pulumi-aws-native-kotlin/com.pulumi.awsnative.networkfirewall.kotlin.outputs/TlsInspectionConfigurationServerCertificateConfiguration

TlsInspectionConfigurationServerCertificateConfiguration

data class TlsInspectionConfigurationServerCertificateConfiguration(val certificateAuthorityArn: String? = null, val checkCertificateRevocationStatus: TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties? = null, val scopes: List<TlsInspectionConfigurationServerCertificateScope>? = null, val serverCertificates: List<TlsInspectionConfigurationServerCertificate>? = null)

Constructors

constructor(certificateAuthorityArn: String? = null, checkCertificateRevocationStatus: TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties? = null, scopes: List<TlsInspectionConfigurationServerCertificateScope>? = null, serverCertificates: List<TlsInspectionConfigurationServerCertificate>? = null)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val certificateAuthorityArn: String? = null

The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection. The following limitations apply:

Link copied to clipboard
val checkCertificateRevocationStatus: TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties? = null

When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a CertificateAuthorityArn in ServerCertificateConfiguration .

Link copied to clipboard
Link copied to clipboard
val serverCertificates: List<TlsInspectionConfigurationServerCertificate>? = null

The list of server certificates to use for inbound SSL/TLS inspection.