1 ('MetaSel ('Just "subjectAlternativeNames") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe SubjectAlternativeNames)) :*: S1 ('MetaSel ('Just "trust") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 TlsValidationContextTrust)))

newTlsValidationContext Source #

Arguments

:: TlsValidationContextTrust	`$sel:trust:TlsValidationContext'`
-> TlsValidationContext

Create a value of TlsValidationContext with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:subjectAlternativeNames:TlsValidationContext', tlsValidationContext_subjectAlternativeNames - A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.

$sel:trust:TlsValidationContext', tlsValidationContext_trust - A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.

tlsValidationContext_subjectAlternativeNames :: Lens' TlsValidationContext (Maybe SubjectAlternativeNames) Source #

A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.

tlsValidationContext_trust :: Lens' TlsValidationContext TlsValidationContextTrust Source #

A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.