aws-sdk-appmesh 1.33.0 → 1.34.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-appmesh.rb +1 -1
  3. data/lib/aws-sdk-appmesh/client.rb +287 -1
  4. data/lib/aws-sdk-appmesh/client_api.rb +70 -0
  5. data/lib/aws-sdk-appmesh/types.rb +1001 -36
  6. metadata +4 -4
data/lib/aws-sdk-appmesh/client_api.rb CHANGED
@@ -30,6 +30,7 @@ module Aws::AppMesh
30
30
  CertificateAuthorityArns = Shapes::ListShape.new(name: 'CertificateAuthorityArns')
31
31
  ClientPolicy = Shapes::StructureShape.new(name: 'ClientPolicy')
32
32
  ClientPolicyTls = Shapes::StructureShape.new(name: 'ClientPolicyTls')
33
+ ClientTlsCertificate = Shapes::StructureShape.new(name: 'ClientTlsCertificate')
33
34
  ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
34
35
  CreateGatewayRouteInput = Shapes::StructureShape.new(name: 'CreateGatewayRouteInput')
35
36
  CreateGatewayRouteOutput = Shapes::StructureShape.new(name: 'CreateGatewayRouteOutput')
@@ -157,6 +158,9 @@ module Aws::AppMesh
157
158
  ListenerTlsCertificate = Shapes::StructureShape.new(name: 'ListenerTlsCertificate')
158
159
  ListenerTlsFileCertificate = Shapes::StructureShape.new(name: 'ListenerTlsFileCertificate')
159
160
  ListenerTlsMode = Shapes::StringShape.new(name: 'ListenerTlsMode')
161
+ ListenerTlsSdsCertificate = Shapes::StructureShape.new(name: 'ListenerTlsSdsCertificate')
162
+ ListenerTlsValidationContext = Shapes::StructureShape.new(name: 'ListenerTlsValidationContext')
163
+ ListenerTlsValidationContextTrust = Shapes::StructureShape.new(name: 'ListenerTlsValidationContextTrust')
160
164
  Listeners = Shapes::ListShape.new(name: 'Listeners')
161
165
  Logging = Shapes::StructureShape.new(name: 'Logging')
162
166
  Long = Shapes::IntegerShape.new(name: 'Long')
@@ -191,10 +195,15 @@ module Aws::AppMesh
191
195
  RouteSpec = Shapes::StructureShape.new(name: 'RouteSpec')
192
196
  RouteStatus = Shapes::StructureShape.new(name: 'RouteStatus')
193
197
  RouteStatusCode = Shapes::StringShape.new(name: 'RouteStatusCode')
198
+ SdsSecretName = Shapes::StringShape.new(name: 'SdsSecretName')
194
199
  ServiceDiscovery = Shapes::StructureShape.new(name: 'ServiceDiscovery')
195
200
  ServiceName = Shapes::StringShape.new(name: 'ServiceName')
196
201
  ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
197
202
  String = Shapes::StringShape.new(name: 'String')
203
+ SubjectAlternativeName = Shapes::StringShape.new(name: 'SubjectAlternativeName')
204
+ SubjectAlternativeNameList = Shapes::ListShape.new(name: 'SubjectAlternativeNameList')
205
+ SubjectAlternativeNameMatchers = Shapes::StructureShape.new(name: 'SubjectAlternativeNameMatchers')
206
+ SubjectAlternativeNames = Shapes::StructureShape.new(name: 'SubjectAlternativeNames')
198
207
  TagKey = Shapes::StringShape.new(name: 'TagKey')
199
208
  TagKeyList = Shapes::ListShape.new(name: 'TagKeyList')
200
209
  TagList = Shapes::ListShape.new(name: 'TagList')
@@ -212,6 +221,7 @@ module Aws::AppMesh
212
221
  TlsValidationContext = Shapes::StructureShape.new(name: 'TlsValidationContext')
213
222
  TlsValidationContextAcmTrust = Shapes::StructureShape.new(name: 'TlsValidationContextAcmTrust')
214
223
  TlsValidationContextFileTrust = Shapes::StructureShape.new(name: 'TlsValidationContextFileTrust')
224
+ TlsValidationContextSdsTrust = Shapes::StructureShape.new(name: 'TlsValidationContextSdsTrust')
215
225
  TlsValidationContextTrust = Shapes::StructureShape.new(name: 'TlsValidationContextTrust')
216
226
  TooManyRequestsException = Shapes::StructureShape.new(name: 'TooManyRequestsException')
217
227
  TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException')
@@ -236,6 +246,7 @@ module Aws::AppMesh
236
246
  VirtualGatewayCertificateAuthorityArns = Shapes::ListShape.new(name: 'VirtualGatewayCertificateAuthorityArns')
237
247
  VirtualGatewayClientPolicy = Shapes::StructureShape.new(name: 'VirtualGatewayClientPolicy')
238
248
  VirtualGatewayClientPolicyTls = Shapes::StructureShape.new(name: 'VirtualGatewayClientPolicyTls')
249
+ VirtualGatewayClientTlsCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayClientTlsCertificate')
239
250
  VirtualGatewayConnectionPool = Shapes::StructureShape.new(name: 'VirtualGatewayConnectionPool')
240
251
  VirtualGatewayData = Shapes::StructureShape.new(name: 'VirtualGatewayData')
241
252
  VirtualGatewayFileAccessLog = Shapes::StructureShape.new(name: 'VirtualGatewayFileAccessLog')
@@ -253,17 +264,22 @@ module Aws::AppMesh
253
264
  VirtualGatewayListenerTlsCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsCertificate')
254
265
  VirtualGatewayListenerTlsFileCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsFileCertificate')
255
266
  VirtualGatewayListenerTlsMode = Shapes::StringShape.new(name: 'VirtualGatewayListenerTlsMode')
267
+ VirtualGatewayListenerTlsSdsCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsSdsCertificate')
268
+ VirtualGatewayListenerTlsValidationContext = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsValidationContext')
269
+ VirtualGatewayListenerTlsValidationContextTrust = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsValidationContextTrust')
256
270
  VirtualGatewayListeners = Shapes::ListShape.new(name: 'VirtualGatewayListeners')
257
271
  VirtualGatewayLogging = Shapes::StructureShape.new(name: 'VirtualGatewayLogging')
258
272
  VirtualGatewayPortMapping = Shapes::StructureShape.new(name: 'VirtualGatewayPortMapping')
259
273
  VirtualGatewayPortProtocol = Shapes::StringShape.new(name: 'VirtualGatewayPortProtocol')
260
274
  VirtualGatewayRef = Shapes::StructureShape.new(name: 'VirtualGatewayRef')
275
+ VirtualGatewaySdsSecretName = Shapes::StringShape.new(name: 'VirtualGatewaySdsSecretName')
261
276
  VirtualGatewaySpec = Shapes::StructureShape.new(name: 'VirtualGatewaySpec')
262
277
  VirtualGatewayStatus = Shapes::StructureShape.new(name: 'VirtualGatewayStatus')
263
278
  VirtualGatewayStatusCode = Shapes::StringShape.new(name: 'VirtualGatewayStatusCode')
264
279
  VirtualGatewayTlsValidationContext = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContext')
265
280
  VirtualGatewayTlsValidationContextAcmTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextAcmTrust')
266
281
  VirtualGatewayTlsValidationContextFileTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextFileTrust')
282
+ VirtualGatewayTlsValidationContextSdsTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextSdsTrust')
267
283
  VirtualGatewayTlsValidationContextTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextTrust')
268
284
  VirtualNodeConnectionPool = Shapes::StructureShape.new(name: 'VirtualNodeConnectionPool')
269
285
  VirtualNodeData = Shapes::StructureShape.new(name: 'VirtualNodeData')
@@ -327,11 +343,16 @@ module Aws::AppMesh
327
343
  ClientPolicy.add_member(:tls, Shapes::ShapeRef.new(shape: ClientPolicyTls, location_name: "tls"))
328
344
  ClientPolicy.struct_class = Types::ClientPolicy
329
345
 
346
+ ClientPolicyTls.add_member(:certificate, Shapes::ShapeRef.new(shape: ClientTlsCertificate, location_name: "certificate"))
330
347
  ClientPolicyTls.add_member(:enforce, Shapes::ShapeRef.new(shape: Boolean, location_name: "enforce", metadata: {"box"=>true}))
331
348
  ClientPolicyTls.add_member(:ports, Shapes::ShapeRef.new(shape: PortSet, location_name: "ports"))
332
349
  ClientPolicyTls.add_member(:validation, Shapes::ShapeRef.new(shape: TlsValidationContext, required: true, location_name: "validation"))
333
350
  ClientPolicyTls.struct_class = Types::ClientPolicyTls
334
351
 
352
+ ClientTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: ListenerTlsFileCertificate, location_name: "file"))
353
+ ClientTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: ListenerTlsSdsCertificate, location_name: "sds"))
354
+ ClientTlsCertificate.struct_class = Types::ClientTlsCertificate
355
+
335
356
  ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
336
357
  ConflictException.struct_class = Types::ConflictException
337
358
 
@@ -830,6 +851,7 @@ module Aws::AppMesh
830
851
 
831
852
  ListenerTls.add_member(:certificate, Shapes::ShapeRef.new(shape: ListenerTlsCertificate, required: true, location_name: "certificate"))
832
853
  ListenerTls.add_member(:mode, Shapes::ShapeRef.new(shape: ListenerTlsMode, required: true, location_name: "mode"))
854
+ ListenerTls.add_member(:validation, Shapes::ShapeRef.new(shape: ListenerTlsValidationContext, location_name: "validation"))
833
855
  ListenerTls.struct_class = Types::ListenerTls
834
856
 
835
857
  ListenerTlsAcmCertificate.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "certificateArn"))
@@ -837,12 +859,24 @@ module Aws::AppMesh
837
859
 
838
860
  ListenerTlsCertificate.add_member(:acm, Shapes::ShapeRef.new(shape: ListenerTlsAcmCertificate, location_name: "acm"))
839
861
  ListenerTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: ListenerTlsFileCertificate, location_name: "file"))
862
+ ListenerTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: ListenerTlsSdsCertificate, location_name: "sds"))
840
863
  ListenerTlsCertificate.struct_class = Types::ListenerTlsCertificate
841
864
 
842
865
  ListenerTlsFileCertificate.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
843
866
  ListenerTlsFileCertificate.add_member(:private_key, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "privateKey"))
844
867
  ListenerTlsFileCertificate.struct_class = Types::ListenerTlsFileCertificate
845
868
 
869
+ ListenerTlsSdsCertificate.add_member(:secret_name, Shapes::ShapeRef.new(shape: SdsSecretName, required: true, location_name: "secretName"))
870
+ ListenerTlsSdsCertificate.struct_class = Types::ListenerTlsSdsCertificate
871
+
872
+ ListenerTlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
873
+ ListenerTlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: ListenerTlsValidationContextTrust, required: true, location_name: "trust"))
874
+ ListenerTlsValidationContext.struct_class = Types::ListenerTlsValidationContext
875
+
876
+ ListenerTlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: TlsValidationContextFileTrust, location_name: "file"))
877
+ ListenerTlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: TlsValidationContextSdsTrust, location_name: "sds"))
878
+ ListenerTlsValidationContextTrust.struct_class = Types::ListenerTlsValidationContextTrust
879
+
846
880
  Listeners.member = Shapes::ShapeRef.new(shape: Listener)
847
881
 
848
882
  Logging.add_member(:access_log, Shapes::ShapeRef.new(shape: AccessLog, location_name: "accessLog"))
@@ -940,6 +974,14 @@ module Aws::AppMesh
940
974
  ServiceUnavailableException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
941
975
  ServiceUnavailableException.struct_class = Types::ServiceUnavailableException
942
976
 
977
+ SubjectAlternativeNameList.member = Shapes::ShapeRef.new(shape: SubjectAlternativeName)
978
+
979
+ SubjectAlternativeNameMatchers.add_member(:exact, Shapes::ShapeRef.new(shape: SubjectAlternativeNameList, required: true, location_name: "exact"))
980
+ SubjectAlternativeNameMatchers.struct_class = Types::SubjectAlternativeNameMatchers
981
+
982
+ SubjectAlternativeNames.add_member(:match, Shapes::ShapeRef.new(shape: SubjectAlternativeNameMatchers, required: true, location_name: "match"))
983
+ SubjectAlternativeNames.struct_class = Types::SubjectAlternativeNames
984
+
943
985
  TagKeyList.member = Shapes::ShapeRef.new(shape: TagKey)
944
986
 
945
987
  TagList.member = Shapes::ShapeRef.new(shape: TagRef)
@@ -966,6 +1008,7 @@ module Aws::AppMesh
966
1008
  TcpTimeout.add_member(:idle, Shapes::ShapeRef.new(shape: Duration, location_name: "idle"))
967
1009
  TcpTimeout.struct_class = Types::TcpTimeout
968
1010
 
1011
+ TlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
969
1012
  TlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: TlsValidationContextTrust, required: true, location_name: "trust"))
970
1013
  TlsValidationContext.struct_class = Types::TlsValidationContext
971
1014
 
@@ -975,8 +1018,12 @@ module Aws::AppMesh
975
1018
  TlsValidationContextFileTrust.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
976
1019
  TlsValidationContextFileTrust.struct_class = Types::TlsValidationContextFileTrust
977
1020
 
1021
+ TlsValidationContextSdsTrust.add_member(:secret_name, Shapes::ShapeRef.new(shape: SdsSecretName, required: true, location_name: "secretName"))
1022
+ TlsValidationContextSdsTrust.struct_class = Types::TlsValidationContextSdsTrust
1023
+
978
1024
  TlsValidationContextTrust.add_member(:acm, Shapes::ShapeRef.new(shape: TlsValidationContextAcmTrust, location_name: "acm"))
979
1025
  TlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: TlsValidationContextFileTrust, location_name: "file"))
1026
+ TlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: TlsValidationContextSdsTrust, location_name: "sds"))
980
1027
  TlsValidationContextTrust.struct_class = Types::TlsValidationContextTrust
981
1028
 
982
1029
  TooManyRequestsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
@@ -1086,11 +1133,16 @@ module Aws::AppMesh
1086
1133
  VirtualGatewayClientPolicy.add_member(:tls, Shapes::ShapeRef.new(shape: VirtualGatewayClientPolicyTls, location_name: "tls"))
1087
1134
  VirtualGatewayClientPolicy.struct_class = Types::VirtualGatewayClientPolicy
1088
1135
 
1136
+ VirtualGatewayClientPolicyTls.add_member(:certificate, Shapes::ShapeRef.new(shape: VirtualGatewayClientTlsCertificate, location_name: "certificate"))
1089
1137
  VirtualGatewayClientPolicyTls.add_member(:enforce, Shapes::ShapeRef.new(shape: Boolean, location_name: "enforce", metadata: {"box"=>true}))
1090
1138
  VirtualGatewayClientPolicyTls.add_member(:ports, Shapes::ShapeRef.new(shape: PortSet, location_name: "ports"))
1091
1139
  VirtualGatewayClientPolicyTls.add_member(:validation, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContext, required: true, location_name: "validation"))
1092
1140
  VirtualGatewayClientPolicyTls.struct_class = Types::VirtualGatewayClientPolicyTls
1093
1141
 
1142
+ VirtualGatewayClientTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsFileCertificate, location_name: "file"))
1143
+ VirtualGatewayClientTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsSdsCertificate, location_name: "sds"))
1144
+ VirtualGatewayClientTlsCertificate.struct_class = Types::VirtualGatewayClientTlsCertificate
1145
+
1094
1146
  VirtualGatewayConnectionPool.add_member(:grpc, Shapes::ShapeRef.new(shape: VirtualGatewayGrpcConnectionPool, location_name: "grpc"))
1095
1147
  VirtualGatewayConnectionPool.add_member(:http, Shapes::ShapeRef.new(shape: VirtualGatewayHttpConnectionPool, location_name: "http"))
1096
1148
  VirtualGatewayConnectionPool.add_member(:http2, Shapes::ShapeRef.new(shape: VirtualGatewayHttp2ConnectionPool, location_name: "http2"))
@@ -1135,6 +1187,7 @@ module Aws::AppMesh
1135
1187
 
1136
1188
  VirtualGatewayListenerTls.add_member(:certificate, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsCertificate, required: true, location_name: "certificate"))
1137
1189
  VirtualGatewayListenerTls.add_member(:mode, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsMode, required: true, location_name: "mode"))
1190
+ VirtualGatewayListenerTls.add_member(:validation, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsValidationContext, location_name: "validation"))
1138
1191
  VirtualGatewayListenerTls.struct_class = Types::VirtualGatewayListenerTls
1139
1192
 
1140
1193
  VirtualGatewayListenerTlsAcmCertificate.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "certificateArn"))
@@ -1142,12 +1195,24 @@ module Aws::AppMesh
1142
1195
 
1143
1196
  VirtualGatewayListenerTlsCertificate.add_member(:acm, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsAcmCertificate, location_name: "acm"))
1144
1197
  VirtualGatewayListenerTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsFileCertificate, location_name: "file"))
1198
+ VirtualGatewayListenerTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsSdsCertificate, location_name: "sds"))
1145
1199
  VirtualGatewayListenerTlsCertificate.struct_class = Types::VirtualGatewayListenerTlsCertificate
1146
1200
 
1147
1201
  VirtualGatewayListenerTlsFileCertificate.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
1148
1202
  VirtualGatewayListenerTlsFileCertificate.add_member(:private_key, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "privateKey"))
1149
1203
  VirtualGatewayListenerTlsFileCertificate.struct_class = Types::VirtualGatewayListenerTlsFileCertificate
1150
1204
 
1205
+ VirtualGatewayListenerTlsSdsCertificate.add_member(:secret_name, Shapes::ShapeRef.new(shape: VirtualGatewaySdsSecretName, required: true, location_name: "secretName"))
1206
+ VirtualGatewayListenerTlsSdsCertificate.struct_class = Types::VirtualGatewayListenerTlsSdsCertificate
1207
+
1208
+ VirtualGatewayListenerTlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
1209
+ VirtualGatewayListenerTlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsValidationContextTrust, required: true, location_name: "trust"))
1210
+ VirtualGatewayListenerTlsValidationContext.struct_class = Types::VirtualGatewayListenerTlsValidationContext
1211
+
1212
+ VirtualGatewayListenerTlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextFileTrust, location_name: "file"))
1213
+ VirtualGatewayListenerTlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextSdsTrust, location_name: "sds"))
1214
+ VirtualGatewayListenerTlsValidationContextTrust.struct_class = Types::VirtualGatewayListenerTlsValidationContextTrust
1215
+
1151
1216
  VirtualGatewayListeners.member = Shapes::ShapeRef.new(shape: VirtualGatewayListener)
1152
1217
 
1153
1218
  VirtualGatewayLogging.add_member(:access_log, Shapes::ShapeRef.new(shape: VirtualGatewayAccessLog, location_name: "accessLog"))
@@ -1175,6 +1240,7 @@ module Aws::AppMesh
1175
1240
  VirtualGatewayStatus.add_member(:status, Shapes::ShapeRef.new(shape: VirtualGatewayStatusCode, required: true, location_name: "status"))
1176
1241
  VirtualGatewayStatus.struct_class = Types::VirtualGatewayStatus
1177
1242
 
1243
+ VirtualGatewayTlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
1178
1244
  VirtualGatewayTlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextTrust, required: true, location_name: "trust"))
1179
1245
  VirtualGatewayTlsValidationContext.struct_class = Types::VirtualGatewayTlsValidationContext
1180
1246
 
@@ -1184,8 +1250,12 @@ module Aws::AppMesh
1184
1250
  VirtualGatewayTlsValidationContextFileTrust.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
1185
1251
  VirtualGatewayTlsValidationContextFileTrust.struct_class = Types::VirtualGatewayTlsValidationContextFileTrust
1186
1252
 
1253
+ VirtualGatewayTlsValidationContextSdsTrust.add_member(:secret_name, Shapes::ShapeRef.new(shape: VirtualGatewaySdsSecretName, required: true, location_name: "secretName"))
1254
+ VirtualGatewayTlsValidationContextSdsTrust.struct_class = Types::VirtualGatewayTlsValidationContextSdsTrust
1255
+
1187
1256
  VirtualGatewayTlsValidationContextTrust.add_member(:acm, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextAcmTrust, location_name: "acm"))
1188
1257
  VirtualGatewayTlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextFileTrust, location_name: "file"))
1258
+ VirtualGatewayTlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextSdsTrust, location_name: "sds"))
1189
1259
  VirtualGatewayTlsValidationContextTrust.struct_class = Types::VirtualGatewayTlsValidationContextTrust
1190
1260
 
1191
1261
  VirtualNodeConnectionPool.add_member(:grpc, Shapes::ShapeRef.new(shape: VirtualNodeGrpcConnectionPool, location_name: "grpc"))
data/lib/aws-sdk-appmesh/types.rb CHANGED
@@ -126,9 +126,23 @@ module Aws::AppMesh
126
126
  # virtual_service: {
127
127
  # client_policy: {
128
128
  # tls: {
129
+ # certificate: {
130
+ # file: {
131
+ # certificate_chain: "FilePath", # required
132
+ # private_key: "FilePath", # required
133
+ # },
134
+ # sds: {
135
+ # secret_name: "SdsSecretName", # required
136
+ # },
137
+ # },
129
138
  # enforce: false,
130
139
  # ports: [1],
131
140
  # validation: { # required
141
+ # subject_alternative_names: {
142
+ # match: { # required
143
+ # exact: ["SubjectAlternativeName"], # required
144
+ # },
145
+ # },
132
146
  # trust: { # required
133
147
  # acm: {
134
148
  # certificate_authority_arns: ["Arn"], # required
@@ -136,6 +150,9 @@ module Aws::AppMesh
136
150
  # file: {
137
151
  # certificate_chain: "FilePath", # required
138
152
  # },
153
+ # sds: {
154
+ # secret_name: "SdsSecretName", # required
155
+ # },
139
156
  # },
140
157
  # },
141
158
  # },
@@ -164,9 +181,23 @@ module Aws::AppMesh
164
181
  # {
165
182
  # client_policy: {
166
183
  # tls: {
184
+ # certificate: {
185
+ # file: {
186
+ # certificate_chain: "FilePath", # required
187
+ # private_key: "FilePath", # required
188
+ # },
189
+ # sds: {
190
+ # secret_name: "SdsSecretName", # required
191
+ # },
192
+ # },
167
193
  # enforce: false,
168
194
  # ports: [1],
169
195
  # validation: { # required
196
+ # subject_alternative_names: {
197
+ # match: { # required
198
+ # exact: ["SubjectAlternativeName"], # required
199
+ # },
200
+ # },
170
201
  # trust: { # required
171
202
  # acm: {
172
203
  # certificate_authority_arns: ["Arn"], # required
@@ -174,6 +205,9 @@ module Aws::AppMesh
174
205
  # file: {
175
206
  # certificate_chain: "FilePath", # required
176
207
  # },
208
+ # sds: {
209
+ # secret_name: "SdsSecretName", # required
210
+ # },
177
211
  # },
178
212
  # },
179
213
  # },
@@ -213,9 +247,23 @@ module Aws::AppMesh
213
247
  #
214
248
  # {
215
249
  # tls: {
250
+ # certificate: {
251
+ # file: {
252
+ # certificate_chain: "FilePath", # required
253
+ # private_key: "FilePath", # required
254
+ # },
255
+ # sds: {
256
+ # secret_name: "SdsSecretName", # required
257
+ # },
258
+ # },
216
259
  # enforce: false,
217
260
  # ports: [1],
218
261
  # validation: { # required
262
+ # subject_alternative_names: {
263
+ # match: { # required
264
+ # exact: ["SubjectAlternativeName"], # required
265
+ # },
266
+ # },
219
267
  # trust: { # required
220
268
  # acm: {
221
269
  # certificate_authority_arns: ["Arn"], # required
@@ -223,6 +271,9 @@ module Aws::AppMesh
223
271
  # file: {
224
272
  # certificate_chain: "FilePath", # required
225
273
  # },
274
+ # sds: {
275
+ # secret_name: "SdsSecretName", # required
276
+ # },
226
277
  # },
227
278
  # },
228
279
  # },
@@ -248,9 +299,23 @@ module Aws::AppMesh
248
299
  # data as a hash:
249
300
  #
250
301
  # {
302
+ # certificate: {
303
+ # file: {
304
+ # certificate_chain: "FilePath", # required
305
+ # private_key: "FilePath", # required
306
+ # },
307
+ # sds: {
308
+ # secret_name: "SdsSecretName", # required
309
+ # },
310
+ # },
251
311
  # enforce: false,
252
312
  # ports: [1],
253
313
  # validation: { # required
314
+ # subject_alternative_names: {
315
+ # match: { # required
316
+ # exact: ["SubjectAlternativeName"], # required
317
+ # },
318
+ # },
254
319
  # trust: { # required
255
320
  # acm: {
256
321
  # certificate_authority_arns: ["Arn"], # required
@@ -258,10 +323,18 @@ module Aws::AppMesh
258
323
  # file: {
259
324
  # certificate_chain: "FilePath", # required
260
325
  # },
326
+ # sds: {
327
+ # secret_name: "SdsSecretName", # required
328
+ # },
261
329
  # },
262
330
  # },
263
331
  # }
264
332
  #
333
+ # @!attribute [rw] certificate
334
+ # A reference to an object that represents a client's TLS
335
+ # certificate.
336
+ # @return [Types::ClientTlsCertificate]
337
+ #
265
338
  # @!attribute [rw] enforce
266
339
  # Whether the policy is enforced. The default is `True`, if a value
267
340
  # isn't specified.
@@ -278,6 +351,7 @@ module Aws::AppMesh
278
351
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ClientPolicyTls AWS API Documentation
279
352
  #
280
353
  class ClientPolicyTls < Struct.new(
354
+ :certificate,
281
355
  :enforce,
282
356
  :ports,
283
357
  :validation)
@@ -285,6 +359,46 @@ module Aws::AppMesh
285
359
  include Aws::Structure
286
360
  end
287
361
 
362
+ # An object that represents the client's certificate.
363
+ #
364
+ # @note When making an API call, you may pass ClientTlsCertificate
365
+ # data as a hash:
366
+ #
367
+ # {
368
+ # file: {
369
+ # certificate_chain: "FilePath", # required
370
+ # private_key: "FilePath", # required
371
+ # },
372
+ # sds: {
373
+ # secret_name: "SdsSecretName", # required
374
+ # },
375
+ # }
376
+ #
377
+ # @!attribute [rw] file
378
+ # An object that represents a local file certificate. The certificate
379
+ # must meet specific requirements and you must have proxy
380
+ # authorization enabled. For more information, see [Transport Layer
381
+ # Security (TLS)][1].
382
+ #
383
+ #
384
+ #
385
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites
386
+ # @return [Types::ListenerTlsFileCertificate]
387
+ #
388
+ # @!attribute [rw] sds
389
+ # A reference to an object that represents a client's TLS Secret
390
+ # Discovery Service certificate.
391
+ # @return [Types::ListenerTlsSdsCertificate]
392
+ #
393
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ClientTlsCertificate AWS API Documentation
394
+ #
395
+ class ClientTlsCertificate < Struct.new(
396
+ :file,
397
+ :sds)
398
+ SENSITIVE = []
399
+ include Aws::Structure
400
+ end
401
+
288
402
  # The request contains a client token that was used for a previous
289
403
  # update resource call with different specifications. Try the request
290
404
  # again with a new client token.
@@ -782,9 +896,23 @@ module Aws::AppMesh
782
896
  # backend_defaults: {
783
897
  # client_policy: {
784
898
  # tls: {
899
+ # certificate: {
900
+ # file: {
901
+ # certificate_chain: "FilePath", # required
902
+ # private_key: "FilePath", # required
903
+ # },
904
+ # sds: {
905
+ # secret_name: "VirtualGatewaySdsSecretName", # required
906
+ # },
907
+ # },
785
908
  # enforce: false,
786
909
  # ports: [1],
787
910
  # validation: { # required
911
+ # subject_alternative_names: {
912
+ # match: { # required
913
+ # exact: ["SubjectAlternativeName"], # required
914
+ # },
915
+ # },
788
916
  # trust: { # required
789
917
  # acm: {
790
918
  # certificate_authority_arns: ["Arn"], # required
@@ -792,6 +920,9 @@ module Aws::AppMesh
792
920
  # file: {
793
921
  # certificate_chain: "FilePath", # required
794
922
  # },
923
+ # sds: {
924
+ # secret_name: "VirtualGatewaySdsSecretName", # required
925
+ # },
795
926
  # },
796
927
  # },
797
928
  # },
@@ -833,8 +964,26 @@ module Aws::AppMesh
833
964
  # certificate_chain: "FilePath", # required
834
965
  # private_key: "FilePath", # required
835
966
  # },
967
+ # sds: {
968
+ # secret_name: "VirtualGatewaySdsSecretName", # required
969
+ # },
836
970
  # },
837
971
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
972
+ # validation: {
973
+ # subject_alternative_names: {
974
+ # match: { # required
975
+ # exact: ["SubjectAlternativeName"], # required
976
+ # },
977
+ # },
978
+ # trust: { # required
979
+ # file: {
980
+ # certificate_chain: "FilePath", # required
981
+ # },
982
+ # sds: {
983
+ # secret_name: "VirtualGatewaySdsSecretName", # required
984
+ # },
985
+ # },
986
+ # },
838
987
  # },
839
988
  # },
840
989
  # ],
@@ -937,9 +1086,23 @@ module Aws::AppMesh
937
1086
  # backend_defaults: {
938
1087
  # client_policy: {
939
1088
  # tls: {
1089
+ # certificate: {
1090
+ # file: {
1091
+ # certificate_chain: "FilePath", # required
1092
+ # private_key: "FilePath", # required
1093
+ # },
1094
+ # sds: {
1095
+ # secret_name: "SdsSecretName", # required
1096
+ # },
1097
+ # },
940
1098
  # enforce: false,
941
1099
  # ports: [1],
942
1100
  # validation: { # required
1101
+ # subject_alternative_names: {
1102
+ # match: { # required
1103
+ # exact: ["SubjectAlternativeName"], # required
1104
+ # },
1105
+ # },
943
1106
  # trust: { # required
944
1107
  # acm: {
945
1108
  # certificate_authority_arns: ["Arn"], # required
@@ -947,6 +1110,9 @@ module Aws::AppMesh
947
1110
  # file: {
948
1111
  # certificate_chain: "FilePath", # required
949
1112
  # },
1113
+ # sds: {
1114
+ # secret_name: "SdsSecretName", # required
1115
+ # },
950
1116
  # },
951
1117
  # },
952
1118
  # },
@@ -957,9 +1123,23 @@ module Aws::AppMesh
957
1123
  # virtual_service: {
958
1124
  # client_policy: {
959
1125
  # tls: {
1126
+ # certificate: {
1127
+ # file: {
1128
+ # certificate_chain: "FilePath", # required
1129
+ # private_key: "FilePath", # required
1130
+ # },
1131
+ # sds: {
1132
+ # secret_name: "SdsSecretName", # required
1133
+ # },
1134
+ # },
960
1135
  # enforce: false,
961
1136
  # ports: [1],
962
1137
  # validation: { # required
1138
+ # subject_alternative_names: {
1139
+ # match: { # required
1140
+ # exact: ["SubjectAlternativeName"], # required
1141
+ # },
1142
+ # },
963
1143
  # trust: { # required
964
1144
  # acm: {
965
1145
  # certificate_authority_arns: ["Arn"], # required
@@ -967,6 +1147,9 @@ module Aws::AppMesh
967
1147
  # file: {
968
1148
  # certificate_chain: "FilePath", # required
969
1149
  # },
1150
+ # sds: {
1151
+ # secret_name: "SdsSecretName", # required
1152
+ # },
970
1153
  # },
971
1154
  # },
972
1155
  # },
@@ -1064,8 +1247,26 @@ module Aws::AppMesh
1064
1247
  # certificate_chain: "FilePath", # required
1065
1248
  # private_key: "FilePath", # required
1066
1249
  # },
1250
+ # sds: {
1251
+ # secret_name: "SdsSecretName", # required
1252
+ # },
1067
1253
  # },
1068
1254
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
1255
+ # validation: {
1256
+ # subject_alternative_names: {
1257
+ # match: { # required
1258
+ # exact: ["SubjectAlternativeName"], # required
1259
+ # },
1260
+ # },
1261
+ # trust: { # required
1262
+ # file: {
1263
+ # certificate_chain: "FilePath", # required
1264
+ # },
1265
+ # sds: {
1266
+ # secret_name: "SdsSecretName", # required
1267
+ # },
1268
+ # },
1269
+ # },
1069
1270
  # },
1070
1271
  # },
1071
1272
  # ],
@@ -4240,8 +4441,26 @@ module Aws::AppMesh
4240
4441
  # certificate_chain: "FilePath", # required
4241
4442
  # private_key: "FilePath", # required
4242
4443
  # },
4444
+ # sds: {
4445
+ # secret_name: "SdsSecretName", # required
4446
+ # },
4243
4447
  # },
4244
4448
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
4449
+ # validation: {
4450
+ # subject_alternative_names: {
4451
+ # match: { # required
4452
+ # exact: ["SubjectAlternativeName"], # required
4453
+ # },
4454
+ # },
4455
+ # trust: { # required
4456
+ # file: {
4457
+ # certificate_chain: "FilePath", # required
4458
+ # },
4459
+ # sds: {
4460
+ # secret_name: "SdsSecretName", # required
4461
+ # },
4462
+ # },
4463
+ # },
4245
4464
  # },
4246
4465
  # }
4247
4466
  #
@@ -4369,13 +4588,31 @@ module Aws::AppMesh
4369
4588
  # certificate_chain: "FilePath", # required
4370
4589
  # private_key: "FilePath", # required
4371
4590
  # },
4591
+ # sds: {
4592
+ # secret_name: "SdsSecretName", # required
4593
+ # },
4372
4594
  # },
4373
4595
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
4596
+ # validation: {
4597
+ # subject_alternative_names: {
4598
+ # match: { # required
4599
+ # exact: ["SubjectAlternativeName"], # required
4600
+ # },
4601
+ # },
4602
+ # trust: { # required
4603
+ # file: {
4604
+ # certificate_chain: "FilePath", # required
4605
+ # },
4606
+ # sds: {
4607
+ # secret_name: "SdsSecretName", # required
4608
+ # },
4609
+ # },
4610
+ # },
4374
4611
  # }
4375
4612
  #
4376
4613
  # @!attribute [rw] certificate
4377
- # A reference to an object that represents a listener's TLS
4378
- # certificate.
4614
+ # A reference to an object that represents a listener's Transport
4615
+ # Layer Security (TLS) certificate.
4379
4616
  # @return [Types::ListenerTlsCertificate]
4380
4617
  #
4381
4618
  # @!attribute [rw] mode
@@ -4389,11 +4626,17 @@ module Aws::AppMesh
4389
4626
  # * ****DISABLED – Listener only accepts connections without TLS.
4390
4627
  # @return [String]
4391
4628
  #
4629
+ # @!attribute [rw] validation
4630
+ # A reference to an object that represents a listener's Transport
4631
+ # Layer Security (TLS) validation context.
4632
+ # @return [Types::ListenerTlsValidationContext]
4633
+ #
4392
4634
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTls AWS API Documentation
4393
4635
  #
4394
4636
  class ListenerTls < Struct.new(
4395
4637
  :certificate,
4396
- :mode)
4638
+ :mode,
4639
+ :validation)
4397
4640
  SENSITIVE = []
4398
4641
  include Aws::Structure
4399
4642
  end
@@ -4440,6 +4683,9 @@ module Aws::AppMesh
4440
4683
  # certificate_chain: "FilePath", # required
4441
4684
  # private_key: "FilePath", # required
4442
4685
  # },
4686
+ # sds: {
4687
+ # secret_name: "SdsSecretName", # required
4688
+ # },
4443
4689
  # }
4444
4690
  #
4445
4691
  # @!attribute [rw] acm
@@ -4451,11 +4697,17 @@ module Aws::AppMesh
4451
4697
  # A reference to an object that represents a local file certificate.
4452
4698
  # @return [Types::ListenerTlsFileCertificate]
4453
4699
  #
4700
+ # @!attribute [rw] sds
4701
+ # A reference to an object that represents a listener's Secret
4702
+ # Discovery Service certificate.
4703
+ # @return [Types::ListenerTlsSdsCertificate]
4704
+ #
4454
4705
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsCertificate AWS API Documentation
4455
4706
  #
4456
4707
  class ListenerTlsCertificate < Struct.new(
4457
4708
  :acm,
4458
- :file)
4709
+ :file,
4710
+ :sds)
4459
4711
  SENSITIVE = []
4460
4712
  include Aws::Structure
4461
4713
  end
@@ -4495,6 +4747,113 @@ module Aws::AppMesh
4495
4747
  include Aws::Structure
4496
4748
  end
4497
4749
 
4750
+ # An object that represents the listener's Secret Discovery Service
4751
+ # certificate. The proxy must be configured with a local SDS provider
4752
+ # via a Unix Domain Socket. See App Mesh [TLS documentation][1] for more
4753
+ # info.
4754
+ #
4755
+ #
4756
+ #
4757
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
4758
+ #
4759
+ # @note When making an API call, you may pass ListenerTlsSdsCertificate
4760
+ # data as a hash:
4761
+ #
4762
+ # {
4763
+ # secret_name: "SdsSecretName", # required
4764
+ # }
4765
+ #
4766
+ # @!attribute [rw] secret_name
4767
+ # A reference to an object that represents the name of the secret
4768
+ # requested from the Secret Discovery Service provider representing
4769
+ # Transport Layer Security (TLS) materials like a certificate or
4770
+ # certificate chain.
4771
+ # @return [String]
4772
+ #
4773
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsSdsCertificate AWS API Documentation
4774
+ #
4775
+ class ListenerTlsSdsCertificate < Struct.new(
4776
+ :secret_name)
4777
+ SENSITIVE = []
4778
+ include Aws::Structure
4779
+ end
4780
+
4781
+ # An object that represents a listener's Transport Layer Security (TLS)
4782
+ # validation context.
4783
+ #
4784
+ # @note When making an API call, you may pass ListenerTlsValidationContext
4785
+ # data as a hash:
4786
+ #
4787
+ # {
4788
+ # subject_alternative_names: {
4789
+ # match: { # required
4790
+ # exact: ["SubjectAlternativeName"], # required
4791
+ # },
4792
+ # },
4793
+ # trust: { # required
4794
+ # file: {
4795
+ # certificate_chain: "FilePath", # required
4796
+ # },
4797
+ # sds: {
4798
+ # secret_name: "SdsSecretName", # required
4799
+ # },
4800
+ # },
4801
+ # }
4802
+ #
4803
+ # @!attribute [rw] subject_alternative_names
4804
+ # A reference to an object that represents the SANs for a listener's
4805
+ # Transport Layer Security (TLS) validation context.
4806
+ # @return [Types::SubjectAlternativeNames]
4807
+ #
4808
+ # @!attribute [rw] trust
4809
+ # A reference to where to retrieve the trust chain when validating a
4810
+ # peer’s Transport Layer Security (TLS) certificate.
4811
+ # @return [Types::ListenerTlsValidationContextTrust]
4812
+ #
4813
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsValidationContext AWS API Documentation
4814
+ #
4815
+ class ListenerTlsValidationContext < Struct.new(
4816
+ :subject_alternative_names,
4817
+ :trust)
4818
+ SENSITIVE = []
4819
+ include Aws::Structure
4820
+ end
4821
+
4822
+ # An object that represents a listener's Transport Layer Security (TLS)
4823
+ # validation context trust.
4824
+ #
4825
+ # @note When making an API call, you may pass ListenerTlsValidationContextTrust
4826
+ # data as a hash:
4827
+ #
4828
+ # {
4829
+ # file: {
4830
+ # certificate_chain: "FilePath", # required
4831
+ # },
4832
+ # sds: {
4833
+ # secret_name: "SdsSecretName", # required
4834
+ # },
4835
+ # }
4836
+ #
4837
+ # @!attribute [rw] file
4838
+ # An object that represents a Transport Layer Security (TLS)
4839
+ # validation context trust for a local file.
4840
+ # @return [Types::TlsValidationContextFileTrust]
4841
+ #
4842
+ # @!attribute [rw] sds
4843
+ # A reference to an object that represents a listener's Transport
4844
+ # Layer Security (TLS) Secret Discovery Service validation context
4845
+ # trust.
4846
+ # @return [Types::TlsValidationContextSdsTrust]
4847
+ #
4848
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsValidationContextTrust AWS API Documentation
4849
+ #
4850
+ class ListenerTlsValidationContextTrust < Struct.new(
4851
+ :file,
4852
+ :sds)
4853
+ SENSITIVE = []
4854
+ include Aws::Structure
4855
+ end
4856
+
4498
4857
  # An object that represents the logging information for a virtual node.
4499
4858
  #
4500
4859
  # @note When making an API call, you may pass Logging
@@ -5227,6 +5586,53 @@ module Aws::AppMesh
5227
5586
  include Aws::Structure
5228
5587
  end
5229
5588
 
5589
+ # An object that represents the methods by which a subject alternative
5590
+ # name on a peer Transport Layer Security (TLS) certificate can be
5591
+ # matched.
5592
+ #
5593
+ # @note When making an API call, you may pass SubjectAlternativeNameMatchers
5594
+ # data as a hash:
5595
+ #
5596
+ # {
5597
+ # exact: ["SubjectAlternativeName"], # required
5598
+ # }
5599
+ #
5600
+ # @!attribute [rw] exact
5601
+ # The values sent must match the specified values exactly.
5602
+ # @return [Array<String>]
5603
+ #
5604
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/SubjectAlternativeNameMatchers AWS API Documentation
5605
+ #
5606
+ class SubjectAlternativeNameMatchers < Struct.new(
5607
+ :exact)
5608
+ SENSITIVE = []
5609
+ include Aws::Structure
5610
+ end
5611
+
5612
+ # An object that represents the subject alternative names secured by the
5613
+ # certificate.
5614
+ #
5615
+ # @note When making an API call, you may pass SubjectAlternativeNames
5616
+ # data as a hash:
5617
+ #
5618
+ # {
5619
+ # match: { # required
5620
+ # exact: ["SubjectAlternativeName"], # required
5621
+ # },
5622
+ # }
5623
+ #
5624
+ # @!attribute [rw] match
5625
+ # An object that represents the criteria for determining a SANs match.
5626
+ # @return [Types::SubjectAlternativeNameMatchers]
5627
+ #
5628
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/SubjectAlternativeNames AWS API Documentation
5629
+ #
5630
+ class SubjectAlternativeNames < Struct.new(
5631
+ :match)
5632
+ SENSITIVE = []
5633
+ include Aws::Structure
5634
+ end
5635
+
5230
5636
  # Optional metadata that you apply to a resource to assist with
5231
5637
  # categorization and organization. Each tag consists of a key and an
5232
5638
  # optional value, both of which you define. Tag keys can have a maximum
@@ -5398,13 +5804,18 @@ module Aws::AppMesh
5398
5804
  include Aws::Structure
5399
5805
  end
5400
5806
 
5401
- # An object that represents a Transport Layer Security (TLS) validation
5402
- # context.
5807
+ # An object that represents how the proxy will validate its peer during
5808
+ # Transport Layer Security (TLS) negotiation.
5403
5809
  #
5404
5810
  # @note When making an API call, you may pass TlsValidationContext
5405
5811
  # data as a hash:
5406
5812
  #
5407
5813
  # {
5814
+ # subject_alternative_names: {
5815
+ # match: { # required
5816
+ # exact: ["SubjectAlternativeName"], # required
5817
+ # },
5818
+ # },
5408
5819
  # trust: { # required
5409
5820
  # acm: {
5410
5821
  # certificate_authority_arns: ["Arn"], # required
@@ -5412,24 +5823,33 @@ module Aws::AppMesh
5412
5823
  # file: {
5413
5824
  # certificate_chain: "FilePath", # required
5414
5825
  # },
5826
+ # sds: {
5827
+ # secret_name: "SdsSecretName", # required
5828
+ # },
5415
5829
  # },
5416
5830
  # }
5417
5831
  #
5832
+ # @!attribute [rw] subject_alternative_names
5833
+ # A reference to an object that represents the SANs for a Transport
5834
+ # Layer Security (TLS) validation context.
5835
+ # @return [Types::SubjectAlternativeNames]
5836
+ #
5418
5837
  # @!attribute [rw] trust
5419
- # A reference to an object that represents a TLS validation context
5420
- # trust.
5838
+ # A reference to where to retrieve the trust chain when validating a
5839
+ # peer’s Transport Layer Security (TLS) certificate.
5421
5840
  # @return [Types::TlsValidationContextTrust]
5422
5841
  #
5423
5842
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/TlsValidationContext AWS API Documentation
5424
5843
  #
5425
5844
  class TlsValidationContext < Struct.new(
5845
+ :subject_alternative_names,
5426
5846
  :trust)
5427
5847
  SENSITIVE = []
5428
5848
  include Aws::Structure
5429
5849
  end
5430
5850
 
5431
- # An object that represents a TLS validation context trust for an AWS
5432
- # Certicate Manager (ACM) certificate.
5851
+ # An object that represents a Transport Layer Security (TLS) validation
5852
+ # context trust for an AWS Certicate Manager (ACM) certificate.
5433
5853
  #
5434
5854
  # @note When making an API call, you may pass TlsValidationContextAcmTrust
5435
5855
  # data as a hash:
@@ -5473,36 +5893,76 @@ module Aws::AppMesh
5473
5893
  include Aws::Structure
5474
5894
  end
5475
5895
 
5476
- # An object that represents a Transport Layer Security (TLS) validation
5477
- # context trust.
5896
+ # An object that represents a Transport Layer Security (TLS) Secret
5897
+ # Discovery Service validation context trust. The proxy must be
5898
+ # configured with a local SDS provider via a Unix Domain Socket. See App
5899
+ # Mesh [TLS documentation][1] for more info.
5478
5900
  #
5479
- # @note When making an API call, you may pass TlsValidationContextTrust
5901
+ #
5902
+ #
5903
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
5904
+ #
5905
+ # @note When making an API call, you may pass TlsValidationContextSdsTrust
5480
5906
  # data as a hash:
5481
5907
  #
5482
5908
  # {
5483
- # acm: {
5484
- # certificate_authority_arns: ["Arn"], # required
5485
- # },
5486
- # file: {
5487
- # certificate_chain: "FilePath", # required
5488
- # },
5909
+ # secret_name: "SdsSecretName", # required
5910
+ # }
5911
+ #
5912
+ # @!attribute [rw] secret_name
5913
+ # A reference to an object that represents the name of the secret for
5914
+ # a Transport Layer Security (TLS) Secret Discovery Service validation
5915
+ # context trust.
5916
+ # @return [String]
5917
+ #
5918
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/TlsValidationContextSdsTrust AWS API Documentation
5919
+ #
5920
+ class TlsValidationContextSdsTrust < Struct.new(
5921
+ :secret_name)
5922
+ SENSITIVE = []
5923
+ include Aws::Structure
5924
+ end
5925
+
5926
+ # An object that represents a Transport Layer Security (TLS) validation
5927
+ # context trust.
5928
+ #
5929
+ # @note When making an API call, you may pass TlsValidationContextTrust
5930
+ # data as a hash:
5931
+ #
5932
+ # {
5933
+ # acm: {
5934
+ # certificate_authority_arns: ["Arn"], # required
5935
+ # },
5936
+ # file: {
5937
+ # certificate_chain: "FilePath", # required
5938
+ # },
5939
+ # sds: {
5940
+ # secret_name: "SdsSecretName", # required
5941
+ # },
5489
5942
  # }
5490
5943
  #
5491
5944
  # @!attribute [rw] acm
5492
- # A reference to an object that represents a TLS validation context
5493
- # trust for an AWS Certicate Manager (ACM) certificate.
5945
+ # A reference to an object that represents a Transport Layer Security
5946
+ # (TLS) validation context trust for an AWS Certicate Manager (ACM)
5947
+ # certificate.
5494
5948
  # @return [Types::TlsValidationContextAcmTrust]
5495
5949
  #
5496
5950
  # @!attribute [rw] file
5497
- # An object that represents a TLS validation context trust for a local
5498
- # file.
5951
+ # An object that represents a Transport Layer Security (TLS)
5952
+ # validation context trust for a local file.
5499
5953
  # @return [Types::TlsValidationContextFileTrust]
5500
5954
  #
5955
+ # @!attribute [rw] sds
5956
+ # A reference to an object that represents a Transport Layer Security
5957
+ # (TLS) Secret Discovery Service validation context trust.
5958
+ # @return [Types::TlsValidationContextSdsTrust]
5959
+ #
5501
5960
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/TlsValidationContextTrust AWS API Documentation
5502
5961
  #
5503
5962
  class TlsValidationContextTrust < Struct.new(
5504
5963
  :acm,
5505
- :file)
5964
+ :file,
5965
+ :sds)
5506
5966
  SENSITIVE = []
5507
5967
  include Aws::Structure
5508
5968
  end
@@ -6009,9 +6469,23 @@ module Aws::AppMesh
6009
6469
  # backend_defaults: {
6010
6470
  # client_policy: {
6011
6471
  # tls: {
6472
+ # certificate: {
6473
+ # file: {
6474
+ # certificate_chain: "FilePath", # required
6475
+ # private_key: "FilePath", # required
6476
+ # },
6477
+ # sds: {
6478
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6479
+ # },
6480
+ # },
6012
6481
  # enforce: false,
6013
6482
  # ports: [1],
6014
6483
  # validation: { # required
6484
+ # subject_alternative_names: {
6485
+ # match: { # required
6486
+ # exact: ["SubjectAlternativeName"], # required
6487
+ # },
6488
+ # },
6015
6489
  # trust: { # required
6016
6490
  # acm: {
6017
6491
  # certificate_authority_arns: ["Arn"], # required
@@ -6019,6 +6493,9 @@ module Aws::AppMesh
6019
6493
  # file: {
6020
6494
  # certificate_chain: "FilePath", # required
6021
6495
  # },
6496
+ # sds: {
6497
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6498
+ # },
6022
6499
  # },
6023
6500
  # },
6024
6501
  # },
@@ -6060,8 +6537,26 @@ module Aws::AppMesh
6060
6537
  # certificate_chain: "FilePath", # required
6061
6538
  # private_key: "FilePath", # required
6062
6539
  # },
6540
+ # sds: {
6541
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6542
+ # },
6063
6543
  # },
6064
6544
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
6545
+ # validation: {
6546
+ # subject_alternative_names: {
6547
+ # match: { # required
6548
+ # exact: ["SubjectAlternativeName"], # required
6549
+ # },
6550
+ # },
6551
+ # trust: { # required
6552
+ # file: {
6553
+ # certificate_chain: "FilePath", # required
6554
+ # },
6555
+ # sds: {
6556
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6557
+ # },
6558
+ # },
6559
+ # },
6065
6560
  # },
6066
6561
  # },
6067
6562
  # ],
@@ -6148,9 +6643,23 @@ module Aws::AppMesh
6148
6643
  # backend_defaults: {
6149
6644
  # client_policy: {
6150
6645
  # tls: {
6646
+ # certificate: {
6647
+ # file: {
6648
+ # certificate_chain: "FilePath", # required
6649
+ # private_key: "FilePath", # required
6650
+ # },
6651
+ # sds: {
6652
+ # secret_name: "SdsSecretName", # required
6653
+ # },
6654
+ # },
6151
6655
  # enforce: false,
6152
6656
  # ports: [1],
6153
6657
  # validation: { # required
6658
+ # subject_alternative_names: {
6659
+ # match: { # required
6660
+ # exact: ["SubjectAlternativeName"], # required
6661
+ # },
6662
+ # },
6154
6663
  # trust: { # required
6155
6664
  # acm: {
6156
6665
  # certificate_authority_arns: ["Arn"], # required
@@ -6158,6 +6667,9 @@ module Aws::AppMesh
6158
6667
  # file: {
6159
6668
  # certificate_chain: "FilePath", # required
6160
6669
  # },
6670
+ # sds: {
6671
+ # secret_name: "SdsSecretName", # required
6672
+ # },
6161
6673
  # },
6162
6674
  # },
6163
6675
  # },
@@ -6168,9 +6680,23 @@ module Aws::AppMesh
6168
6680
  # virtual_service: {
6169
6681
  # client_policy: {
6170
6682
  # tls: {
6683
+ # certificate: {
6684
+ # file: {
6685
+ # certificate_chain: "FilePath", # required
6686
+ # private_key: "FilePath", # required
6687
+ # },
6688
+ # sds: {
6689
+ # secret_name: "SdsSecretName", # required
6690
+ # },
6691
+ # },
6171
6692
  # enforce: false,
6172
6693
  # ports: [1],
6173
6694
  # validation: { # required
6695
+ # subject_alternative_names: {
6696
+ # match: { # required
6697
+ # exact: ["SubjectAlternativeName"], # required
6698
+ # },
6699
+ # },
6174
6700
  # trust: { # required
6175
6701
  # acm: {
6176
6702
  # certificate_authority_arns: ["Arn"], # required
@@ -6178,6 +6704,9 @@ module Aws::AppMesh
6178
6704
  # file: {
6179
6705
  # certificate_chain: "FilePath", # required
6180
6706
  # },
6707
+ # sds: {
6708
+ # secret_name: "SdsSecretName", # required
6709
+ # },
6181
6710
  # },
6182
6711
  # },
6183
6712
  # },
@@ -6275,8 +6804,26 @@ module Aws::AppMesh
6275
6804
  # certificate_chain: "FilePath", # required
6276
6805
  # private_key: "FilePath", # required
6277
6806
  # },
6807
+ # sds: {
6808
+ # secret_name: "SdsSecretName", # required
6809
+ # },
6278
6810
  # },
6279
6811
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
6812
+ # validation: {
6813
+ # subject_alternative_names: {
6814
+ # match: { # required
6815
+ # exact: ["SubjectAlternativeName"], # required
6816
+ # },
6817
+ # },
6818
+ # trust: { # required
6819
+ # file: {
6820
+ # certificate_chain: "FilePath", # required
6821
+ # },
6822
+ # sds: {
6823
+ # secret_name: "SdsSecretName", # required
6824
+ # },
6825
+ # },
6826
+ # },
6280
6827
  # },
6281
6828
  # },
6282
6829
  # ],
@@ -6568,9 +7115,23 @@ module Aws::AppMesh
6568
7115
  # {
6569
7116
  # client_policy: {
6570
7117
  # tls: {
7118
+ # certificate: {
7119
+ # file: {
7120
+ # certificate_chain: "FilePath", # required
7121
+ # private_key: "FilePath", # required
7122
+ # },
7123
+ # sds: {
7124
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7125
+ # },
7126
+ # },
6571
7127
  # enforce: false,
6572
7128
  # ports: [1],
6573
7129
  # validation: { # required
7130
+ # subject_alternative_names: {
7131
+ # match: { # required
7132
+ # exact: ["SubjectAlternativeName"], # required
7133
+ # },
7134
+ # },
6574
7135
  # trust: { # required
6575
7136
  # acm: {
6576
7137
  # certificate_authority_arns: ["Arn"], # required
@@ -6578,6 +7139,9 @@ module Aws::AppMesh
6578
7139
  # file: {
6579
7140
  # certificate_chain: "FilePath", # required
6580
7141
  # },
7142
+ # sds: {
7143
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7144
+ # },
6581
7145
  # },
6582
7146
  # },
6583
7147
  # },
@@ -6603,9 +7167,23 @@ module Aws::AppMesh
6603
7167
  #
6604
7168
  # {
6605
7169
  # tls: {
7170
+ # certificate: {
7171
+ # file: {
7172
+ # certificate_chain: "FilePath", # required
7173
+ # private_key: "FilePath", # required
7174
+ # },
7175
+ # sds: {
7176
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7177
+ # },
7178
+ # },
6606
7179
  # enforce: false,
6607
7180
  # ports: [1],
6608
7181
  # validation: { # required
7182
+ # subject_alternative_names: {
7183
+ # match: { # required
7184
+ # exact: ["SubjectAlternativeName"], # required
7185
+ # },
7186
+ # },
6609
7187
  # trust: { # required
6610
7188
  # acm: {
6611
7189
  # certificate_authority_arns: ["Arn"], # required
@@ -6613,6 +7191,9 @@ module Aws::AppMesh
6613
7191
  # file: {
6614
7192
  # certificate_chain: "FilePath", # required
6615
7193
  # },
7194
+ # sds: {
7195
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7196
+ # },
6616
7197
  # },
6617
7198
  # },
6618
7199
  # },
@@ -6638,9 +7219,23 @@ module Aws::AppMesh
6638
7219
  # data as a hash:
6639
7220
  #
6640
7221
  # {
7222
+ # certificate: {
7223
+ # file: {
7224
+ # certificate_chain: "FilePath", # required
7225
+ # private_key: "FilePath", # required
7226
+ # },
7227
+ # sds: {
7228
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7229
+ # },
7230
+ # },
6641
7231
  # enforce: false,
6642
7232
  # ports: [1],
6643
7233
  # validation: { # required
7234
+ # subject_alternative_names: {
7235
+ # match: { # required
7236
+ # exact: ["SubjectAlternativeName"], # required
7237
+ # },
7238
+ # },
6644
7239
  # trust: { # required
6645
7240
  # acm: {
6646
7241
  # certificate_authority_arns: ["Arn"], # required
@@ -6648,10 +7243,18 @@ module Aws::AppMesh
6648
7243
  # file: {
6649
7244
  # certificate_chain: "FilePath", # required
6650
7245
  # },
7246
+ # sds: {
7247
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7248
+ # },
6651
7249
  # },
6652
7250
  # },
6653
7251
  # }
6654
7252
  #
7253
+ # @!attribute [rw] certificate
7254
+ # A reference to an object that represents a virtual gateway's
7255
+ # client's Transport Layer Security (TLS) certificate.
7256
+ # @return [Types::VirtualGatewayClientTlsCertificate]
7257
+ #
6655
7258
  # @!attribute [rw] enforce
6656
7259
  # Whether the policy is enforced. The default is `True`, if a value
6657
7260
  # isn't specified.
@@ -6662,12 +7265,14 @@ module Aws::AppMesh
6662
7265
  # @return [Array<Integer>]
6663
7266
  #
6664
7267
  # @!attribute [rw] validation
6665
- # A reference to an object that represents a TLS validation context.
7268
+ # A reference to an object that represents a Transport Layer Security
7269
+ # (TLS) validation context.
6666
7270
  # @return [Types::VirtualGatewayTlsValidationContext]
6667
7271
  #
6668
7272
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayClientPolicyTls AWS API Documentation
6669
7273
  #
6670
7274
  class VirtualGatewayClientPolicyTls < Struct.new(
7275
+ :certificate,
6671
7276
  :enforce,
6672
7277
  :ports,
6673
7278
  :validation)
@@ -6675,6 +7280,47 @@ module Aws::AppMesh
6675
7280
  include Aws::Structure
6676
7281
  end
6677
7282
 
7283
+ # An object that represents the virtual gateway's client's Transport
7284
+ # Layer Security (TLS) certificate.
7285
+ #
7286
+ # @note When making an API call, you may pass VirtualGatewayClientTlsCertificate
7287
+ # data as a hash:
7288
+ #
7289
+ # {
7290
+ # file: {
7291
+ # certificate_chain: "FilePath", # required
7292
+ # private_key: "FilePath", # required
7293
+ # },
7294
+ # sds: {
7295
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7296
+ # },
7297
+ # }
7298
+ #
7299
+ # @!attribute [rw] file
7300
+ # An object that represents a local file certificate. The certificate
7301
+ # must meet specific requirements and you must have proxy
7302
+ # authorization enabled. For more information, see [Transport Layer
7303
+ # Security (TLS)][1].
7304
+ #
7305
+ #
7306
+ #
7307
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites
7308
+ # @return [Types::VirtualGatewayListenerTlsFileCertificate]
7309
+ #
7310
+ # @!attribute [rw] sds
7311
+ # A reference to an object that represents a virtual gateway's
7312
+ # client's Secret Discovery Service certificate.
7313
+ # @return [Types::VirtualGatewayListenerTlsSdsCertificate]
7314
+ #
7315
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayClientTlsCertificate AWS API Documentation
7316
+ #
7317
+ class VirtualGatewayClientTlsCertificate < Struct.new(
7318
+ :file,
7319
+ :sds)
7320
+ SENSITIVE = []
7321
+ include Aws::Structure
7322
+ end
7323
+
6678
7324
  # An object that represents the type of virtual gateway connection pool.
6679
7325
  #
6680
7326
  # Only one protocol is used at a time and should be the same protocol as
@@ -6965,8 +7611,26 @@ module Aws::AppMesh
6965
7611
  # certificate_chain: "FilePath", # required
6966
7612
  # private_key: "FilePath", # required
6967
7613
  # },
7614
+ # sds: {
7615
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7616
+ # },
6968
7617
  # },
6969
7618
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
7619
+ # validation: {
7620
+ # subject_alternative_names: {
7621
+ # match: { # required
7622
+ # exact: ["SubjectAlternativeName"], # required
7623
+ # },
7624
+ # },
7625
+ # trust: { # required
7626
+ # file: {
7627
+ # certificate_chain: "FilePath", # required
7628
+ # },
7629
+ # sds: {
7630
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7631
+ # },
7632
+ # },
7633
+ # },
6970
7634
  # },
6971
7635
  # }
6972
7636
  #
@@ -7013,8 +7677,26 @@ module Aws::AppMesh
7013
7677
  # certificate_chain: "FilePath", # required
7014
7678
  # private_key: "FilePath", # required
7015
7679
  # },
7680
+ # sds: {
7681
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7682
+ # },
7016
7683
  # },
7017
7684
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
7685
+ # validation: {
7686
+ # subject_alternative_names: {
7687
+ # match: { # required
7688
+ # exact: ["SubjectAlternativeName"], # required
7689
+ # },
7690
+ # },
7691
+ # trust: { # required
7692
+ # file: {
7693
+ # certificate_chain: "FilePath", # required
7694
+ # },
7695
+ # sds: {
7696
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7697
+ # },
7698
+ # },
7699
+ # },
7018
7700
  # }
7019
7701
  #
7020
7702
  # @!attribute [rw] certificate
@@ -7033,11 +7715,17 @@ module Aws::AppMesh
7033
7715
  # * ****DISABLED – Listener only accepts connections without TLS.
7034
7716
  # @return [String]
7035
7717
  #
7718
+ # @!attribute [rw] validation
7719
+ # A reference to an object that represents a virtual gateway's
7720
+ # listener's Transport Layer Security (TLS) validation context.
7721
+ # @return [Types::VirtualGatewayListenerTlsValidationContext]
7722
+ #
7036
7723
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTls AWS API Documentation
7037
7724
  #
7038
7725
  class VirtualGatewayListenerTls < Struct.new(
7039
7726
  :certificate,
7040
- :mode)
7727
+ :mode,
7728
+ :validation)
7041
7729
  SENSITIVE = []
7042
7730
  include Aws::Structure
7043
7731
  end
@@ -7084,6 +7772,9 @@ module Aws::AppMesh
7084
7772
  # certificate_chain: "FilePath", # required
7085
7773
  # private_key: "FilePath", # required
7086
7774
  # },
7775
+ # sds: {
7776
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7777
+ # },
7087
7778
  # }
7088
7779
  #
7089
7780
  # @!attribute [rw] acm
@@ -7095,11 +7786,17 @@ module Aws::AppMesh
7095
7786
  # A reference to an object that represents a local file certificate.
7096
7787
  # @return [Types::VirtualGatewayListenerTlsFileCertificate]
7097
7788
  #
7789
+ # @!attribute [rw] sds
7790
+ # A reference to an object that represents a virtual gateway's
7791
+ # listener's Secret Discovery Service certificate.
7792
+ # @return [Types::VirtualGatewayListenerTlsSdsCertificate]
7793
+ #
7098
7794
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsCertificate AWS API Documentation
7099
7795
  #
7100
7796
  class VirtualGatewayListenerTlsCertificate < Struct.new(
7101
7797
  :acm,
7102
- :file)
7798
+ :file,
7799
+ :sds)
7103
7800
  SENSITIVE = []
7104
7801
  include Aws::Structure
7105
7802
  end
@@ -7139,6 +7836,114 @@ module Aws::AppMesh
7139
7836
  include Aws::Structure
7140
7837
  end
7141
7838
 
7839
+ # An object that represents the virtual gateway's listener's Secret
7840
+ # Discovery Service certificate.The proxy must be configured with a
7841
+ # local SDS provider via a Unix Domain Socket. See App Mesh [TLS
7842
+ # documentation][1] for more info.
7843
+ #
7844
+ #
7845
+ #
7846
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
7847
+ #
7848
+ # @note When making an API call, you may pass VirtualGatewayListenerTlsSdsCertificate
7849
+ # data as a hash:
7850
+ #
7851
+ # {
7852
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7853
+ # }
7854
+ #
7855
+ # @!attribute [rw] secret_name
7856
+ # A reference to an object that represents the name of the secret
7857
+ # secret requested from the Secret Discovery Service provider
7858
+ # representing Transport Layer Security (TLS) materials like a
7859
+ # certificate or certificate chain.
7860
+ # @return [String]
7861
+ #
7862
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsSdsCertificate AWS API Documentation
7863
+ #
7864
+ class VirtualGatewayListenerTlsSdsCertificate < Struct.new(
7865
+ :secret_name)
7866
+ SENSITIVE = []
7867
+ include Aws::Structure
7868
+ end
7869
+
7870
+ # An object that represents a virtual gateway's listener's Transport
7871
+ # Layer Security (TLS) validation context.
7872
+ #
7873
+ # @note When making an API call, you may pass VirtualGatewayListenerTlsValidationContext
7874
+ # data as a hash:
7875
+ #
7876
+ # {
7877
+ # subject_alternative_names: {
7878
+ # match: { # required
7879
+ # exact: ["SubjectAlternativeName"], # required
7880
+ # },
7881
+ # },
7882
+ # trust: { # required
7883
+ # file: {
7884
+ # certificate_chain: "FilePath", # required
7885
+ # },
7886
+ # sds: {
7887
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7888
+ # },
7889
+ # },
7890
+ # }
7891
+ #
7892
+ # @!attribute [rw] subject_alternative_names
7893
+ # A reference to an object that represents the SANs for a virtual
7894
+ # gateway listener's Transport Layer Security (TLS) validation
7895
+ # context.
7896
+ # @return [Types::SubjectAlternativeNames]
7897
+ #
7898
+ # @!attribute [rw] trust
7899
+ # A reference to where to retrieve the trust chain when validating a
7900
+ # peer’s Transport Layer Security (TLS) certificate.
7901
+ # @return [Types::VirtualGatewayListenerTlsValidationContextTrust]
7902
+ #
7903
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsValidationContext AWS API Documentation
7904
+ #
7905
+ class VirtualGatewayListenerTlsValidationContext < Struct.new(
7906
+ :subject_alternative_names,
7907
+ :trust)
7908
+ SENSITIVE = []
7909
+ include Aws::Structure
7910
+ end
7911
+
7912
+ # An object that represents a virtual gateway's listener's Transport
7913
+ # Layer Security (TLS) validation context trust.
7914
+ #
7915
+ # @note When making an API call, you may pass VirtualGatewayListenerTlsValidationContextTrust
7916
+ # data as a hash:
7917
+ #
7918
+ # {
7919
+ # file: {
7920
+ # certificate_chain: "FilePath", # required
7921
+ # },
7922
+ # sds: {
7923
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7924
+ # },
7925
+ # }
7926
+ #
7927
+ # @!attribute [rw] file
7928
+ # An object that represents a Transport Layer Security (TLS)
7929
+ # validation context trust for a local file.
7930
+ # @return [Types::VirtualGatewayTlsValidationContextFileTrust]
7931
+ #
7932
+ # @!attribute [rw] sds
7933
+ # A reference to an object that represents a virtual gateway's
7934
+ # listener's Transport Layer Security (TLS) Secret Discovery Service
7935
+ # validation context trust.
7936
+ # @return [Types::VirtualGatewayTlsValidationContextSdsTrust]
7937
+ #
7938
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsValidationContextTrust AWS API Documentation
7939
+ #
7940
+ class VirtualGatewayListenerTlsValidationContextTrust < Struct.new(
7941
+ :file,
7942
+ :sds)
7943
+ SENSITIVE = []
7944
+ include Aws::Structure
7945
+ end
7946
+
7142
7947
  # An object that represents logging information.
7143
7948
  #
7144
7949
  # @note When making an API call, you may pass VirtualGatewayLogging
@@ -7268,9 +8073,23 @@ module Aws::AppMesh
7268
8073
  # backend_defaults: {
7269
8074
  # client_policy: {
7270
8075
  # tls: {
8076
+ # certificate: {
8077
+ # file: {
8078
+ # certificate_chain: "FilePath", # required
8079
+ # private_key: "FilePath", # required
8080
+ # },
8081
+ # sds: {
8082
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8083
+ # },
8084
+ # },
7271
8085
  # enforce: false,
7272
8086
  # ports: [1],
7273
8087
  # validation: { # required
8088
+ # subject_alternative_names: {
8089
+ # match: { # required
8090
+ # exact: ["SubjectAlternativeName"], # required
8091
+ # },
8092
+ # },
7274
8093
  # trust: { # required
7275
8094
  # acm: {
7276
8095
  # certificate_authority_arns: ["Arn"], # required
@@ -7278,6 +8097,9 @@ module Aws::AppMesh
7278
8097
  # file: {
7279
8098
  # certificate_chain: "FilePath", # required
7280
8099
  # },
8100
+ # sds: {
8101
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8102
+ # },
7281
8103
  # },
7282
8104
  # },
7283
8105
  # },
@@ -7319,8 +8141,26 @@ module Aws::AppMesh
7319
8141
  # certificate_chain: "FilePath", # required
7320
8142
  # private_key: "FilePath", # required
7321
8143
  # },
8144
+ # sds: {
8145
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8146
+ # },
7322
8147
  # },
7323
8148
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
8149
+ # validation: {
8150
+ # subject_alternative_names: {
8151
+ # match: { # required
8152
+ # exact: ["SubjectAlternativeName"], # required
8153
+ # },
8154
+ # },
8155
+ # trust: { # required
8156
+ # file: {
8157
+ # certificate_chain: "FilePath", # required
8158
+ # },
8159
+ # sds: {
8160
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8161
+ # },
8162
+ # },
8163
+ # },
7324
8164
  # },
7325
8165
  # },
7326
8166
  # ],
@@ -7377,6 +8217,11 @@ module Aws::AppMesh
7377
8217
  # data as a hash:
7378
8218
  #
7379
8219
  # {
8220
+ # subject_alternative_names: {
8221
+ # match: { # required
8222
+ # exact: ["SubjectAlternativeName"], # required
8223
+ # },
8224
+ # },
7380
8225
  # trust: { # required
7381
8226
  # acm: {
7382
8227
  # certificate_authority_arns: ["Arn"], # required
@@ -7384,24 +8229,34 @@ module Aws::AppMesh
7384
8229
  # file: {
7385
8230
  # certificate_chain: "FilePath", # required
7386
8231
  # },
8232
+ # sds: {
8233
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8234
+ # },
7387
8235
  # },
7388
8236
  # }
7389
8237
  #
8238
+ # @!attribute [rw] subject_alternative_names
8239
+ # A reference to an object that represents the SANs for a virtual
8240
+ # gateway's listener's Transport Layer Security (TLS) validation
8241
+ # context.
8242
+ # @return [Types::SubjectAlternativeNames]
8243
+ #
7390
8244
  # @!attribute [rw] trust
7391
- # A reference to an object that represents a TLS validation context
7392
- # trust.
8245
+ # A reference to where to retrieve the trust chain when validating a
8246
+ # peer’s Transport Layer Security (TLS) certificate.
7393
8247
  # @return [Types::VirtualGatewayTlsValidationContextTrust]
7394
8248
  #
7395
8249
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayTlsValidationContext AWS API Documentation
7396
8250
  #
7397
8251
  class VirtualGatewayTlsValidationContext < Struct.new(
8252
+ :subject_alternative_names,
7398
8253
  :trust)
7399
8254
  SENSITIVE = []
7400
8255
  include Aws::Structure
7401
8256
  end
7402
8257
 
7403
- # An object that represents a TLS validation context trust for an AWS
7404
- # Certicate Manager (ACM) certificate.
8258
+ # An object that represents a Transport Layer Security (TLS) validation
8259
+ # context trust for an AWS Certicate Manager (ACM) certificate.
7405
8260
  #
7406
8261
  # @note When making an API call, you may pass VirtualGatewayTlsValidationContextAcmTrust
7407
8262
  # data as a hash:
@@ -7445,6 +8300,36 @@ module Aws::AppMesh
7445
8300
  include Aws::Structure
7446
8301
  end
7447
8302
 
8303
+ # An object that represents a virtual gateway's listener's Transport
8304
+ # Layer Security (TLS) Secret Discovery Service validation context
8305
+ # trust. The proxy must be configured with a local SDS provider via a
8306
+ # Unix Domain Socket. See App Mesh [TLS documentation][1] for more info.
8307
+ #
8308
+ #
8309
+ #
8310
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
8311
+ #
8312
+ # @note When making an API call, you may pass VirtualGatewayTlsValidationContextSdsTrust
8313
+ # data as a hash:
8314
+ #
8315
+ # {
8316
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8317
+ # }
8318
+ #
8319
+ # @!attribute [rw] secret_name
8320
+ # A reference to an object that represents the name of the secret for
8321
+ # a virtual gateway's Transport Layer Security (TLS) Secret Discovery
8322
+ # Service validation context trust.
8323
+ # @return [String]
8324
+ #
8325
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayTlsValidationContextSdsTrust AWS API Documentation
8326
+ #
8327
+ class VirtualGatewayTlsValidationContextSdsTrust < Struct.new(
8328
+ :secret_name)
8329
+ SENSITIVE = []
8330
+ include Aws::Structure
8331
+ end
8332
+
7448
8333
  # An object that represents a Transport Layer Security (TLS) validation
7449
8334
  # context trust.
7450
8335
  #
@@ -7458,23 +8343,34 @@ module Aws::AppMesh
7458
8343
  # file: {
7459
8344
  # certificate_chain: "FilePath", # required
7460
8345
  # },
8346
+ # sds: {
8347
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8348
+ # },
7461
8349
  # }
7462
8350
  #
7463
8351
  # @!attribute [rw] acm
7464
- # A reference to an object that represents a TLS validation context
7465
- # trust for an AWS Certicate Manager (ACM) certificate.
8352
+ # A reference to an object that represents a Transport Layer Security
8353
+ # (TLS) validation context trust for an AWS Certicate Manager (ACM)
8354
+ # certificate.
7466
8355
  # @return [Types::VirtualGatewayTlsValidationContextAcmTrust]
7467
8356
  #
7468
8357
  # @!attribute [rw] file
7469
- # An object that represents a TLS validation context trust for a local
7470
- # file.
8358
+ # An object that represents a Transport Layer Security (TLS)
8359
+ # validation context trust for a local file.
7471
8360
  # @return [Types::VirtualGatewayTlsValidationContextFileTrust]
7472
8361
  #
8362
+ # @!attribute [rw] sds
8363
+ # A reference to an object that represents a virtual gateway's
8364
+ # Transport Layer Security (TLS) Secret Discovery Service validation
8365
+ # context trust.
8366
+ # @return [Types::VirtualGatewayTlsValidationContextSdsTrust]
8367
+ #
7473
8368
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayTlsValidationContextTrust AWS API Documentation
7474
8369
  #
7475
8370
  class VirtualGatewayTlsValidationContextTrust < Struct.new(
7476
8371
  :acm,
7477
- :file)
8372
+ :file,
8373
+ :sds)
7478
8374
  SENSITIVE = []
7479
8375
  include Aws::Structure
7480
8376
  end
@@ -7737,9 +8633,23 @@ module Aws::AppMesh
7737
8633
  # backend_defaults: {
7738
8634
  # client_policy: {
7739
8635
  # tls: {
8636
+ # certificate: {
8637
+ # file: {
8638
+ # certificate_chain: "FilePath", # required
8639
+ # private_key: "FilePath", # required
8640
+ # },
8641
+ # sds: {
8642
+ # secret_name: "SdsSecretName", # required
8643
+ # },
8644
+ # },
7740
8645
  # enforce: false,
7741
8646
  # ports: [1],
7742
8647
  # validation: { # required
8648
+ # subject_alternative_names: {
8649
+ # match: { # required
8650
+ # exact: ["SubjectAlternativeName"], # required
8651
+ # },
8652
+ # },
7743
8653
  # trust: { # required
7744
8654
  # acm: {
7745
8655
  # certificate_authority_arns: ["Arn"], # required
@@ -7747,6 +8657,9 @@ module Aws::AppMesh
7747
8657
  # file: {
7748
8658
  # certificate_chain: "FilePath", # required
7749
8659
  # },
8660
+ # sds: {
8661
+ # secret_name: "SdsSecretName", # required
8662
+ # },
7750
8663
  # },
7751
8664
  # },
7752
8665
  # },
@@ -7757,9 +8670,23 @@ module Aws::AppMesh
7757
8670
  # virtual_service: {
7758
8671
  # client_policy: {
7759
8672
  # tls: {
8673
+ # certificate: {
8674
+ # file: {
8675
+ # certificate_chain: "FilePath", # required
8676
+ # private_key: "FilePath", # required
8677
+ # },
8678
+ # sds: {
8679
+ # secret_name: "SdsSecretName", # required
8680
+ # },
8681
+ # },
7760
8682
  # enforce: false,
7761
8683
  # ports: [1],
7762
8684
  # validation: { # required
8685
+ # subject_alternative_names: {
8686
+ # match: { # required
8687
+ # exact: ["SubjectAlternativeName"], # required
8688
+ # },
8689
+ # },
7763
8690
  # trust: { # required
7764
8691
  # acm: {
7765
8692
  # certificate_authority_arns: ["Arn"], # required
@@ -7767,6 +8694,9 @@ module Aws::AppMesh
7767
8694
  # file: {
7768
8695
  # certificate_chain: "FilePath", # required
7769
8696
  # },
8697
+ # sds: {
8698
+ # secret_name: "SdsSecretName", # required
8699
+ # },
7770
8700
  # },
7771
8701
  # },
7772
8702
  # },
@@ -7864,8 +8794,26 @@ module Aws::AppMesh
7864
8794
  # certificate_chain: "FilePath", # required
7865
8795
  # private_key: "FilePath", # required
7866
8796
  # },
8797
+ # sds: {
8798
+ # secret_name: "SdsSecretName", # required
8799
+ # },
7867
8800
  # },
7868
8801
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
8802
+ # validation: {
8803
+ # subject_alternative_names: {
8804
+ # match: { # required
8805
+ # exact: ["SubjectAlternativeName"], # required
8806
+ # },
8807
+ # },
8808
+ # trust: { # required
8809
+ # file: {
8810
+ # certificate_chain: "FilePath", # required
8811
+ # },
8812
+ # sds: {
8813
+ # secret_name: "SdsSecretName", # required
8814
+ # },
8815
+ # },
8816
+ # },
7869
8817
  # },
7870
8818
  # },
7871
8819
  # ],
@@ -8166,9 +9114,23 @@ module Aws::AppMesh
8166
9114
  # {
8167
9115
  # client_policy: {
8168
9116
  # tls: {
9117
+ # certificate: {
9118
+ # file: {
9119
+ # certificate_chain: "FilePath", # required
9120
+ # private_key: "FilePath", # required
9121
+ # },
9122
+ # sds: {
9123
+ # secret_name: "SdsSecretName", # required
9124
+ # },
9125
+ # },
8169
9126
  # enforce: false,
8170
9127
  # ports: [1],
8171
9128
  # validation: { # required
9129
+ # subject_alternative_names: {
9130
+ # match: { # required
9131
+ # exact: ["SubjectAlternativeName"], # required
9132
+ # },
9133
+ # },
8172
9134
  # trust: { # required
8173
9135
  # acm: {
8174
9136
  # certificate_authority_arns: ["Arn"], # required
@@ -8176,6 +9138,9 @@ module Aws::AppMesh
8176
9138
  # file: {
8177
9139
  # certificate_chain: "FilePath", # required
8178
9140
  # },
9141
+ # sds: {
9142
+ # secret_name: "SdsSecretName", # required
9143
+ # },
8179
9144
  # },
8180
9145
  # },
8181
9146
  # },