Tls
data class TlsInspectionConfigurationArgs(val description: Output<String>? = null, val encryptionConfigurations: Output<List<TlsInspectionConfigurationEncryptionConfigurationArgs>>? = null, val name: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val timeouts: Output<TlsInspectionConfigurationTimeoutsArgs>? = null, val tlsInspectionConfiguration: Output<TlsInspectionConfigurationTlsInspectionConfigurationArgs>? = null) : ConvertibleToJava<TlsInspectionConfigurationArgs>
Resource for managing an AWS Network Firewall TLS Inspection Configuration.
Example Usage
NOTE: You must configure either inbound inspection, outbound inspection, or both.
Basic inbound/ingress inspection
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.TlsInspectionConfiguration("example", {
name: "example",
description: "example",
encryptionConfigurations: [{
keyId: "AWS_OWNED_KMS_KEY",
type: "AWS_OWNED_KMS_KEY",
}],
tlsInspectionConfiguration: {
serverCertificateConfiguration: {
serverCertificates: [{
resourceArn: example1.arn,
}],
scopes: [{
protocols: [6],
destinationPorts: [{
fromPort: 443,
toPort: 443,
}],
destinations: [{
addressDefinition: "0.0.0.0/0",
}],
sourcePorts: [{
fromPort: 0,
toPort: 65535,
}],
sources: [{
addressDefinition: "0.0.0.0/0",
}],
}],
},
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.TlsInspectionConfiguration("example",
name="example",
description="example",
encryption_configurations=[{
"key_id": "AWS_OWNED_KMS_KEY",
"type": "AWS_OWNED_KMS_KEY",
}],
tls_inspection_configuration={
"server_certificate_configuration": {
"server_certificates": [{
"resource_arn": example1["arn"],
}],
"scopes": [{
"protocols": [6],
"destination_ports": [{
"from_port": 443,
"to_port": 443,
}],
"destinations": [{
"address_definition": "0.0.0.0/0",
}],
"source_ports": [{
"from_port": 0,
"to_port": 65535,
}],
"sources": [{
"address_definition": "0.0.0.0/0",
}],
}],
},
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.TlsInspectionConfiguration("example", new()
{
Name = "example",
Description = "example",
EncryptionConfigurations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs
{
KeyId = "AWS_OWNED_KMS_KEY",
Type = "AWS_OWNED_KMS_KEY",
},
},
TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs
{
ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs
{
ServerCertificates = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs
{
ResourceArn = example1.Arn,
},
},
Scopes = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs
{
Protocols = new[]
{
6,
},
DestinationPorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs
{
FromPort = 443,
ToPort = 443,
},
},
Destinations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
SourcePorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs
{
FromPort = 0,
ToPort = 65535,
},
},
Sources = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
},
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewTlsInspectionConfiguration(ctx, "example", &networkfirewall.TlsInspectionConfigurationArgs{
Name: pulumi.String("example"),
Description: pulumi.String("example"),
EncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{
&networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{
KeyId: pulumi.String("AWS_OWNED_KMS_KEY"),
Type: pulumi.String("AWS_OWNED_KMS_KEY"),
},
},
TlsInspectionConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{
ServerCertificateConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{
ServerCertificates: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs{
ResourceArn: pulumi.Any(example1.Arn),
},
},
Scopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{
Protocols: pulumi.IntArray{
pulumi.Int(6),
},
DestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{
FromPort: pulumi.Int(443),
ToPort: pulumi.Int(443),
},
},
Destinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
SourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{
FromPort: pulumi.Int(0),
ToPort: pulumi.Int(65535),
},
},
Sources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;
import com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TlsInspectionConfiguration("example", TlsInspectionConfigurationArgs.builder()
.name("example")
.description("example")
.encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()
.keyId("AWS_OWNED_KMS_KEY")
.type("AWS_OWNED_KMS_KEY")
.build())
.tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()
.serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()
.serverCertificates(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs.builder()
.resourceArn(example1.arn())
.build())
.scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()
.protocols(6)
.destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()
.fromPort(443)
.toPort(443)
.build())
.destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()
.fromPort(0)
.toPort(65535)
.build())
.sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.build())
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:networkfirewall:TlsInspectionConfiguration
properties:
name: example
description: example
encryptionConfigurations:
- keyId: AWS_OWNED_KMS_KEY
type: AWS_OWNED_KMS_KEY
tlsInspectionConfiguration:
serverCertificateConfiguration:
serverCertificates:
- resourceArn: ${example1.arn}
scopes:
- protocols:
- 6
destinationPorts:
- fromPort: 443
toPort: 443
destinations:
- addressDefinition: 0.0.0.0/0
sourcePorts:
- fromPort: 0
toPort: 65535
sources:
- addressDefinition: 0.0.0.0/0Content copied to clipboard
Basic outbound/engress inspection
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.TlsInspectionConfiguration("example", {
name: "example",
description: "example",
encryptionConfigurations: [{
keyId: "AWS_OWNED_KMS_KEY",
type: "AWS_OWNED_KMS_KEY",
}],
tlsInspectionConfiguration: {
serverCertificateConfiguration: {
certificateAuthorityArn: example1.arn,
checkCertificateRevocationStatus: {
revokedStatusAction: "REJECT",
unknownStatusAction: "PASS",
},
scopes: [{
protocols: [6],
destinationPorts: [{
fromPort: 443,
toPort: 443,
}],
destinations: [{
addressDefinition: "0.0.0.0/0",
}],
sourcePorts: [{
fromPort: 0,
toPort: 65535,
}],
sources: [{
addressDefinition: "0.0.0.0/0",
}],
}],
},
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.TlsInspectionConfiguration("example",
name="example",
description="example",
encryption_configurations=[{
"key_id": "AWS_OWNED_KMS_KEY",
"type": "AWS_OWNED_KMS_KEY",
}],
tls_inspection_configuration={
"server_certificate_configuration": {
"certificate_authority_arn": example1["arn"],
"check_certificate_revocation_status": {
"revoked_status_action": "REJECT",
"unknown_status_action": "PASS",
},
"scopes": [{
"protocols": [6],
"destination_ports": [{
"from_port": 443,
"to_port": 443,
}],
"destinations": [{
"address_definition": "0.0.0.0/0",
}],
"source_ports": [{
"from_port": 0,
"to_port": 65535,
}],
"sources": [{
"address_definition": "0.0.0.0/0",
}],
}],
},
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.TlsInspectionConfiguration("example", new()
{
Name = "example",
Description = "example",
EncryptionConfigurations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs
{
KeyId = "AWS_OWNED_KMS_KEY",
Type = "AWS_OWNED_KMS_KEY",
},
},
TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs
{
ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs
{
CertificateAuthorityArn = example1.Arn,
CheckCertificateRevocationStatus = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs
{
RevokedStatusAction = "REJECT",
UnknownStatusAction = "PASS",
},
Scopes = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs
{
Protocols = new[]
{
6,
},
DestinationPorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs
{
FromPort = 443,
ToPort = 443,
},
},
Destinations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
SourcePorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs
{
FromPort = 0,
ToPort = 65535,
},
},
Sources = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
},
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewTlsInspectionConfiguration(ctx, "example", &networkfirewall.TlsInspectionConfigurationArgs{
Name: pulumi.String("example"),
Description: pulumi.String("example"),
EncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{
&networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{
KeyId: pulumi.String("AWS_OWNED_KMS_KEY"),
Type: pulumi.String("AWS_OWNED_KMS_KEY"),
},
},
TlsInspectionConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{
ServerCertificateConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{
CertificateAuthorityArn: pulumi.Any(example1.Arn),
CheckCertificateRevocationStatus: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs{
RevokedStatusAction: pulumi.String("REJECT"),
UnknownStatusAction: pulumi.String("PASS"),
},
Scopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{
Protocols: pulumi.IntArray{
pulumi.Int(6),
},
DestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{
FromPort: pulumi.Int(443),
ToPort: pulumi.Int(443),
},
},
Destinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
SourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{
FromPort: pulumi.Int(0),
ToPort: pulumi.Int(65535),
},
},
Sources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;
import com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TlsInspectionConfiguration("example", TlsInspectionConfigurationArgs.builder()
.name("example")
.description("example")
.encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()
.keyId("AWS_OWNED_KMS_KEY")
.type("AWS_OWNED_KMS_KEY")
.build())
.tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()
.serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()
.certificateAuthorityArn(example1.arn())
.checkCertificateRevocationStatus(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs.builder()
.revokedStatusAction("REJECT")
.unknownStatusAction("PASS")
.build())
.scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()
.protocols(6)
.destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()
.fromPort(443)
.toPort(443)
.build())
.destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()
.fromPort(0)
.toPort(65535)
.build())
.sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.build())
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:networkfirewall:TlsInspectionConfiguration
properties:
name: example
description: example
encryptionConfigurations:
- keyId: AWS_OWNED_KMS_KEY
type: AWS_OWNED_KMS_KEY
tlsInspectionConfiguration:
serverCertificateConfiguration:
certificateAuthorityArn: ${example1.arn}
checkCertificateRevocationStatus:
revokedStatusAction: REJECT
unknownStatusAction: PASS
scopes:
- protocols:
- 6
destinationPorts:
- fromPort: 443
toPort: 443
destinations:
- addressDefinition: 0.0.0.0/0
sourcePorts:
- fromPort: 0
toPort: 65535
sources:
- addressDefinition: 0.0.0.0/0Content copied to clipboard
Inbound with encryption configuration
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.kms.Key("example", {
description: "example",
deletionWindowInDays: 7,
});
const exampleTlsInspectionConfiguration = new aws.networkfirewall.TlsInspectionConfiguration("example", {
name: "example",
description: "example",
encryptionConfigurations: [{
keyId: example.arn,
type: "CUSTOMER_KMS",
}],
tlsInspectionConfiguration: {
serverCertificateConfiguration: {
serverCertificates: [{
resourceArn: example1.arn,
}],
scopes: [{
protocols: [6],
destinationPorts: [{
fromPort: 443,
toPort: 443,
}],
destinations: [{
addressDefinition: "0.0.0.0/0",
}],
sourcePorts: [{
fromPort: 0,
toPort: 65535,
}],
sources: [{
addressDefinition: "0.0.0.0/0",
}],
}],
},
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.kms.Key("example",
description="example",
deletion_window_in_days=7)
example_tls_inspection_configuration = aws.networkfirewall.TlsInspectionConfiguration("example",
name="example",
description="example",
encryption_configurations=[{
"key_id": example.arn,
"type": "CUSTOMER_KMS",
}],
tls_inspection_configuration={
"server_certificate_configuration": {
"server_certificates": [{
"resource_arn": example1["arn"],
}],
"scopes": [{
"protocols": [6],
"destination_ports": [{
"from_port": 443,
"to_port": 443,
}],
"destinations": [{
"address_definition": "0.0.0.0/0",
}],
"source_ports": [{
"from_port": 0,
"to_port": 65535,
}],
"sources": [{
"address_definition": "0.0.0.0/0",
}],
}],
},
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Kms.Key("example", new()
{
Description = "example",
DeletionWindowInDays = 7,
});
var exampleTlsInspectionConfiguration = new Aws.NetworkFirewall.TlsInspectionConfiguration("example", new()
{
Name = "example",
Description = "example",
EncryptionConfigurations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs
{
KeyId = example.Arn,
Type = "CUSTOMER_KMS",
},
},
TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs
{
ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs
{
ServerCertificates = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs
{
ResourceArn = example1.Arn,
},
},
Scopes = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs
{
Protocols = new[]
{
6,
},
DestinationPorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs
{
FromPort = 443,
ToPort = 443,
},
},
Destinations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
SourcePorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs
{
FromPort = 0,
ToPort = 65535,
},
},
Sources = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
},
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := kms.NewKey(ctx, "example", &kms.KeyArgs{
Description: pulumi.String("example"),
DeletionWindowInDays: pulumi.Int(7),
})
if err != nil {
return err
}
_, err = networkfirewall.NewTlsInspectionConfiguration(ctx, "example", &networkfirewall.TlsInspectionConfigurationArgs{
Name: pulumi.String("example"),
Description: pulumi.String("example"),
EncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{
&networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{
KeyId: example.Arn,
Type: pulumi.String("CUSTOMER_KMS"),
},
},
TlsInspectionConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{
ServerCertificateConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{
ServerCertificates: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs{
ResourceArn: pulumi.Any(example1.Arn),
},
},
Scopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{
Protocols: pulumi.IntArray{
pulumi.Int(6),
},
DestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{
FromPort: pulumi.Int(443),
ToPort: pulumi.Int(443),
},
},
Destinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
SourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{
FromPort: pulumi.Int(0),
ToPort: pulumi.Int(65535),
},
},
Sources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;
import com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Key("example", KeyArgs.builder()
.description("example")
.deletionWindowInDays(7)
.build());
var exampleTlsInspectionConfiguration = new TlsInspectionConfiguration("exampleTlsInspectionConfiguration", TlsInspectionConfigurationArgs.builder()
.name("example")
.description("example")
.encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()
.keyId(example.arn())
.type("CUSTOMER_KMS")
.build())
.tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()
.serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()
.serverCertificates(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs.builder()
.resourceArn(example1.arn())
.build())
.scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()
.protocols(6)
.destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()
.fromPort(443)
.toPort(443)
.build())
.destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()
.fromPort(0)
.toPort(65535)
.build())
.sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.build())
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:kms:Key
properties:
description: example
deletionWindowInDays: 7
exampleTlsInspectionConfiguration:
type: aws:networkfirewall:TlsInspectionConfiguration
name: example
properties:
name: example
description: example
encryptionConfigurations:
- keyId: ${example.arn}
type: CUSTOMER_KMS
tlsInspectionConfiguration:
serverCertificateConfiguration:
serverCertificates:
- resourceArn: ${example1.arn}
scopes:
- protocols:
- 6
destinationPorts:
- fromPort: 443
toPort: 443
destinations:
- addressDefinition: 0.0.0.0/0
sourcePorts:
- fromPort: 0
toPort: 65535
sources:
- addressDefinition: 0.0.0.0/0Content copied to clipboard
Outbound with encryption configuration
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;
import com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Key("example", KeyArgs.builder()
.description("example")
.deletionWindowInDays(7)
.build());
var exampleTlsInspectionConfiguration = new TlsInspectionConfiguration("exampleTlsInspectionConfiguration", TlsInspectionConfigurationArgs.builder()
.name("example")
.description("example")
.encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()
.keyId(example.arn())
.type("CUSTOMER_KMS")
.build())
.tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()
.serverCertificateConfigurations(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:kms:Key
properties:
description: example
deletionWindowInDays: 7
exampleTlsInspectionConfiguration:
type: aws:networkfirewall:TlsInspectionConfiguration
name: example
properties:
name: example
description: example
encryptionConfigurations:
- keyId: ${example.arn}
type: CUSTOMER_KMS
tlsInspectionConfiguration:
serverCertificateConfigurations:
- certificateAuthorityArn: ${example1.arn}
checkCertificateRevocationStatus:
- revokedStatusAction: REJECT
unknownStatusAction: PASS
scope:
- protocols:
- 6
destinationPorts:
- fromPort: 443
toPort: 443
destination:
- addressDefinition: 0.0.0.0/0
sourcePorts:
- fromPort: 0
toPort: 65535
source:
- addressDefinition: 0.0.0.0/0Content copied to clipboard
Combined inbound and outbound
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.TlsInspectionConfiguration("example", {
name: "example",
description: "example",
encryptionConfigurations: [{
keyId: "AWS_OWNED_KMS_KEY",
type: "AWS_OWNED_KMS_KEY",
}],
tlsInspectionConfiguration: {
serverCertificateConfiguration: {
certificateAuthorityArn: example1.arn,
checkCertificateRevocationStatus: {
revokedStatusAction: "REJECT",
unknownStatusAction: "PASS",
},
serverCertificates: [{
resourceArn: example2.arn,
}],
scopes: [{
protocols: [6],
destinationPorts: [{
fromPort: 443,
toPort: 443,
}],
destinations: [{
addressDefinition: "0.0.0.0/0",
}],
sourcePorts: [{
fromPort: 0,
toPort: 65535,
}],
sources: [{
addressDefinition: "0.0.0.0/0",
}],
}],
},
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.TlsInspectionConfiguration("example",
name="example",
description="example",
encryption_configurations=[{
"key_id": "AWS_OWNED_KMS_KEY",
"type": "AWS_OWNED_KMS_KEY",
}],
tls_inspection_configuration={
"server_certificate_configuration": {
"certificate_authority_arn": example1["arn"],
"check_certificate_revocation_status": {
"revoked_status_action": "REJECT",
"unknown_status_action": "PASS",
},
"server_certificates": [{
"resource_arn": example2["arn"],
}],
"scopes": [{
"protocols": [6],
"destination_ports": [{
"from_port": 443,
"to_port": 443,
}],
"destinations": [{
"address_definition": "0.0.0.0/0",
}],
"source_ports": [{
"from_port": 0,
"to_port": 65535,
}],
"sources": [{
"address_definition": "0.0.0.0/0",
}],
}],
},
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.TlsInspectionConfiguration("example", new()
{
Name = "example",
Description = "example",
EncryptionConfigurations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationEncryptionConfigurationArgs
{
KeyId = "AWS_OWNED_KMS_KEY",
Type = "AWS_OWNED_KMS_KEY",
},
},
TlsInspectionConfig = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs
{
ServerCertificateConfiguration = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs
{
CertificateAuthorityArn = example1.Arn,
CheckCertificateRevocationStatus = new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs
{
RevokedStatusAction = "REJECT",
UnknownStatusAction = "PASS",
},
ServerCertificates = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs
{
ResourceArn = example2.Arn,
},
},
Scopes = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs
{
Protocols = new[]
{
6,
},
DestinationPorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs
{
FromPort = 443,
ToPort = 443,
},
},
Destinations = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
SourcePorts = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs
{
FromPort = 0,
ToPort = 65535,
},
},
Sources = new[]
{
new Aws.NetworkFirewall.Inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs
{
AddressDefinition = "0.0.0.0/0",
},
},
},
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewTlsInspectionConfiguration(ctx, "example", &networkfirewall.TlsInspectionConfigurationArgs{
Name: pulumi.String("example"),
Description: pulumi.String("example"),
EncryptionConfigurations: networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArray{
&networkfirewall.TlsInspectionConfigurationEncryptionConfigurationArgs{
KeyId: pulumi.String("AWS_OWNED_KMS_KEY"),
Type: pulumi.String("AWS_OWNED_KMS_KEY"),
},
},
TlsInspectionConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationArgs{
ServerCertificateConfiguration: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs{
CertificateAuthorityArn: pulumi.Any(example1.Arn),
CheckCertificateRevocationStatus: &networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs{
RevokedStatusAction: pulumi.String("REJECT"),
UnknownStatusAction: pulumi.String("PASS"),
},
ServerCertificates: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs{
ResourceArn: pulumi.Any(example2.Arn),
},
},
Scopes: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs{
Protocols: pulumi.IntArray{
pulumi.Int(6),
},
DestinationPorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs{
FromPort: pulumi.Int(443),
ToPort: pulumi.Int(443),
},
},
Destinations: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
SourcePorts: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs{
FromPort: pulumi.Int(0),
ToPort: pulumi.Int(65535),
},
},
Sources: networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArray{
&networkfirewall.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs{
AddressDefinition: pulumi.String("0.0.0.0/0"),
},
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.TlsInspectionConfiguration;
import com.pulumi.aws.networkfirewall.TlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationEncryptionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new TlsInspectionConfiguration("example", TlsInspectionConfigurationArgs.builder()
.name("example")
.description("example")
.encryptionConfigurations(TlsInspectionConfigurationEncryptionConfigurationArgs.builder()
.keyId("AWS_OWNED_KMS_KEY")
.type("AWS_OWNED_KMS_KEY")
.build())
.tlsInspectionConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationArgs.builder()
.serverCertificateConfiguration(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationArgs.builder()
.certificateAuthorityArn(example1.arn())
.checkCertificateRevocationStatus(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusArgs.builder()
.revokedStatusAction("REJECT")
.unknownStatusAction("PASS")
.build())
.serverCertificates(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationServerCertificateArgs.builder()
.resourceArn(example2.arn())
.build())
.scopes(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeArgs.builder()
.protocols(6)
.destinationPorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationPortArgs.builder()
.fromPort(443)
.toPort(443)
.build())
.destinations(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeDestinationArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.sourcePorts(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourcePortArgs.builder()
.fromPort(0)
.toPort(65535)
.build())
.sources(TlsInspectionConfigurationTlsInspectionConfigurationServerCertificateConfigurationScopeSourceArgs.builder()
.addressDefinition("0.0.0.0/0")
.build())
.build())
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:networkfirewall:TlsInspectionConfiguration
properties:
name: example
description: example
encryptionConfigurations:
- keyId: AWS_OWNED_KMS_KEY
type: AWS_OWNED_KMS_KEY
tlsInspectionConfiguration:
serverCertificateConfiguration:
certificateAuthorityArn: ${example1.arn}
checkCertificateRevocationStatus:
revokedStatusAction: REJECT
unknownStatusAction: PASS
serverCertificates:
- resourceArn: ${example2.arn}
scopes:
- protocols:
- 6
destinationPorts:
- fromPort: 443
toPort: 443
destinations:
- addressDefinition: 0.0.0.0/0
sourcePorts:
- fromPort: 0
toPort: 65535
sources:
- addressDefinition: 0.0.0.0/0Content copied to clipboard
Import
Using pulumi import, import Network Firewall TLS Inspection Configuration using the arn. For example:
$ pulumi import aws:networkfirewall/tlsInspectionConfiguration:TlsInspectionConfiguration example arn:aws:network-firewall::<region>:<account_id>:tls-configuration/exampleContent copied to clipboard
Constructors
Link copied to clipboard
constructor(description: Output<String>? = null, encryptionConfigurations: Output<List<TlsInspectionConfigurationEncryptionConfigurationArgs>>? = null, name: Output<String>? = null, tags: Output<Map<String, String>>? = null, timeouts: Output<TlsInspectionConfigurationTimeoutsArgs>? = null, tlsInspectionConfiguration: Output<TlsInspectionConfigurationTlsInspectionConfigurationArgs>? = null)
Properties
Link copied to clipboard
Description of the TLS inspection configuration.
Link copied to clipboard
val encryptionConfigurations: Output<List<TlsInspectionConfigurationEncryptionConfigurationArgs>>? = null
Encryption configuration block. Detailed below.
Link copied to clipboard
Link copied to clipboard
val tlsInspectionConfiguration: Output<TlsInspectionConfigurationTlsInspectionConfigurationArgs>? = null
TLS inspection configuration block. Detailed below. The following arguments are optional: