aws-sdk-appmesh 1.33.0 → 1.34.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-appmesh.rb +1 -1
  3. data/lib/aws-sdk-appmesh/client.rb +287 -1
  4. data/lib/aws-sdk-appmesh/client_api.rb +70 -0
  5. data/lib/aws-sdk-appmesh/types.rb +1001 -36
  6. metadata +4 -4
data/lib/aws-sdk-appmesh/client_api.rb CHANGED
@@ -30,6 +30,7 @@ module Aws::AppMesh
30
30
  CertificateAuthorityArns = Shapes::ListShape.new(name: 'CertificateAuthorityArns')
31
31
  ClientPolicy = Shapes::StructureShape.new(name: 'ClientPolicy')
32
32
  ClientPolicyTls = Shapes::StructureShape.new(name: 'ClientPolicyTls')
33
+ ClientTlsCertificate = Shapes::StructureShape.new(name: 'ClientTlsCertificate')
33
34
  ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
34
35
  CreateGatewayRouteInput = Shapes::StructureShape.new(name: 'CreateGatewayRouteInput')
35
36
  CreateGatewayRouteOutput = Shapes::StructureShape.new(name: 'CreateGatewayRouteOutput')
@@ -157,6 +158,9 @@ module Aws::AppMesh
157
158
  ListenerTlsCertificate = Shapes::StructureShape.new(name: 'ListenerTlsCertificate')
158
159
  ListenerTlsFileCertificate = Shapes::StructureShape.new(name: 'ListenerTlsFileCertificate')
159
160
  ListenerTlsMode = Shapes::StringShape.new(name: 'ListenerTlsMode')
161
+ ListenerTlsSdsCertificate = Shapes::StructureShape.new(name: 'ListenerTlsSdsCertificate')
162
+ ListenerTlsValidationContext = Shapes::StructureShape.new(name: 'ListenerTlsValidationContext')
163
+ ListenerTlsValidationContextTrust = Shapes::StructureShape.new(name: 'ListenerTlsValidationContextTrust')
160
164
  Listeners = Shapes::ListShape.new(name: 'Listeners')
161
165
  Logging = Shapes::StructureShape.new(name: 'Logging')
162
166
  Long = Shapes::IntegerShape.new(name: 'Long')
@@ -191,10 +195,15 @@ module Aws::AppMesh
191
195
  RouteSpec = Shapes::StructureShape.new(name: 'RouteSpec')
192
196
  RouteStatus = Shapes::StructureShape.new(name: 'RouteStatus')
193
197
  RouteStatusCode = Shapes::StringShape.new(name: 'RouteStatusCode')
198
+ SdsSecretName = Shapes::StringShape.new(name: 'SdsSecretName')
194
199
  ServiceDiscovery = Shapes::StructureShape.new(name: 'ServiceDiscovery')
195
200
  ServiceName = Shapes::StringShape.new(name: 'ServiceName')
196
201
  ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
197
202
  String = Shapes::StringShape.new(name: 'String')
203
+ SubjectAlternativeName = Shapes::StringShape.new(name: 'SubjectAlternativeName')
204
+ SubjectAlternativeNameList = Shapes::ListShape.new(name: 'SubjectAlternativeNameList')
205
+ SubjectAlternativeNameMatchers = Shapes::StructureShape.new(name: 'SubjectAlternativeNameMatchers')
206
+ SubjectAlternativeNames = Shapes::StructureShape.new(name: 'SubjectAlternativeNames')
198
207
  TagKey = Shapes::StringShape.new(name: 'TagKey')
199
208
  TagKeyList = Shapes::ListShape.new(name: 'TagKeyList')
200
209
  TagList = Shapes::ListShape.new(name: 'TagList')
@@ -212,6 +221,7 @@ module Aws::AppMesh
212
221
  TlsValidationContext = Shapes::StructureShape.new(name: 'TlsValidationContext')
213
222
  TlsValidationContextAcmTrust = Shapes::StructureShape.new(name: 'TlsValidationContextAcmTrust')
214
223
  TlsValidationContextFileTrust = Shapes::StructureShape.new(name: 'TlsValidationContextFileTrust')
224
+ TlsValidationContextSdsTrust = Shapes::StructureShape.new(name: 'TlsValidationContextSdsTrust')
215
225
  TlsValidationContextTrust = Shapes::StructureShape.new(name: 'TlsValidationContextTrust')
216
226
  TooManyRequestsException = Shapes::StructureShape.new(name: 'TooManyRequestsException')
217
227
  TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException')
@@ -236,6 +246,7 @@ module Aws::AppMesh
236
246
  VirtualGatewayCertificateAuthorityArns = Shapes::ListShape.new(name: 'VirtualGatewayCertificateAuthorityArns')
237
247
  VirtualGatewayClientPolicy = Shapes::StructureShape.new(name: 'VirtualGatewayClientPolicy')
238
248
  VirtualGatewayClientPolicyTls = Shapes::StructureShape.new(name: 'VirtualGatewayClientPolicyTls')
249
+ VirtualGatewayClientTlsCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayClientTlsCertificate')
239
250
  VirtualGatewayConnectionPool = Shapes::StructureShape.new(name: 'VirtualGatewayConnectionPool')
240
251
  VirtualGatewayData = Shapes::StructureShape.new(name: 'VirtualGatewayData')
241
252
  VirtualGatewayFileAccessLog = Shapes::StructureShape.new(name: 'VirtualGatewayFileAccessLog')
@@ -253,17 +264,22 @@ module Aws::AppMesh
253
264
  VirtualGatewayListenerTlsCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsCertificate')
254
265
  VirtualGatewayListenerTlsFileCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsFileCertificate')
255
266
  VirtualGatewayListenerTlsMode = Shapes::StringShape.new(name: 'VirtualGatewayListenerTlsMode')
267
+ VirtualGatewayListenerTlsSdsCertificate = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsSdsCertificate')
268
+ VirtualGatewayListenerTlsValidationContext = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsValidationContext')
269
+ VirtualGatewayListenerTlsValidationContextTrust = Shapes::StructureShape.new(name: 'VirtualGatewayListenerTlsValidationContextTrust')
256
270
  VirtualGatewayListeners = Shapes::ListShape.new(name: 'VirtualGatewayListeners')
257
271
  VirtualGatewayLogging = Shapes::StructureShape.new(name: 'VirtualGatewayLogging')
258
272
  VirtualGatewayPortMapping = Shapes::StructureShape.new(name: 'VirtualGatewayPortMapping')
259
273
  VirtualGatewayPortProtocol = Shapes::StringShape.new(name: 'VirtualGatewayPortProtocol')
260
274
  VirtualGatewayRef = Shapes::StructureShape.new(name: 'VirtualGatewayRef')
275
+ VirtualGatewaySdsSecretName = Shapes::StringShape.new(name: 'VirtualGatewaySdsSecretName')
261
276
  VirtualGatewaySpec = Shapes::StructureShape.new(name: 'VirtualGatewaySpec')
262
277
  VirtualGatewayStatus = Shapes::StructureShape.new(name: 'VirtualGatewayStatus')
263
278
  VirtualGatewayStatusCode = Shapes::StringShape.new(name: 'VirtualGatewayStatusCode')
264
279
  VirtualGatewayTlsValidationContext = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContext')
265
280
  VirtualGatewayTlsValidationContextAcmTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextAcmTrust')
266
281
  VirtualGatewayTlsValidationContextFileTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextFileTrust')
282
+ VirtualGatewayTlsValidationContextSdsTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextSdsTrust')
267
283
  VirtualGatewayTlsValidationContextTrust = Shapes::StructureShape.new(name: 'VirtualGatewayTlsValidationContextTrust')
268
284
  VirtualNodeConnectionPool = Shapes::StructureShape.new(name: 'VirtualNodeConnectionPool')
269
285
  VirtualNodeData = Shapes::StructureShape.new(name: 'VirtualNodeData')
@@ -327,11 +343,16 @@ module Aws::AppMesh
327
343
  ClientPolicy.add_member(:tls, Shapes::ShapeRef.new(shape: ClientPolicyTls, location_name: "tls"))
328
344
  ClientPolicy.struct_class = Types::ClientPolicy
329
345
 
346
+ ClientPolicyTls.add_member(:certificate, Shapes::ShapeRef.new(shape: ClientTlsCertificate, location_name: "certificate"))
330
347
  ClientPolicyTls.add_member(:enforce, Shapes::ShapeRef.new(shape: Boolean, location_name: "enforce", metadata: {"box"=>true}))
331
348
  ClientPolicyTls.add_member(:ports, Shapes::ShapeRef.new(shape: PortSet, location_name: "ports"))
332
349
  ClientPolicyTls.add_member(:validation, Shapes::ShapeRef.new(shape: TlsValidationContext, required: true, location_name: "validation"))
333
350
  ClientPolicyTls.struct_class = Types::ClientPolicyTls
334
351
 
352
+ ClientTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: ListenerTlsFileCertificate, location_name: "file"))
353
+ ClientTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: ListenerTlsSdsCertificate, location_name: "sds"))
354
+ ClientTlsCertificate.struct_class = Types::ClientTlsCertificate
355
+
335
356
  ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
336
357
  ConflictException.struct_class = Types::ConflictException
337
358
 
@@ -830,6 +851,7 @@ module Aws::AppMesh
830
851
 
831
852
  ListenerTls.add_member(:certificate, Shapes::ShapeRef.new(shape: ListenerTlsCertificate, required: true, location_name: "certificate"))
832
853
  ListenerTls.add_member(:mode, Shapes::ShapeRef.new(shape: ListenerTlsMode, required: true, location_name: "mode"))
854
+ ListenerTls.add_member(:validation, Shapes::ShapeRef.new(shape: ListenerTlsValidationContext, location_name: "validation"))
833
855
  ListenerTls.struct_class = Types::ListenerTls
834
856
 
835
857
  ListenerTlsAcmCertificate.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "certificateArn"))
@@ -837,12 +859,24 @@ module Aws::AppMesh
837
859
 
838
860
  ListenerTlsCertificate.add_member(:acm, Shapes::ShapeRef.new(shape: ListenerTlsAcmCertificate, location_name: "acm"))
839
861
  ListenerTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: ListenerTlsFileCertificate, location_name: "file"))
862
+ ListenerTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: ListenerTlsSdsCertificate, location_name: "sds"))
840
863
  ListenerTlsCertificate.struct_class = Types::ListenerTlsCertificate
841
864
 
842
865
  ListenerTlsFileCertificate.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
843
866
  ListenerTlsFileCertificate.add_member(:private_key, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "privateKey"))
844
867
  ListenerTlsFileCertificate.struct_class = Types::ListenerTlsFileCertificate
845
868
 
869
+ ListenerTlsSdsCertificate.add_member(:secret_name, Shapes::ShapeRef.new(shape: SdsSecretName, required: true, location_name: "secretName"))
870
+ ListenerTlsSdsCertificate.struct_class = Types::ListenerTlsSdsCertificate
871
+
872
+ ListenerTlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
873
+ ListenerTlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: ListenerTlsValidationContextTrust, required: true, location_name: "trust"))
874
+ ListenerTlsValidationContext.struct_class = Types::ListenerTlsValidationContext
875
+
876
+ ListenerTlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: TlsValidationContextFileTrust, location_name: "file"))
877
+ ListenerTlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: TlsValidationContextSdsTrust, location_name: "sds"))
878
+ ListenerTlsValidationContextTrust.struct_class = Types::ListenerTlsValidationContextTrust
879
+
846
880
  Listeners.member = Shapes::ShapeRef.new(shape: Listener)
847
881
 
848
882
  Logging.add_member(:access_log, Shapes::ShapeRef.new(shape: AccessLog, location_name: "accessLog"))
@@ -940,6 +974,14 @@ module Aws::AppMesh
940
974
  ServiceUnavailableException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
941
975
  ServiceUnavailableException.struct_class = Types::ServiceUnavailableException
942
976
 
977
+ SubjectAlternativeNameList.member = Shapes::ShapeRef.new(shape: SubjectAlternativeName)
978
+
979
+ SubjectAlternativeNameMatchers.add_member(:exact, Shapes::ShapeRef.new(shape: SubjectAlternativeNameList, required: true, location_name: "exact"))
980
+ SubjectAlternativeNameMatchers.struct_class = Types::SubjectAlternativeNameMatchers
981
+
982
+ SubjectAlternativeNames.add_member(:match, Shapes::ShapeRef.new(shape: SubjectAlternativeNameMatchers, required: true, location_name: "match"))
983
+ SubjectAlternativeNames.struct_class = Types::SubjectAlternativeNames
984
+
943
985
  TagKeyList.member = Shapes::ShapeRef.new(shape: TagKey)
944
986
 
945
987
  TagList.member = Shapes::ShapeRef.new(shape: TagRef)
@@ -966,6 +1008,7 @@ module Aws::AppMesh
966
1008
  TcpTimeout.add_member(:idle, Shapes::ShapeRef.new(shape: Duration, location_name: "idle"))
967
1009
  TcpTimeout.struct_class = Types::TcpTimeout
968
1010
 
1011
+ TlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
969
1012
  TlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: TlsValidationContextTrust, required: true, location_name: "trust"))
970
1013
  TlsValidationContext.struct_class = Types::TlsValidationContext
971
1014
 
@@ -975,8 +1018,12 @@ module Aws::AppMesh
975
1018
  TlsValidationContextFileTrust.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
976
1019
  TlsValidationContextFileTrust.struct_class = Types::TlsValidationContextFileTrust
977
1020
 
1021
+ TlsValidationContextSdsTrust.add_member(:secret_name, Shapes::ShapeRef.new(shape: SdsSecretName, required: true, location_name: "secretName"))
1022
+ TlsValidationContextSdsTrust.struct_class = Types::TlsValidationContextSdsTrust
1023
+
978
1024
  TlsValidationContextTrust.add_member(:acm, Shapes::ShapeRef.new(shape: TlsValidationContextAcmTrust, location_name: "acm"))
979
1025
  TlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: TlsValidationContextFileTrust, location_name: "file"))
1026
+ TlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: TlsValidationContextSdsTrust, location_name: "sds"))
980
1027
  TlsValidationContextTrust.struct_class = Types::TlsValidationContextTrust
981
1028
 
982
1029
  TooManyRequestsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
@@ -1086,11 +1133,16 @@ module Aws::AppMesh
1086
1133
  VirtualGatewayClientPolicy.add_member(:tls, Shapes::ShapeRef.new(shape: VirtualGatewayClientPolicyTls, location_name: "tls"))
1087
1134
  VirtualGatewayClientPolicy.struct_class = Types::VirtualGatewayClientPolicy
1088
1135
 
1136
+ VirtualGatewayClientPolicyTls.add_member(:certificate, Shapes::ShapeRef.new(shape: VirtualGatewayClientTlsCertificate, location_name: "certificate"))
1089
1137
  VirtualGatewayClientPolicyTls.add_member(:enforce, Shapes::ShapeRef.new(shape: Boolean, location_name: "enforce", metadata: {"box"=>true}))
1090
1138
  VirtualGatewayClientPolicyTls.add_member(:ports, Shapes::ShapeRef.new(shape: PortSet, location_name: "ports"))
1091
1139
  VirtualGatewayClientPolicyTls.add_member(:validation, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContext, required: true, location_name: "validation"))
1092
1140
  VirtualGatewayClientPolicyTls.struct_class = Types::VirtualGatewayClientPolicyTls
1093
1141
 
1142
+ VirtualGatewayClientTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsFileCertificate, location_name: "file"))
1143
+ VirtualGatewayClientTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsSdsCertificate, location_name: "sds"))
1144
+ VirtualGatewayClientTlsCertificate.struct_class = Types::VirtualGatewayClientTlsCertificate
1145
+
1094
1146
  VirtualGatewayConnectionPool.add_member(:grpc, Shapes::ShapeRef.new(shape: VirtualGatewayGrpcConnectionPool, location_name: "grpc"))
1095
1147
  VirtualGatewayConnectionPool.add_member(:http, Shapes::ShapeRef.new(shape: VirtualGatewayHttpConnectionPool, location_name: "http"))
1096
1148
  VirtualGatewayConnectionPool.add_member(:http2, Shapes::ShapeRef.new(shape: VirtualGatewayHttp2ConnectionPool, location_name: "http2"))
@@ -1135,6 +1187,7 @@ module Aws::AppMesh
1135
1187
 
1136
1188
  VirtualGatewayListenerTls.add_member(:certificate, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsCertificate, required: true, location_name: "certificate"))
1137
1189
  VirtualGatewayListenerTls.add_member(:mode, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsMode, required: true, location_name: "mode"))
1190
+ VirtualGatewayListenerTls.add_member(:validation, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsValidationContext, location_name: "validation"))
1138
1191
  VirtualGatewayListenerTls.struct_class = Types::VirtualGatewayListenerTls
1139
1192
 
1140
1193
  VirtualGatewayListenerTlsAcmCertificate.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "certificateArn"))
@@ -1142,12 +1195,24 @@ module Aws::AppMesh
1142
1195
 
1143
1196
  VirtualGatewayListenerTlsCertificate.add_member(:acm, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsAcmCertificate, location_name: "acm"))
1144
1197
  VirtualGatewayListenerTlsCertificate.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsFileCertificate, location_name: "file"))
1198
+ VirtualGatewayListenerTlsCertificate.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsSdsCertificate, location_name: "sds"))
1145
1199
  VirtualGatewayListenerTlsCertificate.struct_class = Types::VirtualGatewayListenerTlsCertificate
1146
1200
 
1147
1201
  VirtualGatewayListenerTlsFileCertificate.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
1148
1202
  VirtualGatewayListenerTlsFileCertificate.add_member(:private_key, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "privateKey"))
1149
1203
  VirtualGatewayListenerTlsFileCertificate.struct_class = Types::VirtualGatewayListenerTlsFileCertificate
1150
1204
 
1205
+ VirtualGatewayListenerTlsSdsCertificate.add_member(:secret_name, Shapes::ShapeRef.new(shape: VirtualGatewaySdsSecretName, required: true, location_name: "secretName"))
1206
+ VirtualGatewayListenerTlsSdsCertificate.struct_class = Types::VirtualGatewayListenerTlsSdsCertificate
1207
+
1208
+ VirtualGatewayListenerTlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
1209
+ VirtualGatewayListenerTlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: VirtualGatewayListenerTlsValidationContextTrust, required: true, location_name: "trust"))
1210
+ VirtualGatewayListenerTlsValidationContext.struct_class = Types::VirtualGatewayListenerTlsValidationContext
1211
+
1212
+ VirtualGatewayListenerTlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextFileTrust, location_name: "file"))
1213
+ VirtualGatewayListenerTlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextSdsTrust, location_name: "sds"))
1214
+ VirtualGatewayListenerTlsValidationContextTrust.struct_class = Types::VirtualGatewayListenerTlsValidationContextTrust
1215
+
1151
1216
  VirtualGatewayListeners.member = Shapes::ShapeRef.new(shape: VirtualGatewayListener)
1152
1217
 
1153
1218
  VirtualGatewayLogging.add_member(:access_log, Shapes::ShapeRef.new(shape: VirtualGatewayAccessLog, location_name: "accessLog"))
@@ -1175,6 +1240,7 @@ module Aws::AppMesh
1175
1240
  VirtualGatewayStatus.add_member(:status, Shapes::ShapeRef.new(shape: VirtualGatewayStatusCode, required: true, location_name: "status"))
1176
1241
  VirtualGatewayStatus.struct_class = Types::VirtualGatewayStatus
1177
1242
 
1243
+ VirtualGatewayTlsValidationContext.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: SubjectAlternativeNames, location_name: "subjectAlternativeNames"))
1178
1244
  VirtualGatewayTlsValidationContext.add_member(:trust, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextTrust, required: true, location_name: "trust"))
1179
1245
  VirtualGatewayTlsValidationContext.struct_class = Types::VirtualGatewayTlsValidationContext
1180
1246
 
@@ -1184,8 +1250,12 @@ module Aws::AppMesh
1184
1250
  VirtualGatewayTlsValidationContextFileTrust.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: FilePath, required: true, location_name: "certificateChain"))
1185
1251
  VirtualGatewayTlsValidationContextFileTrust.struct_class = Types::VirtualGatewayTlsValidationContextFileTrust
1186
1252
 
1253
+ VirtualGatewayTlsValidationContextSdsTrust.add_member(:secret_name, Shapes::ShapeRef.new(shape: VirtualGatewaySdsSecretName, required: true, location_name: "secretName"))
1254
+ VirtualGatewayTlsValidationContextSdsTrust.struct_class = Types::VirtualGatewayTlsValidationContextSdsTrust
1255
+
1187
1256
  VirtualGatewayTlsValidationContextTrust.add_member(:acm, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextAcmTrust, location_name: "acm"))
1188
1257
  VirtualGatewayTlsValidationContextTrust.add_member(:file, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextFileTrust, location_name: "file"))
1258
+ VirtualGatewayTlsValidationContextTrust.add_member(:sds, Shapes::ShapeRef.new(shape: VirtualGatewayTlsValidationContextSdsTrust, location_name: "sds"))
1189
1259
  VirtualGatewayTlsValidationContextTrust.struct_class = Types::VirtualGatewayTlsValidationContextTrust
1190
1260
 
1191
1261
  VirtualNodeConnectionPool.add_member(:grpc, Shapes::ShapeRef.new(shape: VirtualNodeGrpcConnectionPool, location_name: "grpc"))
data/lib/aws-sdk-appmesh/types.rb CHANGED
@@ -126,9 +126,23 @@ module Aws::AppMesh
126
126
  # virtual_service: {
127
127
  # client_policy: {
128
128
  # tls: {
129
+ # certificate: {
130
+ # file: {
131
+ # certificate_chain: "FilePath", # required
132
+ # private_key: "FilePath", # required
133
+ # },
134
+ # sds: {
135
+ # secret_name: "SdsSecretName", # required
136
+ # },
137
+ # },
129
138
  # enforce: false,
130
139
  # ports: [1],
131
140
  # validation: { # required
141
+ # subject_alternative_names: {
142
+ # match: { # required
143
+ # exact: ["SubjectAlternativeName"], # required
144
+ # },
145
+ # },
132
146
  # trust: { # required
133
147
  # acm: {
134
148
  # certificate_authority_arns: ["Arn"], # required
@@ -136,6 +150,9 @@ module Aws::AppMesh
136
150
  # file: {
137
151
  # certificate_chain: "FilePath", # required
138
152
  # },
153
+ # sds: {
154
+ # secret_name: "SdsSecretName", # required
155
+ # },
139
156
  # },
140
157
  # },
141
158
  # },
@@ -164,9 +181,23 @@ module Aws::AppMesh
164
181
  # {
165
182
  # client_policy: {
166
183
  # tls: {
184
+ # certificate: {
185
+ # file: {
186
+ # certificate_chain: "FilePath", # required
187
+ # private_key: "FilePath", # required
188
+ # },
189
+ # sds: {
190
+ # secret_name: "SdsSecretName", # required
191
+ # },
192
+ # },
167
193
  # enforce: false,
168
194
  # ports: [1],
169
195
  # validation: { # required
196
+ # subject_alternative_names: {
197
+ # match: { # required
198
+ # exact: ["SubjectAlternativeName"], # required
199
+ # },
200
+ # },
170
201
  # trust: { # required
171
202
  # acm: {
172
203
  # certificate_authority_arns: ["Arn"], # required
@@ -174,6 +205,9 @@ module Aws::AppMesh
174
205
  # file: {
175
206
  # certificate_chain: "FilePath", # required
176
207
  # },
208
+ # sds: {
209
+ # secret_name: "SdsSecretName", # required
210
+ # },
177
211
  # },
178
212
  # },
179
213
  # },
@@ -213,9 +247,23 @@ module Aws::AppMesh
213
247
  #
214
248
  # {
215
249
  # tls: {
250
+ # certificate: {
251
+ # file: {
252
+ # certificate_chain: "FilePath", # required
253
+ # private_key: "FilePath", # required
254
+ # },
255
+ # sds: {
256
+ # secret_name: "SdsSecretName", # required
257
+ # },
258
+ # },
216
259
  # enforce: false,
217
260
  # ports: [1],
218
261
  # validation: { # required
262
+ # subject_alternative_names: {
263
+ # match: { # required
264
+ # exact: ["SubjectAlternativeName"], # required
265
+ # },
266
+ # },
219
267
  # trust: { # required
220
268
  # acm: {
221
269
  # certificate_authority_arns: ["Arn"], # required
@@ -223,6 +271,9 @@ module Aws::AppMesh
223
271
  # file: {
224
272
  # certificate_chain: "FilePath", # required
225
273
  # },
274
+ # sds: {
275
+ # secret_name: "SdsSecretName", # required
276
+ # },
226
277
  # },
227
278
  # },
228
279
  # },
@@ -248,9 +299,23 @@ module Aws::AppMesh
248
299
  # data as a hash:
249
300
  #
250
301
  # {
302
+ # certificate: {
303
+ # file: {
304
+ # certificate_chain: "FilePath", # required
305
+ # private_key: "FilePath", # required
306
+ # },
307
+ # sds: {
308
+ # secret_name: "SdsSecretName", # required
309
+ # },
310
+ # },
251
311
  # enforce: false,
252
312
  # ports: [1],
253
313
  # validation: { # required
314
+ # subject_alternative_names: {
315
+ # match: { # required
316
+ # exact: ["SubjectAlternativeName"], # required
317
+ # },
318
+ # },
254
319
  # trust: { # required
255
320
  # acm: {
256
321
  # certificate_authority_arns: ["Arn"], # required
@@ -258,10 +323,18 @@ module Aws::AppMesh
258
323
  # file: {
259
324
  # certificate_chain: "FilePath", # required
260
325
  # },
326
+ # sds: {
327
+ # secret_name: "SdsSecretName", # required
328
+ # },
261
329
  # },
262
330
  # },
263
331
  # }
264
332
  #
333
+ # @!attribute [rw] certificate
334
+ # A reference to an object that represents a client's TLS
335
+ # certificate.
336
+ # @return [Types::ClientTlsCertificate]
337
+ #
265
338
  # @!attribute [rw] enforce
266
339
  # Whether the policy is enforced. The default is `True`, if a value
267
340
  # isn't specified.
@@ -278,6 +351,7 @@ module Aws::AppMesh
278
351
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ClientPolicyTls AWS API Documentation
279
352
  #
280
353
  class ClientPolicyTls < Struct.new(
354
+ :certificate,
281
355
  :enforce,
282
356
  :ports,
283
357
  :validation)
@@ -285,6 +359,46 @@ module Aws::AppMesh
285
359
  include Aws::Structure
286
360
  end
287
361
 
362
+ # An object that represents the client's certificate.
363
+ #
364
+ # @note When making an API call, you may pass ClientTlsCertificate
365
+ # data as a hash:
366
+ #
367
+ # {
368
+ # file: {
369
+ # certificate_chain: "FilePath", # required
370
+ # private_key: "FilePath", # required
371
+ # },
372
+ # sds: {
373
+ # secret_name: "SdsSecretName", # required
374
+ # },
375
+ # }
376
+ #
377
+ # @!attribute [rw] file
378
+ # An object that represents a local file certificate. The certificate
379
+ # must meet specific requirements and you must have proxy
380
+ # authorization enabled. For more information, see [Transport Layer
381
+ # Security (TLS)][1].
382
+ #
383
+ #
384
+ #
385
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites
386
+ # @return [Types::ListenerTlsFileCertificate]
387
+ #
388
+ # @!attribute [rw] sds
389
+ # A reference to an object that represents a client's TLS Secret
390
+ # Discovery Service certificate.
391
+ # @return [Types::ListenerTlsSdsCertificate]
392
+ #
393
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ClientTlsCertificate AWS API Documentation
394
+ #
395
+ class ClientTlsCertificate < Struct.new(
396
+ :file,
397
+ :sds)
398
+ SENSITIVE = []
399
+ include Aws::Structure
400
+ end
401
+
288
402
  # The request contains a client token that was used for a previous
289
403
  # update resource call with different specifications. Try the request
290
404
  # again with a new client token.
@@ -782,9 +896,23 @@ module Aws::AppMesh
782
896
  # backend_defaults: {
783
897
  # client_policy: {
784
898
  # tls: {
899
+ # certificate: {
900
+ # file: {
901
+ # certificate_chain: "FilePath", # required
902
+ # private_key: "FilePath", # required
903
+ # },
904
+ # sds: {
905
+ # secret_name: "VirtualGatewaySdsSecretName", # required
906
+ # },
907
+ # },
785
908
  # enforce: false,
786
909
  # ports: [1],
787
910
  # validation: { # required
911
+ # subject_alternative_names: {
912
+ # match: { # required
913
+ # exact: ["SubjectAlternativeName"], # required
914
+ # },
915
+ # },
788
916
  # trust: { # required
789
917
  # acm: {
790
918
  # certificate_authority_arns: ["Arn"], # required
@@ -792,6 +920,9 @@ module Aws::AppMesh
792
920
  # file: {
793
921
  # certificate_chain: "FilePath", # required
794
922
  # },
923
+ # sds: {
924
+ # secret_name: "VirtualGatewaySdsSecretName", # required
925
+ # },
795
926
  # },
796
927
  # },
797
928
  # },
@@ -833,8 +964,26 @@ module Aws::AppMesh
833
964
  # certificate_chain: "FilePath", # required
834
965
  # private_key: "FilePath", # required
835
966
  # },
967
+ # sds: {
968
+ # secret_name: "VirtualGatewaySdsSecretName", # required
969
+ # },
836
970
  # },
837
971
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
972
+ # validation: {
973
+ # subject_alternative_names: {
974
+ # match: { # required
975
+ # exact: ["SubjectAlternativeName"], # required
976
+ # },
977
+ # },
978
+ # trust: { # required
979
+ # file: {
980
+ # certificate_chain: "FilePath", # required
981
+ # },
982
+ # sds: {
983
+ # secret_name: "VirtualGatewaySdsSecretName", # required
984
+ # },
985
+ # },
986
+ # },
838
987
  # },
839
988
  # },
840
989
  # ],
@@ -937,9 +1086,23 @@ module Aws::AppMesh
937
1086
  # backend_defaults: {
938
1087
  # client_policy: {
939
1088
  # tls: {
1089
+ # certificate: {
1090
+ # file: {
1091
+ # certificate_chain: "FilePath", # required
1092
+ # private_key: "FilePath", # required
1093
+ # },
1094
+ # sds: {
1095
+ # secret_name: "SdsSecretName", # required
1096
+ # },
1097
+ # },
940
1098
  # enforce: false,
941
1099
  # ports: [1],
942
1100
  # validation: { # required
1101
+ # subject_alternative_names: {
1102
+ # match: { # required
1103
+ # exact: ["SubjectAlternativeName"], # required
1104
+ # },
1105
+ # },
943
1106
  # trust: { # required
944
1107
  # acm: {
945
1108
  # certificate_authority_arns: ["Arn"], # required
@@ -947,6 +1110,9 @@ module Aws::AppMesh
947
1110
  # file: {
948
1111
  # certificate_chain: "FilePath", # required
949
1112
  # },
1113
+ # sds: {
1114
+ # secret_name: "SdsSecretName", # required
1115
+ # },
950
1116
  # },
951
1117
  # },
952
1118
  # },
@@ -957,9 +1123,23 @@ module Aws::AppMesh
957
1123
  # virtual_service: {
958
1124
  # client_policy: {
959
1125
  # tls: {
1126
+ # certificate: {
1127
+ # file: {
1128
+ # certificate_chain: "FilePath", # required
1129
+ # private_key: "FilePath", # required
1130
+ # },
1131
+ # sds: {
1132
+ # secret_name: "SdsSecretName", # required
1133
+ # },
1134
+ # },
960
1135
  # enforce: false,
961
1136
  # ports: [1],
962
1137
  # validation: { # required
1138
+ # subject_alternative_names: {
1139
+ # match: { # required
1140
+ # exact: ["SubjectAlternativeName"], # required
1141
+ # },
1142
+ # },
963
1143
  # trust: { # required
964
1144
  # acm: {
965
1145
  # certificate_authority_arns: ["Arn"], # required
@@ -967,6 +1147,9 @@ module Aws::AppMesh
967
1147
  # file: {
968
1148
  # certificate_chain: "FilePath", # required
969
1149
  # },
1150
+ # sds: {
1151
+ # secret_name: "SdsSecretName", # required
1152
+ # },
970
1153
  # },
971
1154
  # },
972
1155
  # },
@@ -1064,8 +1247,26 @@ module Aws::AppMesh
1064
1247
  # certificate_chain: "FilePath", # required
1065
1248
  # private_key: "FilePath", # required
1066
1249
  # },
1250
+ # sds: {
1251
+ # secret_name: "SdsSecretName", # required
1252
+ # },
1067
1253
  # },
1068
1254
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
1255
+ # validation: {
1256
+ # subject_alternative_names: {
1257
+ # match: { # required
1258
+ # exact: ["SubjectAlternativeName"], # required
1259
+ # },
1260
+ # },
1261
+ # trust: { # required
1262
+ # file: {
1263
+ # certificate_chain: "FilePath", # required
1264
+ # },
1265
+ # sds: {
1266
+ # secret_name: "SdsSecretName", # required
1267
+ # },
1268
+ # },
1269
+ # },
1069
1270
  # },
1070
1271
  # },
1071
1272
  # ],
@@ -4240,8 +4441,26 @@ module Aws::AppMesh
4240
4441
  # certificate_chain: "FilePath", # required
4241
4442
  # private_key: "FilePath", # required
4242
4443
  # },
4444
+ # sds: {
4445
+ # secret_name: "SdsSecretName", # required
4446
+ # },
4243
4447
  # },
4244
4448
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
4449
+ # validation: {
4450
+ # subject_alternative_names: {
4451
+ # match: { # required
4452
+ # exact: ["SubjectAlternativeName"], # required
4453
+ # },
4454
+ # },
4455
+ # trust: { # required
4456
+ # file: {
4457
+ # certificate_chain: "FilePath", # required
4458
+ # },
4459
+ # sds: {
4460
+ # secret_name: "SdsSecretName", # required
4461
+ # },
4462
+ # },
4463
+ # },
4245
4464
  # },
4246
4465
  # }
4247
4466
  #
@@ -4369,13 +4588,31 @@ module Aws::AppMesh
4369
4588
  # certificate_chain: "FilePath", # required
4370
4589
  # private_key: "FilePath", # required
4371
4590
  # },
4591
+ # sds: {
4592
+ # secret_name: "SdsSecretName", # required
4593
+ # },
4372
4594
  # },
4373
4595
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
4596
+ # validation: {
4597
+ # subject_alternative_names: {
4598
+ # match: { # required
4599
+ # exact: ["SubjectAlternativeName"], # required
4600
+ # },
4601
+ # },
4602
+ # trust: { # required
4603
+ # file: {
4604
+ # certificate_chain: "FilePath", # required
4605
+ # },
4606
+ # sds: {
4607
+ # secret_name: "SdsSecretName", # required
4608
+ # },
4609
+ # },
4610
+ # },
4374
4611
  # }
4375
4612
  #
4376
4613
  # @!attribute [rw] certificate
4377
- # A reference to an object that represents a listener's TLS
4378
- # certificate.
4614
+ # A reference to an object that represents a listener's Transport
4615
+ # Layer Security (TLS) certificate.
4379
4616
  # @return [Types::ListenerTlsCertificate]
4380
4617
  #
4381
4618
  # @!attribute [rw] mode
@@ -4389,11 +4626,17 @@ module Aws::AppMesh
4389
4626
  # * ****DISABLED – Listener only accepts connections without TLS.
4390
4627
  # @return [String]
4391
4628
  #
4629
+ # @!attribute [rw] validation
4630
+ # A reference to an object that represents a listener's Transport
4631
+ # Layer Security (TLS) validation context.
4632
+ # @return [Types::ListenerTlsValidationContext]
4633
+ #
4392
4634
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTls AWS API Documentation
4393
4635
  #
4394
4636
  class ListenerTls < Struct.new(
4395
4637
  :certificate,
4396
- :mode)
4638
+ :mode,
4639
+ :validation)
4397
4640
  SENSITIVE = []
4398
4641
  include Aws::Structure
4399
4642
  end
@@ -4440,6 +4683,9 @@ module Aws::AppMesh
4440
4683
  # certificate_chain: "FilePath", # required
4441
4684
  # private_key: "FilePath", # required
4442
4685
  # },
4686
+ # sds: {
4687
+ # secret_name: "SdsSecretName", # required
4688
+ # },
4443
4689
  # }
4444
4690
  #
4445
4691
  # @!attribute [rw] acm
@@ -4451,11 +4697,17 @@ module Aws::AppMesh
4451
4697
  # A reference to an object that represents a local file certificate.
4452
4698
  # @return [Types::ListenerTlsFileCertificate]
4453
4699
  #
4700
+ # @!attribute [rw] sds
4701
+ # A reference to an object that represents a listener's Secret
4702
+ # Discovery Service certificate.
4703
+ # @return [Types::ListenerTlsSdsCertificate]
4704
+ #
4454
4705
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsCertificate AWS API Documentation
4455
4706
  #
4456
4707
  class ListenerTlsCertificate < Struct.new(
4457
4708
  :acm,
4458
- :file)
4709
+ :file,
4710
+ :sds)
4459
4711
  SENSITIVE = []
4460
4712
  include Aws::Structure
4461
4713
  end
@@ -4495,6 +4747,113 @@ module Aws::AppMesh
4495
4747
  include Aws::Structure
4496
4748
  end
4497
4749
 
4750
+ # An object that represents the listener's Secret Discovery Service
4751
+ # certificate. The proxy must be configured with a local SDS provider
4752
+ # via a Unix Domain Socket. See App Mesh [TLS documentation][1] for more
4753
+ # info.
4754
+ #
4755
+ #
4756
+ #
4757
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
4758
+ #
4759
+ # @note When making an API call, you may pass ListenerTlsSdsCertificate
4760
+ # data as a hash:
4761
+ #
4762
+ # {
4763
+ # secret_name: "SdsSecretName", # required
4764
+ # }
4765
+ #
4766
+ # @!attribute [rw] secret_name
4767
+ # A reference to an object that represents the name of the secret
4768
+ # requested from the Secret Discovery Service provider representing
4769
+ # Transport Layer Security (TLS) materials like a certificate or
4770
+ # certificate chain.
4771
+ # @return [String]
4772
+ #
4773
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsSdsCertificate AWS API Documentation
4774
+ #
4775
+ class ListenerTlsSdsCertificate < Struct.new(
4776
+ :secret_name)
4777
+ SENSITIVE = []
4778
+ include Aws::Structure
4779
+ end
4780
+
4781
+ # An object that represents a listener's Transport Layer Security (TLS)
4782
+ # validation context.
4783
+ #
4784
+ # @note When making an API call, you may pass ListenerTlsValidationContext
4785
+ # data as a hash:
4786
+ #
4787
+ # {
4788
+ # subject_alternative_names: {
4789
+ # match: { # required
4790
+ # exact: ["SubjectAlternativeName"], # required
4791
+ # },
4792
+ # },
4793
+ # trust: { # required
4794
+ # file: {
4795
+ # certificate_chain: "FilePath", # required
4796
+ # },
4797
+ # sds: {
4798
+ # secret_name: "SdsSecretName", # required
4799
+ # },
4800
+ # },
4801
+ # }
4802
+ #
4803
+ # @!attribute [rw] subject_alternative_names
4804
+ # A reference to an object that represents the SANs for a listener's
4805
+ # Transport Layer Security (TLS) validation context.
4806
+ # @return [Types::SubjectAlternativeNames]
4807
+ #
4808
+ # @!attribute [rw] trust
4809
+ # A reference to where to retrieve the trust chain when validating a
4810
+ # peer’s Transport Layer Security (TLS) certificate.
4811
+ # @return [Types::ListenerTlsValidationContextTrust]
4812
+ #
4813
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsValidationContext AWS API Documentation
4814
+ #
4815
+ class ListenerTlsValidationContext < Struct.new(
4816
+ :subject_alternative_names,
4817
+ :trust)
4818
+ SENSITIVE = []
4819
+ include Aws::Structure
4820
+ end
4821
+
4822
+ # An object that represents a listener's Transport Layer Security (TLS)
4823
+ # validation context trust.
4824
+ #
4825
+ # @note When making an API call, you may pass ListenerTlsValidationContextTrust
4826
+ # data as a hash:
4827
+ #
4828
+ # {
4829
+ # file: {
4830
+ # certificate_chain: "FilePath", # required
4831
+ # },
4832
+ # sds: {
4833
+ # secret_name: "SdsSecretName", # required
4834
+ # },
4835
+ # }
4836
+ #
4837
+ # @!attribute [rw] file
4838
+ # An object that represents a Transport Layer Security (TLS)
4839
+ # validation context trust for a local file.
4840
+ # @return [Types::TlsValidationContextFileTrust]
4841
+ #
4842
+ # @!attribute [rw] sds
4843
+ # A reference to an object that represents a listener's Transport
4844
+ # Layer Security (TLS) Secret Discovery Service validation context
4845
+ # trust.
4846
+ # @return [Types::TlsValidationContextSdsTrust]
4847
+ #
4848
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/ListenerTlsValidationContextTrust AWS API Documentation
4849
+ #
4850
+ class ListenerTlsValidationContextTrust < Struct.new(
4851
+ :file,
4852
+ :sds)
4853
+ SENSITIVE = []
4854
+ include Aws::Structure
4855
+ end
4856
+
4498
4857
  # An object that represents the logging information for a virtual node.
4499
4858
  #
4500
4859
  # @note When making an API call, you may pass Logging
@@ -5227,6 +5586,53 @@ module Aws::AppMesh
5227
5586
  include Aws::Structure
5228
5587
  end
5229
5588
 
5589
+ # An object that represents the methods by which a subject alternative
5590
+ # name on a peer Transport Layer Security (TLS) certificate can be
5591
+ # matched.
5592
+ #
5593
+ # @note When making an API call, you may pass SubjectAlternativeNameMatchers
5594
+ # data as a hash:
5595
+ #
5596
+ # {
5597
+ # exact: ["SubjectAlternativeName"], # required
5598
+ # }
5599
+ #
5600
+ # @!attribute [rw] exact
5601
+ # The values sent must match the specified values exactly.
5602
+ # @return [Array<String>]
5603
+ #
5604
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/SubjectAlternativeNameMatchers AWS API Documentation
5605
+ #
5606
+ class SubjectAlternativeNameMatchers < Struct.new(
5607
+ :exact)
5608
+ SENSITIVE = []
5609
+ include Aws::Structure
5610
+ end
5611
+
5612
+ # An object that represents the subject alternative names secured by the
5613
+ # certificate.
5614
+ #
5615
+ # @note When making an API call, you may pass SubjectAlternativeNames
5616
+ # data as a hash:
5617
+ #
5618
+ # {
5619
+ # match: { # required
5620
+ # exact: ["SubjectAlternativeName"], # required
5621
+ # },
5622
+ # }
5623
+ #
5624
+ # @!attribute [rw] match
5625
+ # An object that represents the criteria for determining a SANs match.
5626
+ # @return [Types::SubjectAlternativeNameMatchers]
5627
+ #
5628
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/SubjectAlternativeNames AWS API Documentation
5629
+ #
5630
+ class SubjectAlternativeNames < Struct.new(
5631
+ :match)
5632
+ SENSITIVE = []
5633
+ include Aws::Structure
5634
+ end
5635
+
5230
5636
  # Optional metadata that you apply to a resource to assist with
5231
5637
  # categorization and organization. Each tag consists of a key and an
5232
5638
  # optional value, both of which you define. Tag keys can have a maximum
@@ -5398,13 +5804,18 @@ module Aws::AppMesh
5398
5804
  include Aws::Structure
5399
5805
  end
5400
5806
 
5401
- # An object that represents a Transport Layer Security (TLS) validation
5402
- # context.
5807
+ # An object that represents how the proxy will validate its peer during
5808
+ # Transport Layer Security (TLS) negotiation.
5403
5809
  #
5404
5810
  # @note When making an API call, you may pass TlsValidationContext
5405
5811
  # data as a hash:
5406
5812
  #
5407
5813
  # {
5814
+ # subject_alternative_names: {
5815
+ # match: { # required
5816
+ # exact: ["SubjectAlternativeName"], # required
5817
+ # },
5818
+ # },
5408
5819
  # trust: { # required
5409
5820
  # acm: {
5410
5821
  # certificate_authority_arns: ["Arn"], # required
@@ -5412,24 +5823,33 @@ module Aws::AppMesh
5412
5823
  # file: {
5413
5824
  # certificate_chain: "FilePath", # required
5414
5825
  # },
5826
+ # sds: {
5827
+ # secret_name: "SdsSecretName", # required
5828
+ # },
5415
5829
  # },
5416
5830
  # }
5417
5831
  #
5832
+ # @!attribute [rw] subject_alternative_names
5833
+ # A reference to an object that represents the SANs for a Transport
5834
+ # Layer Security (TLS) validation context.
5835
+ # @return [Types::SubjectAlternativeNames]
5836
+ #
5418
5837
  # @!attribute [rw] trust
5419
- # A reference to an object that represents a TLS validation context
5420
- # trust.
5838
+ # A reference to where to retrieve the trust chain when validating a
5839
+ # peer’s Transport Layer Security (TLS) certificate.
5421
5840
  # @return [Types::TlsValidationContextTrust]
5422
5841
  #
5423
5842
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/TlsValidationContext AWS API Documentation
5424
5843
  #
5425
5844
  class TlsValidationContext < Struct.new(
5845
+ :subject_alternative_names,
5426
5846
  :trust)
5427
5847
  SENSITIVE = []
5428
5848
  include Aws::Structure
5429
5849
  end
5430
5850
 
5431
- # An object that represents a TLS validation context trust for an AWS
5432
- # Certicate Manager (ACM) certificate.
5851
+ # An object that represents a Transport Layer Security (TLS) validation
5852
+ # context trust for an AWS Certicate Manager (ACM) certificate.
5433
5853
  #
5434
5854
  # @note When making an API call, you may pass TlsValidationContextAcmTrust
5435
5855
  # data as a hash:
@@ -5473,36 +5893,76 @@ module Aws::AppMesh
5473
5893
  include Aws::Structure
5474
5894
  end
5475
5895
 
5476
- # An object that represents a Transport Layer Security (TLS) validation
5477
- # context trust.
5896
+ # An object that represents a Transport Layer Security (TLS) Secret
5897
+ # Discovery Service validation context trust. The proxy must be
5898
+ # configured with a local SDS provider via a Unix Domain Socket. See App
5899
+ # Mesh [TLS documentation][1] for more info.
5478
5900
  #
5479
- # @note When making an API call, you may pass TlsValidationContextTrust
5901
+ #
5902
+ #
5903
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
5904
+ #
5905
+ # @note When making an API call, you may pass TlsValidationContextSdsTrust
5480
5906
  # data as a hash:
5481
5907
  #
5482
5908
  # {
5483
- # acm: {
5484
- # certificate_authority_arns: ["Arn"], # required
5485
- # },
5486
- # file: {
5487
- # certificate_chain: "FilePath", # required
5488
- # },
5909
+ # secret_name: "SdsSecretName", # required
5910
+ # }
5911
+ #
5912
+ # @!attribute [rw] secret_name
5913
+ # A reference to an object that represents the name of the secret for
5914
+ # a Transport Layer Security (TLS) Secret Discovery Service validation
5915
+ # context trust.
5916
+ # @return [String]
5917
+ #
5918
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/TlsValidationContextSdsTrust AWS API Documentation
5919
+ #
5920
+ class TlsValidationContextSdsTrust < Struct.new(
5921
+ :secret_name)
5922
+ SENSITIVE = []
5923
+ include Aws::Structure
5924
+ end
5925
+
5926
+ # An object that represents a Transport Layer Security (TLS) validation
5927
+ # context trust.
5928
+ #
5929
+ # @note When making an API call, you may pass TlsValidationContextTrust
5930
+ # data as a hash:
5931
+ #
5932
+ # {
5933
+ # acm: {
5934
+ # certificate_authority_arns: ["Arn"], # required
5935
+ # },
5936
+ # file: {
5937
+ # certificate_chain: "FilePath", # required
5938
+ # },
5939
+ # sds: {
5940
+ # secret_name: "SdsSecretName", # required
5941
+ # },
5489
5942
  # }
5490
5943
  #
5491
5944
  # @!attribute [rw] acm
5492
- # A reference to an object that represents a TLS validation context
5493
- # trust for an AWS Certicate Manager (ACM) certificate.
5945
+ # A reference to an object that represents a Transport Layer Security
5946
+ # (TLS) validation context trust for an AWS Certicate Manager (ACM)
5947
+ # certificate.
5494
5948
  # @return [Types::TlsValidationContextAcmTrust]
5495
5949
  #
5496
5950
  # @!attribute [rw] file
5497
- # An object that represents a TLS validation context trust for a local
5498
- # file.
5951
+ # An object that represents a Transport Layer Security (TLS)
5952
+ # validation context trust for a local file.
5499
5953
  # @return [Types::TlsValidationContextFileTrust]
5500
5954
  #
5955
+ # @!attribute [rw] sds
5956
+ # A reference to an object that represents a Transport Layer Security
5957
+ # (TLS) Secret Discovery Service validation context trust.
5958
+ # @return [Types::TlsValidationContextSdsTrust]
5959
+ #
5501
5960
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/TlsValidationContextTrust AWS API Documentation
5502
5961
  #
5503
5962
  class TlsValidationContextTrust < Struct.new(
5504
5963
  :acm,
5505
- :file)
5964
+ :file,
5965
+ :sds)
5506
5966
  SENSITIVE = []
5507
5967
  include Aws::Structure
5508
5968
  end
@@ -6009,9 +6469,23 @@ module Aws::AppMesh
6009
6469
  # backend_defaults: {
6010
6470
  # client_policy: {
6011
6471
  # tls: {
6472
+ # certificate: {
6473
+ # file: {
6474
+ # certificate_chain: "FilePath", # required
6475
+ # private_key: "FilePath", # required
6476
+ # },
6477
+ # sds: {
6478
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6479
+ # },
6480
+ # },
6012
6481
  # enforce: false,
6013
6482
  # ports: [1],
6014
6483
  # validation: { # required
6484
+ # subject_alternative_names: {
6485
+ # match: { # required
6486
+ # exact: ["SubjectAlternativeName"], # required
6487
+ # },
6488
+ # },
6015
6489
  # trust: { # required
6016
6490
  # acm: {
6017
6491
  # certificate_authority_arns: ["Arn"], # required
@@ -6019,6 +6493,9 @@ module Aws::AppMesh
6019
6493
  # file: {
6020
6494
  # certificate_chain: "FilePath", # required
6021
6495
  # },
6496
+ # sds: {
6497
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6498
+ # },
6022
6499
  # },
6023
6500
  # },
6024
6501
  # },
@@ -6060,8 +6537,26 @@ module Aws::AppMesh
6060
6537
  # certificate_chain: "FilePath", # required
6061
6538
  # private_key: "FilePath", # required
6062
6539
  # },
6540
+ # sds: {
6541
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6542
+ # },
6063
6543
  # },
6064
6544
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
6545
+ # validation: {
6546
+ # subject_alternative_names: {
6547
+ # match: { # required
6548
+ # exact: ["SubjectAlternativeName"], # required
6549
+ # },
6550
+ # },
6551
+ # trust: { # required
6552
+ # file: {
6553
+ # certificate_chain: "FilePath", # required
6554
+ # },
6555
+ # sds: {
6556
+ # secret_name: "VirtualGatewaySdsSecretName", # required
6557
+ # },
6558
+ # },
6559
+ # },
6065
6560
  # },
6066
6561
  # },
6067
6562
  # ],
@@ -6148,9 +6643,23 @@ module Aws::AppMesh
6148
6643
  # backend_defaults: {
6149
6644
  # client_policy: {
6150
6645
  # tls: {
6646
+ # certificate: {
6647
+ # file: {
6648
+ # certificate_chain: "FilePath", # required
6649
+ # private_key: "FilePath", # required
6650
+ # },
6651
+ # sds: {
6652
+ # secret_name: "SdsSecretName", # required
6653
+ # },
6654
+ # },
6151
6655
  # enforce: false,
6152
6656
  # ports: [1],
6153
6657
  # validation: { # required
6658
+ # subject_alternative_names: {
6659
+ # match: { # required
6660
+ # exact: ["SubjectAlternativeName"], # required
6661
+ # },
6662
+ # },
6154
6663
  # trust: { # required
6155
6664
  # acm: {
6156
6665
  # certificate_authority_arns: ["Arn"], # required
@@ -6158,6 +6667,9 @@ module Aws::AppMesh
6158
6667
  # file: {
6159
6668
  # certificate_chain: "FilePath", # required
6160
6669
  # },
6670
+ # sds: {
6671
+ # secret_name: "SdsSecretName", # required
6672
+ # },
6161
6673
  # },
6162
6674
  # },
6163
6675
  # },
@@ -6168,9 +6680,23 @@ module Aws::AppMesh
6168
6680
  # virtual_service: {
6169
6681
  # client_policy: {
6170
6682
  # tls: {
6683
+ # certificate: {
6684
+ # file: {
6685
+ # certificate_chain: "FilePath", # required
6686
+ # private_key: "FilePath", # required
6687
+ # },
6688
+ # sds: {
6689
+ # secret_name: "SdsSecretName", # required
6690
+ # },
6691
+ # },
6171
6692
  # enforce: false,
6172
6693
  # ports: [1],
6173
6694
  # validation: { # required
6695
+ # subject_alternative_names: {
6696
+ # match: { # required
6697
+ # exact: ["SubjectAlternativeName"], # required
6698
+ # },
6699
+ # },
6174
6700
  # trust: { # required
6175
6701
  # acm: {
6176
6702
  # certificate_authority_arns: ["Arn"], # required
@@ -6178,6 +6704,9 @@ module Aws::AppMesh
6178
6704
  # file: {
6179
6705
  # certificate_chain: "FilePath", # required
6180
6706
  # },
6707
+ # sds: {
6708
+ # secret_name: "SdsSecretName", # required
6709
+ # },
6181
6710
  # },
6182
6711
  # },
6183
6712
  # },
@@ -6275,8 +6804,26 @@ module Aws::AppMesh
6275
6804
  # certificate_chain: "FilePath", # required
6276
6805
  # private_key: "FilePath", # required
6277
6806
  # },
6807
+ # sds: {
6808
+ # secret_name: "SdsSecretName", # required
6809
+ # },
6278
6810
  # },
6279
6811
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
6812
+ # validation: {
6813
+ # subject_alternative_names: {
6814
+ # match: { # required
6815
+ # exact: ["SubjectAlternativeName"], # required
6816
+ # },
6817
+ # },
6818
+ # trust: { # required
6819
+ # file: {
6820
+ # certificate_chain: "FilePath", # required
6821
+ # },
6822
+ # sds: {
6823
+ # secret_name: "SdsSecretName", # required
6824
+ # },
6825
+ # },
6826
+ # },
6280
6827
  # },
6281
6828
  # },
6282
6829
  # ],
@@ -6568,9 +7115,23 @@ module Aws::AppMesh
6568
7115
  # {
6569
7116
  # client_policy: {
6570
7117
  # tls: {
7118
+ # certificate: {
7119
+ # file: {
7120
+ # certificate_chain: "FilePath", # required
7121
+ # private_key: "FilePath", # required
7122
+ # },
7123
+ # sds: {
7124
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7125
+ # },
7126
+ # },
6571
7127
  # enforce: false,
6572
7128
  # ports: [1],
6573
7129
  # validation: { # required
7130
+ # subject_alternative_names: {
7131
+ # match: { # required
7132
+ # exact: ["SubjectAlternativeName"], # required
7133
+ # },
7134
+ # },
6574
7135
  # trust: { # required
6575
7136
  # acm: {
6576
7137
  # certificate_authority_arns: ["Arn"], # required
@@ -6578,6 +7139,9 @@ module Aws::AppMesh
6578
7139
  # file: {
6579
7140
  # certificate_chain: "FilePath", # required
6580
7141
  # },
7142
+ # sds: {
7143
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7144
+ # },
6581
7145
  # },
6582
7146
  # },
6583
7147
  # },
@@ -6603,9 +7167,23 @@ module Aws::AppMesh
6603
7167
  #
6604
7168
  # {
6605
7169
  # tls: {
7170
+ # certificate: {
7171
+ # file: {
7172
+ # certificate_chain: "FilePath", # required
7173
+ # private_key: "FilePath", # required
7174
+ # },
7175
+ # sds: {
7176
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7177
+ # },
7178
+ # },
6606
7179
  # enforce: false,
6607
7180
  # ports: [1],
6608
7181
  # validation: { # required
7182
+ # subject_alternative_names: {
7183
+ # match: { # required
7184
+ # exact: ["SubjectAlternativeName"], # required
7185
+ # },
7186
+ # },
6609
7187
  # trust: { # required
6610
7188
  # acm: {
6611
7189
  # certificate_authority_arns: ["Arn"], # required
@@ -6613,6 +7191,9 @@ module Aws::AppMesh
6613
7191
  # file: {
6614
7192
  # certificate_chain: "FilePath", # required
6615
7193
  # },
7194
+ # sds: {
7195
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7196
+ # },
6616
7197
  # },
6617
7198
  # },
6618
7199
  # },
@@ -6638,9 +7219,23 @@ module Aws::AppMesh
6638
7219
  # data as a hash:
6639
7220
  #
6640
7221
  # {
7222
+ # certificate: {
7223
+ # file: {
7224
+ # certificate_chain: "FilePath", # required
7225
+ # private_key: "FilePath", # required
7226
+ # },
7227
+ # sds: {
7228
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7229
+ # },
7230
+ # },
6641
7231
  # enforce: false,
6642
7232
  # ports: [1],
6643
7233
  # validation: { # required
7234
+ # subject_alternative_names: {
7235
+ # match: { # required
7236
+ # exact: ["SubjectAlternativeName"], # required
7237
+ # },
7238
+ # },
6644
7239
  # trust: { # required
6645
7240
  # acm: {
6646
7241
  # certificate_authority_arns: ["Arn"], # required
@@ -6648,10 +7243,18 @@ module Aws::AppMesh
6648
7243
  # file: {
6649
7244
  # certificate_chain: "FilePath", # required
6650
7245
  # },
7246
+ # sds: {
7247
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7248
+ # },
6651
7249
  # },
6652
7250
  # },
6653
7251
  # }
6654
7252
  #
7253
+ # @!attribute [rw] certificate
7254
+ # A reference to an object that represents a virtual gateway's
7255
+ # client's Transport Layer Security (TLS) certificate.
7256
+ # @return [Types::VirtualGatewayClientTlsCertificate]
7257
+ #
6655
7258
  # @!attribute [rw] enforce
6656
7259
  # Whether the policy is enforced. The default is `True`, if a value
6657
7260
  # isn't specified.
@@ -6662,12 +7265,14 @@ module Aws::AppMesh
6662
7265
  # @return [Array<Integer>]
6663
7266
  #
6664
7267
  # @!attribute [rw] validation
6665
- # A reference to an object that represents a TLS validation context.
7268
+ # A reference to an object that represents a Transport Layer Security
7269
+ # (TLS) validation context.
6666
7270
  # @return [Types::VirtualGatewayTlsValidationContext]
6667
7271
  #
6668
7272
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayClientPolicyTls AWS API Documentation
6669
7273
  #
6670
7274
  class VirtualGatewayClientPolicyTls < Struct.new(
7275
+ :certificate,
6671
7276
  :enforce,
6672
7277
  :ports,
6673
7278
  :validation)
@@ -6675,6 +7280,47 @@ module Aws::AppMesh
6675
7280
  include Aws::Structure
6676
7281
  end
6677
7282
 
7283
+ # An object that represents the virtual gateway's client's Transport
7284
+ # Layer Security (TLS) certificate.
7285
+ #
7286
+ # @note When making an API call, you may pass VirtualGatewayClientTlsCertificate
7287
+ # data as a hash:
7288
+ #
7289
+ # {
7290
+ # file: {
7291
+ # certificate_chain: "FilePath", # required
7292
+ # private_key: "FilePath", # required
7293
+ # },
7294
+ # sds: {
7295
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7296
+ # },
7297
+ # }
7298
+ #
7299
+ # @!attribute [rw] file
7300
+ # An object that represents a local file certificate. The certificate
7301
+ # must meet specific requirements and you must have proxy
7302
+ # authorization enabled. For more information, see [Transport Layer
7303
+ # Security (TLS)][1].
7304
+ #
7305
+ #
7306
+ #
7307
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites
7308
+ # @return [Types::VirtualGatewayListenerTlsFileCertificate]
7309
+ #
7310
+ # @!attribute [rw] sds
7311
+ # A reference to an object that represents a virtual gateway's
7312
+ # client's Secret Discovery Service certificate.
7313
+ # @return [Types::VirtualGatewayListenerTlsSdsCertificate]
7314
+ #
7315
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayClientTlsCertificate AWS API Documentation
7316
+ #
7317
+ class VirtualGatewayClientTlsCertificate < Struct.new(
7318
+ :file,
7319
+ :sds)
7320
+ SENSITIVE = []
7321
+ include Aws::Structure
7322
+ end
7323
+
6678
7324
  # An object that represents the type of virtual gateway connection pool.
6679
7325
  #
6680
7326
  # Only one protocol is used at a time and should be the same protocol as
@@ -6965,8 +7611,26 @@ module Aws::AppMesh
6965
7611
  # certificate_chain: "FilePath", # required
6966
7612
  # private_key: "FilePath", # required
6967
7613
  # },
7614
+ # sds: {
7615
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7616
+ # },
6968
7617
  # },
6969
7618
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
7619
+ # validation: {
7620
+ # subject_alternative_names: {
7621
+ # match: { # required
7622
+ # exact: ["SubjectAlternativeName"], # required
7623
+ # },
7624
+ # },
7625
+ # trust: { # required
7626
+ # file: {
7627
+ # certificate_chain: "FilePath", # required
7628
+ # },
7629
+ # sds: {
7630
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7631
+ # },
7632
+ # },
7633
+ # },
6970
7634
  # },
6971
7635
  # }
6972
7636
  #
@@ -7013,8 +7677,26 @@ module Aws::AppMesh
7013
7677
  # certificate_chain: "FilePath", # required
7014
7678
  # private_key: "FilePath", # required
7015
7679
  # },
7680
+ # sds: {
7681
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7682
+ # },
7016
7683
  # },
7017
7684
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
7685
+ # validation: {
7686
+ # subject_alternative_names: {
7687
+ # match: { # required
7688
+ # exact: ["SubjectAlternativeName"], # required
7689
+ # },
7690
+ # },
7691
+ # trust: { # required
7692
+ # file: {
7693
+ # certificate_chain: "FilePath", # required
7694
+ # },
7695
+ # sds: {
7696
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7697
+ # },
7698
+ # },
7699
+ # },
7018
7700
  # }
7019
7701
  #
7020
7702
  # @!attribute [rw] certificate
@@ -7033,11 +7715,17 @@ module Aws::AppMesh
7033
7715
  # * ****DISABLED – Listener only accepts connections without TLS.
7034
7716
  # @return [String]
7035
7717
  #
7718
+ # @!attribute [rw] validation
7719
+ # A reference to an object that represents a virtual gateway's
7720
+ # listener's Transport Layer Security (TLS) validation context.
7721
+ # @return [Types::VirtualGatewayListenerTlsValidationContext]
7722
+ #
7036
7723
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTls AWS API Documentation
7037
7724
  #
7038
7725
  class VirtualGatewayListenerTls < Struct.new(
7039
7726
  :certificate,
7040
- :mode)
7727
+ :mode,
7728
+ :validation)
7041
7729
  SENSITIVE = []
7042
7730
  include Aws::Structure
7043
7731
  end
@@ -7084,6 +7772,9 @@ module Aws::AppMesh
7084
7772
  # certificate_chain: "FilePath", # required
7085
7773
  # private_key: "FilePath", # required
7086
7774
  # },
7775
+ # sds: {
7776
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7777
+ # },
7087
7778
  # }
7088
7779
  #
7089
7780
  # @!attribute [rw] acm
@@ -7095,11 +7786,17 @@ module Aws::AppMesh
7095
7786
  # A reference to an object that represents a local file certificate.
7096
7787
  # @return [Types::VirtualGatewayListenerTlsFileCertificate]
7097
7788
  #
7789
+ # @!attribute [rw] sds
7790
+ # A reference to an object that represents a virtual gateway's
7791
+ # listener's Secret Discovery Service certificate.
7792
+ # @return [Types::VirtualGatewayListenerTlsSdsCertificate]
7793
+ #
7098
7794
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsCertificate AWS API Documentation
7099
7795
  #
7100
7796
  class VirtualGatewayListenerTlsCertificate < Struct.new(
7101
7797
  :acm,
7102
- :file)
7798
+ :file,
7799
+ :sds)
7103
7800
  SENSITIVE = []
7104
7801
  include Aws::Structure
7105
7802
  end
@@ -7139,6 +7836,114 @@ module Aws::AppMesh
7139
7836
  include Aws::Structure
7140
7837
  end
7141
7838
 
7839
+ # An object that represents the virtual gateway's listener's Secret
7840
+ # Discovery Service certificate.The proxy must be configured with a
7841
+ # local SDS provider via a Unix Domain Socket. See App Mesh [TLS
7842
+ # documentation][1] for more info.
7843
+ #
7844
+ #
7845
+ #
7846
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
7847
+ #
7848
+ # @note When making an API call, you may pass VirtualGatewayListenerTlsSdsCertificate
7849
+ # data as a hash:
7850
+ #
7851
+ # {
7852
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7853
+ # }
7854
+ #
7855
+ # @!attribute [rw] secret_name
7856
+ # A reference to an object that represents the name of the secret
7857
+ # secret requested from the Secret Discovery Service provider
7858
+ # representing Transport Layer Security (TLS) materials like a
7859
+ # certificate or certificate chain.
7860
+ # @return [String]
7861
+ #
7862
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsSdsCertificate AWS API Documentation
7863
+ #
7864
+ class VirtualGatewayListenerTlsSdsCertificate < Struct.new(
7865
+ :secret_name)
7866
+ SENSITIVE = []
7867
+ include Aws::Structure
7868
+ end
7869
+
7870
+ # An object that represents a virtual gateway's listener's Transport
7871
+ # Layer Security (TLS) validation context.
7872
+ #
7873
+ # @note When making an API call, you may pass VirtualGatewayListenerTlsValidationContext
7874
+ # data as a hash:
7875
+ #
7876
+ # {
7877
+ # subject_alternative_names: {
7878
+ # match: { # required
7879
+ # exact: ["SubjectAlternativeName"], # required
7880
+ # },
7881
+ # },
7882
+ # trust: { # required
7883
+ # file: {
7884
+ # certificate_chain: "FilePath", # required
7885
+ # },
7886
+ # sds: {
7887
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7888
+ # },
7889
+ # },
7890
+ # }
7891
+ #
7892
+ # @!attribute [rw] subject_alternative_names
7893
+ # A reference to an object that represents the SANs for a virtual
7894
+ # gateway listener's Transport Layer Security (TLS) validation
7895
+ # context.
7896
+ # @return [Types::SubjectAlternativeNames]
7897
+ #
7898
+ # @!attribute [rw] trust
7899
+ # A reference to where to retrieve the trust chain when validating a
7900
+ # peer’s Transport Layer Security (TLS) certificate.
7901
+ # @return [Types::VirtualGatewayListenerTlsValidationContextTrust]
7902
+ #
7903
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsValidationContext AWS API Documentation
7904
+ #
7905
+ class VirtualGatewayListenerTlsValidationContext < Struct.new(
7906
+ :subject_alternative_names,
7907
+ :trust)
7908
+ SENSITIVE = []
7909
+ include Aws::Structure
7910
+ end
7911
+
7912
+ # An object that represents a virtual gateway's listener's Transport
7913
+ # Layer Security (TLS) validation context trust.
7914
+ #
7915
+ # @note When making an API call, you may pass VirtualGatewayListenerTlsValidationContextTrust
7916
+ # data as a hash:
7917
+ #
7918
+ # {
7919
+ # file: {
7920
+ # certificate_chain: "FilePath", # required
7921
+ # },
7922
+ # sds: {
7923
+ # secret_name: "VirtualGatewaySdsSecretName", # required
7924
+ # },
7925
+ # }
7926
+ #
7927
+ # @!attribute [rw] file
7928
+ # An object that represents a Transport Layer Security (TLS)
7929
+ # validation context trust for a local file.
7930
+ # @return [Types::VirtualGatewayTlsValidationContextFileTrust]
7931
+ #
7932
+ # @!attribute [rw] sds
7933
+ # A reference to an object that represents a virtual gateway's
7934
+ # listener's Transport Layer Security (TLS) Secret Discovery Service
7935
+ # validation context trust.
7936
+ # @return [Types::VirtualGatewayTlsValidationContextSdsTrust]
7937
+ #
7938
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayListenerTlsValidationContextTrust AWS API Documentation
7939
+ #
7940
+ class VirtualGatewayListenerTlsValidationContextTrust < Struct.new(
7941
+ :file,
7942
+ :sds)
7943
+ SENSITIVE = []
7944
+ include Aws::Structure
7945
+ end
7946
+
7142
7947
  # An object that represents logging information.
7143
7948
  #
7144
7949
  # @note When making an API call, you may pass VirtualGatewayLogging
@@ -7268,9 +8073,23 @@ module Aws::AppMesh
7268
8073
  # backend_defaults: {
7269
8074
  # client_policy: {
7270
8075
  # tls: {
8076
+ # certificate: {
8077
+ # file: {
8078
+ # certificate_chain: "FilePath", # required
8079
+ # private_key: "FilePath", # required
8080
+ # },
8081
+ # sds: {
8082
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8083
+ # },
8084
+ # },
7271
8085
  # enforce: false,
7272
8086
  # ports: [1],
7273
8087
  # validation: { # required
8088
+ # subject_alternative_names: {
8089
+ # match: { # required
8090
+ # exact: ["SubjectAlternativeName"], # required
8091
+ # },
8092
+ # },
7274
8093
  # trust: { # required
7275
8094
  # acm: {
7276
8095
  # certificate_authority_arns: ["Arn"], # required
@@ -7278,6 +8097,9 @@ module Aws::AppMesh
7278
8097
  # file: {
7279
8098
  # certificate_chain: "FilePath", # required
7280
8099
  # },
8100
+ # sds: {
8101
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8102
+ # },
7281
8103
  # },
7282
8104
  # },
7283
8105
  # },
@@ -7319,8 +8141,26 @@ module Aws::AppMesh
7319
8141
  # certificate_chain: "FilePath", # required
7320
8142
  # private_key: "FilePath", # required
7321
8143
  # },
8144
+ # sds: {
8145
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8146
+ # },
7322
8147
  # },
7323
8148
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
8149
+ # validation: {
8150
+ # subject_alternative_names: {
8151
+ # match: { # required
8152
+ # exact: ["SubjectAlternativeName"], # required
8153
+ # },
8154
+ # },
8155
+ # trust: { # required
8156
+ # file: {
8157
+ # certificate_chain: "FilePath", # required
8158
+ # },
8159
+ # sds: {
8160
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8161
+ # },
8162
+ # },
8163
+ # },
7324
8164
  # },
7325
8165
  # },
7326
8166
  # ],
@@ -7377,6 +8217,11 @@ module Aws::AppMesh
7377
8217
  # data as a hash:
7378
8218
  #
7379
8219
  # {
8220
+ # subject_alternative_names: {
8221
+ # match: { # required
8222
+ # exact: ["SubjectAlternativeName"], # required
8223
+ # },
8224
+ # },
7380
8225
  # trust: { # required
7381
8226
  # acm: {
7382
8227
  # certificate_authority_arns: ["Arn"], # required
@@ -7384,24 +8229,34 @@ module Aws::AppMesh
7384
8229
  # file: {
7385
8230
  # certificate_chain: "FilePath", # required
7386
8231
  # },
8232
+ # sds: {
8233
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8234
+ # },
7387
8235
  # },
7388
8236
  # }
7389
8237
  #
8238
+ # @!attribute [rw] subject_alternative_names
8239
+ # A reference to an object that represents the SANs for a virtual
8240
+ # gateway's listener's Transport Layer Security (TLS) validation
8241
+ # context.
8242
+ # @return [Types::SubjectAlternativeNames]
8243
+ #
7390
8244
  # @!attribute [rw] trust
7391
- # A reference to an object that represents a TLS validation context
7392
- # trust.
8245
+ # A reference to where to retrieve the trust chain when validating a
8246
+ # peer’s Transport Layer Security (TLS) certificate.
7393
8247
  # @return [Types::VirtualGatewayTlsValidationContextTrust]
7394
8248
  #
7395
8249
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayTlsValidationContext AWS API Documentation
7396
8250
  #
7397
8251
  class VirtualGatewayTlsValidationContext < Struct.new(
8252
+ :subject_alternative_names,
7398
8253
  :trust)
7399
8254
  SENSITIVE = []
7400
8255
  include Aws::Structure
7401
8256
  end
7402
8257
 
7403
- # An object that represents a TLS validation context trust for an AWS
7404
- # Certicate Manager (ACM) certificate.
8258
+ # An object that represents a Transport Layer Security (TLS) validation
8259
+ # context trust for an AWS Certicate Manager (ACM) certificate.
7405
8260
  #
7406
8261
  # @note When making an API call, you may pass VirtualGatewayTlsValidationContextAcmTrust
7407
8262
  # data as a hash:
@@ -7445,6 +8300,36 @@ module Aws::AppMesh
7445
8300
  include Aws::Structure
7446
8301
  end
7447
8302
 
8303
+ # An object that represents a virtual gateway's listener's Transport
8304
+ # Layer Security (TLS) Secret Discovery Service validation context
8305
+ # trust. The proxy must be configured with a local SDS provider via a
8306
+ # Unix Domain Socket. See App Mesh [TLS documentation][1] for more info.
8307
+ #
8308
+ #
8309
+ #
8310
+ # [1]: https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html
8311
+ #
8312
+ # @note When making an API call, you may pass VirtualGatewayTlsValidationContextSdsTrust
8313
+ # data as a hash:
8314
+ #
8315
+ # {
8316
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8317
+ # }
8318
+ #
8319
+ # @!attribute [rw] secret_name
8320
+ # A reference to an object that represents the name of the secret for
8321
+ # a virtual gateway's Transport Layer Security (TLS) Secret Discovery
8322
+ # Service validation context trust.
8323
+ # @return [String]
8324
+ #
8325
+ # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayTlsValidationContextSdsTrust AWS API Documentation
8326
+ #
8327
+ class VirtualGatewayTlsValidationContextSdsTrust < Struct.new(
8328
+ :secret_name)
8329
+ SENSITIVE = []
8330
+ include Aws::Structure
8331
+ end
8332
+
7448
8333
  # An object that represents a Transport Layer Security (TLS) validation
7449
8334
  # context trust.
7450
8335
  #
@@ -7458,23 +8343,34 @@ module Aws::AppMesh
7458
8343
  # file: {
7459
8344
  # certificate_chain: "FilePath", # required
7460
8345
  # },
8346
+ # sds: {
8347
+ # secret_name: "VirtualGatewaySdsSecretName", # required
8348
+ # },
7461
8349
  # }
7462
8350
  #
7463
8351
  # @!attribute [rw] acm
7464
- # A reference to an object that represents a TLS validation context
7465
- # trust for an AWS Certicate Manager (ACM) certificate.
8352
+ # A reference to an object that represents a Transport Layer Security
8353
+ # (TLS) validation context trust for an AWS Certicate Manager (ACM)
8354
+ # certificate.
7466
8355
  # @return [Types::VirtualGatewayTlsValidationContextAcmTrust]
7467
8356
  #
7468
8357
  # @!attribute [rw] file
7469
- # An object that represents a TLS validation context trust for a local
7470
- # file.
8358
+ # An object that represents a Transport Layer Security (TLS)
8359
+ # validation context trust for a local file.
7471
8360
  # @return [Types::VirtualGatewayTlsValidationContextFileTrust]
7472
8361
  #
8362
+ # @!attribute [rw] sds
8363
+ # A reference to an object that represents a virtual gateway's
8364
+ # Transport Layer Security (TLS) Secret Discovery Service validation
8365
+ # context trust.
8366
+ # @return [Types::VirtualGatewayTlsValidationContextSdsTrust]
8367
+ #
7473
8368
  # @see http://docs.aws.amazon.com/goto/WebAPI/appmesh-2019-01-25/VirtualGatewayTlsValidationContextTrust AWS API Documentation
7474
8369
  #
7475
8370
  class VirtualGatewayTlsValidationContextTrust < Struct.new(
7476
8371
  :acm,
7477
- :file)
8372
+ :file,
8373
+ :sds)
7478
8374
  SENSITIVE = []
7479
8375
  include Aws::Structure
7480
8376
  end
@@ -7737,9 +8633,23 @@ module Aws::AppMesh
7737
8633
  # backend_defaults: {
7738
8634
  # client_policy: {
7739
8635
  # tls: {
8636
+ # certificate: {
8637
+ # file: {
8638
+ # certificate_chain: "FilePath", # required
8639
+ # private_key: "FilePath", # required
8640
+ # },
8641
+ # sds: {
8642
+ # secret_name: "SdsSecretName", # required
8643
+ # },
8644
+ # },
7740
8645
  # enforce: false,
7741
8646
  # ports: [1],
7742
8647
  # validation: { # required
8648
+ # subject_alternative_names: {
8649
+ # match: { # required
8650
+ # exact: ["SubjectAlternativeName"], # required
8651
+ # },
8652
+ # },
7743
8653
  # trust: { # required
7744
8654
  # acm: {
7745
8655
  # certificate_authority_arns: ["Arn"], # required
@@ -7747,6 +8657,9 @@ module Aws::AppMesh
7747
8657
  # file: {
7748
8658
  # certificate_chain: "FilePath", # required
7749
8659
  # },
8660
+ # sds: {
8661
+ # secret_name: "SdsSecretName", # required
8662
+ # },
7750
8663
  # },
7751
8664
  # },
7752
8665
  # },
@@ -7757,9 +8670,23 @@ module Aws::AppMesh
7757
8670
  # virtual_service: {
7758
8671
  # client_policy: {
7759
8672
  # tls: {
8673
+ # certificate: {
8674
+ # file: {
8675
+ # certificate_chain: "FilePath", # required
8676
+ # private_key: "FilePath", # required
8677
+ # },
8678
+ # sds: {
8679
+ # secret_name: "SdsSecretName", # required
8680
+ # },
8681
+ # },
7760
8682
  # enforce: false,
7761
8683
  # ports: [1],
7762
8684
  # validation: { # required
8685
+ # subject_alternative_names: {
8686
+ # match: { # required
8687
+ # exact: ["SubjectAlternativeName"], # required
8688
+ # },
8689
+ # },
7763
8690
  # trust: { # required
7764
8691
  # acm: {
7765
8692
  # certificate_authority_arns: ["Arn"], # required
@@ -7767,6 +8694,9 @@ module Aws::AppMesh
7767
8694
  # file: {
7768
8695
  # certificate_chain: "FilePath", # required
7769
8696
  # },
8697
+ # sds: {
8698
+ # secret_name: "SdsSecretName", # required
8699
+ # },
7770
8700
  # },
7771
8701
  # },
7772
8702
  # },
@@ -7864,8 +8794,26 @@ module Aws::AppMesh
7864
8794
  # certificate_chain: "FilePath", # required
7865
8795
  # private_key: "FilePath", # required
7866
8796
  # },
8797
+ # sds: {
8798
+ # secret_name: "SdsSecretName", # required
8799
+ # },
7867
8800
  # },
7868
8801
  # mode: "STRICT", # required, accepts STRICT, PERMISSIVE, DISABLED
8802
+ # validation: {
8803
+ # subject_alternative_names: {
8804
+ # match: { # required
8805
+ # exact: ["SubjectAlternativeName"], # required
8806
+ # },
8807
+ # },
8808
+ # trust: { # required
8809
+ # file: {
8810
+ # certificate_chain: "FilePath", # required
8811
+ # },
8812
+ # sds: {
8813
+ # secret_name: "SdsSecretName", # required
8814
+ # },
8815
+ # },
8816
+ # },
7869
8817
  # },
7870
8818
  # },
7871
8819
  # ],
@@ -8166,9 +9114,23 @@ module Aws::AppMesh
8166
9114
  # {
8167
9115
  # client_policy: {
8168
9116
  # tls: {
9117
+ # certificate: {
9118
+ # file: {
9119
+ # certificate_chain: "FilePath", # required
9120
+ # private_key: "FilePath", # required
9121
+ # },
9122
+ # sds: {
9123
+ # secret_name: "SdsSecretName", # required
9124
+ # },
9125
+ # },
8169
9126
  # enforce: false,
8170
9127
  # ports: [1],
8171
9128
  # validation: { # required
9129
+ # subject_alternative_names: {
9130
+ # match: { # required
9131
+ # exact: ["SubjectAlternativeName"], # required
9132
+ # },
9133
+ # },
8172
9134
  # trust: { # required
8173
9135
  # acm: {
8174
9136
  # certificate_authority_arns: ["Arn"], # required
@@ -8176,6 +9138,9 @@ module Aws::AppMesh
8176
9138
  # file: {
8177
9139
  # certificate_chain: "FilePath", # required
8178
9140
  # },
9141
+ # sds: {
9142
+ # secret_name: "SdsSecretName", # required
9143
+ # },
8179
9144
  # },
8180
9145
  # },
8181
9146
  # },