awsappmesh

package
v1.162.0-devpreview Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

README

AWS App Mesh Construct Library

AWS App Mesh is a service mesh based on the Envoy proxy that makes it easy to monitor and control microservices. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications.

App Mesh gives you consistent visibility and network traffic controls for every microservice in an application.

App Mesh supports microservice applications that use service discovery naming for their components. To use App Mesh, you must have an existing application running on AWS Fargate, Amazon ECS, Amazon EKS, Kubernetes on AWS, or Amazon EC2.

For further information on AWS App Mesh, visit the AWS App Mesh Documentation.

Create the App and Stack

app := cdk.NewApp()
stack := cdk.NewStack(app, jsii.String("stack"))

Creating the Mesh

A service mesh is a logical boundary for network traffic between the services that reside within it.

After you create your service mesh, you can create virtual services, virtual nodes, virtual routers, and routes to distribute traffic between the applications in your mesh.

The following example creates the AppMesh service mesh with the default egress filter of DROP_ALL. See the AWS CloudFormation EgressFilter resource for more info on egress filters.

mesh := appmesh.NewMesh(this, jsii.String("AppMesh"), &meshProps{
	meshName: jsii.String("myAwsMesh"),
})

The mesh can instead be created with the ALLOW_ALL egress filter by providing the egressFilter property.

mesh := appmesh.NewMesh(this, jsii.String("AppMesh"), &meshProps{
	meshName: jsii.String("myAwsMesh"),
	egressFilter: appmesh.meshFilterType_ALLOW_ALL,
})

Adding VirtualRouters

A mesh uses virtual routers as logical units to route requests to virtual nodes.

Virtual routers handle traffic for one or more virtual services within your mesh. After you create a virtual router, you can create and associate routes to your virtual router that direct incoming requests to different virtual nodes.

var mesh mesh

router := mesh.addVirtualRouter(jsii.String("router"), &virtualRouterBaseProps{
	listeners: []virtualRouterListener{
		appmesh.*virtualRouterListener.http(jsii.Number(8080)),
	},
})

Note that creating the router using the addVirtualRouter() method places it in the same stack as the mesh (which might be different from the current stack). The router can also be created using the VirtualRouter constructor (passing in the mesh) instead of calling the addVirtualRouter() method. This is particularly useful when splitting your resources between many stacks: for example, defining the mesh itself as part of an infrastructure stack, but defining the other resources, such as routers, in the application stack:

var infraStack stack
var appStack stack


mesh := appmesh.NewMesh(infraStack, jsii.String("AppMesh"), &meshProps{
	meshName: jsii.String("myAwsMesh"),
	egressFilter: appmesh.meshFilterType_ALLOW_ALL,
})

// the VirtualRouter will belong to 'appStack',
// even though the Mesh belongs to 'infraStack'
router := appmesh.NewVirtualRouter(appStack, jsii.String("router"), &virtualRouterProps{
	mesh: mesh,
	 // notice that mesh is a required property when creating a router with the 'new' statement
	listeners: []virtualRouterListener{
		appmesh.*virtualRouterListener.http(jsii.Number(8081)),
	},
})

The same is true for other add*() methods in the App Mesh construct library.

The VirtualRouterListener class lets you define protocol-specific listeners. The http(), http2(), grpc() and tcp() methods create listeners for the named protocols. They accept a single parameter that defines the port to on which requests will be matched. The port parameter defaults to 8080 if omitted.

Adding a VirtualService

A virtual service is an abstraction of a real service that is provided by a virtual node directly, or indirectly by means of a virtual router. Dependent services call your virtual service by its virtualServiceName, and those requests are routed to the virtual node or virtual router specified as the provider for the virtual service.

We recommend that you use the service discovery name of the real service that you're targeting (such as my-service.default.svc.cluster.local).

When creating a virtual service:

  • If you want the virtual service to spread traffic across multiple virtual nodes, specify a virtual router.
  • If you want the virtual service to reach a virtual node directly, without a virtual router, specify a virtual node.

Adding a virtual router as the provider:

var router virtualRouter


appmesh.NewVirtualService(this, jsii.String("virtual-service"), &virtualServiceProps{
	virtualServiceName: jsii.String("my-service.default.svc.cluster.local"),
	 // optional
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualRouter(router),
})

Adding a virtual node as the provider:

var node virtualNode


appmesh.NewVirtualService(this, jsii.String("virtual-service"), &virtualServiceProps{
	virtualServiceName: jsii.String("my-service.default.svc.cluster.local"),
	 // optional
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualNode(node),
})

Adding a VirtualNode

A virtual node acts as a logical pointer to a particular task group, such as an Amazon ECS service or a Kubernetes deployment.

When you create a virtual node, accept inbound traffic by specifying a listener. Outbound traffic that your virtual node expects to send should be specified as a back end.

The response metadata for your new virtual node contains the Amazon Resource Name (ARN) that is associated with the virtual node. Set this value (either the full ARN or the truncated resource name) as the APPMESH_VIRTUAL_NODE_NAME environment variable for your task group's Envoy proxy container in your task definition or pod spec. For example, the value could be mesh/default/virtualNode/simpleapp. This is then mapped to the node.id and node.cluster Envoy parameters.

Note If you require your Envoy stats or tracing to use a different name, you can override the node.cluster value that is set by APPMESH_VIRTUAL_NODE_NAME with the APPMESH_VIRTUAL_NODE_CLUSTER environment variable.

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Create a VirtualNode with the constructor and add tags.

var mesh mesh
var service service


node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.file(jsii.String("/keys/local_cert_chain.pem")),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

cdk.tags.of(node).add(jsii.String("Environment"), jsii.String("Dev"))

Create a VirtualNode with the constructor and add backend virtual service.

var mesh mesh
var router virtualRouter
var service service


node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

virtualService := appmesh.NewVirtualService(this, jsii.String("service-1"), &virtualServiceProps{
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualRouter(router),
	virtualServiceName: jsii.String("service1.domain.local"),
})

node.addBackend(appmesh.backend.virtualService(virtualService))

The listeners property can be left blank and added later with the node.addListener() method. The serviceDiscovery property must be specified when specifying a listener.

The backends property can be added with node.addBackend(). In the example, we define a virtual service and add it to the virtual node to allow egress traffic to other nodes.

The backendDefaults property is added to the node while creating the virtual node. These are the virtual node's default settings for all backends.

The VirtualNode.addBackend() method is especially useful if you want to create a circular traffic flow by having a Virtual Service as a backend whose provider is that same Virtual Node:

var mesh mesh


node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
})

virtualService := appmesh.NewVirtualService(this, jsii.String("service-1"), &virtualServiceProps{
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualNode(node),
	virtualServiceName: jsii.String("service1.domain.local"),
})

node.addBackend(appmesh.backend.virtualService(virtualService))
Adding TLS to a listener

The tls property specifies TLS configuration when creating a listener for a virtual node or a virtual gateway. Provide the TLS certificate to the proxy in one of the following ways:

  • A certificate from AWS Certificate Manager (ACM).
  • A customer-provided certificate (specify a certificateChain path file and a privateKey file path).
  • A certificate provided by a Secrets Discovery Service (SDS) endpoint over local Unix Domain Socket (specify its secretName).
// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh


node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})
Adding mutual TLS authentication

Mutual TLS authentication is an optional component of TLS that offers two-way peer authentication. To enable mutual TLS authentication, add the mutualTlsCertificate property to TLS client policy and/or the mutualTlsValidation property to your TLS listener.

tls.mutualTlsValidation and tlsClientPolicy.mutualTlsCertificate can be sourced from either:

  • A customer-provided certificate (specify a certificateChain path file and a privateKey file path).
  • A certificate provided by a Secrets Discovery Service (SDS) endpoint over local Unix Domain Socket (specify its secretName).

Note Currently, a certificate from AWS Certificate Manager (ACM) cannot be used for mutual TLS authentication.

var mesh mesh


node1 := appmesh.NewVirtualNode(this, jsii.String("node1"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
				// Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
				mutualTlsValidation: &mutualTlsValidation{
					trust: appmesh.tlsValidationTrust.file(jsii.String("path-to-certificate")),
				},
			},
		}),
	},
})

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"
node2 := appmesh.NewVirtualNode(this, jsii.String("node2"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.*serviceDiscovery.dns(jsii.String("node2")),
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				subjectAlternativeNames: appmesh.subjectAlternativeNames.matchingExactly(jsii.String("mesh-endpoint.apps.local")),
				trust: appmesh.*tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
			// Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
			mutualTlsCertificate: appmesh.*tlsCertificate.sds(jsii.String("secret_certificate")),
		},
	},
})
Adding outlier detection to a Virtual Node listener

The outlierDetection property adds outlier detection to a Virtual Node listener. The properties baseEjectionDuration, interval, maxEjectionPercent, and maxServerErrors are required.

var mesh mesh
// Cloud Map service discovery is currently required for host ejection by outlier detection
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			outlierDetection: &outlierDetection{
				baseEjectionDuration: cdk.duration.seconds(jsii.Number(10)),
				interval: cdk.*duration.seconds(jsii.Number(30)),
				maxEjectionPercent: jsii.Number(50),
				maxServerErrors: jsii.Number(5),
			},
		}),
	},
})
Adding a connection pool to a listener

The connectionPool property can be added to a Virtual Node listener or Virtual Gateway listener to add a request connection pool. Each listener protocol type has its own connection pool properties.

// A Virtual Node with a gRPC listener with a connection pool set
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	// DNS service discovery can optionally specify the DNS response type as either LOAD_BALANCER or ENDPOINTS.
	// LOAD_BALANCER means that the DNS resolver returns a loadbalanced set of endpoints,
	// whereas ENDPOINTS means that the DNS resolver is returning all the endpoints.
	// By default, the response type is assumed to be LOAD_BALANCER
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node"), appmesh.dnsResponseType_ENDPOINTS),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(80),
			connectionPool: &httpConnectionPool{
				maxConnections: jsii.Number(100),
				maxPendingRequests: jsii.Number(10),
			},
		}),
	},
})

// A Virtual Gateway with a gRPC listener with a connection pool set
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			connectionPool: &grpcConnectionPool{
				maxRequests: jsii.Number(10),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

Adding a Route

A route matches requests with an associated virtual router and distributes traffic to its associated virtual nodes. The route distributes matching requests to one or more target virtual nodes with relative weighting.

The RouteSpec class lets you define protocol-specific route specifications. The tcp(), http(), http2(), and grpc() methods create a specification for the named protocols.

For HTTP-based routes, the match field can match on path (prefix, exact, or regex), HTTP method, scheme, HTTP headers, and query parameters. By default, HTTP-based routes match all requests.

For gRPC-based routes, the match field can match on service name, method name, and metadata. When specifying the method name, the service name must also be specified.

For example, here's how to add an HTTP route that matches based on a prefix of the URL path:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &httpRouteMatch{
			// Path that is passed to this method must start with '/'.
			path: appmesh.httpRoutePathMatch.startsWith(jsii.String("/path-to-app")),
		},
	}),
})

Add an HTTP2 route that matches based on exact path, method, scheme, headers, and query parameters:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-http2"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.exactly(jsii.String("/exact")),
			method: appmesh.httpRouteMethod_POST,
			protocol: appmesh.httpRouteProtocol_HTTPS,
			headers: []headerMatch{
				appmesh.*headerMatch.valueIs(jsii.String("Content-Type"), jsii.String("application/json")),
				appmesh.*headerMatch.valueIsNot(jsii.String("Content-Type"), jsii.String("application/json")),
			},
			queryParameters: []queryParameterMatch{
				appmesh.*queryParameterMatch.valueIs(jsii.String("query-field"), jsii.String("value")),
			},
		},
	}),
})

Add a single route with two targets and split traffic 50/50:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
				weight: jsii.Number(50),
			},
			&weightedTarget{
				virtualNode: node,
				weight: jsii.Number(50),
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.startsWith(jsii.String("/path-to-app")),
		},
	}),
})

Add an http2 route with retries:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Add a gRPC route with retries:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-grpc-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("servicename"),
		},
		retryPolicy: &grpcRetryPolicy{
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry if gRPC responds that the request was cancelled, a resource
			// was exhausted, or if the service is unavailable
			grpcRetryEvents: []grpcRetryEvent{
				appmesh.*grpcRetryEvent_CANCELLED,
				appmesh.*grpcRetryEvent_RESOURCE_EXHAUSTED,
				appmesh.*grpcRetryEvent_UNAVAILABLE,
			},
			retryAttempts: jsii.Number(5),
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Add an gRPC route that matches based on method name and metadata:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-grpc-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			// When method name is specified, service name must be also specified.
			methodName: jsii.String("methodname"),
			serviceName: jsii.String("servicename"),
			metadata: []headerMatch{
				appmesh.*headerMatch.valueStartsWith(jsii.String("Content-Type"), jsii.String("application/")),
				appmesh.*headerMatch.valueDoesNotStartWith(jsii.String("Content-Type"), jsii.String("text/")),
			},
		},
	}),
})

Add a gRPC route with timeout:

var router virtualRouter
var node virtualNode


router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("my-service.default.svc.cluster.local"),
		},
		timeout: &grpcTimeout{
			idle: cdk.duration.seconds(jsii.Number(2)),
			perRequest: cdk.*duration.seconds(jsii.Number(1)),
		},
	}),
})

Adding a Virtual Gateway

A virtual gateway allows resources outside your mesh to communicate with resources inside your mesh. The virtual gateway represents an Envoy proxy running in an Amazon ECS task, in a Kubernetes service, or on an Amazon EC2 instance. Unlike a virtual node, which represents Envoy running with an application, a virtual gateway represents Envoy deployed by itself.

A virtual gateway is similar to a virtual node in that it has a listener that accepts traffic for a particular port and protocol (HTTP, HTTP2, gRPC). Traffic received by the virtual gateway is directed to other services in your mesh using rules defined in gateway routes which can be added to your virtual gateway.

Create a virtual gateway with the constructor:

var mesh mesh

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"

gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.http(&httpGatewayListenerOptions{
			port: jsii.Number(443),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				interval: cdk.duration.seconds(jsii.Number(10)),
			}),
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
	virtualGatewayName: jsii.String("virtualGateway"),
})

Add a virtual gateway directly to the mesh:

var mesh mesh


gateway := mesh.addVirtualGateway(jsii.String("gateway"), &virtualGatewayBaseProps{
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
	virtualGatewayName: jsii.String("virtualGateway"),
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.http(&httpGatewayListenerOptions{
			port: jsii.Number(443),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				interval: cdk.duration.seconds(jsii.Number(10)),
			}),
		}),
	},
})

The listeners field defaults to an HTTP Listener on port 8080 if omitted. A gateway route can be added using the gateway.addGatewayRoute() method.

The backendDefaults property, provided when creating the virtual gateway, specifies the virtual gateway's default settings for all backends.

Adding a Gateway Route

A gateway route is attached to a virtual gateway and routes matching traffic to an existing virtual service.

For HTTP-based gateway routes, the match field can be used to match on path (prefix, exact, or regex), HTTP method, host name, HTTP headers, and query parameters. By default, HTTP-based gateway routes match all requests.

var gateway virtualGateway
var virtualService virtualService


gateway.addGatewayRoute(jsii.String("gateway-route-http"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			path: appmesh.httpGatewayRoutePathMatch.regex(jsii.String("regex")),
		},
	}),
})

For gRPC-based gateway routes, the match field can be used to match on service name, host name, and metadata.

var gateway virtualGateway
var virtualService virtualService


gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.endsWith(jsii.String(".example.com")),
		},
	}),
})

For HTTP based gateway routes, App Mesh automatically rewrites the matched prefix path in Gateway Route to “/”. This automatic rewrite configuration can be overwritten in following ways:

var gateway virtualGateway
var virtualService virtualService


gateway.addGatewayRoute(jsii.String("gateway-route-http"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			// This disables the default rewrite to '/', and retains original path.
			path: appmesh.httpGatewayRoutePathMatch.startsWith(jsii.String("/path-to-app/"), jsii.String("")),
		},
	}),
})

gateway.addGatewayRoute(jsii.String("gateway-route-http-1"), &gatewayRouteBaseProps{
	routeSpec: appmesh.*gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			// If the request full path is '/path-to-app/xxxxx', this rewrites the path to '/rewrittenUri/xxxxx'.
			// Please note both `prefixPathMatch` and `rewriteTo` must start and end with the `/` character.
			path: appmesh.*httpGatewayRoutePathMatch.startsWith(jsii.String("/path-to-app/"), jsii.String("/rewrittenUri/")),
		},
	}),
})

If matching other path (exact or regex), only specific rewrite path can be specified. Unlike startsWith() method above, no default rewrite is performed.

var gateway virtualGateway
var virtualService virtualService


gateway.addGatewayRoute(jsii.String("gateway-route-http-2"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			// This rewrites the path from '/test' to '/rewrittenPath'.
			path: appmesh.httpGatewayRoutePathMatch.exactly(jsii.String("/test"), jsii.String("/rewrittenPath")),
		},
	}),
})

For HTTP/gRPC based routes, App Mesh automatically rewrites the original request received at the Virtual Gateway to the destination Virtual Service name. This default host name rewrite can be configured by specifying the rewrite rule as one of the match property:

var gateway virtualGateway
var virtualService virtualService


gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.exactly(jsii.String("example.com")),
			// This disables the default rewrite to virtual service name and retain original request.
			rewriteRequestHostname: jsii.Boolean(false),
		},
	}),
})

Importing Resources

Each App Mesh resource class comes with two static methods, from<Resource>Arn and from<Resource>Attributes (where <Resource> is replaced with the resource name, such as VirtualNode) for importing a reference to an existing App Mesh resource. These imported resources can be used with other resources in your mesh as if they were defined directly in your CDK application.

arn := "arn:aws:appmesh:us-east-1:123456789012:mesh/testMesh/virtualNode/testNode"
appmesh.virtualNode.fromVirtualNodeArn(this, jsii.String("importedVirtualNode"), arn)
virtualNodeName := "my-virtual-node"
appmesh.virtualNode.fromVirtualNodeAttributes(this, jsii.String("imported-virtual-node"), &virtualNodeAttributes{
	mesh: appmesh.mesh.fromMeshName(this, jsii.String("Mesh"), jsii.String("testMesh")),
	virtualNodeName: virtualNodeName,
})

To import a mesh, again there are two static methods, fromMeshArn and fromMeshName.

arn := "arn:aws:appmesh:us-east-1:123456789012:mesh/testMesh"
appmesh.mesh.fromMeshArn(this, jsii.String("imported-mesh"), arn)
appmesh.mesh.fromMeshName(this, jsii.String("imported-mesh"), jsii.String("abc"))

IAM Grants

VirtualNode and VirtualGateway provide grantStreamAggregatedResources methods that grant identities that are running Envoy access to stream generated config from App Mesh.

var mesh mesh

gateway := appmesh.NewVirtualGateway(this, jsii.String("testGateway"), &virtualGatewayProps{
	mesh: mesh,
})
envoyUser := iam.NewUser(this, jsii.String("envoyUser"))

/**
 * This will grant `grantStreamAggregatedResources` ONLY for this gateway.
 */
gateway.grantStreamAggregatedResources(envoyUser)

Adding Resources to shared meshes

A shared mesh allows resources created by different accounts to communicate with each other in the same mesh:

// This is the ARN for the mesh from different AWS IAM account ID.
// Ensure mesh is properly shared with your account. For more details, see: https://github.com/aws/aws-cdk/issues/15404
arn := "arn:aws:appmesh:us-east-1:123456789012:mesh/testMesh"
sharedMesh := appmesh.mesh.fromMeshArn(this, jsii.String("imported-mesh"), arn)

// This VirtualNode resource can communicate with the resources in the mesh from different AWS IAM account ID.
// This VirtualNode resource can communicate with the resources in the mesh from different AWS IAM account ID.
appmesh.NewVirtualNode(this, jsii.String("test-node"), &virtualNodeProps{
	mesh: sharedMesh,
})

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CfnGatewayRoute_CFN_RESOURCE_TYPE_NAME

func CfnGatewayRoute_CFN_RESOURCE_TYPE_NAME() *string

func CfnGatewayRoute_IsCfnElement

func CfnGatewayRoute_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnGatewayRoute_IsCfnResource

func CfnGatewayRoute_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnGatewayRoute_IsConstruct

func CfnGatewayRoute_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnMesh_CFN_RESOURCE_TYPE_NAME

func CfnMesh_CFN_RESOURCE_TYPE_NAME() *string

func CfnMesh_IsCfnElement

func CfnMesh_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnMesh_IsCfnResource

func CfnMesh_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnMesh_IsConstruct

func CfnMesh_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnRoute_CFN_RESOURCE_TYPE_NAME

func CfnRoute_CFN_RESOURCE_TYPE_NAME() *string

func CfnRoute_IsCfnElement

func CfnRoute_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnRoute_IsCfnResource

func CfnRoute_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnRoute_IsConstruct

func CfnRoute_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnVirtualGateway_CFN_RESOURCE_TYPE_NAME

func CfnVirtualGateway_CFN_RESOURCE_TYPE_NAME() *string

func CfnVirtualGateway_IsCfnElement

func CfnVirtualGateway_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnVirtualGateway_IsCfnResource

func CfnVirtualGateway_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnVirtualGateway_IsConstruct

func CfnVirtualGateway_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnVirtualNode_CFN_RESOURCE_TYPE_NAME

func CfnVirtualNode_CFN_RESOURCE_TYPE_NAME() *string

func CfnVirtualNode_IsCfnElement

func CfnVirtualNode_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnVirtualNode_IsCfnResource

func CfnVirtualNode_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnVirtualNode_IsConstruct

func CfnVirtualNode_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnVirtualRouter_CFN_RESOURCE_TYPE_NAME

func CfnVirtualRouter_CFN_RESOURCE_TYPE_NAME() *string

func CfnVirtualRouter_IsCfnElement

func CfnVirtualRouter_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnVirtualRouter_IsCfnResource

func CfnVirtualRouter_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnVirtualRouter_IsConstruct

func CfnVirtualRouter_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnVirtualService_CFN_RESOURCE_TYPE_NAME

func CfnVirtualService_CFN_RESOURCE_TYPE_NAME() *string

func CfnVirtualService_IsCfnElement

func CfnVirtualService_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnVirtualService_IsCfnResource

func CfnVirtualService_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnVirtualService_IsConstruct

func CfnVirtualService_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func GatewayRoute_IsConstruct

func GatewayRoute_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func GatewayRoute_IsResource

func GatewayRoute_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func Mesh_IsConstruct

func Mesh_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func Mesh_IsResource

func Mesh_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func NewAccessLog_Override

func NewAccessLog_Override(a AccessLog)

Experimental.

func NewBackend_Override

func NewBackend_Override(b Backend)

Experimental.

func NewCfnGatewayRoute_Override

func NewCfnGatewayRoute_Override(c CfnGatewayRoute, scope awscdk.Construct, id *string, props *CfnGatewayRouteProps)

Create a new `AWS::AppMesh::GatewayRoute`.

func NewCfnMesh_Override

func NewCfnMesh_Override(c CfnMesh, scope awscdk.Construct, id *string, props *CfnMeshProps)

Create a new `AWS::AppMesh::Mesh`.

func NewCfnRoute_Override

func NewCfnRoute_Override(c CfnRoute, scope awscdk.Construct, id *string, props *CfnRouteProps)

Create a new `AWS::AppMesh::Route`.

func NewCfnVirtualGateway_Override

func NewCfnVirtualGateway_Override(c CfnVirtualGateway, scope awscdk.Construct, id *string, props *CfnVirtualGatewayProps)

Create a new `AWS::AppMesh::VirtualGateway`.

func NewCfnVirtualNode_Override

func NewCfnVirtualNode_Override(c CfnVirtualNode, scope awscdk.Construct, id *string, props *CfnVirtualNodeProps)

Create a new `AWS::AppMesh::VirtualNode`.

func NewCfnVirtualRouter_Override

func NewCfnVirtualRouter_Override(c CfnVirtualRouter, scope awscdk.Construct, id *string, props *CfnVirtualRouterProps)

Create a new `AWS::AppMesh::VirtualRouter`.

func NewCfnVirtualService_Override

func NewCfnVirtualService_Override(c CfnVirtualService, scope awscdk.Construct, id *string, props *CfnVirtualServiceProps)

Create a new `AWS::AppMesh::VirtualService`.

func NewGatewayRouteHostnameMatch_Override

func NewGatewayRouteHostnameMatch_Override(g GatewayRouteHostnameMatch)

Experimental.

func NewGatewayRouteSpec_Override

func NewGatewayRouteSpec_Override(g GatewayRouteSpec)

Experimental.

func NewGatewayRoute_Override

func NewGatewayRoute_Override(g GatewayRoute, scope constructs.Construct, id *string, props *GatewayRouteProps)

Experimental.

func NewHeaderMatch_Override

func NewHeaderMatch_Override(h HeaderMatch)

Experimental.

func NewHealthCheck_Override

func NewHealthCheck_Override(h HealthCheck)

Experimental.

func NewHttpGatewayRoutePathMatch_Override

func NewHttpGatewayRoutePathMatch_Override(h HttpGatewayRoutePathMatch)

Experimental.

func NewHttpRoutePathMatch_Override

func NewHttpRoutePathMatch_Override(h HttpRoutePathMatch)

Experimental.

func NewMesh_Override

func NewMesh_Override(m Mesh, scope constructs.Construct, id *string, props *MeshProps)

Experimental.

func NewMutualTlsCertificate_Override

func NewMutualTlsCertificate_Override(m MutualTlsCertificate)

Experimental.

func NewMutualTlsValidationTrust_Override

func NewMutualTlsValidationTrust_Override(m MutualTlsValidationTrust)

Experimental.

func NewQueryParameterMatch_Override

func NewQueryParameterMatch_Override(q QueryParameterMatch)

Experimental.

func NewRouteSpec_Override

func NewRouteSpec_Override(r RouteSpec)

Experimental.

func NewRoute_Override

func NewRoute_Override(r Route, scope constructs.Construct, id *string, props *RouteProps)

Experimental.

func NewServiceDiscovery_Override

func NewServiceDiscovery_Override(s ServiceDiscovery)

Experimental.

func NewSubjectAlternativeNames_Override

func NewSubjectAlternativeNames_Override(s SubjectAlternativeNames)

Experimental.

func NewTlsCertificate_Override

func NewTlsCertificate_Override(t TlsCertificate)

Experimental.

func NewTlsValidationTrust_Override

func NewTlsValidationTrust_Override(t TlsValidationTrust)

Experimental.

func NewVirtualGatewayListener_Override

func NewVirtualGatewayListener_Override(v VirtualGatewayListener)

Experimental.

func NewVirtualGateway_Override

func NewVirtualGateway_Override(v VirtualGateway, scope constructs.Construct, id *string, props *VirtualGatewayProps)

Experimental.

func NewVirtualNodeListener_Override

func NewVirtualNodeListener_Override(v VirtualNodeListener)

Experimental.

func NewVirtualNode_Override

func NewVirtualNode_Override(v VirtualNode, scope constructs.Construct, id *string, props *VirtualNodeProps)

Experimental.

func NewVirtualRouterListener_Override

func NewVirtualRouterListener_Override(v VirtualRouterListener)

Experimental.

func NewVirtualRouter_Override

func NewVirtualRouter_Override(v VirtualRouter, scope constructs.Construct, id *string, props *VirtualRouterProps)

Experimental.

func NewVirtualServiceProvider_Override

func NewVirtualServiceProvider_Override(v VirtualServiceProvider)

Experimental.

func NewVirtualService_Override

func NewVirtualService_Override(v VirtualService, scope constructs.Construct, id *string, props *VirtualServiceProps)

Experimental.

func Route_IsConstruct

func Route_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func Route_IsResource

func Route_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func VirtualGateway_IsConstruct

func VirtualGateway_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func VirtualGateway_IsResource

func VirtualGateway_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func VirtualNode_IsConstruct

func VirtualNode_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func VirtualNode_IsResource

func VirtualNode_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func VirtualRouter_IsConstruct

func VirtualRouter_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func VirtualRouter_IsResource

func VirtualRouter_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func VirtualService_IsConstruct

func VirtualService_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func VirtualService_IsResource

func VirtualService_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

Types

type AccessLog

type AccessLog interface {
	// Called when the AccessLog type is initialized.
	//
	// Can be used to enforce
	// mutual exclusivity with future properties.
	// Experimental.
	Bind(scope awscdk.Construct) *AccessLogConfig
}

Configuration for Envoy Access logs for mesh endpoints.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

func AccessLog_FromFilePath

func AccessLog_FromFilePath(filePath *string) AccessLog

Path to a file to write access logs to. Experimental.

type AccessLogConfig

type AccessLogConfig struct {
	// VirtualGateway CFN configuration for Access Logging.
	// Experimental.
	VirtualGatewayAccessLog *CfnVirtualGateway_VirtualGatewayAccessLogProperty `field:"optional" json:"virtualGatewayAccessLog" yaml:"virtualGatewayAccessLog"`
	// VirtualNode CFN configuration for Access Logging.
	// Experimental.
	VirtualNodeAccessLog *CfnVirtualNode_AccessLogProperty `field:"optional" json:"virtualNodeAccessLog" yaml:"virtualNodeAccessLog"`
}

All Properties for Envoy Access logs for mesh endpoints.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

accessLogConfig := &accessLogConfig{
	virtualGatewayAccessLog: &virtualGatewayAccessLogProperty{
		file: &virtualGatewayFileAccessLogProperty{
			path: jsii.String("path"),
		},
	},
	virtualNodeAccessLog: &accessLogProperty{
		file: &fileAccessLogProperty{
			path: jsii.String("path"),
		},
	},
}

Experimental.

type Backend

type Backend interface {
	// Return backend config.
	// Experimental.
	Bind(_scope awscdk.Construct) *BackendConfig
}

Contains static factory methods to create backends.

Example:

var mesh mesh
var router virtualRouter
var service service

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

virtualService := appmesh.NewVirtualService(this, jsii.String("service-1"), &virtualServiceProps{
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualRouter(router),
	virtualServiceName: jsii.String("service1.domain.local"),
})

node.addBackend(appmesh.backend.virtualService(virtualService))

Experimental.

func Backend_VirtualService

func Backend_VirtualService(virtualService IVirtualService, props *VirtualServiceBackendOptions) Backend

Construct a Virtual Service backend. Experimental.

type BackendConfig

type BackendConfig struct {
	// Config for a Virtual Service backend.
	// Experimental.
	VirtualServiceBackend *CfnVirtualNode_BackendProperty `field:"required" json:"virtualServiceBackend" yaml:"virtualServiceBackend"`
}

Properties for a backend.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

backendConfig := &backendConfig{
	virtualServiceBackend: &backendProperty{
		virtualService: &virtualServiceBackendProperty{
			virtualServiceName: jsii.String("virtualServiceName"),

			// the properties below are optional
			clientPolicy: &clientPolicyProperty{
				tls: &clientPolicyTlsProperty{
					validation: &tlsValidationContextProperty{
						trust: &tlsValidationContextTrustProperty{
							acm: &tlsValidationContextAcmTrustProperty{
								certificateAuthorityArns: []*string{
									jsii.String("certificateAuthorityArns"),
								},
							},
							file: &tlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &tlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},

					// the properties below are optional
					certificate: &clientTlsCertificateProperty{
						file: &listenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &listenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					enforce: jsii.Boolean(false),
					ports: []interface{}{
						jsii.Number(123),
					},
				},
			},
		},
	},
}

Experimental.

type BackendDefaults

type BackendDefaults struct {
	// TLS properties for Client policy for backend defaults.
	// Experimental.
	TlsClientPolicy *TlsClientPolicy `field:"optional" json:"tlsClientPolicy" yaml:"tlsClientPolicy"`
}

Represents the properties needed to define backend defaults.

Example:

var mesh mesh
var service service

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.file(jsii.String("/keys/local_cert_chain.pem")),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

cdk.tags.of(node).add(jsii.String("Environment"), jsii.String("Dev"))

Experimental.

type CfnGatewayRoute

type CfnGatewayRoute interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the gateway route.
	AttrArn() *string
	// The name of the gateway route.
	AttrGatewayRouteName() *string
	// The name of the service mesh that the gateway route resides in.
	AttrMeshName() *string
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The unique identifier for the gateway route.
	AttrUid() *string
	// The name of the virtual gateway that the gateway route is associated with.
	AttrVirtualGatewayName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The name of the gateway route.
	GatewayRouteName() *string
	SetGatewayRouteName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name of the service mesh that the resource resides in.
	MeshName() *string
	SetMeshName(val *string)
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner() *string
	SetMeshOwner(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The specifications of the gateway route.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the gateway route to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The virtual gateway that the gateway route is associated with.
	VirtualGatewayName() *string
	SetVirtualGatewayName(val *string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::GatewayRoute`.

Creates a gateway route.

A gateway route is attached to a virtual gateway and routes traffic to an existing virtual service. If a route matches a request, it can distribute traffic to a target virtual service.

For more information about gateway routes, see [Gateway routes](https://docs.aws.amazon.com/app-mesh/latest/userguide/gateway-routes.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnGatewayRoute := awscdk.Aws_appmesh.NewCfnGatewayRoute(this, jsii.String("MyCfnGatewayRoute"), &cfnGatewayRouteProps{
	meshName: jsii.String("meshName"),
	spec: &gatewayRouteSpecProperty{
		grpcRoute: &grpcGatewayRouteProperty{
			action: &grpcGatewayRouteActionProperty{
				target: &gatewayRouteTargetProperty{
					virtualService: &gatewayRouteVirtualServiceProperty{
						virtualServiceName: jsii.String("virtualServiceName"),
					},
				},

				// the properties below are optional
				rewrite: &grpcGatewayRouteRewriteProperty{
					hostname: &gatewayRouteHostnameRewriteProperty{
						defaultTargetHostname: jsii.String("defaultTargetHostname"),
					},
				},
			},
			match: &grpcGatewayRouteMatchProperty{
				hostname: &gatewayRouteHostnameMatchProperty{
					exact: jsii.String("exact"),
					suffix: jsii.String("suffix"),
				},
				metadata: []interface{}{
					&grpcGatewayRouteMetadataProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &gatewayRouteMetadataMatchProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &gatewayRouteRangeMatchProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				serviceName: jsii.String("serviceName"),
			},
		},
		http2Route: &httpGatewayRouteProperty{
			action: &httpGatewayRouteActionProperty{
				target: &gatewayRouteTargetProperty{
					virtualService: &gatewayRouteVirtualServiceProperty{
						virtualServiceName: jsii.String("virtualServiceName"),
					},
				},

				// the properties below are optional
				rewrite: &httpGatewayRouteRewriteProperty{
					hostname: &gatewayRouteHostnameRewriteProperty{
						defaultTargetHostname: jsii.String("defaultTargetHostname"),
					},
					path: &httpGatewayRoutePathRewriteProperty{
						exact: jsii.String("exact"),
					},
					prefix: &httpGatewayRoutePrefixRewriteProperty{
						defaultPrefix: jsii.String("defaultPrefix"),
						value: jsii.String("value"),
					},
				},
			},
			match: &httpGatewayRouteMatchProperty{
				headers: []interface{}{
					&httpGatewayRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &httpGatewayRouteHeaderMatchProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &gatewayRouteRangeMatchProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				hostname: &gatewayRouteHostnameMatchProperty{
					exact: jsii.String("exact"),
					suffix: jsii.String("suffix"),
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
			},
		},
		httpRoute: &httpGatewayRouteProperty{
			action: &httpGatewayRouteActionProperty{
				target: &gatewayRouteTargetProperty{
					virtualService: &gatewayRouteVirtualServiceProperty{
						virtualServiceName: jsii.String("virtualServiceName"),
					},
				},

				// the properties below are optional
				rewrite: &httpGatewayRouteRewriteProperty{
					hostname: &gatewayRouteHostnameRewriteProperty{
						defaultTargetHostname: jsii.String("defaultTargetHostname"),
					},
					path: &httpGatewayRoutePathRewriteProperty{
						exact: jsii.String("exact"),
					},
					prefix: &httpGatewayRoutePrefixRewriteProperty{
						defaultPrefix: jsii.String("defaultPrefix"),
						value: jsii.String("value"),
					},
				},
			},
			match: &httpGatewayRouteMatchProperty{
				headers: []interface{}{
					&httpGatewayRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &httpGatewayRouteHeaderMatchProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &gatewayRouteRangeMatchProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				hostname: &gatewayRouteHostnameMatchProperty{
					exact: jsii.String("exact"),
					suffix: jsii.String("suffix"),
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
			},
		},
		priority: jsii.Number(123),
	},
	virtualGatewayName: jsii.String("virtualGatewayName"),

	// the properties below are optional
	gatewayRouteName: jsii.String("gatewayRouteName"),
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnGatewayRoute

func NewCfnGatewayRoute(scope awscdk.Construct, id *string, props *CfnGatewayRouteProps) CfnGatewayRoute

Create a new `AWS::AppMesh::GatewayRoute`.

type CfnGatewayRouteProps

type CfnGatewayRouteProps struct {
	// The name of the service mesh that the resource resides in.
	MeshName *string `field:"required" json:"meshName" yaml:"meshName"`
	// The specifications of the gateway route.
	Spec interface{} `field:"required" json:"spec" yaml:"spec"`
	// The virtual gateway that the gateway route is associated with.
	VirtualGatewayName *string `field:"required" json:"virtualGatewayName" yaml:"virtualGatewayName"`
	// The name of the gateway route.
	GatewayRouteName *string `field:"optional" json:"gatewayRouteName" yaml:"gatewayRouteName"`
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner *string `field:"optional" json:"meshOwner" yaml:"meshOwner"`
	// Optional metadata that you can apply to the gateway route to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnGatewayRoute`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnGatewayRouteProps := &cfnGatewayRouteProps{
	meshName: jsii.String("meshName"),
	spec: &gatewayRouteSpecProperty{
		grpcRoute: &grpcGatewayRouteProperty{
			action: &grpcGatewayRouteActionProperty{
				target: &gatewayRouteTargetProperty{
					virtualService: &gatewayRouteVirtualServiceProperty{
						virtualServiceName: jsii.String("virtualServiceName"),
					},
				},

				// the properties below are optional
				rewrite: &grpcGatewayRouteRewriteProperty{
					hostname: &gatewayRouteHostnameRewriteProperty{
						defaultTargetHostname: jsii.String("defaultTargetHostname"),
					},
				},
			},
			match: &grpcGatewayRouteMatchProperty{
				hostname: &gatewayRouteHostnameMatchProperty{
					exact: jsii.String("exact"),
					suffix: jsii.String("suffix"),
				},
				metadata: []interface{}{
					&grpcGatewayRouteMetadataProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &gatewayRouteMetadataMatchProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &gatewayRouteRangeMatchProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				serviceName: jsii.String("serviceName"),
			},
		},
		http2Route: &httpGatewayRouteProperty{
			action: &httpGatewayRouteActionProperty{
				target: &gatewayRouteTargetProperty{
					virtualService: &gatewayRouteVirtualServiceProperty{
						virtualServiceName: jsii.String("virtualServiceName"),
					},
				},

				// the properties below are optional
				rewrite: &httpGatewayRouteRewriteProperty{
					hostname: &gatewayRouteHostnameRewriteProperty{
						defaultTargetHostname: jsii.String("defaultTargetHostname"),
					},
					path: &httpGatewayRoutePathRewriteProperty{
						exact: jsii.String("exact"),
					},
					prefix: &httpGatewayRoutePrefixRewriteProperty{
						defaultPrefix: jsii.String("defaultPrefix"),
						value: jsii.String("value"),
					},
				},
			},
			match: &httpGatewayRouteMatchProperty{
				headers: []interface{}{
					&httpGatewayRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &httpGatewayRouteHeaderMatchProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &gatewayRouteRangeMatchProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				hostname: &gatewayRouteHostnameMatchProperty{
					exact: jsii.String("exact"),
					suffix: jsii.String("suffix"),
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
			},
		},
		httpRoute: &httpGatewayRouteProperty{
			action: &httpGatewayRouteActionProperty{
				target: &gatewayRouteTargetProperty{
					virtualService: &gatewayRouteVirtualServiceProperty{
						virtualServiceName: jsii.String("virtualServiceName"),
					},
				},

				// the properties below are optional
				rewrite: &httpGatewayRouteRewriteProperty{
					hostname: &gatewayRouteHostnameRewriteProperty{
						defaultTargetHostname: jsii.String("defaultTargetHostname"),
					},
					path: &httpGatewayRoutePathRewriteProperty{
						exact: jsii.String("exact"),
					},
					prefix: &httpGatewayRoutePrefixRewriteProperty{
						defaultPrefix: jsii.String("defaultPrefix"),
						value: jsii.String("value"),
					},
				},
			},
			match: &httpGatewayRouteMatchProperty{
				headers: []interface{}{
					&httpGatewayRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &httpGatewayRouteHeaderMatchProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &gatewayRouteRangeMatchProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				hostname: &gatewayRouteHostnameMatchProperty{
					exact: jsii.String("exact"),
					suffix: jsii.String("suffix"),
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
			},
		},
		priority: jsii.Number(123),
	},
	virtualGatewayName: jsii.String("virtualGatewayName"),

	// the properties below are optional
	gatewayRouteName: jsii.String("gatewayRouteName"),
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnGatewayRoute_GatewayRouteHostnameMatchProperty

type CfnGatewayRoute_GatewayRouteHostnameMatchProperty struct {
	// The exact host name to match on.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The specified ending characters of the host name to match on.
	Suffix *string `field:"optional" json:"suffix" yaml:"suffix"`
}

An object representing the gateway route host name to match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteHostnameMatchProperty := &gatewayRouteHostnameMatchProperty{
	exact: jsii.String("exact"),
	suffix: jsii.String("suffix"),
}

type CfnGatewayRoute_GatewayRouteHostnameRewriteProperty

type CfnGatewayRoute_GatewayRouteHostnameRewriteProperty struct {
	// The default target host name to write to.
	DefaultTargetHostname *string `field:"optional" json:"defaultTargetHostname" yaml:"defaultTargetHostname"`
}

An object representing the gateway route host name to rewrite.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteHostnameRewriteProperty := &gatewayRouteHostnameRewriteProperty{
	defaultTargetHostname: jsii.String("defaultTargetHostname"),
}

type CfnGatewayRoute_GatewayRouteMetadataMatchProperty

type CfnGatewayRoute_GatewayRouteMetadataMatchProperty struct {
	// The exact method header to be matched on.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The specified beginning characters of the method header to be matched on.
	Prefix *string `field:"optional" json:"prefix" yaml:"prefix"`
	// An object that represents the range of values to match on.
	Range interface{} `field:"optional" json:"range" yaml:"range"`
	// The regex used to match the method header.
	Regex *string `field:"optional" json:"regex" yaml:"regex"`
	// The specified ending characters of the method header to match on.
	Suffix *string `field:"optional" json:"suffix" yaml:"suffix"`
}

An object representing the method header to be matched.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteMetadataMatchProperty := &gatewayRouteMetadataMatchProperty{
	exact: jsii.String("exact"),
	prefix: jsii.String("prefix"),
	range: &gatewayRouteRangeMatchProperty{
		end: jsii.Number(123),
		start: jsii.Number(123),
	},
	regex: jsii.String("regex"),
	suffix: jsii.String("suffix"),
}

type CfnGatewayRoute_GatewayRouteRangeMatchProperty

type CfnGatewayRoute_GatewayRouteRangeMatchProperty struct {
	// The end of the range.
	End *float64 `field:"required" json:"end" yaml:"end"`
	// The start of the range.
	Start *float64 `field:"required" json:"start" yaml:"start"`
}

An object that represents the range of values to match on.

The first character of the range is included in the range, though the last character is not. For example, if the range specified were 1-100, only values 1-99 would be matched.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteRangeMatchProperty := &gatewayRouteRangeMatchProperty{
	end: jsii.Number(123),
	start: jsii.Number(123),
}

type CfnGatewayRoute_GatewayRouteSpecProperty

type CfnGatewayRoute_GatewayRouteSpecProperty struct {
	// An object that represents the specification of a gRPC gateway route.
	GrpcRoute interface{} `field:"optional" json:"grpcRoute" yaml:"grpcRoute"`
	// An object that represents the specification of an HTTP/2 gateway route.
	Http2Route interface{} `field:"optional" json:"http2Route" yaml:"http2Route"`
	// An object that represents the specification of an HTTP gateway route.
	HttpRoute interface{} `field:"optional" json:"httpRoute" yaml:"httpRoute"`
	// The ordering of the gateway routes spec.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
}

An object that represents a gateway route specification.

Specify one gateway route type.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteSpecProperty := &gatewayRouteSpecProperty{
	grpcRoute: &grpcGatewayRouteProperty{
		action: &grpcGatewayRouteActionProperty{
			target: &gatewayRouteTargetProperty{
				virtualService: &gatewayRouteVirtualServiceProperty{
					virtualServiceName: jsii.String("virtualServiceName"),
				},
			},

			// the properties below are optional
			rewrite: &grpcGatewayRouteRewriteProperty{
				hostname: &gatewayRouteHostnameRewriteProperty{
					defaultTargetHostname: jsii.String("defaultTargetHostname"),
				},
			},
		},
		match: &grpcGatewayRouteMatchProperty{
			hostname: &gatewayRouteHostnameMatchProperty{
				exact: jsii.String("exact"),
				suffix: jsii.String("suffix"),
			},
			metadata: []interface{}{
				&grpcGatewayRouteMetadataProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &gatewayRouteMetadataMatchProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &gatewayRouteRangeMatchProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			serviceName: jsii.String("serviceName"),
		},
	},
	http2Route: &httpGatewayRouteProperty{
		action: &httpGatewayRouteActionProperty{
			target: &gatewayRouteTargetProperty{
				virtualService: &gatewayRouteVirtualServiceProperty{
					virtualServiceName: jsii.String("virtualServiceName"),
				},
			},

			// the properties below are optional
			rewrite: &httpGatewayRouteRewriteProperty{
				hostname: &gatewayRouteHostnameRewriteProperty{
					defaultTargetHostname: jsii.String("defaultTargetHostname"),
				},
				path: &httpGatewayRoutePathRewriteProperty{
					exact: jsii.String("exact"),
				},
				prefix: &httpGatewayRoutePrefixRewriteProperty{
					defaultPrefix: jsii.String("defaultPrefix"),
					value: jsii.String("value"),
				},
			},
		},
		match: &httpGatewayRouteMatchProperty{
			headers: []interface{}{
				&httpGatewayRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &httpGatewayRouteHeaderMatchProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &gatewayRouteRangeMatchProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			hostname: &gatewayRouteHostnameMatchProperty{
				exact: jsii.String("exact"),
				suffix: jsii.String("suffix"),
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
		},
	},
	httpRoute: &httpGatewayRouteProperty{
		action: &httpGatewayRouteActionProperty{
			target: &gatewayRouteTargetProperty{
				virtualService: &gatewayRouteVirtualServiceProperty{
					virtualServiceName: jsii.String("virtualServiceName"),
				},
			},

			// the properties below are optional
			rewrite: &httpGatewayRouteRewriteProperty{
				hostname: &gatewayRouteHostnameRewriteProperty{
					defaultTargetHostname: jsii.String("defaultTargetHostname"),
				},
				path: &httpGatewayRoutePathRewriteProperty{
					exact: jsii.String("exact"),
				},
				prefix: &httpGatewayRoutePrefixRewriteProperty{
					defaultPrefix: jsii.String("defaultPrefix"),
					value: jsii.String("value"),
				},
			},
		},
		match: &httpGatewayRouteMatchProperty{
			headers: []interface{}{
				&httpGatewayRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &httpGatewayRouteHeaderMatchProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &gatewayRouteRangeMatchProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			hostname: &gatewayRouteHostnameMatchProperty{
				exact: jsii.String("exact"),
				suffix: jsii.String("suffix"),
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
		},
	},
	priority: jsii.Number(123),
}

type CfnGatewayRoute_GatewayRouteTargetProperty

type CfnGatewayRoute_GatewayRouteTargetProperty struct {
	// An object that represents a virtual service gateway route target.
	VirtualService interface{} `field:"required" json:"virtualService" yaml:"virtualService"`
}

An object that represents a gateway route target.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteTargetProperty := &gatewayRouteTargetProperty{
	virtualService: &gatewayRouteVirtualServiceProperty{
		virtualServiceName: jsii.String("virtualServiceName"),
	},
}

type CfnGatewayRoute_GatewayRouteVirtualServiceProperty

type CfnGatewayRoute_GatewayRouteVirtualServiceProperty struct {
	// The name of the virtual service that traffic is routed to.
	VirtualServiceName *string `field:"required" json:"virtualServiceName" yaml:"virtualServiceName"`
}

An object that represents the virtual service that traffic is routed to.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteVirtualServiceProperty := &gatewayRouteVirtualServiceProperty{
	virtualServiceName: jsii.String("virtualServiceName"),
}

type CfnGatewayRoute_GrpcGatewayRouteActionProperty

type CfnGatewayRoute_GrpcGatewayRouteActionProperty struct {
	// An object that represents the target that traffic is routed to when a request matches the gateway route.
	Target interface{} `field:"required" json:"target" yaml:"target"`
	// The gateway route action to rewrite.
	Rewrite interface{} `field:"optional" json:"rewrite" yaml:"rewrite"`
}

An object that represents the action to take if a match is determined.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcGatewayRouteActionProperty := &grpcGatewayRouteActionProperty{
	target: &gatewayRouteTargetProperty{
		virtualService: &gatewayRouteVirtualServiceProperty{
			virtualServiceName: jsii.String("virtualServiceName"),
		},
	},

	// the properties below are optional
	rewrite: &grpcGatewayRouteRewriteProperty{
		hostname: &gatewayRouteHostnameRewriteProperty{
			defaultTargetHostname: jsii.String("defaultTargetHostname"),
		},
	},
}

type CfnGatewayRoute_GrpcGatewayRouteMatchProperty

type CfnGatewayRoute_GrpcGatewayRouteMatchProperty struct {
	// The gateway route host name to be matched on.
	Hostname interface{} `field:"optional" json:"hostname" yaml:"hostname"`
	// The gateway route metadata to be matched on.
	Metadata interface{} `field:"optional" json:"metadata" yaml:"metadata"`
	// The fully qualified domain name for the service to match from the request.
	ServiceName *string `field:"optional" json:"serviceName" yaml:"serviceName"`
}

An object that represents the criteria for determining a request match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcGatewayRouteMatchProperty := &grpcGatewayRouteMatchProperty{
	hostname: &gatewayRouteHostnameMatchProperty{
		exact: jsii.String("exact"),
		suffix: jsii.String("suffix"),
	},
	metadata: []interface{}{
		&grpcGatewayRouteMetadataProperty{
			name: jsii.String("name"),

			// the properties below are optional
			invert: jsii.Boolean(false),
			match: &gatewayRouteMetadataMatchProperty{
				exact: jsii.String("exact"),
				prefix: jsii.String("prefix"),
				range: &gatewayRouteRangeMatchProperty{
					end: jsii.Number(123),
					start: jsii.Number(123),
				},
				regex: jsii.String("regex"),
				suffix: jsii.String("suffix"),
			},
		},
	},
	serviceName: jsii.String("serviceName"),
}

type CfnGatewayRoute_GrpcGatewayRouteMetadataProperty

type CfnGatewayRoute_GrpcGatewayRouteMetadataProperty struct {
	// A name for the gateway route metadata.
	Name *string `field:"required" json:"name" yaml:"name"`
	// Specify `True` to match anything except the match criteria.
	//
	// The default value is `False` .
	Invert interface{} `field:"optional" json:"invert" yaml:"invert"`
	// The criteria for determining a metadata match.
	Match interface{} `field:"optional" json:"match" yaml:"match"`
}

An object representing the metadata of the gateway route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcGatewayRouteMetadataProperty := &grpcGatewayRouteMetadataProperty{
	name: jsii.String("name"),

	// the properties below are optional
	invert: jsii.Boolean(false),
	match: &gatewayRouteMetadataMatchProperty{
		exact: jsii.String("exact"),
		prefix: jsii.String("prefix"),
		range: &gatewayRouteRangeMatchProperty{
			end: jsii.Number(123),
			start: jsii.Number(123),
		},
		regex: jsii.String("regex"),
		suffix: jsii.String("suffix"),
	},
}

type CfnGatewayRoute_GrpcGatewayRouteProperty

type CfnGatewayRoute_GrpcGatewayRouteProperty struct {
	// An object that represents the action to take if a match is determined.
	Action interface{} `field:"required" json:"action" yaml:"action"`
	// An object that represents the criteria for determining a request match.
	Match interface{} `field:"required" json:"match" yaml:"match"`
}

An object that represents a gRPC gateway route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcGatewayRouteProperty := &grpcGatewayRouteProperty{
	action: &grpcGatewayRouteActionProperty{
		target: &gatewayRouteTargetProperty{
			virtualService: &gatewayRouteVirtualServiceProperty{
				virtualServiceName: jsii.String("virtualServiceName"),
			},
		},

		// the properties below are optional
		rewrite: &grpcGatewayRouteRewriteProperty{
			hostname: &gatewayRouteHostnameRewriteProperty{
				defaultTargetHostname: jsii.String("defaultTargetHostname"),
			},
		},
	},
	match: &grpcGatewayRouteMatchProperty{
		hostname: &gatewayRouteHostnameMatchProperty{
			exact: jsii.String("exact"),
			suffix: jsii.String("suffix"),
		},
		metadata: []interface{}{
			&grpcGatewayRouteMetadataProperty{
				name: jsii.String("name"),

				// the properties below are optional
				invert: jsii.Boolean(false),
				match: &gatewayRouteMetadataMatchProperty{
					exact: jsii.String("exact"),
					prefix: jsii.String("prefix"),
					range: &gatewayRouteRangeMatchProperty{
						end: jsii.Number(123),
						start: jsii.Number(123),
					},
					regex: jsii.String("regex"),
					suffix: jsii.String("suffix"),
				},
			},
		},
		serviceName: jsii.String("serviceName"),
	},
}

type CfnGatewayRoute_GrpcGatewayRouteRewriteProperty

type CfnGatewayRoute_GrpcGatewayRouteRewriteProperty struct {
	// The host name of the gateway route to rewrite.
	Hostname interface{} `field:"optional" json:"hostname" yaml:"hostname"`
}

An object that represents the gateway route to rewrite.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcGatewayRouteRewriteProperty := &grpcGatewayRouteRewriteProperty{
	hostname: &gatewayRouteHostnameRewriteProperty{
		defaultTargetHostname: jsii.String("defaultTargetHostname"),
	},
}

type CfnGatewayRoute_HttpGatewayRouteActionProperty

type CfnGatewayRoute_HttpGatewayRouteActionProperty struct {
	// An object that represents the target that traffic is routed to when a request matches the gateway route.
	Target interface{} `field:"required" json:"target" yaml:"target"`
	// The gateway route action to rewrite.
	Rewrite interface{} `field:"optional" json:"rewrite" yaml:"rewrite"`
}

An object that represents the action to take if a match is determined.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRouteActionProperty := &httpGatewayRouteActionProperty{
	target: &gatewayRouteTargetProperty{
		virtualService: &gatewayRouteVirtualServiceProperty{
			virtualServiceName: jsii.String("virtualServiceName"),
		},
	},

	// the properties below are optional
	rewrite: &httpGatewayRouteRewriteProperty{
		hostname: &gatewayRouteHostnameRewriteProperty{
			defaultTargetHostname: jsii.String("defaultTargetHostname"),
		},
		path: &httpGatewayRoutePathRewriteProperty{
			exact: jsii.String("exact"),
		},
		prefix: &httpGatewayRoutePrefixRewriteProperty{
			defaultPrefix: jsii.String("defaultPrefix"),
			value: jsii.String("value"),
		},
	},
}

type CfnGatewayRoute_HttpGatewayRouteHeaderMatchProperty

type CfnGatewayRoute_HttpGatewayRouteHeaderMatchProperty struct {
	// The value sent by the client must match the specified value exactly.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The value sent by the client must begin with the specified characters.
	Prefix *string `field:"optional" json:"prefix" yaml:"prefix"`
	// An object that represents the range of values to match on.
	Range interface{} `field:"optional" json:"range" yaml:"range"`
	// The value sent by the client must include the specified characters.
	Regex *string `field:"optional" json:"regex" yaml:"regex"`
	// The value sent by the client must end with the specified characters.
	Suffix *string `field:"optional" json:"suffix" yaml:"suffix"`
}

An object that represents the method and value to match with the header value sent in a request.

Specify one match method.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRouteHeaderMatchProperty := &httpGatewayRouteHeaderMatchProperty{
	exact: jsii.String("exact"),
	prefix: jsii.String("prefix"),
	range: &gatewayRouteRangeMatchProperty{
		end: jsii.Number(123),
		start: jsii.Number(123),
	},
	regex: jsii.String("regex"),
	suffix: jsii.String("suffix"),
}

type CfnGatewayRoute_HttpGatewayRouteHeaderProperty

type CfnGatewayRoute_HttpGatewayRouteHeaderProperty struct {
	// A name for the HTTP header in the gateway route that will be matched on.
	Name *string `field:"required" json:"name" yaml:"name"`
	// Specify `True` to match anything except the match criteria.
	//
	// The default value is `False` .
	Invert interface{} `field:"optional" json:"invert" yaml:"invert"`
	// An object that represents the method and value to match with the header value sent in a request.
	//
	// Specify one match method.
	Match interface{} `field:"optional" json:"match" yaml:"match"`
}

An object that represents the HTTP header in the gateway route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRouteHeaderProperty := &httpGatewayRouteHeaderProperty{
	name: jsii.String("name"),

	// the properties below are optional
	invert: jsii.Boolean(false),
	match: &httpGatewayRouteHeaderMatchProperty{
		exact: jsii.String("exact"),
		prefix: jsii.String("prefix"),
		range: &gatewayRouteRangeMatchProperty{
			end: jsii.Number(123),
			start: jsii.Number(123),
		},
		regex: jsii.String("regex"),
		suffix: jsii.String("suffix"),
	},
}

type CfnGatewayRoute_HttpGatewayRouteMatchProperty

type CfnGatewayRoute_HttpGatewayRouteMatchProperty struct {
	// The client request headers to match on.
	Headers interface{} `field:"optional" json:"headers" yaml:"headers"`
	// The host name to match on.
	Hostname interface{} `field:"optional" json:"hostname" yaml:"hostname"`
	// The method to match on.
	Method *string `field:"optional" json:"method" yaml:"method"`
	// The path to match on.
	Path interface{} `field:"optional" json:"path" yaml:"path"`
	// Specifies the path to match requests with.
	//
	// This parameter must always start with `/` , which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is `my-service.local` and you want the route to match requests to `my-service.local/metrics` , your prefix should be `/metrics` .
	Prefix *string `field:"optional" json:"prefix" yaml:"prefix"`
	// The query parameter to match on.
	QueryParameters interface{} `field:"optional" json:"queryParameters" yaml:"queryParameters"`
}

An object that represents the criteria for determining a request match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRouteMatchProperty := &httpGatewayRouteMatchProperty{
	headers: []interface{}{
		&httpGatewayRouteHeaderProperty{
			name: jsii.String("name"),

			// the properties below are optional
			invert: jsii.Boolean(false),
			match: &httpGatewayRouteHeaderMatchProperty{
				exact: jsii.String("exact"),
				prefix: jsii.String("prefix"),
				range: &gatewayRouteRangeMatchProperty{
					end: jsii.Number(123),
					start: jsii.Number(123),
				},
				regex: jsii.String("regex"),
				suffix: jsii.String("suffix"),
			},
		},
	},
	hostname: &gatewayRouteHostnameMatchProperty{
		exact: jsii.String("exact"),
		suffix: jsii.String("suffix"),
	},
	method: jsii.String("method"),
	path: &httpPathMatchProperty{
		exact: jsii.String("exact"),
		regex: jsii.String("regex"),
	},
	prefix: jsii.String("prefix"),
	queryParameters: []interface{}{
		&queryParameterProperty{
			name: jsii.String("name"),

			// the properties below are optional
			match: &httpQueryParameterMatchProperty{
				exact: jsii.String("exact"),
			},
		},
	},
}

type CfnGatewayRoute_HttpGatewayRoutePathRewriteProperty

type CfnGatewayRoute_HttpGatewayRoutePathRewriteProperty struct {
	// The exact path to rewrite.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
}

An object that represents the path to rewrite.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRoutePathRewriteProperty := &httpGatewayRoutePathRewriteProperty{
	exact: jsii.String("exact"),
}

type CfnGatewayRoute_HttpGatewayRoutePrefixRewriteProperty

type CfnGatewayRoute_HttpGatewayRoutePrefixRewriteProperty struct {
	// The default prefix used to replace the incoming route prefix when rewritten.
	DefaultPrefix *string `field:"optional" json:"defaultPrefix" yaml:"defaultPrefix"`
	// The value used to replace the incoming route prefix when rewritten.
	Value *string `field:"optional" json:"value" yaml:"value"`
}

An object representing the beginning characters of the route to rewrite.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRoutePrefixRewriteProperty := &httpGatewayRoutePrefixRewriteProperty{
	defaultPrefix: jsii.String("defaultPrefix"),
	value: jsii.String("value"),
}

type CfnGatewayRoute_HttpGatewayRouteProperty

type CfnGatewayRoute_HttpGatewayRouteProperty struct {
	// An object that represents the action to take if a match is determined.
	Action interface{} `field:"required" json:"action" yaml:"action"`
	// An object that represents the criteria for determining a request match.
	Match interface{} `field:"required" json:"match" yaml:"match"`
}

An object that represents an HTTP gateway route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRouteProperty := &httpGatewayRouteProperty{
	action: &httpGatewayRouteActionProperty{
		target: &gatewayRouteTargetProperty{
			virtualService: &gatewayRouteVirtualServiceProperty{
				virtualServiceName: jsii.String("virtualServiceName"),
			},
		},

		// the properties below are optional
		rewrite: &httpGatewayRouteRewriteProperty{
			hostname: &gatewayRouteHostnameRewriteProperty{
				defaultTargetHostname: jsii.String("defaultTargetHostname"),
			},
			path: &httpGatewayRoutePathRewriteProperty{
				exact: jsii.String("exact"),
			},
			prefix: &httpGatewayRoutePrefixRewriteProperty{
				defaultPrefix: jsii.String("defaultPrefix"),
				value: jsii.String("value"),
			},
		},
	},
	match: &httpGatewayRouteMatchProperty{
		headers: []interface{}{
			&httpGatewayRouteHeaderProperty{
				name: jsii.String("name"),

				// the properties below are optional
				invert: jsii.Boolean(false),
				match: &httpGatewayRouteHeaderMatchProperty{
					exact: jsii.String("exact"),
					prefix: jsii.String("prefix"),
					range: &gatewayRouteRangeMatchProperty{
						end: jsii.Number(123),
						start: jsii.Number(123),
					},
					regex: jsii.String("regex"),
					suffix: jsii.String("suffix"),
				},
			},
		},
		hostname: &gatewayRouteHostnameMatchProperty{
			exact: jsii.String("exact"),
			suffix: jsii.String("suffix"),
		},
		method: jsii.String("method"),
		path: &httpPathMatchProperty{
			exact: jsii.String("exact"),
			regex: jsii.String("regex"),
		},
		prefix: jsii.String("prefix"),
		queryParameters: []interface{}{
			&queryParameterProperty{
				name: jsii.String("name"),

				// the properties below are optional
				match: &httpQueryParameterMatchProperty{
					exact: jsii.String("exact"),
				},
			},
		},
	},
}

type CfnGatewayRoute_HttpGatewayRouteRewriteProperty

type CfnGatewayRoute_HttpGatewayRouteRewriteProperty struct {
	// The host name to rewrite.
	Hostname interface{} `field:"optional" json:"hostname" yaml:"hostname"`
	// The path to rewrite.
	Path interface{} `field:"optional" json:"path" yaml:"path"`
	// The specified beginning characters to rewrite.
	Prefix interface{} `field:"optional" json:"prefix" yaml:"prefix"`
}

An object representing the gateway route to rewrite.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRouteRewriteProperty := &httpGatewayRouteRewriteProperty{
	hostname: &gatewayRouteHostnameRewriteProperty{
		defaultTargetHostname: jsii.String("defaultTargetHostname"),
	},
	path: &httpGatewayRoutePathRewriteProperty{
		exact: jsii.String("exact"),
	},
	prefix: &httpGatewayRoutePrefixRewriteProperty{
		defaultPrefix: jsii.String("defaultPrefix"),
		value: jsii.String("value"),
	},
}

type CfnGatewayRoute_HttpPathMatchProperty

type CfnGatewayRoute_HttpPathMatchProperty struct {
	// The exact path to match on.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The regex used to match the path.
	Regex *string `field:"optional" json:"regex" yaml:"regex"`
}

An object representing the path to match in the request.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpPathMatchProperty := &httpPathMatchProperty{
	exact: jsii.String("exact"),
	regex: jsii.String("regex"),
}

type CfnGatewayRoute_HttpQueryParameterMatchProperty

type CfnGatewayRoute_HttpQueryParameterMatchProperty struct {
	// The exact query parameter to match on.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
}

An object representing the query parameter to match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpQueryParameterMatchProperty := &httpQueryParameterMatchProperty{
	exact: jsii.String("exact"),
}

type CfnGatewayRoute_QueryParameterProperty

type CfnGatewayRoute_QueryParameterProperty struct {
	// A name for the query parameter that will be matched on.
	Name *string `field:"required" json:"name" yaml:"name"`
	// The query parameter to match on.
	Match interface{} `field:"optional" json:"match" yaml:"match"`
}

An object that represents the query parameter in the request.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

queryParameterProperty := &queryParameterProperty{
	name: jsii.String("name"),

	// the properties below are optional
	match: &httpQueryParameterMatchProperty{
		exact: jsii.String("exact"),
	},
}

type CfnMesh

type CfnMesh interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the mesh.
	AttrArn() *string
	// The name of the service mesh.
	AttrMeshName() *string
	// The IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The unique identifier for the mesh.
	AttrUid() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name to use for the service mesh.
	MeshName() *string
	SetMeshName(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The service mesh specification to apply.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the service mesh to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::Mesh`.

Creates a service mesh.

A service mesh is a logical boundary for network traffic between services that are represented by resources within the mesh. After you create your service mesh, you can create virtual services, virtual nodes, virtual routers, and routes to distribute traffic between the applications in your mesh.

For more information about service meshes, see [Service meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/meshes.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnMesh := awscdk.Aws_appmesh.NewCfnMesh(this, jsii.String("MyCfnMesh"), &cfnMeshProps{
	meshName: jsii.String("meshName"),
	spec: &meshSpecProperty{
		egressFilter: &egressFilterProperty{
			type: jsii.String("type"),
		},
		serviceDiscovery: &meshServiceDiscoveryProperty{
			ipPreference: jsii.String("ipPreference"),
		},
	},
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnMesh

func NewCfnMesh(scope awscdk.Construct, id *string, props *CfnMeshProps) CfnMesh

Create a new `AWS::AppMesh::Mesh`.

type CfnMeshProps

type CfnMeshProps struct {
	// The name to use for the service mesh.
	MeshName *string `field:"optional" json:"meshName" yaml:"meshName"`
	// The service mesh specification to apply.
	Spec interface{} `field:"optional" json:"spec" yaml:"spec"`
	// Optional metadata that you can apply to the service mesh to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnMesh`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnMeshProps := &cfnMeshProps{
	meshName: jsii.String("meshName"),
	spec: &meshSpecProperty{
		egressFilter: &egressFilterProperty{
			type: jsii.String("type"),
		},
		serviceDiscovery: &meshServiceDiscoveryProperty{
			ipPreference: jsii.String("ipPreference"),
		},
	},
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnMesh_EgressFilterProperty

type CfnMesh_EgressFilterProperty struct {
	// The egress filter type.
	//
	// By default, the type is `DROP_ALL` , which allows egress only from virtual nodes to other defined resources in the service mesh (and any traffic to `*.amazonaws.com` for AWS API calls). You can set the egress filter type to `ALLOW_ALL` to allow egress to any endpoint inside or outside of the service mesh.
	Type *string `field:"required" json:"type" yaml:"type"`
}

An object that represents the egress filter rules for a service mesh.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

egressFilterProperty := &egressFilterProperty{
	type: jsii.String("type"),
}

type CfnMesh_MeshServiceDiscoveryProperty

type CfnMesh_MeshServiceDiscoveryProperty struct {
	// The IP version to use to control traffic within the mesh.
	IpPreference *string `field:"optional" json:"ipPreference" yaml:"ipPreference"`
}

An object that represents the service discovery information for a service mesh.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

meshServiceDiscoveryProperty := &meshServiceDiscoveryProperty{
	ipPreference: jsii.String("ipPreference"),
}

type CfnMesh_MeshSpecProperty

type CfnMesh_MeshSpecProperty struct {
	// The egress filter rules for the service mesh.
	EgressFilter interface{} `field:"optional" json:"egressFilter" yaml:"egressFilter"`
	// An object that represents the service discovery information for a service mesh.
	ServiceDiscovery interface{} `field:"optional" json:"serviceDiscovery" yaml:"serviceDiscovery"`
}

An object that represents the specification of a service mesh.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

meshSpecProperty := &meshSpecProperty{
	egressFilter: &egressFilterProperty{
		type: jsii.String("type"),
	},
	serviceDiscovery: &meshServiceDiscoveryProperty{
		ipPreference: jsii.String("ipPreference"),
	},
}

type CfnRoute

type CfnRoute interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the route.
	AttrArn() *string
	// The name of the service mesh that the route resides in.
	AttrMeshName() *string
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The AWS IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The name of the route.
	AttrRouteName() *string
	// The unique identifier for the route.
	AttrUid() *string
	// The name of the virtual router that the route is associated with.
	AttrVirtualRouterName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name of the service mesh to create the route in.
	MeshName() *string
	SetMeshName(val *string)
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner() *string
	SetMeshOwner(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The name to use for the route.
	RouteName() *string
	SetRouteName(val *string)
	// The route specification to apply.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the route to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The name of the virtual router in which to create the route.
	//
	// If the virtual router is in a shared mesh, then you must be the owner of the virtual router resource.
	VirtualRouterName() *string
	SetVirtualRouterName(val *string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::Route`.

Creates a route that is associated with a virtual router.

You can route several different protocols and define a retry policy for a route. Traffic can be routed to one or more virtual nodes.

For more information about routes, see [Routes](https://docs.aws.amazon.com/app-mesh/latest/userguide/routes.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnRoute := awscdk.Aws_appmesh.NewCfnRoute(this, jsii.String("MyCfnRoute"), &cfnRouteProps{
	meshName: jsii.String("meshName"),
	spec: &routeSpecProperty{
		grpcRoute: &grpcRouteProperty{
			action: &grpcRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},
			match: &grpcRouteMatchProperty{
				metadata: []interface{}{
					&grpcRouteMetadataProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &grpcRouteMetadataMatchMethodProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &matchRangeProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				methodName: jsii.String("methodName"),
				serviceName: jsii.String("serviceName"),
			},

			// the properties below are optional
			retryPolicy: &grpcRetryPolicyProperty{
				maxRetries: jsii.Number(123),
				perRetryTimeout: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},

				// the properties below are optional
				grpcRetryEvents: []*string{
					jsii.String("grpcRetryEvents"),
				},
				httpRetryEvents: []*string{
					jsii.String("httpRetryEvents"),
				},
				tcpRetryEvents: []*string{
					jsii.String("tcpRetryEvents"),
				},
			},
			timeout: &grpcTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		http2Route: &httpRouteProperty{
			action: &httpRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},
			match: &httpRouteMatchProperty{
				headers: []interface{}{
					&httpRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &headerMatchMethodProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &matchRangeProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
				scheme: jsii.String("scheme"),
			},

			// the properties below are optional
			retryPolicy: &httpRetryPolicyProperty{
				maxRetries: jsii.Number(123),
				perRetryTimeout: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},

				// the properties below are optional
				httpRetryEvents: []*string{
					jsii.String("httpRetryEvents"),
				},
				tcpRetryEvents: []*string{
					jsii.String("tcpRetryEvents"),
				},
			},
			timeout: &httpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		httpRoute: &httpRouteProperty{
			action: &httpRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},
			match: &httpRouteMatchProperty{
				headers: []interface{}{
					&httpRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &headerMatchMethodProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &matchRangeProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
				scheme: jsii.String("scheme"),
			},

			// the properties below are optional
			retryPolicy: &httpRetryPolicyProperty{
				maxRetries: jsii.Number(123),
				perRetryTimeout: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},

				// the properties below are optional
				httpRetryEvents: []*string{
					jsii.String("httpRetryEvents"),
				},
				tcpRetryEvents: []*string{
					jsii.String("tcpRetryEvents"),
				},
			},
			timeout: &httpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		priority: jsii.Number(123),
		tcpRoute: &tcpRouteProperty{
			action: &tcpRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},

			// the properties below are optional
			timeout: &tcpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
	},
	virtualRouterName: jsii.String("virtualRouterName"),

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	routeName: jsii.String("routeName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnRoute

func NewCfnRoute(scope awscdk.Construct, id *string, props *CfnRouteProps) CfnRoute

Create a new `AWS::AppMesh::Route`.

type CfnRouteProps

type CfnRouteProps struct {
	// The name of the service mesh to create the route in.
	MeshName *string `field:"required" json:"meshName" yaml:"meshName"`
	// The route specification to apply.
	Spec interface{} `field:"required" json:"spec" yaml:"spec"`
	// The name of the virtual router in which to create the route.
	//
	// If the virtual router is in a shared mesh, then you must be the owner of the virtual router resource.
	VirtualRouterName *string `field:"required" json:"virtualRouterName" yaml:"virtualRouterName"`
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner *string `field:"optional" json:"meshOwner" yaml:"meshOwner"`
	// The name to use for the route.
	RouteName *string `field:"optional" json:"routeName" yaml:"routeName"`
	// Optional metadata that you can apply to the route to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnRoute`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnRouteProps := &cfnRouteProps{
	meshName: jsii.String("meshName"),
	spec: &routeSpecProperty{
		grpcRoute: &grpcRouteProperty{
			action: &grpcRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},
			match: &grpcRouteMatchProperty{
				metadata: []interface{}{
					&grpcRouteMetadataProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &grpcRouteMetadataMatchMethodProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &matchRangeProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				methodName: jsii.String("methodName"),
				serviceName: jsii.String("serviceName"),
			},

			// the properties below are optional
			retryPolicy: &grpcRetryPolicyProperty{
				maxRetries: jsii.Number(123),
				perRetryTimeout: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},

				// the properties below are optional
				grpcRetryEvents: []*string{
					jsii.String("grpcRetryEvents"),
				},
				httpRetryEvents: []*string{
					jsii.String("httpRetryEvents"),
				},
				tcpRetryEvents: []*string{
					jsii.String("tcpRetryEvents"),
				},
			},
			timeout: &grpcTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		http2Route: &httpRouteProperty{
			action: &httpRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},
			match: &httpRouteMatchProperty{
				headers: []interface{}{
					&httpRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &headerMatchMethodProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &matchRangeProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
				scheme: jsii.String("scheme"),
			},

			// the properties below are optional
			retryPolicy: &httpRetryPolicyProperty{
				maxRetries: jsii.Number(123),
				perRetryTimeout: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},

				// the properties below are optional
				httpRetryEvents: []*string{
					jsii.String("httpRetryEvents"),
				},
				tcpRetryEvents: []*string{
					jsii.String("tcpRetryEvents"),
				},
			},
			timeout: &httpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		httpRoute: &httpRouteProperty{
			action: &httpRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},
			match: &httpRouteMatchProperty{
				headers: []interface{}{
					&httpRouteHeaderProperty{
						name: jsii.String("name"),

						// the properties below are optional
						invert: jsii.Boolean(false),
						match: &headerMatchMethodProperty{
							exact: jsii.String("exact"),
							prefix: jsii.String("prefix"),
							range: &matchRangeProperty{
								end: jsii.Number(123),
								start: jsii.Number(123),
							},
							regex: jsii.String("regex"),
							suffix: jsii.String("suffix"),
						},
					},
				},
				method: jsii.String("method"),
				path: &httpPathMatchProperty{
					exact: jsii.String("exact"),
					regex: jsii.String("regex"),
				},
				prefix: jsii.String("prefix"),
				queryParameters: []interface{}{
					&queryParameterProperty{
						name: jsii.String("name"),

						// the properties below are optional
						match: &httpQueryParameterMatchProperty{
							exact: jsii.String("exact"),
						},
					},
				},
				scheme: jsii.String("scheme"),
			},

			// the properties below are optional
			retryPolicy: &httpRetryPolicyProperty{
				maxRetries: jsii.Number(123),
				perRetryTimeout: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},

				// the properties below are optional
				httpRetryEvents: []*string{
					jsii.String("httpRetryEvents"),
				},
				tcpRetryEvents: []*string{
					jsii.String("tcpRetryEvents"),
				},
			},
			timeout: &httpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		priority: jsii.Number(123),
		tcpRoute: &tcpRouteProperty{
			action: &tcpRouteActionProperty{
				weightedTargets: []interface{}{
					&weightedTargetProperty{
						virtualNode: jsii.String("virtualNode"),
						weight: jsii.Number(123),
					},
				},
			},

			// the properties below are optional
			timeout: &tcpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
	},
	virtualRouterName: jsii.String("virtualRouterName"),

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	routeName: jsii.String("routeName"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnRoute_DurationProperty

type CfnRoute_DurationProperty struct {
	// A unit of time.
	Unit *string `field:"required" json:"unit" yaml:"unit"`
	// A number of time units.
	Value *float64 `field:"required" json:"value" yaml:"value"`
}

An object that represents a duration of time.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

durationProperty := &durationProperty{
	unit: jsii.String("unit"),
	value: jsii.Number(123),
}

type CfnRoute_GrpcRetryPolicyProperty

type CfnRoute_GrpcRetryPolicyProperty struct {
	// The maximum number of retry attempts.
	MaxRetries *float64 `field:"required" json:"maxRetries" yaml:"maxRetries"`
	// The timeout for each retry attempt.
	PerRetryTimeout interface{} `field:"required" json:"perRetryTimeout" yaml:"perRetryTimeout"`
	// Specify at least one of the valid values.
	GrpcRetryEvents *[]*string `field:"optional" json:"grpcRetryEvents" yaml:"grpcRetryEvents"`
	// Specify at least one of the following values.
	//
	// - *server-error* – HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511
	// - *gateway-error* – HTTP status codes 502, 503, and 504
	// - *client-error* – HTTP status code 409
	// - *stream-error* – Retry on refused stream.
	HttpRetryEvents *[]*string `field:"optional" json:"httpRetryEvents" yaml:"httpRetryEvents"`
	// Specify a valid value.
	//
	// The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.
	TcpRetryEvents *[]*string `field:"optional" json:"tcpRetryEvents" yaml:"tcpRetryEvents"`
}

An object that represents a retry policy.

Specify at least one value for at least one of the types of `RetryEvents` , a value for `maxRetries` , and a value for `perRetryTimeout` . Both `server-error` and `gateway-error` under `httpRetryEvents` include the Envoy `reset` policy. For more information on the `reset` policy, see the [Envoy documentation](https://docs.aws.amazon.com/https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcRetryPolicyProperty := &grpcRetryPolicyProperty{
	maxRetries: jsii.Number(123),
	perRetryTimeout: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},

	// the properties below are optional
	grpcRetryEvents: []*string{
		jsii.String("grpcRetryEvents"),
	},
	httpRetryEvents: []*string{
		jsii.String("httpRetryEvents"),
	},
	tcpRetryEvents: []*string{
		jsii.String("tcpRetryEvents"),
	},
}

type CfnRoute_GrpcRouteActionProperty

type CfnRoute_GrpcRouteActionProperty struct {
	// An object that represents the targets that traffic is routed to when a request matches the route.
	WeightedTargets interface{} `field:"required" json:"weightedTargets" yaml:"weightedTargets"`
}

An object that represents the action to take if a match is determined.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcRouteActionProperty := &grpcRouteActionProperty{
	weightedTargets: []interface{}{
		&weightedTargetProperty{
			virtualNode: jsii.String("virtualNode"),
			weight: jsii.Number(123),
		},
	},
}

type CfnRoute_GrpcRouteMatchProperty

type CfnRoute_GrpcRouteMatchProperty struct {
	// An object that represents the data to match from the request.
	Metadata interface{} `field:"optional" json:"metadata" yaml:"metadata"`
	// The method name to match from the request.
	//
	// If you specify a name, you must also specify a `serviceName` .
	MethodName *string `field:"optional" json:"methodName" yaml:"methodName"`
	// The fully qualified domain name for the service to match from the request.
	ServiceName *string `field:"optional" json:"serviceName" yaml:"serviceName"`
}

An object that represents the criteria for determining a request match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcRouteMatchProperty := &grpcRouteMatchProperty{
	metadata: []interface{}{
		&grpcRouteMetadataProperty{
			name: jsii.String("name"),

			// the properties below are optional
			invert: jsii.Boolean(false),
			match: &grpcRouteMetadataMatchMethodProperty{
				exact: jsii.String("exact"),
				prefix: jsii.String("prefix"),
				range: &matchRangeProperty{
					end: jsii.Number(123),
					start: jsii.Number(123),
				},
				regex: jsii.String("regex"),
				suffix: jsii.String("suffix"),
			},
		},
	},
	methodName: jsii.String("methodName"),
	serviceName: jsii.String("serviceName"),
}

type CfnRoute_GrpcRouteMetadataMatchMethodProperty

type CfnRoute_GrpcRouteMetadataMatchMethodProperty struct {
	// The value sent by the client must match the specified value exactly.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The value sent by the client must begin with the specified characters.
	Prefix *string `field:"optional" json:"prefix" yaml:"prefix"`
	// An object that represents the range of values to match on.
	Range interface{} `field:"optional" json:"range" yaml:"range"`
	// The value sent by the client must include the specified characters.
	Regex *string `field:"optional" json:"regex" yaml:"regex"`
	// The value sent by the client must end with the specified characters.
	Suffix *string `field:"optional" json:"suffix" yaml:"suffix"`
}

An object that represents the match method.

Specify one of the match values.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcRouteMetadataMatchMethodProperty := &grpcRouteMetadataMatchMethodProperty{
	exact: jsii.String("exact"),
	prefix: jsii.String("prefix"),
	range: &matchRangeProperty{
		end: jsii.Number(123),
		start: jsii.Number(123),
	},
	regex: jsii.String("regex"),
	suffix: jsii.String("suffix"),
}

type CfnRoute_GrpcRouteMetadataProperty

type CfnRoute_GrpcRouteMetadataProperty struct {
	// The name of the route.
	Name *string `field:"required" json:"name" yaml:"name"`
	// Specify `True` to match anything except the match criteria.
	//
	// The default value is `False` .
	Invert interface{} `field:"optional" json:"invert" yaml:"invert"`
	// An object that represents the data to match from the request.
	Match interface{} `field:"optional" json:"match" yaml:"match"`
}

An object that represents the match metadata for the route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcRouteMetadataProperty := &grpcRouteMetadataProperty{
	name: jsii.String("name"),

	// the properties below are optional
	invert: jsii.Boolean(false),
	match: &grpcRouteMetadataMatchMethodProperty{
		exact: jsii.String("exact"),
		prefix: jsii.String("prefix"),
		range: &matchRangeProperty{
			end: jsii.Number(123),
			start: jsii.Number(123),
		},
		regex: jsii.String("regex"),
		suffix: jsii.String("suffix"),
	},
}

type CfnRoute_GrpcRouteProperty

type CfnRoute_GrpcRouteProperty struct {
	// An object that represents the action to take if a match is determined.
	Action interface{} `field:"required" json:"action" yaml:"action"`
	// An object that represents the criteria for determining a request match.
	Match interface{} `field:"required" json:"match" yaml:"match"`
	// An object that represents a retry policy.
	RetryPolicy interface{} `field:"optional" json:"retryPolicy" yaml:"retryPolicy"`
	// An object that represents types of timeouts.
	Timeout interface{} `field:"optional" json:"timeout" yaml:"timeout"`
}

An object that represents a gRPC route type.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcRouteProperty := &grpcRouteProperty{
	action: &grpcRouteActionProperty{
		weightedTargets: []interface{}{
			&weightedTargetProperty{
				virtualNode: jsii.String("virtualNode"),
				weight: jsii.Number(123),
			},
		},
	},
	match: &grpcRouteMatchProperty{
		metadata: []interface{}{
			&grpcRouteMetadataProperty{
				name: jsii.String("name"),

				// the properties below are optional
				invert: jsii.Boolean(false),
				match: &grpcRouteMetadataMatchMethodProperty{
					exact: jsii.String("exact"),
					prefix: jsii.String("prefix"),
					range: &matchRangeProperty{
						end: jsii.Number(123),
						start: jsii.Number(123),
					},
					regex: jsii.String("regex"),
					suffix: jsii.String("suffix"),
				},
			},
		},
		methodName: jsii.String("methodName"),
		serviceName: jsii.String("serviceName"),
	},

	// the properties below are optional
	retryPolicy: &grpcRetryPolicyProperty{
		maxRetries: jsii.Number(123),
		perRetryTimeout: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},

		// the properties below are optional
		grpcRetryEvents: []*string{
			jsii.String("grpcRetryEvents"),
		},
		httpRetryEvents: []*string{
			jsii.String("httpRetryEvents"),
		},
		tcpRetryEvents: []*string{
			jsii.String("tcpRetryEvents"),
		},
	},
	timeout: &grpcTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		perRequest: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
}

type CfnRoute_GrpcTimeoutProperty

type CfnRoute_GrpcTimeoutProperty struct {
	// An object that represents an idle timeout.
	//
	// An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
	Idle interface{} `field:"optional" json:"idle" yaml:"idle"`
	// An object that represents a per request timeout.
	//
	// The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
	PerRequest interface{} `field:"optional" json:"perRequest" yaml:"perRequest"`
}

An object that represents types of timeouts.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcTimeoutProperty := &grpcTimeoutProperty{
	idle: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
	perRequest: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
}

type CfnRoute_HeaderMatchMethodProperty

type CfnRoute_HeaderMatchMethodProperty struct {
	// The value sent by the client must match the specified value exactly.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The value sent by the client must begin with the specified characters.
	Prefix *string `field:"optional" json:"prefix" yaml:"prefix"`
	// An object that represents the range of values to match on.
	Range interface{} `field:"optional" json:"range" yaml:"range"`
	// The value sent by the client must include the specified characters.
	Regex *string `field:"optional" json:"regex" yaml:"regex"`
	// The value sent by the client must end with the specified characters.
	Suffix *string `field:"optional" json:"suffix" yaml:"suffix"`
}

An object that represents the method and value to match with the header value sent in a request.

Specify one match method.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

headerMatchMethodProperty := &headerMatchMethodProperty{
	exact: jsii.String("exact"),
	prefix: jsii.String("prefix"),
	range: &matchRangeProperty{
		end: jsii.Number(123),
		start: jsii.Number(123),
	},
	regex: jsii.String("regex"),
	suffix: jsii.String("suffix"),
}

type CfnRoute_HttpPathMatchProperty

type CfnRoute_HttpPathMatchProperty struct {
	// The exact path to match on.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
	// The regex used to match the path.
	Regex *string `field:"optional" json:"regex" yaml:"regex"`
}

An object representing the path to match in the request.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpPathMatchProperty := &httpPathMatchProperty{
	exact: jsii.String("exact"),
	regex: jsii.String("regex"),
}

type CfnRoute_HttpQueryParameterMatchProperty

type CfnRoute_HttpQueryParameterMatchProperty struct {
	// The exact query parameter to match on.
	Exact *string `field:"optional" json:"exact" yaml:"exact"`
}

An object representing the query parameter to match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpQueryParameterMatchProperty := &httpQueryParameterMatchProperty{
	exact: jsii.String("exact"),
}

type CfnRoute_HttpRetryPolicyProperty

type CfnRoute_HttpRetryPolicyProperty struct {
	// The maximum number of retry attempts.
	MaxRetries *float64 `field:"required" json:"maxRetries" yaml:"maxRetries"`
	// The timeout for each retry attempt.
	PerRetryTimeout interface{} `field:"required" json:"perRetryTimeout" yaml:"perRetryTimeout"`
	// Specify at least one of the following values.
	//
	// - *server-error* – HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511
	// - *gateway-error* – HTTP status codes 502, 503, and 504
	// - *client-error* – HTTP status code 409
	// - *stream-error* – Retry on refused stream.
	HttpRetryEvents *[]*string `field:"optional" json:"httpRetryEvents" yaml:"httpRetryEvents"`
	// Specify a valid value.
	//
	// The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.
	TcpRetryEvents *[]*string `field:"optional" json:"tcpRetryEvents" yaml:"tcpRetryEvents"`
}

An object that represents a retry policy.

Specify at least one value for at least one of the types of `RetryEvents` , a value for `maxRetries` , and a value for `perRetryTimeout` . Both `server-error` and `gateway-error` under `httpRetryEvents` include the Envoy `reset` policy. For more information on the `reset` policy, see the [Envoy documentation](https://docs.aws.amazon.com/https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpRetryPolicyProperty := &httpRetryPolicyProperty{
	maxRetries: jsii.Number(123),
	perRetryTimeout: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},

	// the properties below are optional
	httpRetryEvents: []*string{
		jsii.String("httpRetryEvents"),
	},
	tcpRetryEvents: []*string{
		jsii.String("tcpRetryEvents"),
	},
}

type CfnRoute_HttpRouteActionProperty

type CfnRoute_HttpRouteActionProperty struct {
	// An object that represents the targets that traffic is routed to when a request matches the route.
	WeightedTargets interface{} `field:"required" json:"weightedTargets" yaml:"weightedTargets"`
}

An object that represents the action to take if a match is determined.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpRouteActionProperty := &httpRouteActionProperty{
	weightedTargets: []interface{}{
		&weightedTargetProperty{
			virtualNode: jsii.String("virtualNode"),
			weight: jsii.Number(123),
		},
	},
}

type CfnRoute_HttpRouteHeaderProperty

type CfnRoute_HttpRouteHeaderProperty struct {
	// A name for the HTTP header in the client request that will be matched on.
	Name *string `field:"required" json:"name" yaml:"name"`
	// Specify `True` to match anything except the match criteria.
	//
	// The default value is `False` .
	Invert interface{} `field:"optional" json:"invert" yaml:"invert"`
	// The `HeaderMatchMethod` object.
	Match interface{} `field:"optional" json:"match" yaml:"match"`
}

An object that represents the HTTP header in the request.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpRouteHeaderProperty := &httpRouteHeaderProperty{
	name: jsii.String("name"),

	// the properties below are optional
	invert: jsii.Boolean(false),
	match: &headerMatchMethodProperty{
		exact: jsii.String("exact"),
		prefix: jsii.String("prefix"),
		range: &matchRangeProperty{
			end: jsii.Number(123),
			start: jsii.Number(123),
		},
		regex: jsii.String("regex"),
		suffix: jsii.String("suffix"),
	},
}

type CfnRoute_HttpRouteMatchProperty

type CfnRoute_HttpRouteMatchProperty struct {
	// The client request headers to match on.
	Headers interface{} `field:"optional" json:"headers" yaml:"headers"`
	// The client request method to match on.
	//
	// Specify only one.
	Method *string `field:"optional" json:"method" yaml:"method"`
	// The client request path to match on.
	Path interface{} `field:"optional" json:"path" yaml:"path"`
	// Specifies the path to match requests with.
	//
	// This parameter must always start with `/` , which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is `my-service.local` and you want the route to match requests to `my-service.local/metrics` , your prefix should be `/metrics` .
	Prefix *string `field:"optional" json:"prefix" yaml:"prefix"`
	// The client request query parameters to match on.
	QueryParameters interface{} `field:"optional" json:"queryParameters" yaml:"queryParameters"`
	// The client request scheme to match on.
	//
	// Specify only one. Applicable only for HTTP2 routes.
	Scheme *string `field:"optional" json:"scheme" yaml:"scheme"`
}

An object that represents the requirements for a route to match HTTP requests for a virtual router.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpRouteMatchProperty := &httpRouteMatchProperty{
	headers: []interface{}{
		&httpRouteHeaderProperty{
			name: jsii.String("name"),

			// the properties below are optional
			invert: jsii.Boolean(false),
			match: &headerMatchMethodProperty{
				exact: jsii.String("exact"),
				prefix: jsii.String("prefix"),
				range: &matchRangeProperty{
					end: jsii.Number(123),
					start: jsii.Number(123),
				},
				regex: jsii.String("regex"),
				suffix: jsii.String("suffix"),
			},
		},
	},
	method: jsii.String("method"),
	path: &httpPathMatchProperty{
		exact: jsii.String("exact"),
		regex: jsii.String("regex"),
	},
	prefix: jsii.String("prefix"),
	queryParameters: []interface{}{
		&queryParameterProperty{
			name: jsii.String("name"),

			// the properties below are optional
			match: &httpQueryParameterMatchProperty{
				exact: jsii.String("exact"),
			},
		},
	},
	scheme: jsii.String("scheme"),
}

type CfnRoute_HttpRouteProperty

type CfnRoute_HttpRouteProperty struct {
	// An object that represents the action to take if a match is determined.
	Action interface{} `field:"required" json:"action" yaml:"action"`
	// An object that represents the criteria for determining a request match.
	Match interface{} `field:"required" json:"match" yaml:"match"`
	// An object that represents a retry policy.
	RetryPolicy interface{} `field:"optional" json:"retryPolicy" yaml:"retryPolicy"`
	// An object that represents types of timeouts.
	Timeout interface{} `field:"optional" json:"timeout" yaml:"timeout"`
}

An object that represents an HTTP or HTTP/2 route type.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpRouteProperty := &httpRouteProperty{
	action: &httpRouteActionProperty{
		weightedTargets: []interface{}{
			&weightedTargetProperty{
				virtualNode: jsii.String("virtualNode"),
				weight: jsii.Number(123),
			},
		},
	},
	match: &httpRouteMatchProperty{
		headers: []interface{}{
			&httpRouteHeaderProperty{
				name: jsii.String("name"),

				// the properties below are optional
				invert: jsii.Boolean(false),
				match: &headerMatchMethodProperty{
					exact: jsii.String("exact"),
					prefix: jsii.String("prefix"),
					range: &matchRangeProperty{
						end: jsii.Number(123),
						start: jsii.Number(123),
					},
					regex: jsii.String("regex"),
					suffix: jsii.String("suffix"),
				},
			},
		},
		method: jsii.String("method"),
		path: &httpPathMatchProperty{
			exact: jsii.String("exact"),
			regex: jsii.String("regex"),
		},
		prefix: jsii.String("prefix"),
		queryParameters: []interface{}{
			&queryParameterProperty{
				name: jsii.String("name"),

				// the properties below are optional
				match: &httpQueryParameterMatchProperty{
					exact: jsii.String("exact"),
				},
			},
		},
		scheme: jsii.String("scheme"),
	},

	// the properties below are optional
	retryPolicy: &httpRetryPolicyProperty{
		maxRetries: jsii.Number(123),
		perRetryTimeout: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},

		// the properties below are optional
		httpRetryEvents: []*string{
			jsii.String("httpRetryEvents"),
		},
		tcpRetryEvents: []*string{
			jsii.String("tcpRetryEvents"),
		},
	},
	timeout: &httpTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		perRequest: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
}

type CfnRoute_HttpTimeoutProperty

type CfnRoute_HttpTimeoutProperty struct {
	// An object that represents an idle timeout.
	//
	// An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
	Idle interface{} `field:"optional" json:"idle" yaml:"idle"`
	// An object that represents a per request timeout.
	//
	// The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
	PerRequest interface{} `field:"optional" json:"perRequest" yaml:"perRequest"`
}

An object that represents types of timeouts.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpTimeoutProperty := &httpTimeoutProperty{
	idle: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
	perRequest: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
}

type CfnRoute_MatchRangeProperty

type CfnRoute_MatchRangeProperty struct {
	// The end of the range.
	End *float64 `field:"required" json:"end" yaml:"end"`
	// The start of the range.
	Start *float64 `field:"required" json:"start" yaml:"start"`
}

An object that represents the range of values to match on.

The first character of the range is included in the range, though the last character is not. For example, if the range specified were 1-100, only values 1-99 would be matched.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

matchRangeProperty := &matchRangeProperty{
	end: jsii.Number(123),
	start: jsii.Number(123),
}

type CfnRoute_QueryParameterProperty

type CfnRoute_QueryParameterProperty struct {
	// A name for the query parameter that will be matched on.
	Name *string `field:"required" json:"name" yaml:"name"`
	// The query parameter to match on.
	Match interface{} `field:"optional" json:"match" yaml:"match"`
}

An object that represents the query parameter in the request.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

queryParameterProperty := &queryParameterProperty{
	name: jsii.String("name"),

	// the properties below are optional
	match: &httpQueryParameterMatchProperty{
		exact: jsii.String("exact"),
	},
}

type CfnRoute_RouteSpecProperty

type CfnRoute_RouteSpecProperty struct {
	// An object that represents the specification of a gRPC route.
	GrpcRoute interface{} `field:"optional" json:"grpcRoute" yaml:"grpcRoute"`
	// An object that represents the specification of an HTTP/2 route.
	Http2Route interface{} `field:"optional" json:"http2Route" yaml:"http2Route"`
	// An object that represents the specification of an HTTP route.
	HttpRoute interface{} `field:"optional" json:"httpRoute" yaml:"httpRoute"`
	// The priority for the route.
	//
	// Routes are matched based on the specified value, where 0 is the highest priority.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// An object that represents the specification of a TCP route.
	TcpRoute interface{} `field:"optional" json:"tcpRoute" yaml:"tcpRoute"`
}

An object that represents a route specification.

Specify one route type.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

routeSpecProperty := &routeSpecProperty{
	grpcRoute: &grpcRouteProperty{
		action: &grpcRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},
		match: &grpcRouteMatchProperty{
			metadata: []interface{}{
				&grpcRouteMetadataProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &grpcRouteMetadataMatchMethodProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &matchRangeProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			methodName: jsii.String("methodName"),
			serviceName: jsii.String("serviceName"),
		},

		// the properties below are optional
		retryPolicy: &grpcRetryPolicyProperty{
			maxRetries: jsii.Number(123),
			perRetryTimeout: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},

			// the properties below are optional
			grpcRetryEvents: []*string{
				jsii.String("grpcRetryEvents"),
			},
			httpRetryEvents: []*string{
				jsii.String("httpRetryEvents"),
			},
			tcpRetryEvents: []*string{
				jsii.String("tcpRetryEvents"),
			},
		},
		timeout: &grpcTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	http2Route: &httpRouteProperty{
		action: &httpRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},
		match: &httpRouteMatchProperty{
			headers: []interface{}{
				&httpRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &headerMatchMethodProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &matchRangeProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
			scheme: jsii.String("scheme"),
		},

		// the properties below are optional
		retryPolicy: &httpRetryPolicyProperty{
			maxRetries: jsii.Number(123),
			perRetryTimeout: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},

			// the properties below are optional
			httpRetryEvents: []*string{
				jsii.String("httpRetryEvents"),
			},
			tcpRetryEvents: []*string{
				jsii.String("tcpRetryEvents"),
			},
		},
		timeout: &httpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	httpRoute: &httpRouteProperty{
		action: &httpRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},
		match: &httpRouteMatchProperty{
			headers: []interface{}{
				&httpRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &headerMatchMethodProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &matchRangeProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
			scheme: jsii.String("scheme"),
		},

		// the properties below are optional
		retryPolicy: &httpRetryPolicyProperty{
			maxRetries: jsii.Number(123),
			perRetryTimeout: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},

			// the properties below are optional
			httpRetryEvents: []*string{
				jsii.String("httpRetryEvents"),
			},
			tcpRetryEvents: []*string{
				jsii.String("tcpRetryEvents"),
			},
		},
		timeout: &httpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	priority: jsii.Number(123),
	tcpRoute: &tcpRouteProperty{
		action: &tcpRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},

		// the properties below are optional
		timeout: &tcpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
}

type CfnRoute_TcpRouteActionProperty

type CfnRoute_TcpRouteActionProperty struct {
	// An object that represents the targets that traffic is routed to when a request matches the route.
	WeightedTargets interface{} `field:"required" json:"weightedTargets" yaml:"weightedTargets"`
}

An object that represents the action to take if a match is determined.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tcpRouteActionProperty := &tcpRouteActionProperty{
	weightedTargets: []interface{}{
		&weightedTargetProperty{
			virtualNode: jsii.String("virtualNode"),
			weight: jsii.Number(123),
		},
	},
}

type CfnRoute_TcpRouteProperty

type CfnRoute_TcpRouteProperty struct {
	// The action to take if a match is determined.
	Action interface{} `field:"required" json:"action" yaml:"action"`
	// An object that represents types of timeouts.
	Timeout interface{} `field:"optional" json:"timeout" yaml:"timeout"`
}

An object that represents a TCP route type.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tcpRouteProperty := &tcpRouteProperty{
	action: &tcpRouteActionProperty{
		weightedTargets: []interface{}{
			&weightedTargetProperty{
				virtualNode: jsii.String("virtualNode"),
				weight: jsii.Number(123),
			},
		},
	},

	// the properties below are optional
	timeout: &tcpTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
}

type CfnRoute_TcpTimeoutProperty

type CfnRoute_TcpTimeoutProperty struct {
	// An object that represents an idle timeout.
	//
	// An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
	Idle interface{} `field:"optional" json:"idle" yaml:"idle"`
}

An object that represents types of timeouts.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tcpTimeoutProperty := &tcpTimeoutProperty{
	idle: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
}

type CfnRoute_WeightedTargetProperty

type CfnRoute_WeightedTargetProperty struct {
	// The virtual node to associate with the weighted target.
	VirtualNode *string `field:"required" json:"virtualNode" yaml:"virtualNode"`
	// The relative weight of the weighted target.
	Weight *float64 `field:"required" json:"weight" yaml:"weight"`
}

An object that represents a target and its relative weight.

Traffic is distributed across targets according to their relative weight. For example, a weighted target with a relative weight of 50 receives five times as much traffic as one with a relative weight of 10. The total weight for all targets combined must be less than or equal to 100.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

weightedTargetProperty := &weightedTargetProperty{
	virtualNode: jsii.String("virtualNode"),
	weight: jsii.Number(123),
}

type CfnVirtualGateway

type CfnVirtualGateway interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the virtual gateway.
	AttrArn() *string
	// The name of the service mesh that the virtual gateway resides in.
	AttrMeshName() *string
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The AWS IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The unique identifier for the virtual gateway.
	AttrUid() *string
	// The name of the virtual gateway.
	AttrVirtualGatewayName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name of the service mesh that the virtual gateway resides in.
	MeshName() *string
	SetMeshName(val *string)
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner() *string
	SetMeshOwner(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The specifications of the virtual gateway.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the virtual gateway to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The name of the virtual gateway.
	VirtualGatewayName() *string
	SetVirtualGatewayName(val *string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::VirtualGateway`.

Creates a virtual gateway.

A virtual gateway allows resources outside your mesh to communicate to resources that are inside your mesh. The virtual gateway represents an Envoy proxy running in an Amazon ECS task, in a Kubernetes service, or on an Amazon EC2 instance. Unlike a virtual node, which represents an Envoy running with an application, a virtual gateway represents Envoy deployed by itself.

For more information about virtual gateways, see [Virtual gateways](https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualGateway := awscdk.Aws_appmesh.NewCfnVirtualGateway(this, jsii.String("MyCfnVirtualGateway"), &cfnVirtualGatewayProps{
	meshName: jsii.String("meshName"),
	spec: &virtualGatewaySpecProperty{
		listeners: []interface{}{
			&virtualGatewayListenerProperty{
				portMapping: &virtualGatewayPortMappingProperty{
					port: jsii.Number(123),
					protocol: jsii.String("protocol"),
				},

				// the properties below are optional
				connectionPool: &virtualGatewayConnectionPoolProperty{
					grpc: &virtualGatewayGrpcConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
					http: &virtualGatewayHttpConnectionPoolProperty{
						maxConnections: jsii.Number(123),

						// the properties below are optional
						maxPendingRequests: jsii.Number(123),
					},
					http2: &virtualGatewayHttp2ConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
				},
				healthCheck: &virtualGatewayHealthCheckPolicyProperty{
					healthyThreshold: jsii.Number(123),
					intervalMillis: jsii.Number(123),
					protocol: jsii.String("protocol"),
					timeoutMillis: jsii.Number(123),
					unhealthyThreshold: jsii.Number(123),

					// the properties below are optional
					path: jsii.String("path"),
					port: jsii.Number(123),
				},
				tls: &virtualGatewayListenerTlsProperty{
					certificate: &virtualGatewayListenerTlsCertificateProperty{
						acm: &virtualGatewayListenerTlsAcmCertificateProperty{
							certificateArn: jsii.String("certificateArn"),
						},
						file: &virtualGatewayListenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &virtualGatewayListenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					mode: jsii.String("mode"),

					// the properties below are optional
					validation: &virtualGatewayListenerTlsValidationContextProperty{
						trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
							file: &virtualGatewayTlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},
				},
			},
		},

		// the properties below are optional
		backendDefaults: &virtualGatewayBackendDefaultsProperty{
			clientPolicy: &virtualGatewayClientPolicyProperty{
				tls: &virtualGatewayClientPolicyTlsProperty{
					validation: &virtualGatewayTlsValidationContextProperty{
						trust: &virtualGatewayTlsValidationContextTrustProperty{
							acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
								certificateAuthorityArns: []*string{
									jsii.String("certificateAuthorityArns"),
								},
							},
							file: &virtualGatewayTlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},

					// the properties below are optional
					certificate: &virtualGatewayClientTlsCertificateProperty{
						file: &virtualGatewayListenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &virtualGatewayListenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					enforce: jsii.Boolean(false),
					ports: []interface{}{
						jsii.Number(123),
					},
				},
			},
		},
		logging: &virtualGatewayLoggingProperty{
			accessLog: &virtualGatewayAccessLogProperty{
				file: &virtualGatewayFileAccessLogProperty{
					path: jsii.String("path"),
				},
			},
		},
	},

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	virtualGatewayName: jsii.String("virtualGatewayName"),
})

func NewCfnVirtualGateway

func NewCfnVirtualGateway(scope awscdk.Construct, id *string, props *CfnVirtualGatewayProps) CfnVirtualGateway

Create a new `AWS::AppMesh::VirtualGateway`.

type CfnVirtualGatewayProps

type CfnVirtualGatewayProps struct {
	// The name of the service mesh that the virtual gateway resides in.
	MeshName *string `field:"required" json:"meshName" yaml:"meshName"`
	// The specifications of the virtual gateway.
	Spec interface{} `field:"required" json:"spec" yaml:"spec"`
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner *string `field:"optional" json:"meshOwner" yaml:"meshOwner"`
	// Optional metadata that you can apply to the virtual gateway to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// The name of the virtual gateway.
	VirtualGatewayName *string `field:"optional" json:"virtualGatewayName" yaml:"virtualGatewayName"`
}

Properties for defining a `CfnVirtualGateway`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualGatewayProps := &cfnVirtualGatewayProps{
	meshName: jsii.String("meshName"),
	spec: &virtualGatewaySpecProperty{
		listeners: []interface{}{
			&virtualGatewayListenerProperty{
				portMapping: &virtualGatewayPortMappingProperty{
					port: jsii.Number(123),
					protocol: jsii.String("protocol"),
				},

				// the properties below are optional
				connectionPool: &virtualGatewayConnectionPoolProperty{
					grpc: &virtualGatewayGrpcConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
					http: &virtualGatewayHttpConnectionPoolProperty{
						maxConnections: jsii.Number(123),

						// the properties below are optional
						maxPendingRequests: jsii.Number(123),
					},
					http2: &virtualGatewayHttp2ConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
				},
				healthCheck: &virtualGatewayHealthCheckPolicyProperty{
					healthyThreshold: jsii.Number(123),
					intervalMillis: jsii.Number(123),
					protocol: jsii.String("protocol"),
					timeoutMillis: jsii.Number(123),
					unhealthyThreshold: jsii.Number(123),

					// the properties below are optional
					path: jsii.String("path"),
					port: jsii.Number(123),
				},
				tls: &virtualGatewayListenerTlsProperty{
					certificate: &virtualGatewayListenerTlsCertificateProperty{
						acm: &virtualGatewayListenerTlsAcmCertificateProperty{
							certificateArn: jsii.String("certificateArn"),
						},
						file: &virtualGatewayListenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &virtualGatewayListenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					mode: jsii.String("mode"),

					// the properties below are optional
					validation: &virtualGatewayListenerTlsValidationContextProperty{
						trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
							file: &virtualGatewayTlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},
				},
			},
		},

		// the properties below are optional
		backendDefaults: &virtualGatewayBackendDefaultsProperty{
			clientPolicy: &virtualGatewayClientPolicyProperty{
				tls: &virtualGatewayClientPolicyTlsProperty{
					validation: &virtualGatewayTlsValidationContextProperty{
						trust: &virtualGatewayTlsValidationContextTrustProperty{
							acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
								certificateAuthorityArns: []*string{
									jsii.String("certificateAuthorityArns"),
								},
							},
							file: &virtualGatewayTlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},

					// the properties below are optional
					certificate: &virtualGatewayClientTlsCertificateProperty{
						file: &virtualGatewayListenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &virtualGatewayListenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					enforce: jsii.Boolean(false),
					ports: []interface{}{
						jsii.Number(123),
					},
				},
			},
		},
		logging: &virtualGatewayLoggingProperty{
			accessLog: &virtualGatewayAccessLogProperty{
				file: &virtualGatewayFileAccessLogProperty{
					path: jsii.String("path"),
				},
			},
		},
	},

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	virtualGatewayName: jsii.String("virtualGatewayName"),
}

type CfnVirtualGateway_SubjectAlternativeNameMatchersProperty

type CfnVirtualGateway_SubjectAlternativeNameMatchersProperty struct {
	// The values sent must match the specified values exactly.
	Exact *[]*string `field:"optional" json:"exact" yaml:"exact"`
}

An object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

subjectAlternativeNameMatchersProperty := &subjectAlternativeNameMatchersProperty{
	exact: []*string{
		jsii.String("exact"),
	},
}

type CfnVirtualGateway_SubjectAlternativeNamesProperty

type CfnVirtualGateway_SubjectAlternativeNamesProperty struct {
	// An object that represents the criteria for determining a SANs match.
	Match interface{} `field:"required" json:"match" yaml:"match"`
}

An object that represents the subject alternative names secured by the certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

subjectAlternativeNamesProperty := &subjectAlternativeNamesProperty{
	match: &subjectAlternativeNameMatchersProperty{
		exact: []*string{
			jsii.String("exact"),
		},
	},
}

type CfnVirtualGateway_VirtualGatewayAccessLogProperty

type CfnVirtualGateway_VirtualGatewayAccessLogProperty struct {
	// The file object to send virtual gateway access logs to.
	File interface{} `field:"optional" json:"file" yaml:"file"`
}

The access log configuration for a virtual gateway.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayAccessLogProperty := &virtualGatewayAccessLogProperty{
	file: &virtualGatewayFileAccessLogProperty{
		path: jsii.String("path"),
	},
}

type CfnVirtualGateway_VirtualGatewayBackendDefaultsProperty

type CfnVirtualGateway_VirtualGatewayBackendDefaultsProperty struct {
	// A reference to an object that represents a client policy.
	ClientPolicy interface{} `field:"optional" json:"clientPolicy" yaml:"clientPolicy"`
}

An object that represents the default properties for a backend.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayBackendDefaultsProperty := &virtualGatewayBackendDefaultsProperty{
	clientPolicy: &virtualGatewayClientPolicyProperty{
		tls: &virtualGatewayClientPolicyTlsProperty{
			validation: &virtualGatewayTlsValidationContextProperty{
				trust: &virtualGatewayTlsValidationContextTrustProperty{
					acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
						certificateAuthorityArns: []*string{
							jsii.String("certificateAuthorityArns"),
						},
					},
					file: &virtualGatewayTlsValidationContextFileTrustProperty{
						certificateChain: jsii.String("certificateChain"),
					},
					sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
						secretName: jsii.String("secretName"),
					},
				},

				// the properties below are optional
				subjectAlternativeNames: &subjectAlternativeNamesProperty{
					match: &subjectAlternativeNameMatchersProperty{
						exact: []*string{
							jsii.String("exact"),
						},
					},
				},
			},

			// the properties below are optional
			certificate: &virtualGatewayClientTlsCertificateProperty{
				file: &virtualGatewayListenerTlsFileCertificateProperty{
					certificateChain: jsii.String("certificateChain"),
					privateKey: jsii.String("privateKey"),
				},
				sds: &virtualGatewayListenerTlsSdsCertificateProperty{
					secretName: jsii.String("secretName"),
				},
			},
			enforce: jsii.Boolean(false),
			ports: []interface{}{
				jsii.Number(123),
			},
		},
	},
}

type CfnVirtualGateway_VirtualGatewayClientPolicyProperty

type CfnVirtualGateway_VirtualGatewayClientPolicyProperty struct {
	// A reference to an object that represents a Transport Layer Security (TLS) client policy.
	Tls interface{} `field:"optional" json:"tls" yaml:"tls"`
}

An object that represents a client policy.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayClientPolicyProperty := &virtualGatewayClientPolicyProperty{
	tls: &virtualGatewayClientPolicyTlsProperty{
		validation: &virtualGatewayTlsValidationContextProperty{
			trust: &virtualGatewayTlsValidationContextTrustProperty{
				acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
					certificateAuthorityArns: []*string{
						jsii.String("certificateAuthorityArns"),
					},
				},
				file: &virtualGatewayTlsValidationContextFileTrustProperty{
					certificateChain: jsii.String("certificateChain"),
				},
				sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
					secretName: jsii.String("secretName"),
				},
			},

			// the properties below are optional
			subjectAlternativeNames: &subjectAlternativeNamesProperty{
				match: &subjectAlternativeNameMatchersProperty{
					exact: []*string{
						jsii.String("exact"),
					},
				},
			},
		},

		// the properties below are optional
		certificate: &virtualGatewayClientTlsCertificateProperty{
			file: &virtualGatewayListenerTlsFileCertificateProperty{
				certificateChain: jsii.String("certificateChain"),
				privateKey: jsii.String("privateKey"),
			},
			sds: &virtualGatewayListenerTlsSdsCertificateProperty{
				secretName: jsii.String("secretName"),
			},
		},
		enforce: jsii.Boolean(false),
		ports: []interface{}{
			jsii.Number(123),
		},
	},
}

type CfnVirtualGateway_VirtualGatewayClientPolicyTlsProperty

type CfnVirtualGateway_VirtualGatewayClientPolicyTlsProperty struct {
	// A reference to an object that represents a Transport Layer Security (TLS) validation context.
	Validation interface{} `field:"required" json:"validation" yaml:"validation"`
	// A reference to an object that represents a virtual gateway's client's Transport Layer Security (TLS) certificate.
	Certificate interface{} `field:"optional" json:"certificate" yaml:"certificate"`
	// Whether the policy is enforced.
	//
	// The default is `True` , if a value isn't specified.
	Enforce interface{} `field:"optional" json:"enforce" yaml:"enforce"`
	// One or more ports that the policy is enforced for.
	Ports interface{} `field:"optional" json:"ports" yaml:"ports"`
}

An object that represents a Transport Layer Security (TLS) client policy.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayClientPolicyTlsProperty := &virtualGatewayClientPolicyTlsProperty{
	validation: &virtualGatewayTlsValidationContextProperty{
		trust: &virtualGatewayTlsValidationContextTrustProperty{
			acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
				certificateAuthorityArns: []*string{
					jsii.String("certificateAuthorityArns"),
				},
			},
			file: &virtualGatewayTlsValidationContextFileTrustProperty{
				certificateChain: jsii.String("certificateChain"),
			},
			sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
				secretName: jsii.String("secretName"),
			},
		},

		// the properties below are optional
		subjectAlternativeNames: &subjectAlternativeNamesProperty{
			match: &subjectAlternativeNameMatchersProperty{
				exact: []*string{
					jsii.String("exact"),
				},
			},
		},
	},

	// the properties below are optional
	certificate: &virtualGatewayClientTlsCertificateProperty{
		file: &virtualGatewayListenerTlsFileCertificateProperty{
			certificateChain: jsii.String("certificateChain"),
			privateKey: jsii.String("privateKey"),
		},
		sds: &virtualGatewayListenerTlsSdsCertificateProperty{
			secretName: jsii.String("secretName"),
		},
	},
	enforce: jsii.Boolean(false),
	ports: []interface{}{
		jsii.Number(123),
	},
}

type CfnVirtualGateway_VirtualGatewayClientTlsCertificateProperty

type CfnVirtualGateway_VirtualGatewayClientTlsCertificateProperty struct {
	// An object that represents a local file certificate.
	//
	// The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) .
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a virtual gateway's client's Secret Discovery Service certificate.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents the virtual gateway's client's Transport Layer Security (TLS) certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayClientTlsCertificateProperty := &virtualGatewayClientTlsCertificateProperty{
	file: &virtualGatewayListenerTlsFileCertificateProperty{
		certificateChain: jsii.String("certificateChain"),
		privateKey: jsii.String("privateKey"),
	},
	sds: &virtualGatewayListenerTlsSdsCertificateProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualGateway_VirtualGatewayConnectionPoolProperty

type CfnVirtualGateway_VirtualGatewayConnectionPoolProperty struct {
	// An object that represents a type of connection pool.
	Grpc interface{} `field:"optional" json:"grpc" yaml:"grpc"`
	// An object that represents a type of connection pool.
	Http interface{} `field:"optional" json:"http" yaml:"http"`
	// An object that represents a type of connection pool.
	Http2 interface{} `field:"optional" json:"http2" yaml:"http2"`
}

An object that represents the type of virtual gateway connection pool.

Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping.

If not present the default value for `maxPendingRequests` is `2147483647` .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayConnectionPoolProperty := &virtualGatewayConnectionPoolProperty{
	grpc: &virtualGatewayGrpcConnectionPoolProperty{
		maxRequests: jsii.Number(123),
	},
	http: &virtualGatewayHttpConnectionPoolProperty{
		maxConnections: jsii.Number(123),

		// the properties below are optional
		maxPendingRequests: jsii.Number(123),
	},
	http2: &virtualGatewayHttp2ConnectionPoolProperty{
		maxRequests: jsii.Number(123),
	},
}

type CfnVirtualGateway_VirtualGatewayFileAccessLogProperty

type CfnVirtualGateway_VirtualGatewayFileAccessLogProperty struct {
	// The file path to write access logs to.
	//
	// You can use `/dev/stdout` to send access logs to standard out and configure your Envoy container to use a log driver, such as `awslogs` , to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.
	Path *string `field:"required" json:"path" yaml:"path"`
}

An object that represents an access log file.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayFileAccessLogProperty := &virtualGatewayFileAccessLogProperty{
	path: jsii.String("path"),
}

type CfnVirtualGateway_VirtualGatewayGrpcConnectionPoolProperty

type CfnVirtualGateway_VirtualGatewayGrpcConnectionPoolProperty struct {
	// Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
	MaxRequests *float64 `field:"required" json:"maxRequests" yaml:"maxRequests"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayGrpcConnectionPoolProperty := &virtualGatewayGrpcConnectionPoolProperty{
	maxRequests: jsii.Number(123),
}

type CfnVirtualGateway_VirtualGatewayHealthCheckPolicyProperty

type CfnVirtualGateway_VirtualGatewayHealthCheckPolicyProperty struct {
	// The number of consecutive successful health checks that must occur before declaring the listener healthy.
	HealthyThreshold *float64 `field:"required" json:"healthyThreshold" yaml:"healthyThreshold"`
	// The time period in milliseconds between each health check execution.
	IntervalMillis *float64 `field:"required" json:"intervalMillis" yaml:"intervalMillis"`
	// The protocol for the health check request.
	//
	// If you specify `grpc` , then your service must conform to the [GRPC Health Checking Protocol](https://docs.aws.amazon.com/https://github.com/grpc/grpc/blob/master/doc/health-checking.md) .
	Protocol *string `field:"required" json:"protocol" yaml:"protocol"`
	// The amount of time to wait when receiving a response from the health check, in milliseconds.
	TimeoutMillis *float64 `field:"required" json:"timeoutMillis" yaml:"timeoutMillis"`
	// The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.
	UnhealthyThreshold *float64 `field:"required" json:"unhealthyThreshold" yaml:"unhealthyThreshold"`
	// The destination path for the health check request.
	//
	// This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.
	Path *string `field:"optional" json:"path" yaml:"path"`
	// The destination port for the health check request.
	//
	// This port must match the port defined in the `PortMapping` for the listener.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
}

An object that represents the health check policy for a virtual gateway's listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayHealthCheckPolicyProperty := &virtualGatewayHealthCheckPolicyProperty{
	healthyThreshold: jsii.Number(123),
	intervalMillis: jsii.Number(123),
	protocol: jsii.String("protocol"),
	timeoutMillis: jsii.Number(123),
	unhealthyThreshold: jsii.Number(123),

	// the properties below are optional
	path: jsii.String("path"),
	port: jsii.Number(123),
}

type CfnVirtualGateway_VirtualGatewayHttp2ConnectionPoolProperty

type CfnVirtualGateway_VirtualGatewayHttp2ConnectionPoolProperty struct {
	// Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
	MaxRequests *float64 `field:"required" json:"maxRequests" yaml:"maxRequests"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayHttp2ConnectionPoolProperty := &virtualGatewayHttp2ConnectionPoolProperty{
	maxRequests: jsii.Number(123),
}

type CfnVirtualGateway_VirtualGatewayHttpConnectionPoolProperty

type CfnVirtualGateway_VirtualGatewayHttpConnectionPoolProperty struct {
	// Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
	MaxConnections *float64 `field:"required" json:"maxConnections" yaml:"maxConnections"`
	// Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster.
	MaxPendingRequests *float64 `field:"optional" json:"maxPendingRequests" yaml:"maxPendingRequests"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayHttpConnectionPoolProperty := &virtualGatewayHttpConnectionPoolProperty{
	maxConnections: jsii.Number(123),

	// the properties below are optional
	maxPendingRequests: jsii.Number(123),
}

type CfnVirtualGateway_VirtualGatewayListenerProperty

type CfnVirtualGateway_VirtualGatewayListenerProperty struct {
	// The port mapping information for the listener.
	PortMapping interface{} `field:"required" json:"portMapping" yaml:"portMapping"`
	// The connection pool information for the listener.
	ConnectionPool interface{} `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	HealthCheck interface{} `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// A reference to an object that represents the Transport Layer Security (TLS) properties for the listener.
	Tls interface{} `field:"optional" json:"tls" yaml:"tls"`
}

An object that represents a listener for a virtual gateway.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerProperty := &virtualGatewayListenerProperty{
	portMapping: &virtualGatewayPortMappingProperty{
		port: jsii.Number(123),
		protocol: jsii.String("protocol"),
	},

	// the properties below are optional
	connectionPool: &virtualGatewayConnectionPoolProperty{
		grpc: &virtualGatewayGrpcConnectionPoolProperty{
			maxRequests: jsii.Number(123),
		},
		http: &virtualGatewayHttpConnectionPoolProperty{
			maxConnections: jsii.Number(123),

			// the properties below are optional
			maxPendingRequests: jsii.Number(123),
		},
		http2: &virtualGatewayHttp2ConnectionPoolProperty{
			maxRequests: jsii.Number(123),
		},
	},
	healthCheck: &virtualGatewayHealthCheckPolicyProperty{
		healthyThreshold: jsii.Number(123),
		intervalMillis: jsii.Number(123),
		protocol: jsii.String("protocol"),
		timeoutMillis: jsii.Number(123),
		unhealthyThreshold: jsii.Number(123),

		// the properties below are optional
		path: jsii.String("path"),
		port: jsii.Number(123),
	},
	tls: &virtualGatewayListenerTlsProperty{
		certificate: &virtualGatewayListenerTlsCertificateProperty{
			acm: &virtualGatewayListenerTlsAcmCertificateProperty{
				certificateArn: jsii.String("certificateArn"),
			},
			file: &virtualGatewayListenerTlsFileCertificateProperty{
				certificateChain: jsii.String("certificateChain"),
				privateKey: jsii.String("privateKey"),
			},
			sds: &virtualGatewayListenerTlsSdsCertificateProperty{
				secretName: jsii.String("secretName"),
			},
		},
		mode: jsii.String("mode"),

		// the properties below are optional
		validation: &virtualGatewayListenerTlsValidationContextProperty{
			trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
				file: &virtualGatewayTlsValidationContextFileTrustProperty{
					certificateChain: jsii.String("certificateChain"),
				},
				sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
					secretName: jsii.String("secretName"),
				},
			},

			// the properties below are optional
			subjectAlternativeNames: &subjectAlternativeNamesProperty{
				match: &subjectAlternativeNameMatchersProperty{
					exact: []*string{
						jsii.String("exact"),
					},
				},
			},
		},
	},
}

type CfnVirtualGateway_VirtualGatewayListenerTlsAcmCertificateProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsAcmCertificateProperty struct {
	// The Amazon Resource Name (ARN) for the certificate.
	//
	// The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites) .
	CertificateArn *string `field:"required" json:"certificateArn" yaml:"certificateArn"`
}

An object that represents an AWS Certificate Manager certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsAcmCertificateProperty := &virtualGatewayListenerTlsAcmCertificateProperty{
	certificateArn: jsii.String("certificateArn"),
}

type CfnVirtualGateway_VirtualGatewayListenerTlsCertificateProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsCertificateProperty struct {
	// A reference to an object that represents an AWS Certificate Manager certificate.
	Acm interface{} `field:"optional" json:"acm" yaml:"acm"`
	// A reference to an object that represents a local file certificate.
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a virtual gateway's listener's Secret Discovery Service certificate.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents a listener's Transport Layer Security (TLS) certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsCertificateProperty := &virtualGatewayListenerTlsCertificateProperty{
	acm: &virtualGatewayListenerTlsAcmCertificateProperty{
		certificateArn: jsii.String("certificateArn"),
	},
	file: &virtualGatewayListenerTlsFileCertificateProperty{
		certificateChain: jsii.String("certificateChain"),
		privateKey: jsii.String("privateKey"),
	},
	sds: &virtualGatewayListenerTlsSdsCertificateProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualGateway_VirtualGatewayListenerTlsFileCertificateProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsFileCertificateProperty struct {
	// The certificate chain for the certificate.
	CertificateChain *string `field:"required" json:"certificateChain" yaml:"certificateChain"`
	// The private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on.
	PrivateKey *string `field:"required" json:"privateKey" yaml:"privateKey"`
}

An object that represents a local file certificate.

The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsFileCertificateProperty := &virtualGatewayListenerTlsFileCertificateProperty{
	certificateChain: jsii.String("certificateChain"),
	privateKey: jsii.String("privateKey"),
}

type CfnVirtualGateway_VirtualGatewayListenerTlsProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsProperty struct {
	// An object that represents a Transport Layer Security (TLS) certificate.
	Certificate interface{} `field:"required" json:"certificate" yaml:"certificate"`
	// Specify one of the following modes.
	//
	// - ** STRICT – Listener only accepts connections with TLS enabled.
	// - ** PERMISSIVE – Listener accepts connections with or without TLS enabled.
	// - ** DISABLED – Listener only accepts connections without TLS.
	Mode *string `field:"required" json:"mode" yaml:"mode"`
	// A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context.
	Validation interface{} `field:"optional" json:"validation" yaml:"validation"`
}

An object that represents the Transport Layer Security (TLS) properties for a listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsProperty := &virtualGatewayListenerTlsProperty{
	certificate: &virtualGatewayListenerTlsCertificateProperty{
		acm: &virtualGatewayListenerTlsAcmCertificateProperty{
			certificateArn: jsii.String("certificateArn"),
		},
		file: &virtualGatewayListenerTlsFileCertificateProperty{
			certificateChain: jsii.String("certificateChain"),
			privateKey: jsii.String("privateKey"),
		},
		sds: &virtualGatewayListenerTlsSdsCertificateProperty{
			secretName: jsii.String("secretName"),
		},
	},
	mode: jsii.String("mode"),

	// the properties below are optional
	validation: &virtualGatewayListenerTlsValidationContextProperty{
		trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
			file: &virtualGatewayTlsValidationContextFileTrustProperty{
				certificateChain: jsii.String("certificateChain"),
			},
			sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
				secretName: jsii.String("secretName"),
			},
		},

		// the properties below are optional
		subjectAlternativeNames: &subjectAlternativeNamesProperty{
			match: &subjectAlternativeNameMatchersProperty{
				exact: []*string{
					jsii.String("exact"),
				},
			},
		},
	},
}

type CfnVirtualGateway_VirtualGatewayListenerTlsSdsCertificateProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsSdsCertificateProperty struct {
	// A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.
	SecretName *string `field:"required" json:"secretName" yaml:"secretName"`
}

An object that represents the virtual gateway's listener's Secret Discovery Service certificate.The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh [TLS documentation](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) for more info.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsSdsCertificateProperty := &virtualGatewayListenerTlsSdsCertificateProperty{
	secretName: jsii.String("secretName"),
}

type CfnVirtualGateway_VirtualGatewayListenerTlsValidationContextProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsValidationContextProperty struct {
	// A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
	Trust interface{} `field:"required" json:"trust" yaml:"trust"`
	// A reference to an object that represents the SANs for a virtual gateway listener's Transport Layer Security (TLS) validation context.
	SubjectAlternativeNames interface{} `field:"optional" json:"subjectAlternativeNames" yaml:"subjectAlternativeNames"`
}

An object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsValidationContextProperty := &virtualGatewayListenerTlsValidationContextProperty{
	trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
		file: &virtualGatewayTlsValidationContextFileTrustProperty{
			certificateChain: jsii.String("certificateChain"),
		},
		sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
			secretName: jsii.String("secretName"),
		},
	},

	// the properties below are optional
	subjectAlternativeNames: &subjectAlternativeNamesProperty{
		match: &subjectAlternativeNameMatchersProperty{
			exact: []*string{
				jsii.String("exact"),
			},
		},
	},
}

type CfnVirtualGateway_VirtualGatewayListenerTlsValidationContextTrustProperty

type CfnVirtualGateway_VirtualGatewayListenerTlsValidationContextTrustProperty struct {
	// An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context trust.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerTlsValidationContextTrustProperty := &virtualGatewayListenerTlsValidationContextTrustProperty{
	file: &virtualGatewayTlsValidationContextFileTrustProperty{
		certificateChain: jsii.String("certificateChain"),
	},
	sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualGateway_VirtualGatewayLoggingProperty

type CfnVirtualGateway_VirtualGatewayLoggingProperty struct {
	// The access log configuration.
	AccessLog interface{} `field:"optional" json:"accessLog" yaml:"accessLog"`
}

An object that represents logging information.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayLoggingProperty := &virtualGatewayLoggingProperty{
	accessLog: &virtualGatewayAccessLogProperty{
		file: &virtualGatewayFileAccessLogProperty{
			path: jsii.String("path"),
		},
	},
}

type CfnVirtualGateway_VirtualGatewayPortMappingProperty

type CfnVirtualGateway_VirtualGatewayPortMappingProperty struct {
	// The port used for the port mapping.
	//
	// Specify one protocol.
	Port *float64 `field:"required" json:"port" yaml:"port"`
	// The protocol used for the port mapping.
	Protocol *string `field:"required" json:"protocol" yaml:"protocol"`
}

An object that represents a port mapping.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayPortMappingProperty := &virtualGatewayPortMappingProperty{
	port: jsii.Number(123),
	protocol: jsii.String("protocol"),
}

type CfnVirtualGateway_VirtualGatewaySpecProperty

type CfnVirtualGateway_VirtualGatewaySpecProperty struct {
	// The listeners that the mesh endpoint is expected to receive inbound traffic from.
	//
	// You can specify one listener.
	Listeners interface{} `field:"required" json:"listeners" yaml:"listeners"`
	// A reference to an object that represents the defaults for backends.
	BackendDefaults interface{} `field:"optional" json:"backendDefaults" yaml:"backendDefaults"`
	// An object that represents logging information.
	Logging interface{} `field:"optional" json:"logging" yaml:"logging"`
}

An object that represents the specification of a service mesh resource.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewaySpecProperty := &virtualGatewaySpecProperty{
	listeners: []interface{}{
		&virtualGatewayListenerProperty{
			portMapping: &virtualGatewayPortMappingProperty{
				port: jsii.Number(123),
				protocol: jsii.String("protocol"),
			},

			// the properties below are optional
			connectionPool: &virtualGatewayConnectionPoolProperty{
				grpc: &virtualGatewayGrpcConnectionPoolProperty{
					maxRequests: jsii.Number(123),
				},
				http: &virtualGatewayHttpConnectionPoolProperty{
					maxConnections: jsii.Number(123),

					// the properties below are optional
					maxPendingRequests: jsii.Number(123),
				},
				http2: &virtualGatewayHttp2ConnectionPoolProperty{
					maxRequests: jsii.Number(123),
				},
			},
			healthCheck: &virtualGatewayHealthCheckPolicyProperty{
				healthyThreshold: jsii.Number(123),
				intervalMillis: jsii.Number(123),
				protocol: jsii.String("protocol"),
				timeoutMillis: jsii.Number(123),
				unhealthyThreshold: jsii.Number(123),

				// the properties below are optional
				path: jsii.String("path"),
				port: jsii.Number(123),
			},
			tls: &virtualGatewayListenerTlsProperty{
				certificate: &virtualGatewayListenerTlsCertificateProperty{
					acm: &virtualGatewayListenerTlsAcmCertificateProperty{
						certificateArn: jsii.String("certificateArn"),
					},
					file: &virtualGatewayListenerTlsFileCertificateProperty{
						certificateChain: jsii.String("certificateChain"),
						privateKey: jsii.String("privateKey"),
					},
					sds: &virtualGatewayListenerTlsSdsCertificateProperty{
						secretName: jsii.String("secretName"),
					},
				},
				mode: jsii.String("mode"),

				// the properties below are optional
				validation: &virtualGatewayListenerTlsValidationContextProperty{
					trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
						file: &virtualGatewayTlsValidationContextFileTrustProperty{
							certificateChain: jsii.String("certificateChain"),
						},
						sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
							secretName: jsii.String("secretName"),
						},
					},

					// the properties below are optional
					subjectAlternativeNames: &subjectAlternativeNamesProperty{
						match: &subjectAlternativeNameMatchersProperty{
							exact: []*string{
								jsii.String("exact"),
							},
						},
					},
				},
			},
		},
	},

	// the properties below are optional
	backendDefaults: &virtualGatewayBackendDefaultsProperty{
		clientPolicy: &virtualGatewayClientPolicyProperty{
			tls: &virtualGatewayClientPolicyTlsProperty{
				validation: &virtualGatewayTlsValidationContextProperty{
					trust: &virtualGatewayTlsValidationContextTrustProperty{
						acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
							certificateAuthorityArns: []*string{
								jsii.String("certificateAuthorityArns"),
							},
						},
						file: &virtualGatewayTlsValidationContextFileTrustProperty{
							certificateChain: jsii.String("certificateChain"),
						},
						sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
							secretName: jsii.String("secretName"),
						},
					},

					// the properties below are optional
					subjectAlternativeNames: &subjectAlternativeNamesProperty{
						match: &subjectAlternativeNameMatchersProperty{
							exact: []*string{
								jsii.String("exact"),
							},
						},
					},
				},

				// the properties below are optional
				certificate: &virtualGatewayClientTlsCertificateProperty{
					file: &virtualGatewayListenerTlsFileCertificateProperty{
						certificateChain: jsii.String("certificateChain"),
						privateKey: jsii.String("privateKey"),
					},
					sds: &virtualGatewayListenerTlsSdsCertificateProperty{
						secretName: jsii.String("secretName"),
					},
				},
				enforce: jsii.Boolean(false),
				ports: []interface{}{
					jsii.Number(123),
				},
			},
		},
	},
	logging: &virtualGatewayLoggingProperty{
		accessLog: &virtualGatewayAccessLogProperty{
			file: &virtualGatewayFileAccessLogProperty{
				path: jsii.String("path"),
			},
		},
	},
}

type CfnVirtualGateway_VirtualGatewayTlsValidationContextAcmTrustProperty

type CfnVirtualGateway_VirtualGatewayTlsValidationContextAcmTrustProperty struct {
	// One or more ACM Amazon Resource Name (ARN)s.
	CertificateAuthorityArns *[]*string `field:"required" json:"certificateAuthorityArns" yaml:"certificateAuthorityArns"`
}

An object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayTlsValidationContextAcmTrustProperty := &virtualGatewayTlsValidationContextAcmTrustProperty{
	certificateAuthorityArns: []*string{
		jsii.String("certificateAuthorityArns"),
	},
}

type CfnVirtualGateway_VirtualGatewayTlsValidationContextFileTrustProperty

type CfnVirtualGateway_VirtualGatewayTlsValidationContextFileTrustProperty struct {
	// The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.
	CertificateChain *string `field:"required" json:"certificateChain" yaml:"certificateChain"`
}

An object that represents a Transport Layer Security (TLS) validation context trust for a local file.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayTlsValidationContextFileTrustProperty := &virtualGatewayTlsValidationContextFileTrustProperty{
	certificateChain: jsii.String("certificateChain"),
}

type CfnVirtualGateway_VirtualGatewayTlsValidationContextProperty

type CfnVirtualGateway_VirtualGatewayTlsValidationContextProperty struct {
	// A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
	Trust interface{} `field:"required" json:"trust" yaml:"trust"`
	// A reference to an object that represents the SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context.
	SubjectAlternativeNames interface{} `field:"optional" json:"subjectAlternativeNames" yaml:"subjectAlternativeNames"`
}

An object that represents a Transport Layer Security (TLS) validation context.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayTlsValidationContextProperty := &virtualGatewayTlsValidationContextProperty{
	trust: &virtualGatewayTlsValidationContextTrustProperty{
		acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
			certificateAuthorityArns: []*string{
				jsii.String("certificateAuthorityArns"),
			},
		},
		file: &virtualGatewayTlsValidationContextFileTrustProperty{
			certificateChain: jsii.String("certificateChain"),
		},
		sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
			secretName: jsii.String("secretName"),
		},
	},

	// the properties below are optional
	subjectAlternativeNames: &subjectAlternativeNamesProperty{
		match: &subjectAlternativeNameMatchersProperty{
			exact: []*string{
				jsii.String("exact"),
			},
		},
	},
}

type CfnVirtualGateway_VirtualGatewayTlsValidationContextSdsTrustProperty

type CfnVirtualGateway_VirtualGatewayTlsValidationContextSdsTrustProperty struct {
	// A reference to an object that represents the name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
	SecretName *string `field:"required" json:"secretName" yaml:"secretName"`
}

An object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.

The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh [TLS documentation](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) for more info.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayTlsValidationContextSdsTrustProperty := &virtualGatewayTlsValidationContextSdsTrustProperty{
	secretName: jsii.String("secretName"),
}

type CfnVirtualGateway_VirtualGatewayTlsValidationContextTrustProperty

type CfnVirtualGateway_VirtualGatewayTlsValidationContextTrustProperty struct {
	// A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.
	Acm interface{} `field:"optional" json:"acm" yaml:"acm"`
	// An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents a Transport Layer Security (TLS) validation context trust.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayTlsValidationContextTrustProperty := &virtualGatewayTlsValidationContextTrustProperty{
	acm: &virtualGatewayTlsValidationContextAcmTrustProperty{
		certificateAuthorityArns: []*string{
			jsii.String("certificateAuthorityArns"),
		},
	},
	file: &virtualGatewayTlsValidationContextFileTrustProperty{
		certificateChain: jsii.String("certificateChain"),
	},
	sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualNode

type CfnVirtualNode interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the virtual node.
	AttrArn() *string
	// The name of the service mesh that the virtual node resides in.
	AttrMeshName() *string
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The AWS IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The unique identifier for the virtual node.
	AttrUid() *string
	// The name of the virtual node.
	AttrVirtualNodeName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name of the service mesh to create the virtual node in.
	MeshName() *string
	SetMeshName(val *string)
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner() *string
	SetMeshOwner(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The virtual node specification to apply.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the virtual node to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The name to use for the virtual node.
	VirtualNodeName() *string
	SetVirtualNodeName(val *string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::VirtualNode`.

Creates a virtual node within a service mesh.

A virtual node acts as a logical pointer to a particular task group, such as an Amazon ECS service or a Kubernetes deployment. When you create a virtual node, you can specify the service discovery information for your task group, and whether the proxy running in a task group will communicate with other proxies using Transport Layer Security (TLS).

You define a `listener` for any inbound traffic that your virtual node expects. Any virtual service that your virtual node expects to communicate to is specified as a `backend` .

The response metadata for your new virtual node contains the `arn` that is associated with the virtual node. Set this value to the full ARN; for example, `arn:aws:appmesh:us-west-2:123456789012:myMesh/default/virtualNode/myApp` ) as the `APPMESH_RESOURCE_ARN` environment variable for your task group's Envoy proxy container in your task definition or pod spec. This is then mapped to the `node.id` and `node.cluster` Envoy parameters.

> By default, App Mesh uses the name of the resource you specified in `APPMESH_RESOURCE_ARN` when Envoy is referring to itself in metrics and traces. You can override this behavior by setting the `APPMESH_RESOURCE_CLUSTER` environment variable with your own name.

For more information about virtual nodes, see [Virtual nodes](https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_nodes.html) . You must be using `1.15.0` or later of the Envoy image when setting these variables. For more information about App Mesh Envoy variables, see [Envoy image](https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html) in the AWS App Mesh User Guide.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualNode := awscdk.Aws_appmesh.NewCfnVirtualNode(this, jsii.String("MyCfnVirtualNode"), &cfnVirtualNodeProps{
	meshName: jsii.String("meshName"),
	spec: &virtualNodeSpecProperty{
		backendDefaults: &backendDefaultsProperty{
			clientPolicy: &clientPolicyProperty{
				tls: &clientPolicyTlsProperty{
					validation: &tlsValidationContextProperty{
						trust: &tlsValidationContextTrustProperty{
							acm: &tlsValidationContextAcmTrustProperty{
								certificateAuthorityArns: []*string{
									jsii.String("certificateAuthorityArns"),
								},
							},
							file: &tlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &tlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},

					// the properties below are optional
					certificate: &clientTlsCertificateProperty{
						file: &listenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &listenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					enforce: jsii.Boolean(false),
					ports: []interface{}{
						jsii.Number(123),
					},
				},
			},
		},
		backends: []interface{}{
			&backendProperty{
				virtualService: &virtualServiceBackendProperty{
					virtualServiceName: jsii.String("virtualServiceName"),

					// the properties below are optional
					clientPolicy: &clientPolicyProperty{
						tls: &clientPolicyTlsProperty{
							validation: &tlsValidationContextProperty{
								trust: &tlsValidationContextTrustProperty{
									acm: &tlsValidationContextAcmTrustProperty{
										certificateAuthorityArns: []*string{
											jsii.String("certificateAuthorityArns"),
										},
									},
									file: &tlsValidationContextFileTrustProperty{
										certificateChain: jsii.String("certificateChain"),
									},
									sds: &tlsValidationContextSdsTrustProperty{
										secretName: jsii.String("secretName"),
									},
								},

								// the properties below are optional
								subjectAlternativeNames: &subjectAlternativeNamesProperty{
									match: &subjectAlternativeNameMatchersProperty{
										exact: []*string{
											jsii.String("exact"),
										},
									},
								},
							},

							// the properties below are optional
							certificate: &clientTlsCertificateProperty{
								file: &listenerTlsFileCertificateProperty{
									certificateChain: jsii.String("certificateChain"),
									privateKey: jsii.String("privateKey"),
								},
								sds: &listenerTlsSdsCertificateProperty{
									secretName: jsii.String("secretName"),
								},
							},
							enforce: jsii.Boolean(false),
							ports: []interface{}{
								jsii.Number(123),
							},
						},
					},
				},
			},
		},
		listeners: []interface{}{
			&listenerProperty{
				portMapping: &portMappingProperty{
					port: jsii.Number(123),
					protocol: jsii.String("protocol"),
				},

				// the properties below are optional
				connectionPool: &virtualNodeConnectionPoolProperty{
					grpc: &virtualNodeGrpcConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
					http: &virtualNodeHttpConnectionPoolProperty{
						maxConnections: jsii.Number(123),

						// the properties below are optional
						maxPendingRequests: jsii.Number(123),
					},
					http2: &virtualNodeHttp2ConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
					tcp: &virtualNodeTcpConnectionPoolProperty{
						maxConnections: jsii.Number(123),
					},
				},
				healthCheck: &healthCheckProperty{
					healthyThreshold: jsii.Number(123),
					intervalMillis: jsii.Number(123),
					protocol: jsii.String("protocol"),
					timeoutMillis: jsii.Number(123),
					unhealthyThreshold: jsii.Number(123),

					// the properties below are optional
					path: jsii.String("path"),
					port: jsii.Number(123),
				},
				outlierDetection: &outlierDetectionProperty{
					baseEjectionDuration: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					interval: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					maxEjectionPercent: jsii.Number(123),
					maxServerErrors: jsii.Number(123),
				},
				timeout: &listenerTimeoutProperty{
					grpc: &grpcTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
						perRequest: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
					http: &httpTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
						perRequest: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
					http2: &httpTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
						perRequest: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
					tcp: &tcpTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
				},
				tls: &listenerTlsProperty{
					certificate: &listenerTlsCertificateProperty{
						acm: &listenerTlsAcmCertificateProperty{
							certificateArn: jsii.String("certificateArn"),
						},
						file: &listenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &listenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					mode: jsii.String("mode"),

					// the properties below are optional
					validation: &listenerTlsValidationContextProperty{
						trust: &listenerTlsValidationContextTrustProperty{
							file: &tlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &tlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},
				},
			},
		},
		logging: &loggingProperty{
			accessLog: &accessLogProperty{
				file: &fileAccessLogProperty{
					path: jsii.String("path"),
				},
			},
		},
		serviceDiscovery: &serviceDiscoveryProperty{
			awsCloudMap: &awsCloudMapServiceDiscoveryProperty{
				namespaceName: jsii.String("namespaceName"),
				serviceName: jsii.String("serviceName"),

				// the properties below are optional
				attributes: []interface{}{
					&awsCloudMapInstanceAttributeProperty{
						key: jsii.String("key"),
						value: jsii.String("value"),
					},
				},
				ipPreference: jsii.String("ipPreference"),
			},
			dns: &dnsServiceDiscoveryProperty{
				hostname: jsii.String("hostname"),

				// the properties below are optional
				ipPreference: jsii.String("ipPreference"),
				responseType: jsii.String("responseType"),
			},
		},
	},

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	virtualNodeName: jsii.String("virtualNodeName"),
})

func NewCfnVirtualNode

func NewCfnVirtualNode(scope awscdk.Construct, id *string, props *CfnVirtualNodeProps) CfnVirtualNode

Create a new `AWS::AppMesh::VirtualNode`.

type CfnVirtualNodeProps

type CfnVirtualNodeProps struct {
	// The name of the service mesh to create the virtual node in.
	MeshName *string `field:"required" json:"meshName" yaml:"meshName"`
	// The virtual node specification to apply.
	Spec interface{} `field:"required" json:"spec" yaml:"spec"`
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner *string `field:"optional" json:"meshOwner" yaml:"meshOwner"`
	// Optional metadata that you can apply to the virtual node to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// The name to use for the virtual node.
	VirtualNodeName *string `field:"optional" json:"virtualNodeName" yaml:"virtualNodeName"`
}

Properties for defining a `CfnVirtualNode`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualNodeProps := &cfnVirtualNodeProps{
	meshName: jsii.String("meshName"),
	spec: &virtualNodeSpecProperty{
		backendDefaults: &backendDefaultsProperty{
			clientPolicy: &clientPolicyProperty{
				tls: &clientPolicyTlsProperty{
					validation: &tlsValidationContextProperty{
						trust: &tlsValidationContextTrustProperty{
							acm: &tlsValidationContextAcmTrustProperty{
								certificateAuthorityArns: []*string{
									jsii.String("certificateAuthorityArns"),
								},
							},
							file: &tlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &tlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},

					// the properties below are optional
					certificate: &clientTlsCertificateProperty{
						file: &listenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &listenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					enforce: jsii.Boolean(false),
					ports: []interface{}{
						jsii.Number(123),
					},
				},
			},
		},
		backends: []interface{}{
			&backendProperty{
				virtualService: &virtualServiceBackendProperty{
					virtualServiceName: jsii.String("virtualServiceName"),

					// the properties below are optional
					clientPolicy: &clientPolicyProperty{
						tls: &clientPolicyTlsProperty{
							validation: &tlsValidationContextProperty{
								trust: &tlsValidationContextTrustProperty{
									acm: &tlsValidationContextAcmTrustProperty{
										certificateAuthorityArns: []*string{
											jsii.String("certificateAuthorityArns"),
										},
									},
									file: &tlsValidationContextFileTrustProperty{
										certificateChain: jsii.String("certificateChain"),
									},
									sds: &tlsValidationContextSdsTrustProperty{
										secretName: jsii.String("secretName"),
									},
								},

								// the properties below are optional
								subjectAlternativeNames: &subjectAlternativeNamesProperty{
									match: &subjectAlternativeNameMatchersProperty{
										exact: []*string{
											jsii.String("exact"),
										},
									},
								},
							},

							// the properties below are optional
							certificate: &clientTlsCertificateProperty{
								file: &listenerTlsFileCertificateProperty{
									certificateChain: jsii.String("certificateChain"),
									privateKey: jsii.String("privateKey"),
								},
								sds: &listenerTlsSdsCertificateProperty{
									secretName: jsii.String("secretName"),
								},
							},
							enforce: jsii.Boolean(false),
							ports: []interface{}{
								jsii.Number(123),
							},
						},
					},
				},
			},
		},
		listeners: []interface{}{
			&listenerProperty{
				portMapping: &portMappingProperty{
					port: jsii.Number(123),
					protocol: jsii.String("protocol"),
				},

				// the properties below are optional
				connectionPool: &virtualNodeConnectionPoolProperty{
					grpc: &virtualNodeGrpcConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
					http: &virtualNodeHttpConnectionPoolProperty{
						maxConnections: jsii.Number(123),

						// the properties below are optional
						maxPendingRequests: jsii.Number(123),
					},
					http2: &virtualNodeHttp2ConnectionPoolProperty{
						maxRequests: jsii.Number(123),
					},
					tcp: &virtualNodeTcpConnectionPoolProperty{
						maxConnections: jsii.Number(123),
					},
				},
				healthCheck: &healthCheckProperty{
					healthyThreshold: jsii.Number(123),
					intervalMillis: jsii.Number(123),
					protocol: jsii.String("protocol"),
					timeoutMillis: jsii.Number(123),
					unhealthyThreshold: jsii.Number(123),

					// the properties below are optional
					path: jsii.String("path"),
					port: jsii.Number(123),
				},
				outlierDetection: &outlierDetectionProperty{
					baseEjectionDuration: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					interval: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					maxEjectionPercent: jsii.Number(123),
					maxServerErrors: jsii.Number(123),
				},
				timeout: &listenerTimeoutProperty{
					grpc: &grpcTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
						perRequest: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
					http: &httpTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
						perRequest: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
					http2: &httpTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
						perRequest: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
					tcp: &tcpTimeoutProperty{
						idle: &durationProperty{
							unit: jsii.String("unit"),
							value: jsii.Number(123),
						},
					},
				},
				tls: &listenerTlsProperty{
					certificate: &listenerTlsCertificateProperty{
						acm: &listenerTlsAcmCertificateProperty{
							certificateArn: jsii.String("certificateArn"),
						},
						file: &listenerTlsFileCertificateProperty{
							certificateChain: jsii.String("certificateChain"),
							privateKey: jsii.String("privateKey"),
						},
						sds: &listenerTlsSdsCertificateProperty{
							secretName: jsii.String("secretName"),
						},
					},
					mode: jsii.String("mode"),

					// the properties below are optional
					validation: &listenerTlsValidationContextProperty{
						trust: &listenerTlsValidationContextTrustProperty{
							file: &tlsValidationContextFileTrustProperty{
								certificateChain: jsii.String("certificateChain"),
							},
							sds: &tlsValidationContextSdsTrustProperty{
								secretName: jsii.String("secretName"),
							},
						},

						// the properties below are optional
						subjectAlternativeNames: &subjectAlternativeNamesProperty{
							match: &subjectAlternativeNameMatchersProperty{
								exact: []*string{
									jsii.String("exact"),
								},
							},
						},
					},
				},
			},
		},
		logging: &loggingProperty{
			accessLog: &accessLogProperty{
				file: &fileAccessLogProperty{
					path: jsii.String("path"),
				},
			},
		},
		serviceDiscovery: &serviceDiscoveryProperty{
			awsCloudMap: &awsCloudMapServiceDiscoveryProperty{
				namespaceName: jsii.String("namespaceName"),
				serviceName: jsii.String("serviceName"),

				// the properties below are optional
				attributes: []interface{}{
					&awsCloudMapInstanceAttributeProperty{
						key: jsii.String("key"),
						value: jsii.String("value"),
					},
				},
				ipPreference: jsii.String("ipPreference"),
			},
			dns: &dnsServiceDiscoveryProperty{
				hostname: jsii.String("hostname"),

				// the properties below are optional
				ipPreference: jsii.String("ipPreference"),
				responseType: jsii.String("responseType"),
			},
		},
	},

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	virtualNodeName: jsii.String("virtualNodeName"),
}

type CfnVirtualNode_AccessLogProperty

type CfnVirtualNode_AccessLogProperty struct {
	// The file object to send virtual node access logs to.
	File interface{} `field:"optional" json:"file" yaml:"file"`
}

An object that represents the access logging information for a virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

accessLogProperty := &accessLogProperty{
	file: &fileAccessLogProperty{
		path: jsii.String("path"),
	},
}

type CfnVirtualNode_AwsCloudMapInstanceAttributeProperty

type CfnVirtualNode_AwsCloudMapInstanceAttributeProperty struct {
	// The name of an AWS Cloud Map service instance attribute key.
	//
	// Any AWS Cloud Map service instance that contains the specified key and value is returned.
	Key *string `field:"required" json:"key" yaml:"key"`
	// The value of an AWS Cloud Map service instance attribute key.
	//
	// Any AWS Cloud Map service instance that contains the specified key and value is returned.
	Value *string `field:"required" json:"value" yaml:"value"`
}

An object that represents the AWS Cloud Map attribute information for your virtual node.

> AWS Cloud Map is not available in the eu-south-1 Region.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

awsCloudMapInstanceAttributeProperty := &awsCloudMapInstanceAttributeProperty{
	key: jsii.String("key"),
	value: jsii.String("value"),
}

type CfnVirtualNode_AwsCloudMapServiceDiscoveryProperty

type CfnVirtualNode_AwsCloudMapServiceDiscoveryProperty struct {
	// The name of the AWS Cloud Map namespace to use.
	NamespaceName *string `field:"required" json:"namespaceName" yaml:"namespaceName"`
	// The name of the AWS Cloud Map service to use.
	ServiceName *string `field:"required" json:"serviceName" yaml:"serviceName"`
	// A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance.
	//
	// Only instances that match all of the specified key/value pairs will be returned.
	Attributes interface{} `field:"optional" json:"attributes" yaml:"attributes"`
	// The preferred IP version that this virtual node uses.
	//
	// Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
	IpPreference *string `field:"optional" json:"ipPreference" yaml:"ipPreference"`
}

An object that represents the AWS Cloud Map service discovery information for your virtual node.

> AWS Cloud Map is not available in the eu-south-1 Region.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

awsCloudMapServiceDiscoveryProperty := &awsCloudMapServiceDiscoveryProperty{
	namespaceName: jsii.String("namespaceName"),
	serviceName: jsii.String("serviceName"),

	// the properties below are optional
	attributes: []interface{}{
		&awsCloudMapInstanceAttributeProperty{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	ipPreference: jsii.String("ipPreference"),
}

type CfnVirtualNode_BackendDefaultsProperty

type CfnVirtualNode_BackendDefaultsProperty struct {
	// A reference to an object that represents a client policy.
	ClientPolicy interface{} `field:"optional" json:"clientPolicy" yaml:"clientPolicy"`
}

An object that represents the default properties for a backend.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

backendDefaultsProperty := &backendDefaultsProperty{
	clientPolicy: &clientPolicyProperty{
		tls: &clientPolicyTlsProperty{
			validation: &tlsValidationContextProperty{
				trust: &tlsValidationContextTrustProperty{
					acm: &tlsValidationContextAcmTrustProperty{
						certificateAuthorityArns: []*string{
							jsii.String("certificateAuthorityArns"),
						},
					},
					file: &tlsValidationContextFileTrustProperty{
						certificateChain: jsii.String("certificateChain"),
					},
					sds: &tlsValidationContextSdsTrustProperty{
						secretName: jsii.String("secretName"),
					},
				},

				// the properties below are optional
				subjectAlternativeNames: &subjectAlternativeNamesProperty{
					match: &subjectAlternativeNameMatchersProperty{
						exact: []*string{
							jsii.String("exact"),
						},
					},
				},
			},

			// the properties below are optional
			certificate: &clientTlsCertificateProperty{
				file: &listenerTlsFileCertificateProperty{
					certificateChain: jsii.String("certificateChain"),
					privateKey: jsii.String("privateKey"),
				},
				sds: &listenerTlsSdsCertificateProperty{
					secretName: jsii.String("secretName"),
				},
			},
			enforce: jsii.Boolean(false),
			ports: []interface{}{
				jsii.Number(123),
			},
		},
	},
}

type CfnVirtualNode_BackendProperty

type CfnVirtualNode_BackendProperty struct {
	// Specifies a virtual service to use as a backend.
	VirtualService interface{} `field:"optional" json:"virtualService" yaml:"virtualService"`
}

An object that represents the backends that a virtual node is expected to send outbound traffic to.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

backendProperty := &backendProperty{
	virtualService: &virtualServiceBackendProperty{
		virtualServiceName: jsii.String("virtualServiceName"),

		// the properties below are optional
		clientPolicy: &clientPolicyProperty{
			tls: &clientPolicyTlsProperty{
				validation: &tlsValidationContextProperty{
					trust: &tlsValidationContextTrustProperty{
						acm: &tlsValidationContextAcmTrustProperty{
							certificateAuthorityArns: []*string{
								jsii.String("certificateAuthorityArns"),
							},
						},
						file: &tlsValidationContextFileTrustProperty{
							certificateChain: jsii.String("certificateChain"),
						},
						sds: &tlsValidationContextSdsTrustProperty{
							secretName: jsii.String("secretName"),
						},
					},

					// the properties below are optional
					subjectAlternativeNames: &subjectAlternativeNamesProperty{
						match: &subjectAlternativeNameMatchersProperty{
							exact: []*string{
								jsii.String("exact"),
							},
						},
					},
				},

				// the properties below are optional
				certificate: &clientTlsCertificateProperty{
					file: &listenerTlsFileCertificateProperty{
						certificateChain: jsii.String("certificateChain"),
						privateKey: jsii.String("privateKey"),
					},
					sds: &listenerTlsSdsCertificateProperty{
						secretName: jsii.String("secretName"),
					},
				},
				enforce: jsii.Boolean(false),
				ports: []interface{}{
					jsii.Number(123),
				},
			},
		},
	},
}

type CfnVirtualNode_ClientPolicyProperty

type CfnVirtualNode_ClientPolicyProperty struct {
	// A reference to an object that represents a Transport Layer Security (TLS) client policy.
	Tls interface{} `field:"optional" json:"tls" yaml:"tls"`
}

An object that represents a client policy.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

clientPolicyProperty := &clientPolicyProperty{
	tls: &clientPolicyTlsProperty{
		validation: &tlsValidationContextProperty{
			trust: &tlsValidationContextTrustProperty{
				acm: &tlsValidationContextAcmTrustProperty{
					certificateAuthorityArns: []*string{
						jsii.String("certificateAuthorityArns"),
					},
				},
				file: &tlsValidationContextFileTrustProperty{
					certificateChain: jsii.String("certificateChain"),
				},
				sds: &tlsValidationContextSdsTrustProperty{
					secretName: jsii.String("secretName"),
				},
			},

			// the properties below are optional
			subjectAlternativeNames: &subjectAlternativeNamesProperty{
				match: &subjectAlternativeNameMatchersProperty{
					exact: []*string{
						jsii.String("exact"),
					},
				},
			},
		},

		// the properties below are optional
		certificate: &clientTlsCertificateProperty{
			file: &listenerTlsFileCertificateProperty{
				certificateChain: jsii.String("certificateChain"),
				privateKey: jsii.String("privateKey"),
			},
			sds: &listenerTlsSdsCertificateProperty{
				secretName: jsii.String("secretName"),
			},
		},
		enforce: jsii.Boolean(false),
		ports: []interface{}{
			jsii.Number(123),
		},
	},
}

type CfnVirtualNode_ClientPolicyTlsProperty

type CfnVirtualNode_ClientPolicyTlsProperty struct {
	// A reference to an object that represents a TLS validation context.
	Validation interface{} `field:"required" json:"validation" yaml:"validation"`
	// A reference to an object that represents a client's TLS certificate.
	Certificate interface{} `field:"optional" json:"certificate" yaml:"certificate"`
	// Whether the policy is enforced.
	//
	// The default is `True` , if a value isn't specified.
	Enforce interface{} `field:"optional" json:"enforce" yaml:"enforce"`
	// One or more ports that the policy is enforced for.
	Ports interface{} `field:"optional" json:"ports" yaml:"ports"`
}

A reference to an object that represents a Transport Layer Security (TLS) client policy.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

clientPolicyTlsProperty := &clientPolicyTlsProperty{
	validation: &tlsValidationContextProperty{
		trust: &tlsValidationContextTrustProperty{
			acm: &tlsValidationContextAcmTrustProperty{
				certificateAuthorityArns: []*string{
					jsii.String("certificateAuthorityArns"),
				},
			},
			file: &tlsValidationContextFileTrustProperty{
				certificateChain: jsii.String("certificateChain"),
			},
			sds: &tlsValidationContextSdsTrustProperty{
				secretName: jsii.String("secretName"),
			},
		},

		// the properties below are optional
		subjectAlternativeNames: &subjectAlternativeNamesProperty{
			match: &subjectAlternativeNameMatchersProperty{
				exact: []*string{
					jsii.String("exact"),
				},
			},
		},
	},

	// the properties below are optional
	certificate: &clientTlsCertificateProperty{
		file: &listenerTlsFileCertificateProperty{
			certificateChain: jsii.String("certificateChain"),
			privateKey: jsii.String("privateKey"),
		},
		sds: &listenerTlsSdsCertificateProperty{
			secretName: jsii.String("secretName"),
		},
	},
	enforce: jsii.Boolean(false),
	ports: []interface{}{
		jsii.Number(123),
	},
}

type CfnVirtualNode_ClientTlsCertificateProperty

type CfnVirtualNode_ClientTlsCertificateProperty struct {
	// An object that represents a local file certificate.
	//
	// The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) .
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a client's TLS Secret Discovery Service certificate.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents the client's certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

clientTlsCertificateProperty := &clientTlsCertificateProperty{
	file: &listenerTlsFileCertificateProperty{
		certificateChain: jsii.String("certificateChain"),
		privateKey: jsii.String("privateKey"),
	},
	sds: &listenerTlsSdsCertificateProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualNode_DnsServiceDiscoveryProperty

type CfnVirtualNode_DnsServiceDiscoveryProperty struct {
	// Specifies the DNS service discovery hostname for the virtual node.
	Hostname *string `field:"required" json:"hostname" yaml:"hostname"`
	// The preferred IP version that this virtual node uses.
	//
	// Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
	IpPreference *string `field:"optional" json:"ipPreference" yaml:"ipPreference"`
	// Specifies the DNS response type for the virtual node.
	ResponseType *string `field:"optional" json:"responseType" yaml:"responseType"`
}

An object that represents the DNS service discovery information for your virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

dnsServiceDiscoveryProperty := &dnsServiceDiscoveryProperty{
	hostname: jsii.String("hostname"),

	// the properties below are optional
	ipPreference: jsii.String("ipPreference"),
	responseType: jsii.String("responseType"),
}

type CfnVirtualNode_DurationProperty

type CfnVirtualNode_DurationProperty struct {
	// A unit of time.
	Unit *string `field:"required" json:"unit" yaml:"unit"`
	// A number of time units.
	Value *float64 `field:"required" json:"value" yaml:"value"`
}

An object that represents a duration of time.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

durationProperty := &durationProperty{
	unit: jsii.String("unit"),
	value: jsii.Number(123),
}

type CfnVirtualNode_FileAccessLogProperty

type CfnVirtualNode_FileAccessLogProperty struct {
	// The file path to write access logs to.
	//
	// You can use `/dev/stdout` to send access logs to standard out and configure your Envoy container to use a log driver, such as `awslogs` , to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.
	//
	// > The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.
	Path *string `field:"required" json:"path" yaml:"path"`
}

An object that represents an access log file.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

fileAccessLogProperty := &fileAccessLogProperty{
	path: jsii.String("path"),
}

type CfnVirtualNode_GrpcTimeoutProperty

type CfnVirtualNode_GrpcTimeoutProperty struct {
	// An object that represents an idle timeout.
	//
	// An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
	Idle interface{} `field:"optional" json:"idle" yaml:"idle"`
	// An object that represents a per request timeout.
	//
	// The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
	PerRequest interface{} `field:"optional" json:"perRequest" yaml:"perRequest"`
}

An object that represents types of timeouts.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

grpcTimeoutProperty := &grpcTimeoutProperty{
	idle: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
	perRequest: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
}

type CfnVirtualNode_HealthCheckProperty

type CfnVirtualNode_HealthCheckProperty struct {
	// The number of consecutive successful health checks that must occur before declaring listener healthy.
	HealthyThreshold *float64 `field:"required" json:"healthyThreshold" yaml:"healthyThreshold"`
	// The time period in milliseconds between each health check execution.
	IntervalMillis *float64 `field:"required" json:"intervalMillis" yaml:"intervalMillis"`
	// The protocol for the health check request.
	//
	// If you specify `grpc` , then your service must conform to the [GRPC Health Checking Protocol](https://docs.aws.amazon.com/https://github.com/grpc/grpc/blob/master/doc/health-checking.md) .
	Protocol *string `field:"required" json:"protocol" yaml:"protocol"`
	// The amount of time to wait when receiving a response from the health check, in milliseconds.
	TimeoutMillis *float64 `field:"required" json:"timeoutMillis" yaml:"timeoutMillis"`
	// The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.
	UnhealthyThreshold *float64 `field:"required" json:"unhealthyThreshold" yaml:"unhealthyThreshold"`
	// The destination path for the health check request.
	//
	// This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.
	Path *string `field:"optional" json:"path" yaml:"path"`
	// The destination port for the health check request.
	//
	// This port must match the port defined in the `PortMapping` for the listener.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
}

An object that represents the health check policy for a virtual node's listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

healthCheckProperty := &healthCheckProperty{
	healthyThreshold: jsii.Number(123),
	intervalMillis: jsii.Number(123),
	protocol: jsii.String("protocol"),
	timeoutMillis: jsii.Number(123),
	unhealthyThreshold: jsii.Number(123),

	// the properties below are optional
	path: jsii.String("path"),
	port: jsii.Number(123),
}

type CfnVirtualNode_HttpTimeoutProperty

type CfnVirtualNode_HttpTimeoutProperty struct {
	// An object that represents an idle timeout.
	//
	// An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
	Idle interface{} `field:"optional" json:"idle" yaml:"idle"`
	// An object that represents a per request timeout.
	//
	// The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
	PerRequest interface{} `field:"optional" json:"perRequest" yaml:"perRequest"`
}

An object that represents types of timeouts.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpTimeoutProperty := &httpTimeoutProperty{
	idle: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
	perRequest: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
}

type CfnVirtualNode_ListenerProperty

type CfnVirtualNode_ListenerProperty struct {
	// The port mapping information for the listener.
	PortMapping interface{} `field:"required" json:"portMapping" yaml:"portMapping"`
	// The connection pool information for the listener.
	ConnectionPool interface{} `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	HealthCheck interface{} `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// The outlier detection information for the listener.
	OutlierDetection interface{} `field:"optional" json:"outlierDetection" yaml:"outlierDetection"`
	// An object that represents timeouts for different protocols.
	Timeout interface{} `field:"optional" json:"timeout" yaml:"timeout"`
	// A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.
	Tls interface{} `field:"optional" json:"tls" yaml:"tls"`
}

An object that represents a listener for a virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerProperty := &listenerProperty{
	portMapping: &portMappingProperty{
		port: jsii.Number(123),
		protocol: jsii.String("protocol"),
	},

	// the properties below are optional
	connectionPool: &virtualNodeConnectionPoolProperty{
		grpc: &virtualNodeGrpcConnectionPoolProperty{
			maxRequests: jsii.Number(123),
		},
		http: &virtualNodeHttpConnectionPoolProperty{
			maxConnections: jsii.Number(123),

			// the properties below are optional
			maxPendingRequests: jsii.Number(123),
		},
		http2: &virtualNodeHttp2ConnectionPoolProperty{
			maxRequests: jsii.Number(123),
		},
		tcp: &virtualNodeTcpConnectionPoolProperty{
			maxConnections: jsii.Number(123),
		},
	},
	healthCheck: &healthCheckProperty{
		healthyThreshold: jsii.Number(123),
		intervalMillis: jsii.Number(123),
		protocol: jsii.String("protocol"),
		timeoutMillis: jsii.Number(123),
		unhealthyThreshold: jsii.Number(123),

		// the properties below are optional
		path: jsii.String("path"),
		port: jsii.Number(123),
	},
	outlierDetection: &outlierDetectionProperty{
		baseEjectionDuration: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		interval: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		maxEjectionPercent: jsii.Number(123),
		maxServerErrors: jsii.Number(123),
	},
	timeout: &listenerTimeoutProperty{
		grpc: &grpcTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
		http: &httpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
		http2: &httpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
		tcp: &tcpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	tls: &listenerTlsProperty{
		certificate: &listenerTlsCertificateProperty{
			acm: &listenerTlsAcmCertificateProperty{
				certificateArn: jsii.String("certificateArn"),
			},
			file: &listenerTlsFileCertificateProperty{
				certificateChain: jsii.String("certificateChain"),
				privateKey: jsii.String("privateKey"),
			},
			sds: &listenerTlsSdsCertificateProperty{
				secretName: jsii.String("secretName"),
			},
		},
		mode: jsii.String("mode"),

		// the properties below are optional
		validation: &listenerTlsValidationContextProperty{
			trust: &listenerTlsValidationContextTrustProperty{
				file: &tlsValidationContextFileTrustProperty{
					certificateChain: jsii.String("certificateChain"),
				},
				sds: &tlsValidationContextSdsTrustProperty{
					secretName: jsii.String("secretName"),
				},
			},

			// the properties below are optional
			subjectAlternativeNames: &subjectAlternativeNamesProperty{
				match: &subjectAlternativeNameMatchersProperty{
					exact: []*string{
						jsii.String("exact"),
					},
				},
			},
		},
	},
}

type CfnVirtualNode_ListenerTimeoutProperty

type CfnVirtualNode_ListenerTimeoutProperty struct {
	// An object that represents types of timeouts.
	Grpc interface{} `field:"optional" json:"grpc" yaml:"grpc"`
	// An object that represents types of timeouts.
	Http interface{} `field:"optional" json:"http" yaml:"http"`
	// An object that represents types of timeouts.
	Http2 interface{} `field:"optional" json:"http2" yaml:"http2"`
	// An object that represents types of timeouts.
	Tcp interface{} `field:"optional" json:"tcp" yaml:"tcp"`
}

An object that represents timeouts for different protocols.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTimeoutProperty := &listenerTimeoutProperty{
	grpc: &grpcTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		perRequest: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
	http: &httpTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		perRequest: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
	http2: &httpTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
		perRequest: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
	tcp: &tcpTimeoutProperty{
		idle: &durationProperty{
			unit: jsii.String("unit"),
			value: jsii.Number(123),
		},
	},
}

type CfnVirtualNode_ListenerTlsAcmCertificateProperty

type CfnVirtualNode_ListenerTlsAcmCertificateProperty struct {
	// The Amazon Resource Name (ARN) for the certificate.
	//
	// The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites) .
	CertificateArn *string `field:"required" json:"certificateArn" yaml:"certificateArn"`
}

An object that represents an AWS Certificate Manager certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsAcmCertificateProperty := &listenerTlsAcmCertificateProperty{
	certificateArn: jsii.String("certificateArn"),
}

type CfnVirtualNode_ListenerTlsCertificateProperty

type CfnVirtualNode_ListenerTlsCertificateProperty struct {
	// A reference to an object that represents an AWS Certificate Manager certificate.
	Acm interface{} `field:"optional" json:"acm" yaml:"acm"`
	// A reference to an object that represents a local file certificate.
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a listener's Secret Discovery Service certificate.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents a listener's Transport Layer Security (TLS) certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsCertificateProperty := &listenerTlsCertificateProperty{
	acm: &listenerTlsAcmCertificateProperty{
		certificateArn: jsii.String("certificateArn"),
	},
	file: &listenerTlsFileCertificateProperty{
		certificateChain: jsii.String("certificateChain"),
		privateKey: jsii.String("privateKey"),
	},
	sds: &listenerTlsSdsCertificateProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualNode_ListenerTlsFileCertificateProperty

type CfnVirtualNode_ListenerTlsFileCertificateProperty struct {
	// The certificate chain for the certificate.
	CertificateChain *string `field:"required" json:"certificateChain" yaml:"certificateChain"`
	// The private key for a certificate stored on the file system of the virtual node that the proxy is running on.
	PrivateKey *string `field:"required" json:"privateKey" yaml:"privateKey"`
}

An object that represents a local file certificate.

The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsFileCertificateProperty := &listenerTlsFileCertificateProperty{
	certificateChain: jsii.String("certificateChain"),
	privateKey: jsii.String("privateKey"),
}

type CfnVirtualNode_ListenerTlsProperty

type CfnVirtualNode_ListenerTlsProperty struct {
	// A reference to an object that represents a listener's Transport Layer Security (TLS) certificate.
	Certificate interface{} `field:"required" json:"certificate" yaml:"certificate"`
	// Specify one of the following modes.
	//
	// - ** STRICT – Listener only accepts connections with TLS enabled.
	// - ** PERMISSIVE – Listener accepts connections with or without TLS enabled.
	// - ** DISABLED – Listener only accepts connections without TLS.
	Mode *string `field:"required" json:"mode" yaml:"mode"`
	// A reference to an object that represents a listener's Transport Layer Security (TLS) validation context.
	Validation interface{} `field:"optional" json:"validation" yaml:"validation"`
}

An object that represents the Transport Layer Security (TLS) properties for a listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsProperty := &listenerTlsProperty{
	certificate: &listenerTlsCertificateProperty{
		acm: &listenerTlsAcmCertificateProperty{
			certificateArn: jsii.String("certificateArn"),
		},
		file: &listenerTlsFileCertificateProperty{
			certificateChain: jsii.String("certificateChain"),
			privateKey: jsii.String("privateKey"),
		},
		sds: &listenerTlsSdsCertificateProperty{
			secretName: jsii.String("secretName"),
		},
	},
	mode: jsii.String("mode"),

	// the properties below are optional
	validation: &listenerTlsValidationContextProperty{
		trust: &listenerTlsValidationContextTrustProperty{
			file: &tlsValidationContextFileTrustProperty{
				certificateChain: jsii.String("certificateChain"),
			},
			sds: &tlsValidationContextSdsTrustProperty{
				secretName: jsii.String("secretName"),
			},
		},

		// the properties below are optional
		subjectAlternativeNames: &subjectAlternativeNamesProperty{
			match: &subjectAlternativeNameMatchersProperty{
				exact: []*string{
					jsii.String("exact"),
				},
			},
		},
	},
}

type CfnVirtualNode_ListenerTlsSdsCertificateProperty

type CfnVirtualNode_ListenerTlsSdsCertificateProperty struct {
	// A reference to an object that represents the name of the secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.
	SecretName *string `field:"required" json:"secretName" yaml:"secretName"`
}

An object that represents the listener's Secret Discovery Service certificate.

The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh [TLS documentation](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) for more info.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsSdsCertificateProperty := &listenerTlsSdsCertificateProperty{
	secretName: jsii.String("secretName"),
}

type CfnVirtualNode_ListenerTlsValidationContextProperty

type CfnVirtualNode_ListenerTlsValidationContextProperty struct {
	// A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
	Trust interface{} `field:"required" json:"trust" yaml:"trust"`
	// A reference to an object that represents the SANs for a listener's Transport Layer Security (TLS) validation context.
	SubjectAlternativeNames interface{} `field:"optional" json:"subjectAlternativeNames" yaml:"subjectAlternativeNames"`
}

An object that represents a listener's Transport Layer Security (TLS) validation context.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsValidationContextProperty := &listenerTlsValidationContextProperty{
	trust: &listenerTlsValidationContextTrustProperty{
		file: &tlsValidationContextFileTrustProperty{
			certificateChain: jsii.String("certificateChain"),
		},
		sds: &tlsValidationContextSdsTrustProperty{
			secretName: jsii.String("secretName"),
		},
	},

	// the properties below are optional
	subjectAlternativeNames: &subjectAlternativeNamesProperty{
		match: &subjectAlternativeNameMatchersProperty{
			exact: []*string{
				jsii.String("exact"),
			},
		},
	},
}

type CfnVirtualNode_ListenerTlsValidationContextTrustProperty

type CfnVirtualNode_ListenerTlsValidationContextTrustProperty struct {
	// An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents a listener's Transport Layer Security (TLS) validation context trust.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

listenerTlsValidationContextTrustProperty := &listenerTlsValidationContextTrustProperty{
	file: &tlsValidationContextFileTrustProperty{
		certificateChain: jsii.String("certificateChain"),
	},
	sds: &tlsValidationContextSdsTrustProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualNode_LoggingProperty

type CfnVirtualNode_LoggingProperty struct {
	// The access log configuration for a virtual node.
	AccessLog interface{} `field:"optional" json:"accessLog" yaml:"accessLog"`
}

An object that represents the logging information for a virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

loggingProperty := &loggingProperty{
	accessLog: &accessLogProperty{
		file: &fileAccessLogProperty{
			path: jsii.String("path"),
		},
	},
}

type CfnVirtualNode_OutlierDetectionProperty

type CfnVirtualNode_OutlierDetectionProperty struct {
	// The base amount of time for which a host is ejected.
	BaseEjectionDuration interface{} `field:"required" json:"baseEjectionDuration" yaml:"baseEjectionDuration"`
	// The time interval between ejection sweep analysis.
	Interval interface{} `field:"required" json:"interval" yaml:"interval"`
	// Maximum percentage of hosts in load balancing pool for upstream service that can be ejected.
	//
	// Will eject at least one host regardless of the value.
	MaxEjectionPercent *float64 `field:"required" json:"maxEjectionPercent" yaml:"maxEjectionPercent"`
	// Number of consecutive `5xx` errors required for ejection.
	MaxServerErrors *float64 `field:"required" json:"maxServerErrors" yaml:"maxServerErrors"`
}

An object that represents the outlier detection for a virtual node's listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

outlierDetectionProperty := &outlierDetectionProperty{
	baseEjectionDuration: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
	interval: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
	maxEjectionPercent: jsii.Number(123),
	maxServerErrors: jsii.Number(123),
}

type CfnVirtualNode_PortMappingProperty

type CfnVirtualNode_PortMappingProperty struct {
	// The port used for the port mapping.
	Port *float64 `field:"required" json:"port" yaml:"port"`
	// The protocol used for the port mapping.
	//
	// Specify `http` , `http2` , `grpc` , or `tcp` .
	Protocol *string `field:"required" json:"protocol" yaml:"protocol"`
}

An object representing a virtual node or virtual router listener port mapping.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

portMappingProperty := &portMappingProperty{
	port: jsii.Number(123),
	protocol: jsii.String("protocol"),
}

type CfnVirtualNode_ServiceDiscoveryProperty

type CfnVirtualNode_ServiceDiscoveryProperty struct {
	// Specifies any AWS Cloud Map information for the virtual node.
	AwsCloudMap interface{} `field:"optional" json:"awsCloudMap" yaml:"awsCloudMap"`
	// Specifies the DNS information for the virtual node.
	Dns interface{} `field:"optional" json:"dns" yaml:"dns"`
}

An object that represents the service discovery information for a virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

serviceDiscoveryProperty := &serviceDiscoveryProperty{
	awsCloudMap: &awsCloudMapServiceDiscoveryProperty{
		namespaceName: jsii.String("namespaceName"),
		serviceName: jsii.String("serviceName"),

		// the properties below are optional
		attributes: []interface{}{
			&awsCloudMapInstanceAttributeProperty{
				key: jsii.String("key"),
				value: jsii.String("value"),
			},
		},
		ipPreference: jsii.String("ipPreference"),
	},
	dns: &dnsServiceDiscoveryProperty{
		hostname: jsii.String("hostname"),

		// the properties below are optional
		ipPreference: jsii.String("ipPreference"),
		responseType: jsii.String("responseType"),
	},
}

type CfnVirtualNode_SubjectAlternativeNameMatchersProperty

type CfnVirtualNode_SubjectAlternativeNameMatchersProperty struct {
	// The values sent must match the specified values exactly.
	Exact *[]*string `field:"optional" json:"exact" yaml:"exact"`
}

An object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

subjectAlternativeNameMatchersProperty := &subjectAlternativeNameMatchersProperty{
	exact: []*string{
		jsii.String("exact"),
	},
}

type CfnVirtualNode_SubjectAlternativeNamesProperty

type CfnVirtualNode_SubjectAlternativeNamesProperty struct {
	// An object that represents the criteria for determining a SANs match.
	Match interface{} `field:"required" json:"match" yaml:"match"`
}

An object that represents the subject alternative names secured by the certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

subjectAlternativeNamesProperty := &subjectAlternativeNamesProperty{
	match: &subjectAlternativeNameMatchersProperty{
		exact: []*string{
			jsii.String("exact"),
		},
	},
}

type CfnVirtualNode_TcpTimeoutProperty

type CfnVirtualNode_TcpTimeoutProperty struct {
	// An object that represents an idle timeout.
	//
	// An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
	Idle interface{} `field:"optional" json:"idle" yaml:"idle"`
}

An object that represents types of timeouts.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tcpTimeoutProperty := &tcpTimeoutProperty{
	idle: &durationProperty{
		unit: jsii.String("unit"),
		value: jsii.Number(123),
	},
}

type CfnVirtualNode_TlsValidationContextAcmTrustProperty

type CfnVirtualNode_TlsValidationContextAcmTrustProperty struct {
	// One or more ACM Amazon Resource Name (ARN)s.
	CertificateAuthorityArns *[]*string `field:"required" json:"certificateAuthorityArns" yaml:"certificateAuthorityArns"`
}

An object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsValidationContextAcmTrustProperty := &tlsValidationContextAcmTrustProperty{
	certificateAuthorityArns: []*string{
		jsii.String("certificateAuthorityArns"),
	},
}

type CfnVirtualNode_TlsValidationContextFileTrustProperty

type CfnVirtualNode_TlsValidationContextFileTrustProperty struct {
	// The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.
	CertificateChain *string `field:"required" json:"certificateChain" yaml:"certificateChain"`
}

An object that represents a Transport Layer Security (TLS) validation context trust for a local file.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsValidationContextFileTrustProperty := &tlsValidationContextFileTrustProperty{
	certificateChain: jsii.String("certificateChain"),
}

type CfnVirtualNode_TlsValidationContextProperty

type CfnVirtualNode_TlsValidationContextProperty struct {
	// A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
	Trust interface{} `field:"required" json:"trust" yaml:"trust"`
	// A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
	SubjectAlternativeNames interface{} `field:"optional" json:"subjectAlternativeNames" yaml:"subjectAlternativeNames"`
}

An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsValidationContextProperty := &tlsValidationContextProperty{
	trust: &tlsValidationContextTrustProperty{
		acm: &tlsValidationContextAcmTrustProperty{
			certificateAuthorityArns: []*string{
				jsii.String("certificateAuthorityArns"),
			},
		},
		file: &tlsValidationContextFileTrustProperty{
			certificateChain: jsii.String("certificateChain"),
		},
		sds: &tlsValidationContextSdsTrustProperty{
			secretName: jsii.String("secretName"),
		},
	},

	// the properties below are optional
	subjectAlternativeNames: &subjectAlternativeNamesProperty{
		match: &subjectAlternativeNameMatchersProperty{
			exact: []*string{
				jsii.String("exact"),
			},
		},
	},
}

type CfnVirtualNode_TlsValidationContextSdsTrustProperty

type CfnVirtualNode_TlsValidationContextSdsTrustProperty struct {
	// A reference to an object that represents the name of the secret for a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
	SecretName *string `field:"required" json:"secretName" yaml:"secretName"`
}

An object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.

The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh [TLS documentation](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) for more info.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsValidationContextSdsTrustProperty := &tlsValidationContextSdsTrustProperty{
	secretName: jsii.String("secretName"),
}

type CfnVirtualNode_TlsValidationContextTrustProperty

type CfnVirtualNode_TlsValidationContextTrustProperty struct {
	// A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.
	Acm interface{} `field:"optional" json:"acm" yaml:"acm"`
	// An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
	File interface{} `field:"optional" json:"file" yaml:"file"`
	// A reference to an object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
	Sds interface{} `field:"optional" json:"sds" yaml:"sds"`
}

An object that represents a Transport Layer Security (TLS) validation context trust.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsValidationContextTrustProperty := &tlsValidationContextTrustProperty{
	acm: &tlsValidationContextAcmTrustProperty{
		certificateAuthorityArns: []*string{
			jsii.String("certificateAuthorityArns"),
		},
	},
	file: &tlsValidationContextFileTrustProperty{
		certificateChain: jsii.String("certificateChain"),
	},
	sds: &tlsValidationContextSdsTrustProperty{
		secretName: jsii.String("secretName"),
	},
}

type CfnVirtualNode_VirtualNodeConnectionPoolProperty

type CfnVirtualNode_VirtualNodeConnectionPoolProperty struct {
	// An object that represents a type of connection pool.
	Grpc interface{} `field:"optional" json:"grpc" yaml:"grpc"`
	// An object that represents a type of connection pool.
	Http interface{} `field:"optional" json:"http" yaml:"http"`
	// An object that represents a type of connection pool.
	Http2 interface{} `field:"optional" json:"http2" yaml:"http2"`
	// An object that represents a type of connection pool.
	Tcp interface{} `field:"optional" json:"tcp" yaml:"tcp"`
}

An object that represents the type of virtual node connection pool.

Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping.

If not present the default value for `maxPendingRequests` is `2147483647` .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeConnectionPoolProperty := &virtualNodeConnectionPoolProperty{
	grpc: &virtualNodeGrpcConnectionPoolProperty{
		maxRequests: jsii.Number(123),
	},
	http: &virtualNodeHttpConnectionPoolProperty{
		maxConnections: jsii.Number(123),

		// the properties below are optional
		maxPendingRequests: jsii.Number(123),
	},
	http2: &virtualNodeHttp2ConnectionPoolProperty{
		maxRequests: jsii.Number(123),
	},
	tcp: &virtualNodeTcpConnectionPoolProperty{
		maxConnections: jsii.Number(123),
	},
}

type CfnVirtualNode_VirtualNodeGrpcConnectionPoolProperty

type CfnVirtualNode_VirtualNodeGrpcConnectionPoolProperty struct {
	// Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
	MaxRequests *float64 `field:"required" json:"maxRequests" yaml:"maxRequests"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeGrpcConnectionPoolProperty := &virtualNodeGrpcConnectionPoolProperty{
	maxRequests: jsii.Number(123),
}

type CfnVirtualNode_VirtualNodeHttp2ConnectionPoolProperty

type CfnVirtualNode_VirtualNodeHttp2ConnectionPoolProperty struct {
	// Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
	MaxRequests *float64 `field:"required" json:"maxRequests" yaml:"maxRequests"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeHttp2ConnectionPoolProperty := &virtualNodeHttp2ConnectionPoolProperty{
	maxRequests: jsii.Number(123),
}

type CfnVirtualNode_VirtualNodeHttpConnectionPoolProperty

type CfnVirtualNode_VirtualNodeHttpConnectionPoolProperty struct {
	// Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
	MaxConnections *float64 `field:"required" json:"maxConnections" yaml:"maxConnections"`
	// Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster.
	MaxPendingRequests *float64 `field:"optional" json:"maxPendingRequests" yaml:"maxPendingRequests"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeHttpConnectionPoolProperty := &virtualNodeHttpConnectionPoolProperty{
	maxConnections: jsii.Number(123),

	// the properties below are optional
	maxPendingRequests: jsii.Number(123),
}

type CfnVirtualNode_VirtualNodeSpecProperty

type CfnVirtualNode_VirtualNodeSpecProperty struct {
	// A reference to an object that represents the defaults for backends.
	BackendDefaults interface{} `field:"optional" json:"backendDefaults" yaml:"backendDefaults"`
	// The backends that the virtual node is expected to send outbound traffic to.
	Backends interface{} `field:"optional" json:"backends" yaml:"backends"`
	// The listener that the virtual node is expected to receive inbound traffic from.
	//
	// You can specify one listener.
	Listeners interface{} `field:"optional" json:"listeners" yaml:"listeners"`
	// The inbound and outbound access logging information for the virtual node.
	Logging interface{} `field:"optional" json:"logging" yaml:"logging"`
	// The service discovery information for the virtual node.
	//
	// If your virtual node does not expect ingress traffic, you can omit this parameter. If you specify a `listener` , then you must specify service discovery information.
	ServiceDiscovery interface{} `field:"optional" json:"serviceDiscovery" yaml:"serviceDiscovery"`
}

An object that represents the specification of a virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeSpecProperty := &virtualNodeSpecProperty{
	backendDefaults: &backendDefaultsProperty{
		clientPolicy: &clientPolicyProperty{
			tls: &clientPolicyTlsProperty{
				validation: &tlsValidationContextProperty{
					trust: &tlsValidationContextTrustProperty{
						acm: &tlsValidationContextAcmTrustProperty{
							certificateAuthorityArns: []*string{
								jsii.String("certificateAuthorityArns"),
							},
						},
						file: &tlsValidationContextFileTrustProperty{
							certificateChain: jsii.String("certificateChain"),
						},
						sds: &tlsValidationContextSdsTrustProperty{
							secretName: jsii.String("secretName"),
						},
					},

					// the properties below are optional
					subjectAlternativeNames: &subjectAlternativeNamesProperty{
						match: &subjectAlternativeNameMatchersProperty{
							exact: []*string{
								jsii.String("exact"),
							},
						},
					},
				},

				// the properties below are optional
				certificate: &clientTlsCertificateProperty{
					file: &listenerTlsFileCertificateProperty{
						certificateChain: jsii.String("certificateChain"),
						privateKey: jsii.String("privateKey"),
					},
					sds: &listenerTlsSdsCertificateProperty{
						secretName: jsii.String("secretName"),
					},
				},
				enforce: jsii.Boolean(false),
				ports: []interface{}{
					jsii.Number(123),
				},
			},
		},
	},
	backends: []interface{}{
		&backendProperty{
			virtualService: &virtualServiceBackendProperty{
				virtualServiceName: jsii.String("virtualServiceName"),

				// the properties below are optional
				clientPolicy: &clientPolicyProperty{
					tls: &clientPolicyTlsProperty{
						validation: &tlsValidationContextProperty{
							trust: &tlsValidationContextTrustProperty{
								acm: &tlsValidationContextAcmTrustProperty{
									certificateAuthorityArns: []*string{
										jsii.String("certificateAuthorityArns"),
									},
								},
								file: &tlsValidationContextFileTrustProperty{
									certificateChain: jsii.String("certificateChain"),
								},
								sds: &tlsValidationContextSdsTrustProperty{
									secretName: jsii.String("secretName"),
								},
							},

							// the properties below are optional
							subjectAlternativeNames: &subjectAlternativeNamesProperty{
								match: &subjectAlternativeNameMatchersProperty{
									exact: []*string{
										jsii.String("exact"),
									},
								},
							},
						},

						// the properties below are optional
						certificate: &clientTlsCertificateProperty{
							file: &listenerTlsFileCertificateProperty{
								certificateChain: jsii.String("certificateChain"),
								privateKey: jsii.String("privateKey"),
							},
							sds: &listenerTlsSdsCertificateProperty{
								secretName: jsii.String("secretName"),
							},
						},
						enforce: jsii.Boolean(false),
						ports: []interface{}{
							jsii.Number(123),
						},
					},
				},
			},
		},
	},
	listeners: []interface{}{
		&listenerProperty{
			portMapping: &portMappingProperty{
				port: jsii.Number(123),
				protocol: jsii.String("protocol"),
			},

			// the properties below are optional
			connectionPool: &virtualNodeConnectionPoolProperty{
				grpc: &virtualNodeGrpcConnectionPoolProperty{
					maxRequests: jsii.Number(123),
				},
				http: &virtualNodeHttpConnectionPoolProperty{
					maxConnections: jsii.Number(123),

					// the properties below are optional
					maxPendingRequests: jsii.Number(123),
				},
				http2: &virtualNodeHttp2ConnectionPoolProperty{
					maxRequests: jsii.Number(123),
				},
				tcp: &virtualNodeTcpConnectionPoolProperty{
					maxConnections: jsii.Number(123),
				},
			},
			healthCheck: &healthCheckProperty{
				healthyThreshold: jsii.Number(123),
				intervalMillis: jsii.Number(123),
				protocol: jsii.String("protocol"),
				timeoutMillis: jsii.Number(123),
				unhealthyThreshold: jsii.Number(123),

				// the properties below are optional
				path: jsii.String("path"),
				port: jsii.Number(123),
			},
			outlierDetection: &outlierDetectionProperty{
				baseEjectionDuration: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				interval: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				maxEjectionPercent: jsii.Number(123),
				maxServerErrors: jsii.Number(123),
			},
			timeout: &listenerTimeoutProperty{
				grpc: &grpcTimeoutProperty{
					idle: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					perRequest: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
				},
				http: &httpTimeoutProperty{
					idle: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					perRequest: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
				},
				http2: &httpTimeoutProperty{
					idle: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
					perRequest: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
				},
				tcp: &tcpTimeoutProperty{
					idle: &durationProperty{
						unit: jsii.String("unit"),
						value: jsii.Number(123),
					},
				},
			},
			tls: &listenerTlsProperty{
				certificate: &listenerTlsCertificateProperty{
					acm: &listenerTlsAcmCertificateProperty{
						certificateArn: jsii.String("certificateArn"),
					},
					file: &listenerTlsFileCertificateProperty{
						certificateChain: jsii.String("certificateChain"),
						privateKey: jsii.String("privateKey"),
					},
					sds: &listenerTlsSdsCertificateProperty{
						secretName: jsii.String("secretName"),
					},
				},
				mode: jsii.String("mode"),

				// the properties below are optional
				validation: &listenerTlsValidationContextProperty{
					trust: &listenerTlsValidationContextTrustProperty{
						file: &tlsValidationContextFileTrustProperty{
							certificateChain: jsii.String("certificateChain"),
						},
						sds: &tlsValidationContextSdsTrustProperty{
							secretName: jsii.String("secretName"),
						},
					},

					// the properties below are optional
					subjectAlternativeNames: &subjectAlternativeNamesProperty{
						match: &subjectAlternativeNameMatchersProperty{
							exact: []*string{
								jsii.String("exact"),
							},
						},
					},
				},
			},
		},
	},
	logging: &loggingProperty{
		accessLog: &accessLogProperty{
			file: &fileAccessLogProperty{
				path: jsii.String("path"),
			},
		},
	},
	serviceDiscovery: &serviceDiscoveryProperty{
		awsCloudMap: &awsCloudMapServiceDiscoveryProperty{
			namespaceName: jsii.String("namespaceName"),
			serviceName: jsii.String("serviceName"),

			// the properties below are optional
			attributes: []interface{}{
				&awsCloudMapInstanceAttributeProperty{
					key: jsii.String("key"),
					value: jsii.String("value"),
				},
			},
			ipPreference: jsii.String("ipPreference"),
		},
		dns: &dnsServiceDiscoveryProperty{
			hostname: jsii.String("hostname"),

			// the properties below are optional
			ipPreference: jsii.String("ipPreference"),
			responseType: jsii.String("responseType"),
		},
	},
}

type CfnVirtualNode_VirtualNodeTcpConnectionPoolProperty

type CfnVirtualNode_VirtualNodeTcpConnectionPoolProperty struct {
	// Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
	MaxConnections *float64 `field:"required" json:"maxConnections" yaml:"maxConnections"`
}

An object that represents a type of connection pool.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeTcpConnectionPoolProperty := &virtualNodeTcpConnectionPoolProperty{
	maxConnections: jsii.Number(123),
}

type CfnVirtualNode_VirtualServiceBackendProperty

type CfnVirtualNode_VirtualServiceBackendProperty struct {
	// The name of the virtual service that is acting as a virtual node backend.
	VirtualServiceName *string `field:"required" json:"virtualServiceName" yaml:"virtualServiceName"`
	// A reference to an object that represents the client policy for a backend.
	ClientPolicy interface{} `field:"optional" json:"clientPolicy" yaml:"clientPolicy"`
}

An object that represents a virtual service backend for a virtual node.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualServiceBackendProperty := &virtualServiceBackendProperty{
	virtualServiceName: jsii.String("virtualServiceName"),

	// the properties below are optional
	clientPolicy: &clientPolicyProperty{
		tls: &clientPolicyTlsProperty{
			validation: &tlsValidationContextProperty{
				trust: &tlsValidationContextTrustProperty{
					acm: &tlsValidationContextAcmTrustProperty{
						certificateAuthorityArns: []*string{
							jsii.String("certificateAuthorityArns"),
						},
					},
					file: &tlsValidationContextFileTrustProperty{
						certificateChain: jsii.String("certificateChain"),
					},
					sds: &tlsValidationContextSdsTrustProperty{
						secretName: jsii.String("secretName"),
					},
				},

				// the properties below are optional
				subjectAlternativeNames: &subjectAlternativeNamesProperty{
					match: &subjectAlternativeNameMatchersProperty{
						exact: []*string{
							jsii.String("exact"),
						},
					},
				},
			},

			// the properties below are optional
			certificate: &clientTlsCertificateProperty{
				file: &listenerTlsFileCertificateProperty{
					certificateChain: jsii.String("certificateChain"),
					privateKey: jsii.String("privateKey"),
				},
				sds: &listenerTlsSdsCertificateProperty{
					secretName: jsii.String("secretName"),
				},
			},
			enforce: jsii.Boolean(false),
			ports: []interface{}{
				jsii.Number(123),
			},
		},
	},
}

type CfnVirtualRouter

type CfnVirtualRouter interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the virtual router.
	AttrArn() *string
	// The name of the service mesh that the virtual router resides in.
	AttrMeshName() *string
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The AWS IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The unique identifier for the virtual router.
	AttrUid() *string
	// The name of the virtual router.
	AttrVirtualRouterName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name of the service mesh to create the virtual router in.
	MeshName() *string
	SetMeshName(val *string)
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner() *string
	SetMeshOwner(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The virtual router specification to apply.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the virtual router to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The name to use for the virtual router.
	VirtualRouterName() *string
	SetVirtualRouterName(val *string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::VirtualRouter`.

Creates a virtual router within a service mesh.

Specify a `listener` for any inbound traffic that your virtual router receives. Create a virtual router for each protocol and port that you need to route. Virtual routers handle traffic for one or more virtual services within your mesh. After you create your virtual router, create and associate routes for your virtual router that direct incoming requests to different virtual nodes.

For more information about virtual routers, see [Virtual routers](https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_routers.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualRouter := awscdk.Aws_appmesh.NewCfnVirtualRouter(this, jsii.String("MyCfnVirtualRouter"), &cfnVirtualRouterProps{
	meshName: jsii.String("meshName"),
	spec: &virtualRouterSpecProperty{
		listeners: []interface{}{
			&virtualRouterListenerProperty{
				portMapping: &portMappingProperty{
					port: jsii.Number(123),
					protocol: jsii.String("protocol"),
				},
			},
		},
	},

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	virtualRouterName: jsii.String("virtualRouterName"),
})

func NewCfnVirtualRouter

func NewCfnVirtualRouter(scope awscdk.Construct, id *string, props *CfnVirtualRouterProps) CfnVirtualRouter

Create a new `AWS::AppMesh::VirtualRouter`.

type CfnVirtualRouterProps

type CfnVirtualRouterProps struct {
	// The name of the service mesh to create the virtual router in.
	MeshName *string `field:"required" json:"meshName" yaml:"meshName"`
	// The virtual router specification to apply.
	Spec interface{} `field:"required" json:"spec" yaml:"spec"`
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner *string `field:"optional" json:"meshOwner" yaml:"meshOwner"`
	// Optional metadata that you can apply to the virtual router to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// The name to use for the virtual router.
	VirtualRouterName *string `field:"optional" json:"virtualRouterName" yaml:"virtualRouterName"`
}

Properties for defining a `CfnVirtualRouter`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualRouterProps := &cfnVirtualRouterProps{
	meshName: jsii.String("meshName"),
	spec: &virtualRouterSpecProperty{
		listeners: []interface{}{
			&virtualRouterListenerProperty{
				portMapping: &portMappingProperty{
					port: jsii.Number(123),
					protocol: jsii.String("protocol"),
				},
			},
		},
	},

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
	virtualRouterName: jsii.String("virtualRouterName"),
}

type CfnVirtualRouter_PortMappingProperty

type CfnVirtualRouter_PortMappingProperty struct {
	// The port used for the port mapping.
	Port *float64 `field:"required" json:"port" yaml:"port"`
	// The protocol used for the port mapping.
	//
	// Specify one protocol.
	Protocol *string `field:"required" json:"protocol" yaml:"protocol"`
}

An object representing a virtual router listener port mapping.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

portMappingProperty := &portMappingProperty{
	port: jsii.Number(123),
	protocol: jsii.String("protocol"),
}

type CfnVirtualRouter_VirtualRouterListenerProperty

type CfnVirtualRouter_VirtualRouterListenerProperty struct {
	// The port mapping information for the listener.
	PortMapping interface{} `field:"required" json:"portMapping" yaml:"portMapping"`
}

An object that represents a virtual router listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualRouterListenerProperty := &virtualRouterListenerProperty{
	portMapping: &portMappingProperty{
		port: jsii.Number(123),
		protocol: jsii.String("protocol"),
	},
}

type CfnVirtualRouter_VirtualRouterSpecProperty

type CfnVirtualRouter_VirtualRouterSpecProperty struct {
	// The listeners that the virtual router is expected to receive inbound traffic from.
	//
	// You can specify one listener.
	Listeners interface{} `field:"required" json:"listeners" yaml:"listeners"`
}

An object that represents the specification of a virtual router.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualRouterSpecProperty := &virtualRouterSpecProperty{
	listeners: []interface{}{
		&virtualRouterListenerProperty{
			portMapping: &portMappingProperty{
				port: jsii.Number(123),
				protocol: jsii.String("protocol"),
			},
		},
	},
}

type CfnVirtualService

type CfnVirtualService interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The full Amazon Resource Name (ARN) for the virtual service.
	AttrArn() *string
	// The name of the service mesh that the virtual service resides in.
	AttrMeshName() *string
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrMeshOwner() *string
	// The AWS IAM account ID of the resource owner.
	//
	// If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see [Working with Shared Meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	AttrResourceOwner() *string
	// The unique identifier for the virtual service.
	AttrUid() *string
	// The name of the virtual service.
	AttrVirtualServiceName() *string
	// Options for this resource, such as condition, update policy etc.
	// Experimental.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	// Experimental.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	// Experimental.
	CreationStack() *[]*string
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	// Experimental.
	LogicalId() *string
	// The name of the service mesh to create the virtual service in.
	MeshName() *string
	SetMeshName(val *string)
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner() *string
	SetMeshOwner(val *string)
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	// Experimental.
	Ref() *string
	// The virtual service specification to apply.
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	// Experimental.
	Stack() awscdk.Stack
	// Optional metadata that you can apply to the virtual service to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags() awscdk.TagManager
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	// Experimental.
	UpdatedProperites() *map[string]interface{}
	// The name to use for the virtual service.
	VirtualServiceName() *string
	SetVirtualServiceName(val *string)
	// Syntactic sugar for `addOverride(path, undefined)`.
	// Experimental.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	// Experimental.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	// Experimental.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	// Experimental.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	// Experimental.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	// Experimental.
	GetAtt(attributeName *string) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	// Experimental.
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	// Experimental.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	// Experimental.
	ShouldSynthesize() *bool
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
	// Experimental.
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::AppMesh::VirtualService`.

Creates a virtual service within a service mesh.

A virtual service is an abstraction of a real service that is provided by a virtual node directly or indirectly by means of a virtual router. Dependent services call your virtual service by its `virtualServiceName` , and those requests are routed to the virtual node or virtual router that is specified as the provider for the virtual service.

For more information about virtual services, see [Virtual services](https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_services.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualService := awscdk.Aws_appmesh.NewCfnVirtualService(this, jsii.String("MyCfnVirtualService"), &cfnVirtualServiceProps{
	meshName: jsii.String("meshName"),
	spec: &virtualServiceSpecProperty{
		provider: &virtualServiceProviderProperty{
			virtualNode: &virtualNodeServiceProviderProperty{
				virtualNodeName: jsii.String("virtualNodeName"),
			},
			virtualRouter: &virtualRouterServiceProviderProperty{
				virtualRouterName: jsii.String("virtualRouterName"),
			},
		},
	},
	virtualServiceName: jsii.String("virtualServiceName"),

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
})

func NewCfnVirtualService

func NewCfnVirtualService(scope awscdk.Construct, id *string, props *CfnVirtualServiceProps) CfnVirtualService

Create a new `AWS::AppMesh::VirtualService`.

type CfnVirtualServiceProps

type CfnVirtualServiceProps struct {
	// The name of the service mesh to create the virtual service in.
	MeshName *string `field:"required" json:"meshName" yaml:"meshName"`
	// The virtual service specification to apply.
	Spec interface{} `field:"required" json:"spec" yaml:"spec"`
	// The name to use for the virtual service.
	VirtualServiceName *string `field:"required" json:"virtualServiceName" yaml:"virtualServiceName"`
	// The AWS IAM account ID of the service mesh owner.
	//
	// If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .
	MeshOwner *string `field:"optional" json:"meshOwner" yaml:"meshOwner"`
	// Optional metadata that you can apply to the virtual service to assist with categorization and organization.
	//
	// Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnVirtualService`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnVirtualServiceProps := &cfnVirtualServiceProps{
	meshName: jsii.String("meshName"),
	spec: &virtualServiceSpecProperty{
		provider: &virtualServiceProviderProperty{
			virtualNode: &virtualNodeServiceProviderProperty{
				virtualNodeName: jsii.String("virtualNodeName"),
			},
			virtualRouter: &virtualRouterServiceProviderProperty{
				virtualRouterName: jsii.String("virtualRouterName"),
			},
		},
	},
	virtualServiceName: jsii.String("virtualServiceName"),

	// the properties below are optional
	meshOwner: jsii.String("meshOwner"),
	tags: []cfnTag{
		&cfnTag{
			key: jsii.String("key"),
			value: jsii.String("value"),
		},
	},
}

type CfnVirtualService_VirtualNodeServiceProviderProperty

type CfnVirtualService_VirtualNodeServiceProviderProperty struct {
	// The name of the virtual node that is acting as a service provider.
	VirtualNodeName *string `field:"required" json:"virtualNodeName" yaml:"virtualNodeName"`
}

An object that represents a virtual node service provider.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeServiceProviderProperty := &virtualNodeServiceProviderProperty{
	virtualNodeName: jsii.String("virtualNodeName"),
}

type CfnVirtualService_VirtualRouterServiceProviderProperty

type CfnVirtualService_VirtualRouterServiceProviderProperty struct {
	// The name of the virtual router that is acting as a service provider.
	VirtualRouterName *string `field:"required" json:"virtualRouterName" yaml:"virtualRouterName"`
}

An object that represents a virtual node service provider.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualRouterServiceProviderProperty := &virtualRouterServiceProviderProperty{
	virtualRouterName: jsii.String("virtualRouterName"),
}

type CfnVirtualService_VirtualServiceProviderProperty

type CfnVirtualService_VirtualServiceProviderProperty struct {
	// The virtual node associated with a virtual service.
	VirtualNode interface{} `field:"optional" json:"virtualNode" yaml:"virtualNode"`
	// The virtual router associated with a virtual service.
	VirtualRouter interface{} `field:"optional" json:"virtualRouter" yaml:"virtualRouter"`
}

An object that represents the provider for a virtual service.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualServiceProviderProperty := &virtualServiceProviderProperty{
	virtualNode: &virtualNodeServiceProviderProperty{
		virtualNodeName: jsii.String("virtualNodeName"),
	},
	virtualRouter: &virtualRouterServiceProviderProperty{
		virtualRouterName: jsii.String("virtualRouterName"),
	},
}

type CfnVirtualService_VirtualServiceSpecProperty

type CfnVirtualService_VirtualServiceSpecProperty struct {
	// The App Mesh object that is acting as the provider for a virtual service.
	//
	// You can specify a single virtual node or virtual router.
	Provider interface{} `field:"optional" json:"provider" yaml:"provider"`
}

An object that represents the specification of a virtual service.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualServiceSpecProperty := &virtualServiceSpecProperty{
	provider: &virtualServiceProviderProperty{
		virtualNode: &virtualNodeServiceProviderProperty{
			virtualNodeName: jsii.String("virtualNodeName"),
		},
		virtualRouter: &virtualRouterServiceProviderProperty{
			virtualRouterName: jsii.String("virtualRouterName"),
		},
	},
}

type CommonGatewayRouteSpecOptions

type CommonGatewayRouteSpecOptions struct {
	// The priority for the gateway route.
	//
	// When a Virtual Gateway has multiple gateway routes, gateway route match
	// is performed in the order of specified value, where 0 is the highest priority,
	// and first matched gateway route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
}

Base options for all gateway route specs.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

commonGatewayRouteSpecOptions := &commonGatewayRouteSpecOptions{
	priority: jsii.Number(123),
}

Experimental.

type DnsResponseType

type DnsResponseType string

Enum of DNS service discovery response type.

Example:

// A Virtual Node with a gRPC listener with a connection pool set
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	// DNS service discovery can optionally specify the DNS response type as either LOAD_BALANCER or ENDPOINTS.
	// LOAD_BALANCER means that the DNS resolver returns a loadbalanced set of endpoints,
	// whereas ENDPOINTS means that the DNS resolver is returning all the endpoints.
	// By default, the response type is assumed to be LOAD_BALANCER
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node"), appmesh.dnsResponseType_ENDPOINTS),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(80),
			connectionPool: &httpConnectionPool{
				maxConnections: jsii.Number(100),
				maxPendingRequests: jsii.Number(10),
			},
		}),
	},
})

// A Virtual Gateway with a gRPC listener with a connection pool set
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			connectionPool: &grpcConnectionPool{
				maxRequests: jsii.Number(10),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

Experimental.

const (
	// DNS resolver returns a loadbalanced set of endpoints and the traffic would be sent to the given endpoints.
	//
	// It would not drain existing connections to other endpoints that are not part of this list.
	// Experimental.
	DnsResponseType_LOAD_BALANCER DnsResponseType = "LOAD_BALANCER"
	// DNS resolver is returning all the endpoints.
	//
	// This also means that if an endpoint is missing, it would drain the current connections to the missing endpoint.
	// Experimental.
	DnsResponseType_ENDPOINTS DnsResponseType = "ENDPOINTS"
)

type GatewayRoute

type GatewayRoute interface {
	awscdk.Resource
	IGatewayRoute
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The Amazon Resource Name (ARN) for the GatewayRoute.
	// Experimental.
	GatewayRouteArn() *string
	// The name of the GatewayRoute.
	// Experimental.
	GatewayRouteName() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The VirtualGateway this GatewayRoute is a part of.
	// Experimental.
	VirtualGateway() IVirtualGateway
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

GatewayRoute represents a new or existing gateway route attached to a VirtualGateway and Mesh.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var gatewayRouteSpec gatewayRouteSpec
var virtualGateway virtualGateway

gatewayRoute := awscdk.Aws_appmesh.NewGatewayRoute(this, jsii.String("MyGatewayRoute"), &gatewayRouteProps{
	routeSpec: gatewayRouteSpec,
	virtualGateway: virtualGateway,

	// the properties below are optional
	gatewayRouteName: jsii.String("gatewayRouteName"),
})

See: https://docs.aws.amazon.com/app-mesh/latest/userguide/gateway-routes.html

Experimental.

func NewGatewayRoute

func NewGatewayRoute(scope constructs.Construct, id *string, props *GatewayRouteProps) GatewayRoute

Experimental.

type GatewayRouteAttributes

type GatewayRouteAttributes struct {
	// The name of the GatewayRoute.
	// Experimental.
	GatewayRouteName *string `field:"required" json:"gatewayRouteName" yaml:"gatewayRouteName"`
	// The VirtualGateway this GatewayRoute is associated with.
	// Experimental.
	VirtualGateway IVirtualGateway `field:"required" json:"virtualGateway" yaml:"virtualGateway"`
}

Interface with properties necessary to import a reusable GatewayRoute.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var virtualGateway virtualGateway

gatewayRouteAttributes := &gatewayRouteAttributes{
	gatewayRouteName: jsii.String("gatewayRouteName"),
	virtualGateway: virtualGateway,
}

Experimental.

type GatewayRouteBaseProps

type GatewayRouteBaseProps struct {
	// What protocol the route uses.
	// Experimental.
	RouteSpec GatewayRouteSpec `field:"required" json:"routeSpec" yaml:"routeSpec"`
	// The name of the GatewayRoute.
	// Experimental.
	GatewayRouteName *string `field:"optional" json:"gatewayRouteName" yaml:"gatewayRouteName"`
}

Basic configuration properties for a GatewayRoute.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.exactly(jsii.String("example.com")),
			// This disables the default rewrite to virtual service name and retain original request.
			rewriteRequestHostname: jsii.Boolean(false),
		},
	}),
})

Experimental.

type GatewayRouteHostnameMatch

type GatewayRouteHostnameMatch interface {
	// Returns the gateway route host name match configuration.
	// Experimental.
	Bind(scope awscdk.Construct) *GatewayRouteHostnameMatchConfig
}

Used to generate host name matching methods.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.endsWith(jsii.String(".example.com")),
		},
	}),
})

Experimental.

func GatewayRouteHostnameMatch_EndsWith

func GatewayRouteHostnameMatch_EndsWith(suffix *string) GatewayRouteHostnameMatch

The value of the host name with the given name must end with the specified characters. Experimental.

func GatewayRouteHostnameMatch_Exactly

func GatewayRouteHostnameMatch_Exactly(name *string) GatewayRouteHostnameMatch

The value of the host name must match the specified value exactly. Experimental.

type GatewayRouteHostnameMatchConfig

type GatewayRouteHostnameMatchConfig struct {
	// GatewayRoute CFN configuration for host name match.
	// Experimental.
	HostnameMatch *CfnGatewayRoute_GatewayRouteHostnameMatchProperty `field:"required" json:"hostnameMatch" yaml:"hostnameMatch"`
}

Configuration for gateway route host name match.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteHostnameMatchConfig := &gatewayRouteHostnameMatchConfig{
	hostnameMatch: &gatewayRouteHostnameMatchProperty{
		exact: jsii.String("exact"),
		suffix: jsii.String("suffix"),
	},
}

Experimental.

type GatewayRouteProps

type GatewayRouteProps struct {
	// What protocol the route uses.
	// Experimental.
	RouteSpec GatewayRouteSpec `field:"required" json:"routeSpec" yaml:"routeSpec"`
	// The name of the GatewayRoute.
	// Experimental.
	GatewayRouteName *string `field:"optional" json:"gatewayRouteName" yaml:"gatewayRouteName"`
	// The VirtualGateway this GatewayRoute is associated with.
	// Experimental.
	VirtualGateway IVirtualGateway `field:"required" json:"virtualGateway" yaml:"virtualGateway"`
}

Properties to define a new GatewayRoute.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var gatewayRouteSpec gatewayRouteSpec
var virtualGateway virtualGateway

gatewayRouteProps := &gatewayRouteProps{
	routeSpec: gatewayRouteSpec,
	virtualGateway: virtualGateway,

	// the properties below are optional
	gatewayRouteName: jsii.String("gatewayRouteName"),
}

Experimental.

type GatewayRouteSpec

type GatewayRouteSpec interface {
	// Called when the GatewayRouteSpec type is initialized.
	//
	// Can be used to enforce
	// mutual exclusivity with future properties.
	// Experimental.
	Bind(scope awscdk.Construct) *GatewayRouteSpecConfig
}

Used to generate specs with different protocols for a GatewayRoute.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.exactly(jsii.String("example.com")),
			// This disables the default rewrite to virtual service name and retain original request.
			rewriteRequestHostname: jsii.Boolean(false),
		},
	}),
})

Experimental.

func GatewayRouteSpec_Grpc

func GatewayRouteSpec_Grpc(options *GrpcGatewayRouteSpecOptions) GatewayRouteSpec

Creates an gRPC Based GatewayRoute. Experimental.

func GatewayRouteSpec_Http

func GatewayRouteSpec_Http(options *HttpGatewayRouteSpecOptions) GatewayRouteSpec

Creates an HTTP Based GatewayRoute. Experimental.

func GatewayRouteSpec_Http2

func GatewayRouteSpec_Http2(options *HttpGatewayRouteSpecOptions) GatewayRouteSpec

Creates an HTTP2 Based GatewayRoute. Experimental.

type GatewayRouteSpecConfig

type GatewayRouteSpecConfig struct {
	// The spec for a grpc gateway route.
	// Experimental.
	GrpcSpecConfig *CfnGatewayRoute_GrpcGatewayRouteProperty `field:"optional" json:"grpcSpecConfig" yaml:"grpcSpecConfig"`
	// The spec for an http2 gateway route.
	// Experimental.
	Http2SpecConfig *CfnGatewayRoute_HttpGatewayRouteProperty `field:"optional" json:"http2SpecConfig" yaml:"http2SpecConfig"`
	// The spec for an http gateway route.
	// Experimental.
	HttpSpecConfig *CfnGatewayRoute_HttpGatewayRouteProperty `field:"optional" json:"httpSpecConfig" yaml:"httpSpecConfig"`
	// The priority for the gateway route.
	//
	// When a Virtual Gateway has multiple gateway routes, gateway route match
	// is performed in the order of specified value, where 0 is the highest priority,
	// and first matched gateway route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
}

All Properties for GatewayRoute Specs.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

gatewayRouteSpecConfig := &gatewayRouteSpecConfig{
	grpcSpecConfig: &grpcGatewayRouteProperty{
		action: &grpcGatewayRouteActionProperty{
			target: &gatewayRouteTargetProperty{
				virtualService: &gatewayRouteVirtualServiceProperty{
					virtualServiceName: jsii.String("virtualServiceName"),
				},
			},

			// the properties below are optional
			rewrite: &grpcGatewayRouteRewriteProperty{
				hostname: &gatewayRouteHostnameRewriteProperty{
					defaultTargetHostname: jsii.String("defaultTargetHostname"),
				},
			},
		},
		match: &grpcGatewayRouteMatchProperty{
			hostname: &gatewayRouteHostnameMatchProperty{
				exact: jsii.String("exact"),
				suffix: jsii.String("suffix"),
			},
			metadata: []interface{}{
				&grpcGatewayRouteMetadataProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &gatewayRouteMetadataMatchProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &gatewayRouteRangeMatchProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			serviceName: jsii.String("serviceName"),
		},
	},
	http2SpecConfig: &httpGatewayRouteProperty{
		action: &httpGatewayRouteActionProperty{
			target: &gatewayRouteTargetProperty{
				virtualService: &gatewayRouteVirtualServiceProperty{
					virtualServiceName: jsii.String("virtualServiceName"),
				},
			},

			// the properties below are optional
			rewrite: &httpGatewayRouteRewriteProperty{
				hostname: &gatewayRouteHostnameRewriteProperty{
					defaultTargetHostname: jsii.String("defaultTargetHostname"),
				},
				path: &httpGatewayRoutePathRewriteProperty{
					exact: jsii.String("exact"),
				},
				prefix: &httpGatewayRoutePrefixRewriteProperty{
					defaultPrefix: jsii.String("defaultPrefix"),
					value: jsii.String("value"),
				},
			},
		},
		match: &httpGatewayRouteMatchProperty{
			headers: []interface{}{
				&httpGatewayRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &httpGatewayRouteHeaderMatchProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &gatewayRouteRangeMatchProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			hostname: &gatewayRouteHostnameMatchProperty{
				exact: jsii.String("exact"),
				suffix: jsii.String("suffix"),
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
		},
	},
	httpSpecConfig: &httpGatewayRouteProperty{
		action: &httpGatewayRouteActionProperty{
			target: &gatewayRouteTargetProperty{
				virtualService: &gatewayRouteVirtualServiceProperty{
					virtualServiceName: jsii.String("virtualServiceName"),
				},
			},

			// the properties below are optional
			rewrite: &httpGatewayRouteRewriteProperty{
				hostname: &gatewayRouteHostnameRewriteProperty{
					defaultTargetHostname: jsii.String("defaultTargetHostname"),
				},
				path: &httpGatewayRoutePathRewriteProperty{
					exact: jsii.String("exact"),
				},
				prefix: &httpGatewayRoutePrefixRewriteProperty{
					defaultPrefix: jsii.String("defaultPrefix"),
					value: jsii.String("value"),
				},
			},
		},
		match: &httpGatewayRouteMatchProperty{
			headers: []interface{}{
				&httpGatewayRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &httpGatewayRouteHeaderMatchProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &gatewayRouteRangeMatchProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			hostname: &gatewayRouteHostnameMatchProperty{
				exact: jsii.String("exact"),
				suffix: jsii.String("suffix"),
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
		},
	},
	priority: jsii.Number(123),
}

Experimental.

type GrpcConnectionPool

type GrpcConnectionPool struct {
	// The maximum requests in the pool.
	// Experimental.
	MaxRequests *float64 `field:"required" json:"maxRequests" yaml:"maxRequests"`
}

Connection pool properties for gRPC listeners.

Example:

// A Virtual Node with a gRPC listener with a connection pool set
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	// DNS service discovery can optionally specify the DNS response type as either LOAD_BALANCER or ENDPOINTS.
	// LOAD_BALANCER means that the DNS resolver returns a loadbalanced set of endpoints,
	// whereas ENDPOINTS means that the DNS resolver is returning all the endpoints.
	// By default, the response type is assumed to be LOAD_BALANCER
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node"), appmesh.dnsResponseType_ENDPOINTS),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(80),
			connectionPool: &httpConnectionPool{
				maxConnections: jsii.Number(100),
				maxPendingRequests: jsii.Number(10),
			},
		}),
	},
})

// A Virtual Gateway with a gRPC listener with a connection pool set
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			connectionPool: &grpcConnectionPool{
				maxRequests: jsii.Number(10),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

Experimental.

type GrpcGatewayListenerOptions

type GrpcGatewayListenerOptions struct {
	// Connection pool for http listeners.
	// Experimental.
	ConnectionPool *GrpcConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represents the properties needed to define GRPC Listeners for a VirtualGateway.

Example:

// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})

Experimental.

type GrpcGatewayRouteMatch

type GrpcGatewayRouteMatch struct {
	// Create host name based gRPC gateway route match.
	// Experimental.
	Hostname GatewayRouteHostnameMatch `field:"optional" json:"hostname" yaml:"hostname"`
	// Create metadata based gRPC gateway route match.
	//
	// All specified metadata must match for the route to match.
	// Experimental.
	Metadata *[]HeaderMatch `field:"optional" json:"metadata" yaml:"metadata"`
	// When `true`, rewrites the original request received at the Virtual Gateway to the destination Virtual Service name.
	//
	// When `false`, retains the original hostname from the request.
	// Experimental.
	RewriteRequestHostname *bool `field:"optional" json:"rewriteRequestHostname" yaml:"rewriteRequestHostname"`
	// Create service name based gRPC gateway route match.
	// Experimental.
	ServiceName *string `field:"optional" json:"serviceName" yaml:"serviceName"`
}

The criterion for determining a request match for this GatewayRoute.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.endsWith(jsii.String(".example.com")),
		},
	}),
})

Experimental.

type GrpcGatewayRouteSpecOptions

type GrpcGatewayRouteSpecOptions struct {
	// The priority for the gateway route.
	//
	// When a Virtual Gateway has multiple gateway routes, gateway route match
	// is performed in the order of specified value, where 0 is the highest priority,
	// and first matched gateway route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// The criterion for determining a request match for this GatewayRoute.
	// Experimental.
	Match *GrpcGatewayRouteMatch `field:"required" json:"match" yaml:"match"`
	// The VirtualService this GatewayRoute directs traffic to.
	// Experimental.
	RouteTarget IVirtualService `field:"required" json:"routeTarget" yaml:"routeTarget"`
}

Properties specific for a gRPC GatewayRoute.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-grpc"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.grpc(&grpcGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &grpcGatewayRouteMatch{
			hostname: appmesh.gatewayRouteHostnameMatch.endsWith(jsii.String(".example.com")),
		},
	}),
})

Experimental.

type GrpcHealthCheckOptions

type GrpcHealthCheckOptions struct {
	// The number of consecutive successful health checks that must occur before declaring listener healthy.
	// Experimental.
	HealthyThreshold *float64 `field:"optional" json:"healthyThreshold" yaml:"healthyThreshold"`
	// The time period between each health check execution.
	// Experimental.
	Interval awscdk.Duration `field:"optional" json:"interval" yaml:"interval"`
	// The amount of time to wait when receiving a response from the health check.
	// Experimental.
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// The number of consecutive failed health checks that must occur before declaring a listener unhealthy.
	// Experimental.
	UnhealthyThreshold *float64 `field:"optional" json:"unhealthyThreshold" yaml:"unhealthyThreshold"`
}

Properties used to define GRPC Based healthchecks.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration

grpcHealthCheckOptions := &grpcHealthCheckOptions{
	healthyThreshold: jsii.Number(123),
	interval: duration,
	timeout: duration,
	unhealthyThreshold: jsii.Number(123),
}

Experimental.

type GrpcRetryEvent

type GrpcRetryEvent string

gRPC events.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-grpc-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("servicename"),
		},
		retryPolicy: &grpcRetryPolicy{
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry if gRPC responds that the request was cancelled, a resource
			// was exhausted, or if the service is unavailable
			grpcRetryEvents: []grpcRetryEvent{
				appmesh.*grpcRetryEvent_CANCELLED,
				appmesh.*grpcRetryEvent_RESOURCE_EXHAUSTED,
				appmesh.*grpcRetryEvent_UNAVAILABLE,
			},
			retryAttempts: jsii.Number(5),
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

const (
	// Request was cancelled.
	// See: https://grpc.github.io/grpc/core/md_doc_statuscodes.html
	//
	// Experimental.
	GrpcRetryEvent_CANCELLED GrpcRetryEvent = "CANCELLED"
	// The deadline was exceeded.
	// See: https://grpc.github.io/grpc/core/md_doc_statuscodes.html
	//
	// Experimental.
	GrpcRetryEvent_DEADLINE_EXCEEDED GrpcRetryEvent = "DEADLINE_EXCEEDED"
	// Internal error.
	// See: https://grpc.github.io/grpc/core/md_doc_statuscodes.html
	//
	// Experimental.
	GrpcRetryEvent_INTERNAL_ERROR GrpcRetryEvent = "INTERNAL_ERROR"
	// A resource was exhausted.
	// See: https://grpc.github.io/grpc/core/md_doc_statuscodes.html
	//
	// Experimental.
	GrpcRetryEvent_RESOURCE_EXHAUSTED GrpcRetryEvent = "RESOURCE_EXHAUSTED"
	// The service is unavailable.
	// See: https://grpc.github.io/grpc/core/md_doc_statuscodes.html
	//
	// Experimental.
	GrpcRetryEvent_UNAVAILABLE GrpcRetryEvent = "UNAVAILABLE"
)

type GrpcRetryPolicy

type GrpcRetryPolicy struct {
	// The maximum number of retry attempts.
	// Experimental.
	RetryAttempts *float64 `field:"required" json:"retryAttempts" yaml:"retryAttempts"`
	// The timeout for each retry attempt.
	// Experimental.
	RetryTimeout awscdk.Duration `field:"required" json:"retryTimeout" yaml:"retryTimeout"`
	// Specify HTTP events on which to retry.
	//
	// You must specify at least one value
	// for at least one types of retry events.
	// Experimental.
	HttpRetryEvents *[]HttpRetryEvent `field:"optional" json:"httpRetryEvents" yaml:"httpRetryEvents"`
	// TCP events on which to retry.
	//
	// The event occurs before any processing of a
	// request has started and is encountered when the upstream is temporarily or
	// permanently unavailable. You must specify at least one value for at least
	// one types of retry events.
	// Experimental.
	TcpRetryEvents *[]TcpRetryEvent `field:"optional" json:"tcpRetryEvents" yaml:"tcpRetryEvents"`
	// gRPC events on which to retry.
	//
	// You must specify at least one value
	// for at least one types of retry events.
	// Experimental.
	GrpcRetryEvents *[]GrpcRetryEvent `field:"optional" json:"grpcRetryEvents" yaml:"grpcRetryEvents"`
}

gRPC retry policy.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-grpc-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("servicename"),
		},
		retryPolicy: &grpcRetryPolicy{
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry if gRPC responds that the request was cancelled, a resource
			// was exhausted, or if the service is unavailable
			grpcRetryEvents: []grpcRetryEvent{
				appmesh.*grpcRetryEvent_CANCELLED,
				appmesh.*grpcRetryEvent_RESOURCE_EXHAUSTED,
				appmesh.*grpcRetryEvent_UNAVAILABLE,
			},
			retryAttempts: jsii.Number(5),
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type GrpcRouteMatch

type GrpcRouteMatch struct {
	// Create metadata based gRPC route match.
	//
	// All specified metadata must match for the route to match.
	// Experimental.
	Metadata *[]HeaderMatch `field:"optional" json:"metadata" yaml:"metadata"`
	// The method name to match from the request.
	//
	// If the method name is specified, service name must be also provided.
	// Experimental.
	MethodName *string `field:"optional" json:"methodName" yaml:"methodName"`
	// Create service name based gRPC route match.
	// Experimental.
	ServiceName *string `field:"optional" json:"serviceName" yaml:"serviceName"`
}

The criterion for determining a request match for this Route.

At least one match type must be selected.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("my-service.default.svc.cluster.local"),
		},
		timeout: &grpcTimeout{
			idle: cdk.duration.seconds(jsii.Number(2)),
			perRequest: cdk.*duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type GrpcRouteSpecOptions

type GrpcRouteSpecOptions struct {
	// The priority for the route.
	//
	// When a Virtual Router has multiple routes, route match is performed in the
	// order of specified value, where 0 is the highest priority, and first matched route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// The criterion for determining a request match for this Route.
	// Experimental.
	Match *GrpcRouteMatch `field:"required" json:"match" yaml:"match"`
	// List of targets that traffic is routed to when a request matches the route.
	// Experimental.
	WeightedTargets *[]*WeightedTarget `field:"required" json:"weightedTargets" yaml:"weightedTargets"`
	// The retry policy.
	// Experimental.
	RetryPolicy *GrpcRetryPolicy `field:"optional" json:"retryPolicy" yaml:"retryPolicy"`
	// An object that represents a grpc timeout.
	// Experimental.
	Timeout *GrpcTimeout `field:"optional" json:"timeout" yaml:"timeout"`
}

Properties specific for a GRPC Based Routes.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("my-service.default.svc.cluster.local"),
		},
		timeout: &grpcTimeout{
			idle: cdk.duration.seconds(jsii.Number(2)),
			perRequest: cdk.*duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type GrpcTimeout

type GrpcTimeout struct {
	// Represents an idle timeout.
	//
	// The amount of time that a connection may be idle.
	// Experimental.
	Idle awscdk.Duration `field:"optional" json:"idle" yaml:"idle"`
	// Represents per request timeout.
	// Experimental.
	PerRequest awscdk.Duration `field:"optional" json:"perRequest" yaml:"perRequest"`
}

Represents timeouts for GRPC protocols.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.grpc(&grpcRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &grpcRouteMatch{
			serviceName: jsii.String("my-service.default.svc.cluster.local"),
		},
		timeout: &grpcTimeout{
			idle: cdk.duration.seconds(jsii.Number(2)),
			perRequest: cdk.*duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type GrpcVirtualNodeListenerOptions

type GrpcVirtualNodeListenerOptions struct {
	// Connection pool for http listeners.
	// Experimental.
	ConnectionPool *GrpcConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Represents the configuration for enabling outlier detection.
	// Experimental.
	OutlierDetection *OutlierDetection `field:"optional" json:"outlierDetection" yaml:"outlierDetection"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Timeout for GRPC protocol.
	// Experimental.
	Timeout *GrpcTimeout `field:"optional" json:"timeout" yaml:"timeout"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represent the GRPC Node Listener prorperty.

Example:

// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})

Experimental.

type HeaderMatch

type HeaderMatch interface {
	// Returns the header match configuration.
	// Experimental.
	Bind(scope awscdk.Construct) *HeaderMatchConfig
}

Used to generate header matching methods.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.exactly(jsii.String("/exact")),
			method: appmesh.httpRouteMethod_POST,
			protocol: appmesh.httpRouteProtocol_HTTPS,
			headers: []headerMatch{
				appmesh.*headerMatch.valueIs(jsii.String("Content-Type"), jsii.String("application/json")),
				appmesh.*headerMatch.valueIsNot(jsii.String("Content-Type"), jsii.String("application/json")),
			},
			queryParameters: []queryParameterMatch{
				appmesh.*queryParameterMatch.valueIs(jsii.String("query-field"), jsii.String("value")),
			},
		},
	}),
})

Experimental.

func HeaderMatch_ValueDoesNotEndWith

func HeaderMatch_ValueDoesNotEndWith(headerName *string, suffix *string) HeaderMatch

The value of the header with the given name in the request must not end with the specified characters. Experimental.

func HeaderMatch_ValueDoesNotMatchRegex

func HeaderMatch_ValueDoesNotMatchRegex(headerName *string, regex *string) HeaderMatch

The value of the header with the given name in the request must not include the specified characters. Experimental.

func HeaderMatch_ValueDoesNotStartWith

func HeaderMatch_ValueDoesNotStartWith(headerName *string, prefix *string) HeaderMatch

The value of the header with the given name in the request must not start with the specified characters. Experimental.

func HeaderMatch_ValueEndsWith

func HeaderMatch_ValueEndsWith(headerName *string, suffix *string) HeaderMatch

The value of the header with the given name in the request must end with the specified characters. Experimental.

func HeaderMatch_ValueIs

func HeaderMatch_ValueIs(headerName *string, headerValue *string) HeaderMatch

The value of the header with the given name in the request must match the specified value exactly. Experimental.

func HeaderMatch_ValueIsNot

func HeaderMatch_ValueIsNot(headerName *string, headerValue *string) HeaderMatch

The value of the header with the given name in the request must not match the specified value exactly. Experimental.

func HeaderMatch_ValueMatchesRegex

func HeaderMatch_ValueMatchesRegex(headerName *string, regex *string) HeaderMatch

The value of the header with the given name in the request must include the specified characters. Experimental.

func HeaderMatch_ValueStartsWith

func HeaderMatch_ValueStartsWith(headerName *string, prefix *string) HeaderMatch

The value of the header with the given name in the request must start with the specified characters. Experimental.

func HeaderMatch_ValuesIsInRange

func HeaderMatch_ValuesIsInRange(headerName *string, start *float64, end *float64) HeaderMatch

The value of the header with the given name in the request must be in a range of values. Experimental.

func HeaderMatch_ValuesIsNotInRange

func HeaderMatch_ValuesIsNotInRange(headerName *string, start *float64, end *float64) HeaderMatch

The value of the header with the given name in the request must not be in a range of values. Experimental.

type HeaderMatchConfig

type HeaderMatchConfig struct {
	// Route CFN configuration for the route header match.
	// Experimental.
	HeaderMatch *CfnRoute_HttpRouteHeaderProperty `field:"required" json:"headerMatch" yaml:"headerMatch"`
}

Configuration for `HeaderMatch`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

headerMatchConfig := &headerMatchConfig{
	headerMatch: &httpRouteHeaderProperty{
		name: jsii.String("name"),

		// the properties below are optional
		invert: jsii.Boolean(false),
		match: &headerMatchMethodProperty{
			exact: jsii.String("exact"),
			prefix: jsii.String("prefix"),
			range: &matchRangeProperty{
				end: jsii.Number(123),
				start: jsii.Number(123),
			},
			regex: jsii.String("regex"),
			suffix: jsii.String("suffix"),
		},
	},
}

Experimental.

type HealthCheck

type HealthCheck interface {
	// Called when the AccessLog type is initialized.
	//
	// Can be used to enforce
	// mutual exclusivity with future properties.
	// Experimental.
	Bind(scope awscdk.Construct, options *HealthCheckBindOptions) *HealthCheckConfig
}

Contains static factory methods for creating health checks for different protocols.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

func HealthCheck_Grpc

func HealthCheck_Grpc(options *GrpcHealthCheckOptions) HealthCheck

Construct a GRPC health check. Experimental.

func HealthCheck_Http

func HealthCheck_Http(options *HttpHealthCheckOptions) HealthCheck

Construct a HTTP health check. Experimental.

func HealthCheck_Http2

func HealthCheck_Http2(options *HttpHealthCheckOptions) HealthCheck

Construct a HTTP2 health check. Experimental.

func HealthCheck_Tcp

func HealthCheck_Tcp(options *TcpHealthCheckOptions) HealthCheck

Construct a TCP health check. Experimental.

type HealthCheckBindOptions

type HealthCheckBindOptions struct {
	// Port for Health Check interface.
	// Experimental.
	DefaultPort *float64 `field:"optional" json:"defaultPort" yaml:"defaultPort"`
}

Options used for creating the Health Check object.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

healthCheckBindOptions := &healthCheckBindOptions{
	defaultPort: jsii.Number(123),
}

Experimental.

type HealthCheckConfig

type HealthCheckConfig struct {
	// VirtualGateway CFN configuration for Health Checks.
	// Experimental.
	VirtualGatewayHealthCheck *CfnVirtualGateway_VirtualGatewayHealthCheckPolicyProperty `field:"optional" json:"virtualGatewayHealthCheck" yaml:"virtualGatewayHealthCheck"`
	// VirtualNode CFN configuration for Health Checks.
	// Experimental.
	VirtualNodeHealthCheck *CfnVirtualNode_HealthCheckProperty `field:"optional" json:"virtualNodeHealthCheck" yaml:"virtualNodeHealthCheck"`
}

All Properties for Health Checks for mesh endpoints.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

healthCheckConfig := &healthCheckConfig{
	virtualGatewayHealthCheck: &virtualGatewayHealthCheckPolicyProperty{
		healthyThreshold: jsii.Number(123),
		intervalMillis: jsii.Number(123),
		protocol: jsii.String("protocol"),
		timeoutMillis: jsii.Number(123),
		unhealthyThreshold: jsii.Number(123),

		// the properties below are optional
		path: jsii.String("path"),
		port: jsii.Number(123),
	},
	virtualNodeHealthCheck: &healthCheckProperty{
		healthyThreshold: jsii.Number(123),
		intervalMillis: jsii.Number(123),
		protocol: jsii.String("protocol"),
		timeoutMillis: jsii.Number(123),
		unhealthyThreshold: jsii.Number(123),

		// the properties below are optional
		path: jsii.String("path"),
		port: jsii.Number(123),
	},
}

Experimental.

type Http2ConnectionPool

type Http2ConnectionPool struct {
	// The maximum requests in the pool.
	// Experimental.
	MaxRequests *float64 `field:"required" json:"maxRequests" yaml:"maxRequests"`
}

Connection pool properties for HTTP2 listeners.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

http2ConnectionPool := &http2ConnectionPool{
	maxRequests: jsii.Number(123),
}

Experimental.

type Http2GatewayListenerOptions

type Http2GatewayListenerOptions struct {
	// Connection pool for http listeners.
	// Experimental.
	ConnectionPool *Http2ConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represents the properties needed to define HTTP2 Listeners for a VirtualGateway.

Example:

// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})

Experimental.

type Http2VirtualNodeListenerOptions

type Http2VirtualNodeListenerOptions struct {
	// Connection pool for http2 listeners.
	// Experimental.
	ConnectionPool *Http2ConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Represents the configuration for enabling outlier detection.
	// Experimental.
	OutlierDetection *OutlierDetection `field:"optional" json:"outlierDetection" yaml:"outlierDetection"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Timeout for HTTP protocol.
	// Experimental.
	Timeout *HttpTimeout `field:"optional" json:"timeout" yaml:"timeout"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represent the HTTP2 Node Listener prorperty.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration
var healthCheck healthCheck
var mutualTlsValidationTrust mutualTlsValidationTrust
var subjectAlternativeNames subjectAlternativeNames
var tlsCertificate tlsCertificate

http2VirtualNodeListenerOptions := &http2VirtualNodeListenerOptions{
	connectionPool: &http2ConnectionPool{
		maxRequests: jsii.Number(123),
	},
	healthCheck: healthCheck,
	outlierDetection: &outlierDetection{
		baseEjectionDuration: duration,
		interval: duration,
		maxEjectionPercent: jsii.Number(123),
		maxServerErrors: jsii.Number(123),
	},
	port: jsii.Number(123),
	timeout: &httpTimeout{
		idle: duration,
		perRequest: duration,
	},
	tls: &listenerTlsOptions{
		certificate: tlsCertificate,
		mode: awscdk.Aws_appmesh.tlsMode_STRICT,

		// the properties below are optional
		mutualTlsValidation: &mutualTlsValidation{
			trust: mutualTlsValidationTrust,

			// the properties below are optional
			subjectAlternativeNames: subjectAlternativeNames,
		},
	},
}

Experimental.

type HttpConnectionPool

type HttpConnectionPool struct {
	// The maximum connections in the pool.
	// Experimental.
	MaxConnections *float64 `field:"required" json:"maxConnections" yaml:"maxConnections"`
	// The maximum pending requests in the pool.
	// Experimental.
	MaxPendingRequests *float64 `field:"required" json:"maxPendingRequests" yaml:"maxPendingRequests"`
}

Connection pool properties for HTTP listeners.

Example:

// A Virtual Node with a gRPC listener with a connection pool set
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	// DNS service discovery can optionally specify the DNS response type as either LOAD_BALANCER or ENDPOINTS.
	// LOAD_BALANCER means that the DNS resolver returns a loadbalanced set of endpoints,
	// whereas ENDPOINTS means that the DNS resolver is returning all the endpoints.
	// By default, the response type is assumed to be LOAD_BALANCER
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node"), appmesh.dnsResponseType_ENDPOINTS),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(80),
			connectionPool: &httpConnectionPool{
				maxConnections: jsii.Number(100),
				maxPendingRequests: jsii.Number(10),
			},
		}),
	},
})

// A Virtual Gateway with a gRPC listener with a connection pool set
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			connectionPool: &grpcConnectionPool{
				maxRequests: jsii.Number(10),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

Experimental.

type HttpGatewayListenerOptions

type HttpGatewayListenerOptions struct {
	// Connection pool for http listeners.
	// Experimental.
	ConnectionPool *HttpConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represents the properties needed to define HTTP Listeners for a VirtualGateway.

Example:

var mesh mesh

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"

gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.http(&httpGatewayListenerOptions{
			port: jsii.Number(443),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				interval: cdk.duration.seconds(jsii.Number(10)),
			}),
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
	virtualGatewayName: jsii.String("virtualGateway"),
})

Experimental.

type HttpGatewayRouteMatch

type HttpGatewayRouteMatch struct {
	// Specifies the client request headers to match on.
	//
	// All specified headers
	// must match for the gateway route to match.
	// Experimental.
	Headers *[]HeaderMatch `field:"optional" json:"headers" yaml:"headers"`
	// The gateway route host name to be matched on.
	// Experimental.
	Hostname GatewayRouteHostnameMatch `field:"optional" json:"hostname" yaml:"hostname"`
	// The method to match on.
	// Experimental.
	Method HttpRouteMethod `field:"optional" json:"method" yaml:"method"`
	// Specify how to match requests based on the 'path' part of their URL.
	// Experimental.
	Path HttpGatewayRoutePathMatch `field:"optional" json:"path" yaml:"path"`
	// The query parameters to match on.
	//
	// All specified query parameters must match for the route to match.
	// Experimental.
	QueryParameters *[]QueryParameterMatch `field:"optional" json:"queryParameters" yaml:"queryParameters"`
	// When `true`, rewrites the original request received at the Virtual Gateway to the destination Virtual Service name.
	//
	// When `false`, retains the original hostname from the request.
	// Experimental.
	RewriteRequestHostname *bool `field:"optional" json:"rewriteRequestHostname" yaml:"rewriteRequestHostname"`
}

The criterion for determining a request match for this GatewayRoute.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-http-2"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			// This rewrites the path from '/test' to '/rewrittenPath'.
			path: appmesh.httpGatewayRoutePathMatch.exactly(jsii.String("/test"), jsii.String("/rewrittenPath")),
		},
	}),
})

Experimental.

type HttpGatewayRoutePathMatch

type HttpGatewayRoutePathMatch interface {
	// Returns the gateway route path match configuration.
	// Experimental.
	Bind(scope awscdk.Construct) *HttpGatewayRoutePathMatchConfig
}

Defines HTTP gateway route matching based on the URL path of the request.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-http-2"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			// This rewrites the path from '/test' to '/rewrittenPath'.
			path: appmesh.httpGatewayRoutePathMatch.exactly(jsii.String("/test"), jsii.String("/rewrittenPath")),
		},
	}),
})

Experimental.

func HttpGatewayRoutePathMatch_Exactly

func HttpGatewayRoutePathMatch_Exactly(path *string, rewriteTo *string) HttpGatewayRoutePathMatch

The value of the path must match the specified value exactly.

The provided `path` must start with the '/' character. Experimental.

func HttpGatewayRoutePathMatch_Regex

func HttpGatewayRoutePathMatch_Regex(regex *string, rewriteTo *string) HttpGatewayRoutePathMatch

The value of the path must match the specified regex. Experimental.

func HttpGatewayRoutePathMatch_StartsWith

func HttpGatewayRoutePathMatch_StartsWith(prefix *string, rewriteTo *string) HttpGatewayRoutePathMatch

The value of the path must match the specified prefix. Experimental.

type HttpGatewayRoutePathMatchConfig

type HttpGatewayRoutePathMatchConfig struct {
	// Gateway route configuration for matching on the prefix of the URL path of the request.
	// Experimental.
	PrefixPathMatch *string `field:"optional" json:"prefixPathMatch" yaml:"prefixPathMatch"`
	// Gateway route configuration for rewriting the prefix of the URL path of the request.
	// Experimental.
	PrefixPathRewrite *CfnGatewayRoute_HttpGatewayRoutePrefixRewriteProperty `field:"optional" json:"prefixPathRewrite" yaml:"prefixPathRewrite"`
	// Gateway route configuration for matching on the complete URL path of the request.
	// Experimental.
	WholePathMatch *CfnGatewayRoute_HttpPathMatchProperty `field:"optional" json:"wholePathMatch" yaml:"wholePathMatch"`
	// Gateway route configuration for rewriting the complete URL path of the request..
	// Experimental.
	WholePathRewrite *CfnGatewayRoute_HttpGatewayRoutePathRewriteProperty `field:"optional" json:"wholePathRewrite" yaml:"wholePathRewrite"`
}

The type returned from the `bind()` method in {@link HttpGatewayRoutePathMatch}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpGatewayRoutePathMatchConfig := &httpGatewayRoutePathMatchConfig{
	prefixPathMatch: jsii.String("prefixPathMatch"),
	prefixPathRewrite: &httpGatewayRoutePrefixRewriteProperty{
		defaultPrefix: jsii.String("defaultPrefix"),
		value: jsii.String("value"),
	},
	wholePathMatch: &httpPathMatchProperty{
		exact: jsii.String("exact"),
		regex: jsii.String("regex"),
	},
	wholePathRewrite: &httpGatewayRoutePathRewriteProperty{
		exact: jsii.String("exact"),
	},
}

Experimental.

type HttpGatewayRouteSpecOptions

type HttpGatewayRouteSpecOptions struct {
	// The priority for the gateway route.
	//
	// When a Virtual Gateway has multiple gateway routes, gateway route match
	// is performed in the order of specified value, where 0 is the highest priority,
	// and first matched gateway route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// The VirtualService this GatewayRoute directs traffic to.
	// Experimental.
	RouteTarget IVirtualService `field:"required" json:"routeTarget" yaml:"routeTarget"`
	// The criterion for determining a request match for this GatewayRoute.
	//
	// When path match is defined, this may optionally determine the path rewrite configuration.
	// Experimental.
	Match *HttpGatewayRouteMatch `field:"optional" json:"match" yaml:"match"`
}

Properties specific for HTTP Based GatewayRoutes.

Example:

var gateway virtualGateway
var virtualService virtualService

gateway.addGatewayRoute(jsii.String("gateway-route-http-2"), &gatewayRouteBaseProps{
	routeSpec: appmesh.gatewayRouteSpec.http(&httpGatewayRouteSpecOptions{
		routeTarget: virtualService,
		match: &httpGatewayRouteMatch{
			// This rewrites the path from '/test' to '/rewrittenPath'.
			path: appmesh.httpGatewayRoutePathMatch.exactly(jsii.String("/test"), jsii.String("/rewrittenPath")),
		},
	}),
})

Experimental.

type HttpHealthCheckOptions

type HttpHealthCheckOptions struct {
	// The number of consecutive successful health checks that must occur before declaring listener healthy.
	// Experimental.
	HealthyThreshold *float64 `field:"optional" json:"healthyThreshold" yaml:"healthyThreshold"`
	// The time period between each health check execution.
	// Experimental.
	Interval awscdk.Duration `field:"optional" json:"interval" yaml:"interval"`
	// The destination path for the health check request.
	// Experimental.
	Path *string `field:"optional" json:"path" yaml:"path"`
	// The amount of time to wait when receiving a response from the health check.
	// Experimental.
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// The number of consecutive failed health checks that must occur before declaring a listener unhealthy.
	// Experimental.
	UnhealthyThreshold *float64 `field:"optional" json:"unhealthyThreshold" yaml:"unhealthyThreshold"`
}

Properties used to define HTTP Based healthchecks.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

type HttpRetryEvent

type HttpRetryEvent string

HTTP events on which to retry.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

const (
	// HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511.
	// Experimental.
	HttpRetryEvent_SERVER_ERROR HttpRetryEvent = "SERVER_ERROR"
	// HTTP status codes 502, 503, and 504.
	// Experimental.
	HttpRetryEvent_GATEWAY_ERROR HttpRetryEvent = "GATEWAY_ERROR"
	// HTTP status code 409.
	// Experimental.
	HttpRetryEvent_CLIENT_ERROR HttpRetryEvent = "CLIENT_ERROR"
	// Retry on refused stream.
	// Experimental.
	HttpRetryEvent_STREAM_ERROR HttpRetryEvent = "STREAM_ERROR"
)

type HttpRetryPolicy

type HttpRetryPolicy struct {
	// The maximum number of retry attempts.
	// Experimental.
	RetryAttempts *float64 `field:"required" json:"retryAttempts" yaml:"retryAttempts"`
	// The timeout for each retry attempt.
	// Experimental.
	RetryTimeout awscdk.Duration `field:"required" json:"retryTimeout" yaml:"retryTimeout"`
	// Specify HTTP events on which to retry.
	//
	// You must specify at least one value
	// for at least one types of retry events.
	// Experimental.
	HttpRetryEvents *[]HttpRetryEvent `field:"optional" json:"httpRetryEvents" yaml:"httpRetryEvents"`
	// TCP events on which to retry.
	//
	// The event occurs before any processing of a
	// request has started and is encountered when the upstream is temporarily or
	// permanently unavailable. You must specify at least one value for at least
	// one types of retry events.
	// Experimental.
	TcpRetryEvents *[]TcpRetryEvent `field:"optional" json:"tcpRetryEvents" yaml:"tcpRetryEvents"`
}

HTTP retry policy.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type HttpRouteMatch

type HttpRouteMatch struct {
	// Specifies the client request headers to match on.
	//
	// All specified headers
	// must match for the route to match.
	// Experimental.
	Headers *[]HeaderMatch `field:"optional" json:"headers" yaml:"headers"`
	// The HTTP client request method to match on.
	// Experimental.
	Method HttpRouteMethod `field:"optional" json:"method" yaml:"method"`
	// Specifies how is the request matched based on the path part of its URL.
	// Experimental.
	Path HttpRoutePathMatch `field:"optional" json:"path" yaml:"path"`
	// The client request protocol to match on.
	//
	// Applicable only for HTTP2 routes.
	// Experimental.
	Protocol HttpRouteProtocol `field:"optional" json:"protocol" yaml:"protocol"`
	// The query parameters to match on.
	//
	// All specified query parameters must match for the route to match.
	// Experimental.
	QueryParameters *[]QueryParameterMatch `field:"optional" json:"queryParameters" yaml:"queryParameters"`
}

The criterion for determining a request match for this Route.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
				weight: jsii.Number(50),
			},
			&weightedTarget{
				virtualNode: node,
				weight: jsii.Number(50),
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.startsWith(jsii.String("/path-to-app")),
		},
	}),
})

Experimental.

type HttpRouteMethod

type HttpRouteMethod string

Supported values for matching routes based on the HTTP request method.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.exactly(jsii.String("/exact")),
			method: appmesh.httpRouteMethod_POST,
			protocol: appmesh.httpRouteProtocol_HTTPS,
			headers: []headerMatch{
				appmesh.*headerMatch.valueIs(jsii.String("Content-Type"), jsii.String("application/json")),
				appmesh.*headerMatch.valueIsNot(jsii.String("Content-Type"), jsii.String("application/json")),
			},
			queryParameters: []queryParameterMatch{
				appmesh.*queryParameterMatch.valueIs(jsii.String("query-field"), jsii.String("value")),
			},
		},
	}),
})

Experimental.

const (
	// GET request.
	// Experimental.
	HttpRouteMethod_GET HttpRouteMethod = "GET"
	// HEAD request.
	// Experimental.
	HttpRouteMethod_HEAD HttpRouteMethod = "HEAD"
	// POST request.
	// Experimental.
	HttpRouteMethod_POST HttpRouteMethod = "POST"
	// PUT request.
	// Experimental.
	HttpRouteMethod_PUT HttpRouteMethod = "PUT"
	// DELETE request.
	// Experimental.
	HttpRouteMethod_DELETE HttpRouteMethod = "DELETE"
	// CONNECT request.
	// Experimental.
	HttpRouteMethod_CONNECT HttpRouteMethod = "CONNECT"
	// OPTIONS request.
	// Experimental.
	HttpRouteMethod_OPTIONS HttpRouteMethod = "OPTIONS"
	// TRACE request.
	// Experimental.
	HttpRouteMethod_TRACE HttpRouteMethod = "TRACE"
	// PATCH request.
	// Experimental.
	HttpRouteMethod_PATCH HttpRouteMethod = "PATCH"
)

type HttpRoutePathMatch

type HttpRoutePathMatch interface {
	// Returns the route path match configuration.
	// Experimental.
	Bind(scope awscdk.Construct) *HttpRoutePathMatchConfig
}

Defines HTTP route matching based on the URL path of the request.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
				weight: jsii.Number(50),
			},
			&weightedTarget{
				virtualNode: node,
				weight: jsii.Number(50),
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.startsWith(jsii.String("/path-to-app")),
		},
	}),
})

Experimental.

func HttpRoutePathMatch_Exactly

func HttpRoutePathMatch_Exactly(path *string) HttpRoutePathMatch

The value of the path must match the specified value exactly.

The provided `path` must start with the '/' character. Experimental.

func HttpRoutePathMatch_Regex

func HttpRoutePathMatch_Regex(regex *string) HttpRoutePathMatch

The value of the path must match the specified regex. Experimental.

func HttpRoutePathMatch_StartsWith

func HttpRoutePathMatch_StartsWith(prefix *string) HttpRoutePathMatch

The value of the path must match the specified prefix. Experimental.

type HttpRoutePathMatchConfig

type HttpRoutePathMatchConfig struct {
	// Route configuration for matching on the prefix of the URL path of the request.
	// Experimental.
	PrefixPathMatch *string `field:"optional" json:"prefixPathMatch" yaml:"prefixPathMatch"`
	// Route configuration for matching on the complete URL path of the request.
	// Experimental.
	WholePathMatch *CfnRoute_HttpPathMatchProperty `field:"optional" json:"wholePathMatch" yaml:"wholePathMatch"`
}

The type returned from the `bind()` method in {@link HttpRoutePathMatch}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

httpRoutePathMatchConfig := &httpRoutePathMatchConfig{
	prefixPathMatch: jsii.String("prefixPathMatch"),
	wholePathMatch: &httpPathMatchProperty{
		exact: jsii.String("exact"),
		regex: jsii.String("regex"),
	},
}

Experimental.

type HttpRouteProtocol

type HttpRouteProtocol string

Supported :scheme options for HTTP2.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.exactly(jsii.String("/exact")),
			method: appmesh.httpRouteMethod_POST,
			protocol: appmesh.httpRouteProtocol_HTTPS,
			headers: []headerMatch{
				appmesh.*headerMatch.valueIs(jsii.String("Content-Type"), jsii.String("application/json")),
				appmesh.*headerMatch.valueIsNot(jsii.String("Content-Type"), jsii.String("application/json")),
			},
			queryParameters: []queryParameterMatch{
				appmesh.*queryParameterMatch.valueIs(jsii.String("query-field"), jsii.String("value")),
			},
		},
	}),
})

Experimental.

const (
	// Match HTTP requests.
	// Experimental.
	HttpRouteProtocol_HTTP HttpRouteProtocol = "HTTP"
	// Match HTTPS requests.
	// Experimental.
	HttpRouteProtocol_HTTPS HttpRouteProtocol = "HTTPS"
)

type HttpRouteSpecOptions

type HttpRouteSpecOptions struct {
	// The priority for the route.
	//
	// When a Virtual Router has multiple routes, route match is performed in the
	// order of specified value, where 0 is the highest priority, and first matched route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// List of targets that traffic is routed to when a request matches the route.
	// Experimental.
	WeightedTargets *[]*WeightedTarget `field:"required" json:"weightedTargets" yaml:"weightedTargets"`
	// The criterion for determining a request match for this Route.
	// Experimental.
	Match *HttpRouteMatch `field:"optional" json:"match" yaml:"match"`
	// The retry policy.
	// Experimental.
	RetryPolicy *HttpRetryPolicy `field:"optional" json:"retryPolicy" yaml:"retryPolicy"`
	// An object that represents a http timeout.
	// Experimental.
	Timeout *HttpTimeout `field:"optional" json:"timeout" yaml:"timeout"`
}

Properties specific for HTTP Based Routes.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type HttpTimeout

type HttpTimeout struct {
	// Represents an idle timeout.
	//
	// The amount of time that a connection may be idle.
	// Experimental.
	Idle awscdk.Duration `field:"optional" json:"idle" yaml:"idle"`
	// Represents per request timeout.
	// Experimental.
	PerRequest awscdk.Duration `field:"optional" json:"perRequest" yaml:"perRequest"`
}

Represents timeouts for HTTP protocols.

Example:

var mesh mesh
var service service

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.file(jsii.String("/keys/local_cert_chain.pem")),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

cdk.tags.of(node).add(jsii.String("Environment"), jsii.String("Dev"))

Experimental.

type HttpVirtualNodeListenerOptions

type HttpVirtualNodeListenerOptions struct {
	// Connection pool for http listeners.
	// Experimental.
	ConnectionPool *HttpConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Represents the configuration for enabling outlier detection.
	// Experimental.
	OutlierDetection *OutlierDetection `field:"optional" json:"outlierDetection" yaml:"outlierDetection"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Timeout for HTTP protocol.
	// Experimental.
	Timeout *HttpTimeout `field:"optional" json:"timeout" yaml:"timeout"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represent the HTTP Node Listener prorperty.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

type IGatewayRoute

type IGatewayRoute interface {
	awscdk.IResource
	// The Amazon Resource Name (ARN) for the GatewayRoute.
	// Experimental.
	GatewayRouteArn() *string
	// The name of the GatewayRoute.
	// Experimental.
	GatewayRouteName() *string
	// The VirtualGateway the GatewayRoute belongs to.
	// Experimental.
	VirtualGateway() IVirtualGateway
}

Interface for which all GatewayRoute based classes MUST implement. Experimental.

func GatewayRoute_FromGatewayRouteArn

func GatewayRoute_FromGatewayRouteArn(scope constructs.Construct, id *string, gatewayRouteArn *string) IGatewayRoute

Import an existing GatewayRoute given an ARN. Experimental.

func GatewayRoute_FromGatewayRouteAttributes

func GatewayRoute_FromGatewayRouteAttributes(scope constructs.Construct, id *string, attrs *GatewayRouteAttributes) IGatewayRoute

Import an existing GatewayRoute given attributes. Experimental.

type IMesh

type IMesh interface {
	awscdk.IResource
	// Creates a new VirtualGateway in this Mesh.
	//
	// Note that the Gateway is created in the same Stack that this Mesh belongs to,
	// which might be different than the current stack.
	// Experimental.
	AddVirtualGateway(id *string, props *VirtualGatewayBaseProps) VirtualGateway
	// Creates a new VirtualNode in this Mesh.
	//
	// Note that the Node is created in the same Stack that this Mesh belongs to,
	// which might be different than the current stack.
	// Experimental.
	AddVirtualNode(id *string, props *VirtualNodeBaseProps) VirtualNode
	// Creates a new VirtualRouter in this Mesh.
	//
	// Note that the Router is created in the same Stack that this Mesh belongs to,
	// which might be different than the current stack.
	// Experimental.
	AddVirtualRouter(id *string, props *VirtualRouterBaseProps) VirtualRouter
	// The Amazon Resource Name (ARN) of the AppMesh mesh.
	// Experimental.
	MeshArn() *string
	// The name of the AppMesh mesh.
	// Experimental.
	MeshName() *string
}

Interface which all Mesh based classes MUST implement. Experimental.

func Mesh_FromMeshArn

func Mesh_FromMeshArn(scope constructs.Construct, id *string, meshArn *string) IMesh

Import an existing mesh by arn. Experimental.

func Mesh_FromMeshName

func Mesh_FromMeshName(scope constructs.Construct, id *string, meshName *string) IMesh

Import an existing mesh by name. Experimental.

type IRoute

type IRoute interface {
	awscdk.IResource
	// The Amazon Resource Name (ARN) for the route.
	// Experimental.
	RouteArn() *string
	// The name of the route.
	// Experimental.
	RouteName() *string
	// The VirtualRouter the Route belongs to.
	// Experimental.
	VirtualRouter() IVirtualRouter
}

Interface for which all Route based classes MUST implement. Experimental.

func Route_FromRouteArn

func Route_FromRouteArn(scope constructs.Construct, id *string, routeArn *string) IRoute

Import an existing Route given an ARN. Experimental.

func Route_FromRouteAttributes

func Route_FromRouteAttributes(scope constructs.Construct, id *string, attrs *RouteAttributes) IRoute

Import an existing Route given attributes. Experimental.

type IVirtualGateway

type IVirtualGateway interface {
	awscdk.IResource
	// Utility method to add a new GatewayRoute to the VirtualGateway.
	// Experimental.
	AddGatewayRoute(id *string, route *GatewayRouteBaseProps) GatewayRoute
	// Grants the given entity `appmesh:StreamAggregatedResources`.
	// Experimental.
	GrantStreamAggregatedResources(identity awsiam.IGrantable) awsiam.Grant
	// The Mesh which the VirtualGateway belongs to.
	// Experimental.
	Mesh() IMesh
	// The Amazon Resource Name (ARN) for the VirtualGateway.
	// Experimental.
	VirtualGatewayArn() *string
	// Name of the VirtualGateway.
	// Experimental.
	VirtualGatewayName() *string
}

Interface which all Virtual Gateway based classes must implement. Experimental.

func VirtualGateway_FromVirtualGatewayArn

func VirtualGateway_FromVirtualGatewayArn(scope constructs.Construct, id *string, virtualGatewayArn *string) IVirtualGateway

Import an existing VirtualGateway given an ARN. Experimental.

func VirtualGateway_FromVirtualGatewayAttributes

func VirtualGateway_FromVirtualGatewayAttributes(scope constructs.Construct, id *string, attrs *VirtualGatewayAttributes) IVirtualGateway

Import an existing VirtualGateway given its attributes. Experimental.

type IVirtualNode

type IVirtualNode interface {
	awscdk.IResource
	// Grants the given entity `appmesh:StreamAggregatedResources`.
	// Experimental.
	GrantStreamAggregatedResources(identity awsiam.IGrantable) awsiam.Grant
	// The Mesh which the VirtualNode belongs to.
	// Experimental.
	Mesh() IMesh
	// The Amazon Resource Name belonging to the VirtualNode.
	//
	// Set this value as the APPMESH_VIRTUAL_NODE_NAME environment variable for
	// your task group's Envoy proxy container in your task definition or pod
	// spec.
	// Experimental.
	VirtualNodeArn() *string
	// The name of the VirtualNode.
	// Experimental.
	VirtualNodeName() *string
}

Interface which all VirtualNode based classes must implement. Experimental.

func VirtualNode_FromVirtualNodeArn

func VirtualNode_FromVirtualNodeArn(scope constructs.Construct, id *string, virtualNodeArn *string) IVirtualNode

Import an existing VirtualNode given an ARN. Experimental.

func VirtualNode_FromVirtualNodeAttributes

func VirtualNode_FromVirtualNodeAttributes(scope constructs.Construct, id *string, attrs *VirtualNodeAttributes) IVirtualNode

Import an existing VirtualNode given its name. Experimental.

type IVirtualRouter

type IVirtualRouter interface {
	awscdk.IResource
	// Add a single route to the router.
	// Experimental.
	AddRoute(id *string, props *RouteBaseProps) Route
	// The Mesh which the VirtualRouter belongs to.
	// Experimental.
	Mesh() IMesh
	// The Amazon Resource Name (ARN) for the VirtualRouter.
	// Experimental.
	VirtualRouterArn() *string
	// The name of the VirtualRouter.
	// Experimental.
	VirtualRouterName() *string
}

Interface which all VirtualRouter based classes MUST implement. Experimental.

func VirtualRouter_FromVirtualRouterArn

func VirtualRouter_FromVirtualRouterArn(scope constructs.Construct, id *string, virtualRouterArn *string) IVirtualRouter

Import an existing VirtualRouter given an ARN. Experimental.

func VirtualRouter_FromVirtualRouterAttributes

func VirtualRouter_FromVirtualRouterAttributes(scope constructs.Construct, id *string, attrs *VirtualRouterAttributes) IVirtualRouter

Import an existing VirtualRouter given attributes. Experimental.

type IVirtualService

type IVirtualService interface {
	awscdk.IResource
	// The Mesh which the VirtualService belongs to.
	// Experimental.
	Mesh() IMesh
	// The Amazon Resource Name (ARN) for the virtual service.
	// Experimental.
	VirtualServiceArn() *string
	// The name of the VirtualService.
	// Experimental.
	VirtualServiceName() *string
}

Represents the interface which all VirtualService based classes MUST implement. Experimental.

func VirtualService_FromVirtualServiceArn

func VirtualService_FromVirtualServiceArn(scope constructs.Construct, id *string, virtualServiceArn *string) IVirtualService

Import an existing VirtualService given an ARN. Experimental.

func VirtualService_FromVirtualServiceAttributes

func VirtualService_FromVirtualServiceAttributes(scope constructs.Construct, id *string, attrs *VirtualServiceAttributes) IVirtualService

Import an existing VirtualService given its attributes. Experimental.

type ListenerTlsOptions

type ListenerTlsOptions struct {
	// Represents TLS certificate.
	// Experimental.
	Certificate TlsCertificate `field:"required" json:"certificate" yaml:"certificate"`
	// The TLS mode.
	// Experimental.
	Mode TlsMode `field:"required" json:"mode" yaml:"mode"`
	// Represents a listener's TLS validation context.
	//
	// The client certificate will only be validated if the client provides it, enabling mutual TLS.
	// Experimental.
	MutualTlsValidation *MutualTlsValidation `field:"optional" json:"mutualTlsValidation" yaml:"mutualTlsValidation"`
}

Represents TLS properties for listener.

Example:

// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})

Experimental.

type Mesh

type Mesh interface {
	awscdk.Resource
	IMesh
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The Amazon Resource Name (ARN) of the AppMesh mesh.
	// Experimental.
	MeshArn() *string
	// The name of the AppMesh mesh.
	// Experimental.
	MeshName() *string
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// Adds a VirtualGateway to the Mesh.
	// Experimental.
	AddVirtualGateway(id *string, props *VirtualGatewayBaseProps) VirtualGateway
	// Adds a VirtualNode to the Mesh.
	// Experimental.
	AddVirtualNode(id *string, props *VirtualNodeBaseProps) VirtualNode
	// Adds a VirtualRouter to the Mesh with the given id and props.
	// Experimental.
	AddVirtualRouter(id *string, props *VirtualRouterBaseProps) VirtualRouter
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

Define a new AppMesh mesh.

Example:

// This is the ARN for the mesh from different AWS IAM account ID.
// Ensure mesh is properly shared with your account. For more details, see: https://github.com/aws/aws-cdk/issues/15404
arn := "arn:aws:appmesh:us-east-1:123456789012:mesh/testMesh"
sharedMesh := appmesh.mesh.fromMeshArn(this, jsii.String("imported-mesh"), arn)

// This VirtualNode resource can communicate with the resources in the mesh from different AWS IAM account ID.
// This VirtualNode resource can communicate with the resources in the mesh from different AWS IAM account ID.
appmesh.NewVirtualNode(this, jsii.String("test-node"), &virtualNodeProps{
	mesh: sharedMesh,
})

See: https://docs.aws.amazon.com/app-mesh/latest/userguide/meshes.html

Experimental.

func NewMesh

func NewMesh(scope constructs.Construct, id *string, props *MeshProps) Mesh

Experimental.

type MeshFilterType

type MeshFilterType string

A utility enum defined for the egressFilter type property, the default of DROP_ALL, allows traffic only to other resources inside the mesh, or API calls to amazon resources.

Example:

mesh := appmesh.NewMesh(this, jsii.String("AppMesh"), &meshProps{
	meshName: jsii.String("myAwsMesh"),
	egressFilter: appmesh.meshFilterType_ALLOW_ALL,
})

Experimental.

const (
	// Allows all outbound traffic.
	// Experimental.
	MeshFilterType_ALLOW_ALL MeshFilterType = "ALLOW_ALL"
	// Allows traffic only to other resources inside the mesh, or API calls to amazon resources.
	// Experimental.
	MeshFilterType_DROP_ALL MeshFilterType = "DROP_ALL"
)

type MeshProps

type MeshProps struct {
	// Egress filter to be applied to the Mesh.
	// Experimental.
	EgressFilter MeshFilterType `field:"optional" json:"egressFilter" yaml:"egressFilter"`
	// The name of the Mesh being defined.
	// Experimental.
	MeshName *string `field:"optional" json:"meshName" yaml:"meshName"`
}

The set of properties used when creating a Mesh.

Example:

mesh := appmesh.NewMesh(this, jsii.String("AppMesh"), &meshProps{
	meshName: jsii.String("myAwsMesh"),
	egressFilter: appmesh.meshFilterType_ALLOW_ALL,
})

Experimental.

type MutualTlsCertificate

type MutualTlsCertificate interface {
	TlsCertificate
	// Experimental.
	Differentiator() *bool
	// Returns TLS certificate based provider.
	// Experimental.
	Bind(_scope awscdk.Construct) *TlsCertificateConfig
}

Represents a TLS certificate that is supported for mutual TLS authentication.

Example:

var mesh mesh

node1 := appmesh.NewVirtualNode(this, jsii.String("node1"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
				// Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
				mutualTlsValidation: &mutualTlsValidation{
					trust: appmesh.tlsValidationTrust.file(jsii.String("path-to-certificate")),
				},
			},
		}),
	},
})

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"
node2 := appmesh.NewVirtualNode(this, jsii.String("node2"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.*serviceDiscovery.dns(jsii.String("node2")),
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				subjectAlternativeNames: appmesh.subjectAlternativeNames.matchingExactly(jsii.String("mesh-endpoint.apps.local")),
				trust: appmesh.*tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
			// Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
			mutualTlsCertificate: appmesh.*tlsCertificate.sds(jsii.String("secret_certificate")),
		},
	},
})

Experimental.

func MutualTlsCertificate_File

func MutualTlsCertificate_File(certificateChainPath *string, privateKeyPath *string) MutualTlsCertificate

Returns an File TLS Certificate. Experimental.

func MutualTlsCertificate_Sds

func MutualTlsCertificate_Sds(secretName *string) MutualTlsCertificate

Returns an SDS TLS Certificate. Experimental.

func TlsCertificate_File

func TlsCertificate_File(certificateChainPath *string, privateKeyPath *string) MutualTlsCertificate

Returns an File TLS Certificate. Experimental.

func TlsCertificate_Sds

func TlsCertificate_Sds(secretName *string) MutualTlsCertificate

Returns an SDS TLS Certificate. Experimental.

type MutualTlsValidation

type MutualTlsValidation struct {
	// Reference to where to retrieve the trust chain.
	// Experimental.
	Trust MutualTlsValidationTrust `field:"required" json:"trust" yaml:"trust"`
	// Represents the subject alternative names (SANs) secured by the certificate.
	//
	// SANs must be in the FQDN or URI format.
	// Experimental.
	SubjectAlternativeNames SubjectAlternativeNames `field:"optional" json:"subjectAlternativeNames" yaml:"subjectAlternativeNames"`
}

Represents the properties needed to define TLS Validation context that is supported for mutual TLS authentication.

Example:

var mesh mesh

node1 := appmesh.NewVirtualNode(this, jsii.String("node1"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
				// Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
				mutualTlsValidation: &mutualTlsValidation{
					trust: appmesh.tlsValidationTrust.file(jsii.String("path-to-certificate")),
				},
			},
		}),
	},
})

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"
node2 := appmesh.NewVirtualNode(this, jsii.String("node2"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.*serviceDiscovery.dns(jsii.String("node2")),
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				subjectAlternativeNames: appmesh.subjectAlternativeNames.matchingExactly(jsii.String("mesh-endpoint.apps.local")),
				trust: appmesh.*tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
			// Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
			mutualTlsCertificate: appmesh.*tlsCertificate.sds(jsii.String("secret_certificate")),
		},
	},
})

Experimental.

type MutualTlsValidationTrust

type MutualTlsValidationTrust interface {
	TlsValidationTrust
	// Experimental.
	Differentiator() *bool
	// Returns Trust context based on trust type.
	// Experimental.
	Bind(scope awscdk.Construct) *TlsValidationTrustConfig
}

Represents a TLS Validation Context Trust that is supported for mutual TLS authentication.

Example:

var mesh mesh

node1 := appmesh.NewVirtualNode(this, jsii.String("node1"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
				// Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
				mutualTlsValidation: &mutualTlsValidation{
					trust: appmesh.tlsValidationTrust.file(jsii.String("path-to-certificate")),
				},
			},
		}),
	},
})

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"
node2 := appmesh.NewVirtualNode(this, jsii.String("node2"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.*serviceDiscovery.dns(jsii.String("node2")),
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				subjectAlternativeNames: appmesh.subjectAlternativeNames.matchingExactly(jsii.String("mesh-endpoint.apps.local")),
				trust: appmesh.*tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
			// Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
			mutualTlsCertificate: appmesh.*tlsCertificate.sds(jsii.String("secret_certificate")),
		},
	},
})

Experimental.

func MutualTlsValidationTrust_File

func MutualTlsValidationTrust_File(certificateChain *string) MutualTlsValidationTrust

Tells envoy where to fetch the validation context from. Experimental.

func MutualTlsValidationTrust_Sds

func MutualTlsValidationTrust_Sds(secretName *string) MutualTlsValidationTrust

TLS Validation Context Trust for Envoy' service discovery service. Experimental.

func TlsValidationTrust_File

func TlsValidationTrust_File(certificateChain *string) MutualTlsValidationTrust

Tells envoy where to fetch the validation context from. Experimental.

func TlsValidationTrust_Sds

func TlsValidationTrust_Sds(secretName *string) MutualTlsValidationTrust

TLS Validation Context Trust for Envoy' service discovery service. Experimental.

type OutlierDetection

type OutlierDetection struct {
	// The base amount of time for which a host is ejected.
	// Experimental.
	BaseEjectionDuration awscdk.Duration `field:"required" json:"baseEjectionDuration" yaml:"baseEjectionDuration"`
	// The time interval between ejection sweep analysis.
	// Experimental.
	Interval awscdk.Duration `field:"required" json:"interval" yaml:"interval"`
	// Maximum percentage of hosts in load balancing pool for upstream service that can be ejected.
	//
	// Will eject at
	// least one host regardless of the value.
	// Experimental.
	MaxEjectionPercent *float64 `field:"required" json:"maxEjectionPercent" yaml:"maxEjectionPercent"`
	// Number of consecutive 5xx errors required for ejection.
	// Experimental.
	MaxServerErrors *float64 `field:"required" json:"maxServerErrors" yaml:"maxServerErrors"`
}

Represents the outlier detection for a listener.

Example:

var mesh mesh
// Cloud Map service discovery is currently required for host ejection by outlier detection
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			outlierDetection: &outlierDetection{
				baseEjectionDuration: cdk.duration.seconds(jsii.Number(10)),
				interval: cdk.*duration.seconds(jsii.Number(30)),
				maxEjectionPercent: jsii.Number(50),
				maxServerErrors: jsii.Number(5),
			},
		}),
	},
})

Experimental.

type Protocol

type Protocol string

Enum of supported AppMesh protocols. Deprecated: not for use outside package.

const (
	// Deprecated: not for use outside package.
	Protocol_HTTP Protocol = "HTTP"
	// Deprecated: not for use outside package.
	Protocol_TCP Protocol = "TCP"
	// Deprecated: not for use outside package.
	Protocol_HTTP2 Protocol = "HTTP2"
	// Deprecated: not for use outside package.
	Protocol_GRPC Protocol = "GRPC"
)

type QueryParameterMatch

type QueryParameterMatch interface {
	// Returns the query parameter match configuration.
	// Experimental.
	Bind(scope awscdk.Construct) *QueryParameterMatchConfig
}

Used to generate query parameter matching methods.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		match: &httpRouteMatch{
			path: appmesh.httpRoutePathMatch.exactly(jsii.String("/exact")),
			method: appmesh.httpRouteMethod_POST,
			protocol: appmesh.httpRouteProtocol_HTTPS,
			headers: []headerMatch{
				appmesh.*headerMatch.valueIs(jsii.String("Content-Type"), jsii.String("application/json")),
				appmesh.*headerMatch.valueIsNot(jsii.String("Content-Type"), jsii.String("application/json")),
			},
			queryParameters: []queryParameterMatch{
				appmesh.*queryParameterMatch.valueIs(jsii.String("query-field"), jsii.String("value")),
			},
		},
	}),
})

Experimental.

func QueryParameterMatch_ValueIs

func QueryParameterMatch_ValueIs(queryParameterName *string, queryParameterValue *string) QueryParameterMatch

The value of the query parameter with the given name in the request must match the specified value exactly. Experimental.

type QueryParameterMatchConfig

type QueryParameterMatchConfig struct {
	// Route CFN configuration for route query parameter match.
	// Experimental.
	QueryParameterMatch *CfnRoute_QueryParameterProperty `field:"required" json:"queryParameterMatch" yaml:"queryParameterMatch"`
}

Configuration for `QueryParameterMatch`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

queryParameterMatchConfig := &queryParameterMatchConfig{
	queryParameterMatch: &queryParameterProperty{
		name: jsii.String("name"),

		// the properties below are optional
		match: &httpQueryParameterMatchProperty{
			exact: jsii.String("exact"),
		},
	},
}

Experimental.

type Route

type Route interface {
	awscdk.Resource
	IRoute
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The Amazon Resource Name (ARN) for the route.
	// Experimental.
	RouteArn() *string
	// The name of the Route.
	// Experimental.
	RouteName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The VirtualRouter the Route belongs to.
	// Experimental.
	VirtualRouter() IVirtualRouter
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

Route represents a new or existing route attached to a VirtualRouter and Mesh.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mesh mesh
var routeSpec routeSpec
var virtualRouter virtualRouter

route := awscdk.Aws_appmesh.NewRoute(this, jsii.String("MyRoute"), &routeProps{
	mesh: mesh,
	routeSpec: routeSpec,
	virtualRouter: virtualRouter,

	// the properties below are optional
	routeName: jsii.String("routeName"),
})

See: https://docs.aws.amazon.com/app-mesh/latest/userguide/routes.html

Experimental.

func NewRoute

func NewRoute(scope constructs.Construct, id *string, props *RouteProps) Route

Experimental.

type RouteAttributes

type RouteAttributes struct {
	// The name of the Route.
	// Experimental.
	RouteName *string `field:"required" json:"routeName" yaml:"routeName"`
	// The VirtualRouter the Route belongs to.
	// Experimental.
	VirtualRouter IVirtualRouter `field:"required" json:"virtualRouter" yaml:"virtualRouter"`
}

Interface with properties ncecessary to import a reusable Route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var virtualRouter virtualRouter

routeAttributes := &routeAttributes{
	routeName: jsii.String("routeName"),
	virtualRouter: virtualRouter,
}

Experimental.

type RouteBaseProps

type RouteBaseProps struct {
	// Protocol specific spec.
	// Experimental.
	RouteSpec RouteSpec `field:"required" json:"routeSpec" yaml:"routeSpec"`
	// The name of the route.
	// Experimental.
	RouteName *string `field:"optional" json:"routeName" yaml:"routeName"`
}

Base interface properties for all Routes.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

type RouteProps

type RouteProps struct {
	// Protocol specific spec.
	// Experimental.
	RouteSpec RouteSpec `field:"required" json:"routeSpec" yaml:"routeSpec"`
	// The name of the route.
	// Experimental.
	RouteName *string `field:"optional" json:"routeName" yaml:"routeName"`
	// The service mesh to define the route in.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
	// The VirtualRouter the Route belongs to.
	// Experimental.
	VirtualRouter IVirtualRouter `field:"required" json:"virtualRouter" yaml:"virtualRouter"`
}

Properties to define new Routes.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mesh mesh
var routeSpec routeSpec
var virtualRouter virtualRouter

routeProps := &routeProps{
	mesh: mesh,
	routeSpec: routeSpec,
	virtualRouter: virtualRouter,

	// the properties below are optional
	routeName: jsii.String("routeName"),
}

Experimental.

type RouteSpec

type RouteSpec interface {
	// Called when the RouteSpec type is initialized.
	//
	// Can be used to enforce
	// mutual exclusivity with future properties.
	// Experimental.
	Bind(scope awscdk.Construct) *RouteSpecConfig
}

Used to generate specs with different protocols for a RouteSpec.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

func RouteSpec_Grpc

func RouteSpec_Grpc(options *GrpcRouteSpecOptions) RouteSpec

Creates a GRPC Based RouteSpec. Experimental.

func RouteSpec_Http

func RouteSpec_Http(options *HttpRouteSpecOptions) RouteSpec

Creates an HTTP Based RouteSpec. Experimental.

func RouteSpec_Http2

func RouteSpec_Http2(options *HttpRouteSpecOptions) RouteSpec

Creates an HTTP2 Based RouteSpec. Experimental.

func RouteSpec_Tcp

func RouteSpec_Tcp(options *TcpRouteSpecOptions) RouteSpec

Creates a TCP Based RouteSpec. Experimental.

type RouteSpecConfig

type RouteSpecConfig struct {
	// The spec for a grpc route.
	// Experimental.
	GrpcRouteSpec *CfnRoute_GrpcRouteProperty `field:"optional" json:"grpcRouteSpec" yaml:"grpcRouteSpec"`
	// The spec for an http2 route.
	// Experimental.
	Http2RouteSpec *CfnRoute_HttpRouteProperty `field:"optional" json:"http2RouteSpec" yaml:"http2RouteSpec"`
	// The spec for an http route.
	// Experimental.
	HttpRouteSpec *CfnRoute_HttpRouteProperty `field:"optional" json:"httpRouteSpec" yaml:"httpRouteSpec"`
	// The priority for the route.
	//
	// When a Virtual Router has multiple routes, route match is performed in the
	// order of specified value, where 0 is the highest priority, and first matched route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// The spec for a tcp route.
	// Experimental.
	TcpRouteSpec *CfnRoute_TcpRouteProperty `field:"optional" json:"tcpRouteSpec" yaml:"tcpRouteSpec"`
}

All Properties for Route Specs.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

routeSpecConfig := &routeSpecConfig{
	grpcRouteSpec: &grpcRouteProperty{
		action: &grpcRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},
		match: &grpcRouteMatchProperty{
			metadata: []interface{}{
				&grpcRouteMetadataProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &grpcRouteMetadataMatchMethodProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &matchRangeProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			methodName: jsii.String("methodName"),
			serviceName: jsii.String("serviceName"),
		},

		// the properties below are optional
		retryPolicy: &grpcRetryPolicyProperty{
			maxRetries: jsii.Number(123),
			perRetryTimeout: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},

			// the properties below are optional
			grpcRetryEvents: []*string{
				jsii.String("grpcRetryEvents"),
			},
			httpRetryEvents: []*string{
				jsii.String("httpRetryEvents"),
			},
			tcpRetryEvents: []*string{
				jsii.String("tcpRetryEvents"),
			},
		},
		timeout: &grpcTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	http2RouteSpec: &httpRouteProperty{
		action: &httpRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},
		match: &httpRouteMatchProperty{
			headers: []interface{}{
				&httpRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &headerMatchMethodProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &matchRangeProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
			scheme: jsii.String("scheme"),
		},

		// the properties below are optional
		retryPolicy: &httpRetryPolicyProperty{
			maxRetries: jsii.Number(123),
			perRetryTimeout: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},

			// the properties below are optional
			httpRetryEvents: []*string{
				jsii.String("httpRetryEvents"),
			},
			tcpRetryEvents: []*string{
				jsii.String("tcpRetryEvents"),
			},
		},
		timeout: &httpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	httpRouteSpec: &httpRouteProperty{
		action: &httpRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},
		match: &httpRouteMatchProperty{
			headers: []interface{}{
				&httpRouteHeaderProperty{
					name: jsii.String("name"),

					// the properties below are optional
					invert: jsii.Boolean(false),
					match: &headerMatchMethodProperty{
						exact: jsii.String("exact"),
						prefix: jsii.String("prefix"),
						range: &matchRangeProperty{
							end: jsii.Number(123),
							start: jsii.Number(123),
						},
						regex: jsii.String("regex"),
						suffix: jsii.String("suffix"),
					},
				},
			},
			method: jsii.String("method"),
			path: &httpPathMatchProperty{
				exact: jsii.String("exact"),
				regex: jsii.String("regex"),
			},
			prefix: jsii.String("prefix"),
			queryParameters: []interface{}{
				&queryParameterProperty{
					name: jsii.String("name"),

					// the properties below are optional
					match: &httpQueryParameterMatchProperty{
						exact: jsii.String("exact"),
					},
				},
			},
			scheme: jsii.String("scheme"),
		},

		// the properties below are optional
		retryPolicy: &httpRetryPolicyProperty{
			maxRetries: jsii.Number(123),
			perRetryTimeout: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},

			// the properties below are optional
			httpRetryEvents: []*string{
				jsii.String("httpRetryEvents"),
			},
			tcpRetryEvents: []*string{
				jsii.String("tcpRetryEvents"),
			},
		},
		timeout: &httpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			perRequest: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
	priority: jsii.Number(123),
	tcpRouteSpec: &tcpRouteProperty{
		action: &tcpRouteActionProperty{
			weightedTargets: []interface{}{
				&weightedTargetProperty{
					virtualNode: jsii.String("virtualNode"),
					weight: jsii.Number(123),
				},
			},
		},

		// the properties below are optional
		timeout: &tcpTimeoutProperty{
			idle: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
		},
	},
}

Experimental.

type RouteSpecOptionsBase

type RouteSpecOptionsBase struct {
	// The priority for the route.
	//
	// When a Virtual Router has multiple routes, route match is performed in the
	// order of specified value, where 0 is the highest priority, and first matched route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
}

Base options for all route specs.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

routeSpecOptionsBase := &routeSpecOptionsBase{
	priority: jsii.Number(123),
}

Experimental.

type ServiceDiscovery

type ServiceDiscovery interface {
	// Binds the current object when adding Service Discovery to a VirtualNode.
	// Experimental.
	Bind(scope awscdk.Construct) *ServiceDiscoveryConfig
}

Provides the Service Discovery method a VirtualNode uses.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

func ServiceDiscovery_CloudMap

func ServiceDiscovery_CloudMap(service awsservicediscovery.IService, instanceAttributes *map[string]*string) ServiceDiscovery

Returns Cloud Map based service discovery. Experimental.

func ServiceDiscovery_Dns

func ServiceDiscovery_Dns(hostname *string, responseType DnsResponseType) ServiceDiscovery

Returns DNS based service discovery. Experimental.

type ServiceDiscoveryConfig

type ServiceDiscoveryConfig struct {
	// Cloud Map based Service Discovery.
	// Experimental.
	Cloudmap *CfnVirtualNode_AwsCloudMapServiceDiscoveryProperty `field:"optional" json:"cloudmap" yaml:"cloudmap"`
	// DNS based Service Discovery.
	// Experimental.
	Dns *CfnVirtualNode_DnsServiceDiscoveryProperty `field:"optional" json:"dns" yaml:"dns"`
}

Properties for VirtualNode Service Discovery.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

serviceDiscoveryConfig := &serviceDiscoveryConfig{
	cloudmap: &awsCloudMapServiceDiscoveryProperty{
		namespaceName: jsii.String("namespaceName"),
		serviceName: jsii.String("serviceName"),

		// the properties below are optional
		attributes: []interface{}{
			&awsCloudMapInstanceAttributeProperty{
				key: jsii.String("key"),
				value: jsii.String("value"),
			},
		},
		ipPreference: jsii.String("ipPreference"),
	},
	dns: &dnsServiceDiscoveryProperty{
		hostname: jsii.String("hostname"),

		// the properties below are optional
		ipPreference: jsii.String("ipPreference"),
		responseType: jsii.String("responseType"),
	},
}

Experimental.

type SubjectAlternativeNames

type SubjectAlternativeNames interface {
	// Returns Subject Alternative Names Matcher based on method type.
	// Experimental.
	Bind(scope awscdk.Construct) *SubjectAlternativeNamesMatcherConfig
}

Used to generate Subject Alternative Names Matchers.

Example:

var mesh mesh

node1 := appmesh.NewVirtualNode(this, jsii.String("node1"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
				// Validate a file client certificates to enable mutual TLS authentication when a client provides a certificate.
				mutualTlsValidation: &mutualTlsValidation{
					trust: appmesh.tlsValidationTrust.file(jsii.String("path-to-certificate")),
				},
			},
		}),
	},
})

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"
node2 := appmesh.NewVirtualNode(this, jsii.String("node2"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.*serviceDiscovery.dns(jsii.String("node2")),
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				subjectAlternativeNames: appmesh.subjectAlternativeNames.matchingExactly(jsii.String("mesh-endpoint.apps.local")),
				trust: appmesh.*tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
			// Provide a SDS client certificate when a server requests it and enable mutual TLS authentication.
			mutualTlsCertificate: appmesh.*tlsCertificate.sds(jsii.String("secret_certificate")),
		},
	},
})

Experimental.

func SubjectAlternativeNames_MatchingExactly

func SubjectAlternativeNames_MatchingExactly(names ...*string) SubjectAlternativeNames

The values of the SAN must match the specified values exactly. Experimental.

type SubjectAlternativeNamesMatcherConfig

type SubjectAlternativeNamesMatcherConfig struct {
	// VirtualNode CFN configuration for subject alternative names secured by the certificate.
	// Experimental.
	SubjectAlternativeNamesMatch *CfnVirtualNode_SubjectAlternativeNameMatchersProperty `field:"required" json:"subjectAlternativeNamesMatch" yaml:"subjectAlternativeNamesMatch"`
}

All Properties for Subject Alternative Names Matcher for both Client Policy and Listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

subjectAlternativeNamesMatcherConfig := &subjectAlternativeNamesMatcherConfig{
	subjectAlternativeNamesMatch: &subjectAlternativeNameMatchersProperty{
		exact: []*string{
			jsii.String("exact"),
		},
	},
}

Experimental.

type TcpConnectionPool

type TcpConnectionPool struct {
	// The maximum connections in the pool.
	// Experimental.
	MaxConnections *float64 `field:"required" json:"maxConnections" yaml:"maxConnections"`
}

Connection pool properties for TCP listeners.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tcpConnectionPool := &tcpConnectionPool{
	maxConnections: jsii.Number(123),
}

Experimental.

type TcpHealthCheckOptions

type TcpHealthCheckOptions struct {
	// The number of consecutive successful health checks that must occur before declaring listener healthy.
	// Experimental.
	HealthyThreshold *float64 `field:"optional" json:"healthyThreshold" yaml:"healthyThreshold"`
	// The time period between each health check execution.
	// Experimental.
	Interval awscdk.Duration `field:"optional" json:"interval" yaml:"interval"`
	// The amount of time to wait when receiving a response from the health check.
	// Experimental.
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// The number of consecutive failed health checks that must occur before declaring a listener unhealthy.
	// Experimental.
	UnhealthyThreshold *float64 `field:"optional" json:"unhealthyThreshold" yaml:"unhealthyThreshold"`
}

Properties used to define TCP Based healthchecks.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration

tcpHealthCheckOptions := &tcpHealthCheckOptions{
	healthyThreshold: jsii.Number(123),
	interval: duration,
	timeout: duration,
	unhealthyThreshold: jsii.Number(123),
}

Experimental.

type TcpRetryEvent

type TcpRetryEvent string

TCP events on which you may retry.

Example:

var router virtualRouter
var node virtualNode

router.addRoute(jsii.String("route-http2-retry"), &routeBaseProps{
	routeSpec: appmesh.routeSpec.http2(&httpRouteSpecOptions{
		weightedTargets: []weightedTarget{
			&weightedTarget{
				virtualNode: node,
			},
		},
		retryPolicy: &httpRetryPolicy{
			// Retry if the connection failed
			tcpRetryEvents: []cONNECTION_ERROR{
				appmesh.tcpRetryEvent_*cONNECTION_ERROR,
			},
			// Retry if HTTP responds with a gateway error (502, 503, 504)
			httpRetryEvents: []httpRetryEvent{
				appmesh.*httpRetryEvent_GATEWAY_ERROR,
			},
			// Retry five times
			retryAttempts: jsii.Number(5),
			// Use a 1 second timeout per retry
			retryTimeout: cdk.duration.seconds(jsii.Number(1)),
		},
	}),
})

Experimental.

const (
	// A connection error.
	// Experimental.
	TcpRetryEvent_CONNECTION_ERROR TcpRetryEvent = "CONNECTION_ERROR"
)

type TcpRouteSpecOptions

type TcpRouteSpecOptions struct {
	// The priority for the route.
	//
	// When a Virtual Router has multiple routes, route match is performed in the
	// order of specified value, where 0 is the highest priority, and first matched route is selected.
	// Experimental.
	Priority *float64 `field:"optional" json:"priority" yaml:"priority"`
	// List of targets that traffic is routed to when a request matches the route.
	// Experimental.
	WeightedTargets *[]*WeightedTarget `field:"required" json:"weightedTargets" yaml:"weightedTargets"`
	// An object that represents a tcp timeout.
	// Experimental.
	Timeout *TcpTimeout `field:"optional" json:"timeout" yaml:"timeout"`
}

Properties specific for a TCP Based Routes.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration
var virtualNode virtualNode

tcpRouteSpecOptions := &tcpRouteSpecOptions{
	weightedTargets: []weightedTarget{
		&weightedTarget{
			virtualNode: virtualNode,

			// the properties below are optional
			weight: jsii.Number(123),
		},
	},

	// the properties below are optional
	priority: jsii.Number(123),
	timeout: &tcpTimeout{
		idle: duration,
	},
}

Experimental.

type TcpTimeout

type TcpTimeout struct {
	// Represents an idle timeout.
	//
	// The amount of time that a connection may be idle.
	// Experimental.
	Idle awscdk.Duration `field:"optional" json:"idle" yaml:"idle"`
}

Represents timeouts for TCP protocols.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration

tcpTimeout := &tcpTimeout{
	idle: duration,
}

Experimental.

type TcpVirtualNodeListenerOptions

type TcpVirtualNodeListenerOptions struct {
	// Connection pool for http listeners.
	// Experimental.
	ConnectionPool *TcpConnectionPool `field:"optional" json:"connectionPool" yaml:"connectionPool"`
	// The health check information for the listener.
	// Experimental.
	HealthCheck HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"`
	// Represents the configuration for enabling outlier detection.
	// Experimental.
	OutlierDetection *OutlierDetection `field:"optional" json:"outlierDetection" yaml:"outlierDetection"`
	// Port to listen for connections on.
	// Experimental.
	Port *float64 `field:"optional" json:"port" yaml:"port"`
	// Timeout for TCP protocol.
	// Experimental.
	Timeout *TcpTimeout `field:"optional" json:"timeout" yaml:"timeout"`
	// Represents the configuration for enabling TLS on a listener.
	// Experimental.
	Tls *ListenerTlsOptions `field:"optional" json:"tls" yaml:"tls"`
}

Represent the TCP Node Listener prorperty.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var duration duration
var healthCheck healthCheck
var mutualTlsValidationTrust mutualTlsValidationTrust
var subjectAlternativeNames subjectAlternativeNames
var tlsCertificate tlsCertificate

tcpVirtualNodeListenerOptions := &tcpVirtualNodeListenerOptions{
	connectionPool: &tcpConnectionPool{
		maxConnections: jsii.Number(123),
	},
	healthCheck: healthCheck,
	outlierDetection: &outlierDetection{
		baseEjectionDuration: duration,
		interval: duration,
		maxEjectionPercent: jsii.Number(123),
		maxServerErrors: jsii.Number(123),
	},
	port: jsii.Number(123),
	timeout: &tcpTimeout{
		idle: duration,
	},
	tls: &listenerTlsOptions{
		certificate: tlsCertificate,
		mode: awscdk.Aws_appmesh.tlsMode_STRICT,

		// the properties below are optional
		mutualTlsValidation: &mutualTlsValidation{
			trust: mutualTlsValidationTrust,

			// the properties below are optional
			subjectAlternativeNames: subjectAlternativeNames,
		},
	},
}

Experimental.

type TlsCertificate

type TlsCertificate interface {
	// Returns TLS certificate based provider.
	// Experimental.
	Bind(_scope awscdk.Construct) *TlsCertificateConfig
}

Represents a TLS certificate.

Example:

// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})

Experimental.

func MutualTlsCertificate_Acm

func MutualTlsCertificate_Acm(certificate awscertificatemanager.ICertificate) TlsCertificate

Returns an ACM TLS Certificate. Experimental.

func TlsCertificate_Acm

func TlsCertificate_Acm(certificate awscertificatemanager.ICertificate) TlsCertificate

Returns an ACM TLS Certificate. Experimental.

type TlsCertificateConfig

type TlsCertificateConfig struct {
	// The CFN shape for a TLS certificate.
	// Experimental.
	TlsCertificate *CfnVirtualNode_ListenerTlsCertificateProperty `field:"required" json:"tlsCertificate" yaml:"tlsCertificate"`
}

A wrapper for the tls config returned by {@link TlsCertificate.bind}.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsCertificateConfig := &tlsCertificateConfig{
	tlsCertificate: &listenerTlsCertificateProperty{
		acm: &listenerTlsAcmCertificateProperty{
			certificateArn: jsii.String("certificateArn"),
		},
		file: &listenerTlsFileCertificateProperty{
			certificateChain: jsii.String("certificateChain"),
			privateKey: jsii.String("privateKey"),
		},
		sds: &listenerTlsSdsCertificateProperty{
			secretName: jsii.String("secretName"),
		},
	},
}

Experimental.

type TlsClientPolicy

type TlsClientPolicy struct {
	// Represents the object for TLS validation context.
	// Experimental.
	Validation *TlsValidation `field:"required" json:"validation" yaml:"validation"`
	// Whether the policy is enforced.
	// Experimental.
	Enforce *bool `field:"optional" json:"enforce" yaml:"enforce"`
	// Represents a client TLS certificate.
	//
	// The certificate will be sent only if the server requests it, enabling mutual TLS.
	// Experimental.
	MutualTlsCertificate MutualTlsCertificate `field:"optional" json:"mutualTlsCertificate" yaml:"mutualTlsCertificate"`
	// TLS is enforced on the ports specified here.
	//
	// If no ports are specified, TLS will be enforced on all the ports.
	// Experimental.
	Ports *[]*float64 `field:"optional" json:"ports" yaml:"ports"`
}

Represents the properties needed to define client policy.

Example:

var mesh mesh
var service service

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.file(jsii.String("/keys/local_cert_chain.pem")),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

cdk.tags.of(node).add(jsii.String("Environment"), jsii.String("Dev"))

Experimental.

type TlsMode

type TlsMode string

Enum of supported TLS modes.

Example:

// A Virtual Node with listener TLS from an ACM provided certificate
var cert certificate
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.grpc(&grpcVirtualNodeListenerOptions{
			port: jsii.Number(80),
			tls: &listenerTlsOptions{
				mode: appmesh.tlsMode_STRICT,
				certificate: appmesh.tlsCertificate.acm(cert),
			},
		}),
	},
})

// A Virtual Gateway with listener TLS from a customer provided file certificate
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.file(jsii.String("path/to/certChain"), jsii.String("path/to/privateKey")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

// A Virtual Gateway with listener TLS from a SDS provided certificate
gateway2 := appmesh.NewVirtualGateway(this, jsii.String("gateway2"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []*virtualGatewayListener{
		appmesh.*virtualGatewayListener.http2(&http2GatewayListenerOptions{
			port: jsii.Number(8080),
			tls: &listenerTlsOptions{
				mode: appmesh.*tlsMode_STRICT,
				certificate: appmesh.*tlsCertificate.sds(jsii.String("secrete_certificate")),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway2"),
})

Experimental.

const (
	// Only accept encrypted traffic.
	// Experimental.
	TlsMode_STRICT TlsMode = "STRICT"
	// Accept encrypted and plaintext traffic.
	// Experimental.
	TlsMode_PERMISSIVE TlsMode = "PERMISSIVE"
	// TLS is disabled, only accept plaintext traffic.
	// Experimental.
	TlsMode_DISABLED TlsMode = "DISABLED"
)

type TlsValidation

type TlsValidation struct {
	// Reference to where to retrieve the trust chain.
	// Experimental.
	Trust TlsValidationTrust `field:"required" json:"trust" yaml:"trust"`
	// Represents the subject alternative names (SANs) secured by the certificate.
	//
	// SANs must be in the FQDN or URI format.
	// Experimental.
	SubjectAlternativeNames SubjectAlternativeNames `field:"optional" json:"subjectAlternativeNames" yaml:"subjectAlternativeNames"`
}

Represents the properties needed to define TLS Validation context.

Example:

var mesh mesh
var service service

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.file(jsii.String("/keys/local_cert_chain.pem")),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

cdk.tags.of(node).add(jsii.String("Environment"), jsii.String("Dev"))

Experimental.

type TlsValidationTrust

type TlsValidationTrust interface {
	// Returns Trust context based on trust type.
	// Experimental.
	Bind(scope awscdk.Construct) *TlsValidationTrustConfig
}

Defines the TLS Validation Context Trust.

Example:

var mesh mesh
var service service

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8080),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				path: jsii.String("/ping"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				unhealthyThreshold: jsii.Number(2),
			}),
			timeout: &httpTimeout{
				idle: cdk.*duration.seconds(jsii.Number(5)),
			},
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.file(jsii.String("/keys/local_cert_chain.pem")),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

cdk.tags.of(node).add(jsii.String("Environment"), jsii.String("Dev"))

Experimental.

func MutualTlsValidationTrust_Acm

func MutualTlsValidationTrust_Acm(certificateAuthorities *[]awsacmpca.ICertificateAuthority) TlsValidationTrust

TLS Validation Context Trust for ACM Private Certificate Authority (CA). Experimental.

func TlsValidationTrust_Acm

func TlsValidationTrust_Acm(certificateAuthorities *[]awsacmpca.ICertificateAuthority) TlsValidationTrust

TLS Validation Context Trust for ACM Private Certificate Authority (CA). Experimental.

type TlsValidationTrustConfig

type TlsValidationTrustConfig struct {
	// VirtualNode CFN configuration for client policy's TLS Validation Trust.
	// Experimental.
	TlsValidationTrust *CfnVirtualNode_TlsValidationContextTrustProperty `field:"required" json:"tlsValidationTrust" yaml:"tlsValidationTrust"`
}

All Properties for TLS Validation Trusts for both Client Policy and Listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tlsValidationTrustConfig := &tlsValidationTrustConfig{
	tlsValidationTrust: &tlsValidationContextTrustProperty{
		acm: &tlsValidationContextAcmTrustProperty{
			certificateAuthorityArns: []*string{
				jsii.String("certificateAuthorityArns"),
			},
		},
		file: &tlsValidationContextFileTrustProperty{
			certificateChain: jsii.String("certificateChain"),
		},
		sds: &tlsValidationContextSdsTrustProperty{
			secretName: jsii.String("secretName"),
		},
	},
}

Experimental.

type VirtualGateway

type VirtualGateway interface {
	awscdk.Resource
	IVirtualGateway
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// Experimental.
	Listeners() *[]*VirtualGatewayListenerConfig
	// The Mesh that the VirtualGateway belongs to.
	// Experimental.
	Mesh() IMesh
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The Amazon Resource Name (ARN) for the VirtualGateway.
	// Experimental.
	VirtualGatewayArn() *string
	// The name of the VirtualGateway.
	// Experimental.
	VirtualGatewayName() *string
	// Utility method to add a new GatewayRoute to the VirtualGateway.
	// Experimental.
	AddGatewayRoute(id *string, props *GatewayRouteBaseProps) GatewayRoute
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grants the given entity `appmesh:StreamAggregatedResources`.
	// Experimental.
	GrantStreamAggregatedResources(identity awsiam.IGrantable) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

VirtualGateway represents a newly defined App Mesh Virtual Gateway.

A virtual gateway allows resources that are outside of your mesh to communicate to resources that are inside of your mesh.

Example:

// A Virtual Node with a gRPC listener with a connection pool set
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	// DNS service discovery can optionally specify the DNS response type as either LOAD_BALANCER or ENDPOINTS.
	// LOAD_BALANCER means that the DNS resolver returns a loadbalanced set of endpoints,
	// whereas ENDPOINTS means that the DNS resolver is returning all the endpoints.
	// By default, the response type is assumed to be LOAD_BALANCER
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node"), appmesh.dnsResponseType_ENDPOINTS),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(80),
			connectionPool: &httpConnectionPool{
				maxConnections: jsii.Number(100),
				maxPendingRequests: jsii.Number(10),
			},
		}),
	},
})

// A Virtual Gateway with a gRPC listener with a connection pool set
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			connectionPool: &grpcConnectionPool{
				maxRequests: jsii.Number(10),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

See: https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Experimental.

func NewVirtualGateway

func NewVirtualGateway(scope constructs.Construct, id *string, props *VirtualGatewayProps) VirtualGateway

Experimental.

type VirtualGatewayAttributes

type VirtualGatewayAttributes struct {
	// The Mesh that the VirtualGateway belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
	// The name of the VirtualGateway.
	// Experimental.
	VirtualGatewayName *string `field:"required" json:"virtualGatewayName" yaml:"virtualGatewayName"`
}

Unterface with properties necessary to import a reusable VirtualGateway.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mesh mesh

virtualGatewayAttributes := &virtualGatewayAttributes{
	mesh: mesh,
	virtualGatewayName: jsii.String("virtualGatewayName"),
}

Experimental.

type VirtualGatewayBaseProps

type VirtualGatewayBaseProps struct {
	// Access Logging Configuration for the VirtualGateway.
	// Experimental.
	AccessLog AccessLog `field:"optional" json:"accessLog" yaml:"accessLog"`
	// Default Configuration Virtual Node uses to communicate with Virtual Service.
	// Experimental.
	BackendDefaults *BackendDefaults `field:"optional" json:"backendDefaults" yaml:"backendDefaults"`
	// Listeners for the VirtualGateway.
	//
	// Only one is supported.
	// Experimental.
	Listeners *[]VirtualGatewayListener `field:"optional" json:"listeners" yaml:"listeners"`
	// Name of the VirtualGateway.
	// Experimental.
	VirtualGatewayName *string `field:"optional" json:"virtualGatewayName" yaml:"virtualGatewayName"`
}

Basic configuration properties for a VirtualGateway.

Example:

var mesh mesh

gateway := mesh.addVirtualGateway(jsii.String("gateway"), &virtualGatewayBaseProps{
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
	virtualGatewayName: jsii.String("virtualGateway"),
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.http(&httpGatewayListenerOptions{
			port: jsii.Number(443),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				interval: cdk.duration.seconds(jsii.Number(10)),
			}),
		}),
	},
})

Experimental.

type VirtualGatewayListener

type VirtualGatewayListener interface {
	// Called when the GatewayListener type is initialized.
	//
	// Can be used to enforce
	// mutual exclusivity.
	// Experimental.
	Bind(scope awscdk.Construct) *VirtualGatewayListenerConfig
}

Represents the properties needed to define listeners for a VirtualGateway.

Example:

var mesh mesh

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"

gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.http(&httpGatewayListenerOptions{
			port: jsii.Number(443),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				interval: cdk.duration.seconds(jsii.Number(10)),
			}),
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
	virtualGatewayName: jsii.String("virtualGateway"),
})

Experimental.

func VirtualGatewayListener_Grpc

func VirtualGatewayListener_Grpc(options *GrpcGatewayListenerOptions) VirtualGatewayListener

Returns a GRPC Listener for a VirtualGateway. Experimental.

func VirtualGatewayListener_Http

func VirtualGatewayListener_Http(options *HttpGatewayListenerOptions) VirtualGatewayListener

Returns an HTTP Listener for a VirtualGateway. Experimental.

func VirtualGatewayListener_Http2

func VirtualGatewayListener_Http2(options *Http2GatewayListenerOptions) VirtualGatewayListener

Returns an HTTP2 Listener for a VirtualGateway. Experimental.

type VirtualGatewayListenerConfig

type VirtualGatewayListenerConfig struct {
	// Single listener config for a VirtualGateway.
	// Experimental.
	Listener *CfnVirtualGateway_VirtualGatewayListenerProperty `field:"required" json:"listener" yaml:"listener"`
}

Properties for a VirtualGateway listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualGatewayListenerConfig := &virtualGatewayListenerConfig{
	listener: &virtualGatewayListenerProperty{
		portMapping: &virtualGatewayPortMappingProperty{
			port: jsii.Number(123),
			protocol: jsii.String("protocol"),
		},

		// the properties below are optional
		connectionPool: &virtualGatewayConnectionPoolProperty{
			grpc: &virtualGatewayGrpcConnectionPoolProperty{
				maxRequests: jsii.Number(123),
			},
			http: &virtualGatewayHttpConnectionPoolProperty{
				maxConnections: jsii.Number(123),

				// the properties below are optional
				maxPendingRequests: jsii.Number(123),
			},
			http2: &virtualGatewayHttp2ConnectionPoolProperty{
				maxRequests: jsii.Number(123),
			},
		},
		healthCheck: &virtualGatewayHealthCheckPolicyProperty{
			healthyThreshold: jsii.Number(123),
			intervalMillis: jsii.Number(123),
			protocol: jsii.String("protocol"),
			timeoutMillis: jsii.Number(123),
			unhealthyThreshold: jsii.Number(123),

			// the properties below are optional
			path: jsii.String("path"),
			port: jsii.Number(123),
		},
		tls: &virtualGatewayListenerTlsProperty{
			certificate: &virtualGatewayListenerTlsCertificateProperty{
				acm: &virtualGatewayListenerTlsAcmCertificateProperty{
					certificateArn: jsii.String("certificateArn"),
				},
				file: &virtualGatewayListenerTlsFileCertificateProperty{
					certificateChain: jsii.String("certificateChain"),
					privateKey: jsii.String("privateKey"),
				},
				sds: &virtualGatewayListenerTlsSdsCertificateProperty{
					secretName: jsii.String("secretName"),
				},
			},
			mode: jsii.String("mode"),

			// the properties below are optional
			validation: &virtualGatewayListenerTlsValidationContextProperty{
				trust: &virtualGatewayListenerTlsValidationContextTrustProperty{
					file: &virtualGatewayTlsValidationContextFileTrustProperty{
						certificateChain: jsii.String("certificateChain"),
					},
					sds: &virtualGatewayTlsValidationContextSdsTrustProperty{
						secretName: jsii.String("secretName"),
					},
				},

				// the properties below are optional
				subjectAlternativeNames: &subjectAlternativeNamesProperty{
					match: &subjectAlternativeNameMatchersProperty{
						exact: []*string{
							jsii.String("exact"),
						},
					},
				},
			},
		},
	},
}

Experimental.

type VirtualGatewayProps

type VirtualGatewayProps struct {
	// Access Logging Configuration for the VirtualGateway.
	// Experimental.
	AccessLog AccessLog `field:"optional" json:"accessLog" yaml:"accessLog"`
	// Default Configuration Virtual Node uses to communicate with Virtual Service.
	// Experimental.
	BackendDefaults *BackendDefaults `field:"optional" json:"backendDefaults" yaml:"backendDefaults"`
	// Listeners for the VirtualGateway.
	//
	// Only one is supported.
	// Experimental.
	Listeners *[]VirtualGatewayListener `field:"optional" json:"listeners" yaml:"listeners"`
	// Name of the VirtualGateway.
	// Experimental.
	VirtualGatewayName *string `field:"optional" json:"virtualGatewayName" yaml:"virtualGatewayName"`
	// The Mesh which the VirtualGateway belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
}

Properties used when creating a new VirtualGateway.

Example:

var mesh mesh

certificateAuthorityArn := "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012"

gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.http(&httpGatewayListenerOptions{
			port: jsii.Number(443),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				interval: cdk.duration.seconds(jsii.Number(10)),
			}),
		}),
	},
	backendDefaults: &backendDefaults{
		tlsClientPolicy: &tlsClientPolicy{
			ports: []*f64{
				jsii.Number(8080),
				jsii.Number(8081),
			},
			validation: &tlsValidation{
				trust: appmesh.tlsValidationTrust.acm([]iCertificateAuthority{
					acmpca.certificateAuthority.fromCertificateAuthorityArn(this, jsii.String("certificate"), certificateAuthorityArn),
				}),
			},
		},
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
	virtualGatewayName: jsii.String("virtualGateway"),
})

Experimental.

type VirtualNode

type VirtualNode interface {
	awscdk.Resource
	IVirtualNode
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The Mesh which the VirtualNode belongs to.
	// Experimental.
	Mesh() IMesh
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The Amazon Resource Name belonging to the VirtualNode.
	// Experimental.
	VirtualNodeArn() *string
	// The name of the VirtualNode.
	// Experimental.
	VirtualNodeName() *string
	// Add a Virtual Services that this node is expected to send outbound traffic to.
	// Experimental.
	AddBackend(backend Backend)
	// Utility method to add an inbound listener for this VirtualNode.
	//
	// Note: At this time, Virtual Nodes support at most one listener. Adding
	// more than one will result in a failure to deploy the CloudFormation stack.
	// However, the App Mesh team has plans to add support for multiple listeners
	// on Virtual Nodes and Virtual Routers.
	// See: https://github.com/aws/aws-app-mesh-roadmap/issues/120
	//
	// Experimental.
	AddListener(listener VirtualNodeListener)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grants the given entity `appmesh:StreamAggregatedResources`.
	// Experimental.
	GrantStreamAggregatedResources(identity awsiam.IGrantable) awsiam.Grant
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

VirtualNode represents a newly defined AppMesh VirtualNode.

Any inbound traffic that your virtual node expects should be specified as a listener. Any outbound traffic that your virtual node expects to reach should be specified as a backend.

Example:

var mesh mesh
// Cloud Map service discovery is currently required for host ejection by outlier detection
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			outlierDetection: &outlierDetection{
				baseEjectionDuration: cdk.duration.seconds(jsii.Number(10)),
				interval: cdk.*duration.seconds(jsii.Number(30)),
				maxEjectionPercent: jsii.Number(50),
				maxServerErrors: jsii.Number(5),
			},
		}),
	},
})

See: https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_nodes.html

Experimental.

func NewVirtualNode

func NewVirtualNode(scope constructs.Construct, id *string, props *VirtualNodeProps) VirtualNode

Experimental.

type VirtualNodeAttributes

type VirtualNodeAttributes struct {
	// The Mesh that the VirtualNode belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
	// The name of the VirtualNode.
	// Experimental.
	VirtualNodeName *string `field:"required" json:"virtualNodeName" yaml:"virtualNodeName"`
}

Interface with properties necessary to import a reusable VirtualNode.

Example:

virtualNodeName := "my-virtual-node"
appmesh.virtualNode.fromVirtualNodeAttributes(this, jsii.String("imported-virtual-node"), &virtualNodeAttributes{
	mesh: appmesh.mesh.fromMeshName(this, jsii.String("Mesh"), jsii.String("testMesh")),
	virtualNodeName: virtualNodeName,
})

Experimental.

type VirtualNodeBaseProps

type VirtualNodeBaseProps struct {
	// Access Logging Configuration for the virtual node.
	// Experimental.
	AccessLog AccessLog `field:"optional" json:"accessLog" yaml:"accessLog"`
	// Default Configuration Virtual Node uses to communicate with Virtual Service.
	// Experimental.
	BackendDefaults *BackendDefaults `field:"optional" json:"backendDefaults" yaml:"backendDefaults"`
	// Virtual Services that this is node expected to send outbound traffic to.
	// Experimental.
	Backends *[]Backend `field:"optional" json:"backends" yaml:"backends"`
	// Initial listener for the virtual node.
	// Experimental.
	Listeners *[]VirtualNodeListener `field:"optional" json:"listeners" yaml:"listeners"`
	// Defines how upstream clients will discover this VirtualNode.
	// Experimental.
	ServiceDiscovery ServiceDiscovery `field:"optional" json:"serviceDiscovery" yaml:"serviceDiscovery"`
	// The name of the VirtualNode.
	// Experimental.
	VirtualNodeName *string `field:"optional" json:"virtualNodeName" yaml:"virtualNodeName"`
}

Basic configuration properties for a VirtualNode.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

type VirtualNodeListener

type VirtualNodeListener interface {
	// Binds the current object when adding Listener to a VirtualNode.
	// Experimental.
	Bind(scope awscdk.Construct) *VirtualNodeListenerConfig
}

Defines listener for a VirtualNode.

Example:

var mesh mesh
vpc := ec2.NewVpc(this, jsii.String("vpc"))
namespace := cloudmap.NewPrivateDnsNamespace(this, jsii.String("test-namespace"), &privateDnsNamespaceProps{
	vpc: vpc,
	name: jsii.String("domain.local"),
})
service := namespace.createService(jsii.String("Svc"))
node := mesh.addVirtualNode(jsii.String("virtual-node"), &virtualNodeBaseProps{
	serviceDiscovery: appmesh.serviceDiscovery.cloudMap(service),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(8081),
			healthCheck: appmesh.healthCheck.http(&httpHealthCheckOptions{
				healthyThreshold: jsii.Number(3),
				interval: cdk.duration.seconds(jsii.Number(5)),
				 // minimum
				path: jsii.String("/health-check-path"),
				timeout: cdk.*duration.seconds(jsii.Number(2)),
				 // minimum
				unhealthyThreshold: jsii.Number(2),
			}),
		}),
	},
	accessLog: appmesh.accessLog.fromFilePath(jsii.String("/dev/stdout")),
})

Experimental.

func VirtualNodeListener_Grpc

func VirtualNodeListener_Grpc(props *GrpcVirtualNodeListenerOptions) VirtualNodeListener

Returns an GRPC Listener for a VirtualNode. Experimental.

func VirtualNodeListener_Http

func VirtualNodeListener_Http(props *HttpVirtualNodeListenerOptions) VirtualNodeListener

Returns an HTTP Listener for a VirtualNode. Experimental.

func VirtualNodeListener_Http2

func VirtualNodeListener_Http2(props *Http2VirtualNodeListenerOptions) VirtualNodeListener

Returns an HTTP2 Listener for a VirtualNode. Experimental.

func VirtualNodeListener_Tcp

func VirtualNodeListener_Tcp(props *TcpVirtualNodeListenerOptions) VirtualNodeListener

Returns an TCP Listener for a VirtualNode. Experimental.

type VirtualNodeListenerConfig

type VirtualNodeListenerConfig struct {
	// Single listener config for a VirtualNode.
	// Experimental.
	Listener *CfnVirtualNode_ListenerProperty `field:"required" json:"listener" yaml:"listener"`
}

Properties for a VirtualNode listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualNodeListenerConfig := &virtualNodeListenerConfig{
	listener: &listenerProperty{
		portMapping: &portMappingProperty{
			port: jsii.Number(123),
			protocol: jsii.String("protocol"),
		},

		// the properties below are optional
		connectionPool: &virtualNodeConnectionPoolProperty{
			grpc: &virtualNodeGrpcConnectionPoolProperty{
				maxRequests: jsii.Number(123),
			},
			http: &virtualNodeHttpConnectionPoolProperty{
				maxConnections: jsii.Number(123),

				// the properties below are optional
				maxPendingRequests: jsii.Number(123),
			},
			http2: &virtualNodeHttp2ConnectionPoolProperty{
				maxRequests: jsii.Number(123),
			},
			tcp: &virtualNodeTcpConnectionPoolProperty{
				maxConnections: jsii.Number(123),
			},
		},
		healthCheck: &healthCheckProperty{
			healthyThreshold: jsii.Number(123),
			intervalMillis: jsii.Number(123),
			protocol: jsii.String("protocol"),
			timeoutMillis: jsii.Number(123),
			unhealthyThreshold: jsii.Number(123),

			// the properties below are optional
			path: jsii.String("path"),
			port: jsii.Number(123),
		},
		outlierDetection: &outlierDetectionProperty{
			baseEjectionDuration: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			interval: &durationProperty{
				unit: jsii.String("unit"),
				value: jsii.Number(123),
			},
			maxEjectionPercent: jsii.Number(123),
			maxServerErrors: jsii.Number(123),
		},
		timeout: &listenerTimeoutProperty{
			grpc: &grpcTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
			http: &httpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
			http2: &httpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
				perRequest: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
			tcp: &tcpTimeoutProperty{
				idle: &durationProperty{
					unit: jsii.String("unit"),
					value: jsii.Number(123),
				},
			},
		},
		tls: &listenerTlsProperty{
			certificate: &listenerTlsCertificateProperty{
				acm: &listenerTlsAcmCertificateProperty{
					certificateArn: jsii.String("certificateArn"),
				},
				file: &listenerTlsFileCertificateProperty{
					certificateChain: jsii.String("certificateChain"),
					privateKey: jsii.String("privateKey"),
				},
				sds: &listenerTlsSdsCertificateProperty{
					secretName: jsii.String("secretName"),
				},
			},
			mode: jsii.String("mode"),

			// the properties below are optional
			validation: &listenerTlsValidationContextProperty{
				trust: &listenerTlsValidationContextTrustProperty{
					file: &tlsValidationContextFileTrustProperty{
						certificateChain: jsii.String("certificateChain"),
					},
					sds: &tlsValidationContextSdsTrustProperty{
						secretName: jsii.String("secretName"),
					},
				},

				// the properties below are optional
				subjectAlternativeNames: &subjectAlternativeNamesProperty{
					match: &subjectAlternativeNameMatchersProperty{
						exact: []*string{
							jsii.String("exact"),
						},
					},
				},
			},
		},
	},
}

Experimental.

type VirtualNodeProps

type VirtualNodeProps struct {
	// Access Logging Configuration for the virtual node.
	// Experimental.
	AccessLog AccessLog `field:"optional" json:"accessLog" yaml:"accessLog"`
	// Default Configuration Virtual Node uses to communicate with Virtual Service.
	// Experimental.
	BackendDefaults *BackendDefaults `field:"optional" json:"backendDefaults" yaml:"backendDefaults"`
	// Virtual Services that this is node expected to send outbound traffic to.
	// Experimental.
	Backends *[]Backend `field:"optional" json:"backends" yaml:"backends"`
	// Initial listener for the virtual node.
	// Experimental.
	Listeners *[]VirtualNodeListener `field:"optional" json:"listeners" yaml:"listeners"`
	// Defines how upstream clients will discover this VirtualNode.
	// Experimental.
	ServiceDiscovery ServiceDiscovery `field:"optional" json:"serviceDiscovery" yaml:"serviceDiscovery"`
	// The name of the VirtualNode.
	// Experimental.
	VirtualNodeName *string `field:"optional" json:"virtualNodeName" yaml:"virtualNodeName"`
	// The Mesh which the VirtualNode belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
}

The properties used when creating a new VirtualNode.

Example:

// A Virtual Node with a gRPC listener with a connection pool set
var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	// DNS service discovery can optionally specify the DNS response type as either LOAD_BALANCER or ENDPOINTS.
	// LOAD_BALANCER means that the DNS resolver returns a loadbalanced set of endpoints,
	// whereas ENDPOINTS means that the DNS resolver is returning all the endpoints.
	// By default, the response type is assumed to be LOAD_BALANCER
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node"), appmesh.dnsResponseType_ENDPOINTS),
	listeners: []virtualNodeListener{
		appmesh.*virtualNodeListener.http(&httpVirtualNodeListenerOptions{
			port: jsii.Number(80),
			connectionPool: &httpConnectionPool{
				maxConnections: jsii.Number(100),
				maxPendingRequests: jsii.Number(10),
			},
		}),
	},
})

// A Virtual Gateway with a gRPC listener with a connection pool set
gateway := appmesh.NewVirtualGateway(this, jsii.String("gateway"), &virtualGatewayProps{
	mesh: mesh,
	listeners: []virtualGatewayListener{
		appmesh.*virtualGatewayListener.grpc(&grpcGatewayListenerOptions{
			port: jsii.Number(8080),
			connectionPool: &grpcConnectionPool{
				maxRequests: jsii.Number(10),
			},
		}),
	},
	virtualGatewayName: jsii.String("gateway"),
})

Experimental.

type VirtualRouter

type VirtualRouter interface {
	awscdk.Resource
	IVirtualRouter
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The Mesh which the VirtualRouter belongs to.
	// Experimental.
	Mesh() IMesh
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The Amazon Resource Name (ARN) for the VirtualRouter.
	// Experimental.
	VirtualRouterArn() *string
	// The name of the VirtualRouter.
	// Experimental.
	VirtualRouterName() *string
	// Add a single route to the router.
	// Experimental.
	AddRoute(id *string, props *RouteBaseProps) Route
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

Example:

var mesh mesh

router := mesh.addVirtualRouter(jsii.String("router"), &virtualRouterBaseProps{
	listeners: []virtualRouterListener{
		appmesh.*virtualRouterListener.http(jsii.Number(8080)),
	},
})

Experimental.

func NewVirtualRouter

func NewVirtualRouter(scope constructs.Construct, id *string, props *VirtualRouterProps) VirtualRouter

Experimental.

type VirtualRouterAttributes

type VirtualRouterAttributes struct {
	// The Mesh which the VirtualRouter belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
	// The name of the VirtualRouter.
	// Experimental.
	VirtualRouterName *string `field:"required" json:"virtualRouterName" yaml:"virtualRouterName"`
}

Interface with properties ncecessary to import a reusable VirtualRouter.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mesh mesh

virtualRouterAttributes := &virtualRouterAttributes{
	mesh: mesh,
	virtualRouterName: jsii.String("virtualRouterName"),
}

Experimental.

type VirtualRouterBaseProps

type VirtualRouterBaseProps struct {
	// Listener specification for the VirtualRouter.
	// Experimental.
	Listeners *[]VirtualRouterListener `field:"optional" json:"listeners" yaml:"listeners"`
	// The name of the VirtualRouter.
	// Experimental.
	VirtualRouterName *string `field:"optional" json:"virtualRouterName" yaml:"virtualRouterName"`
}

Interface with base properties all routers willl inherit.

Example:

var mesh mesh

router := mesh.addVirtualRouter(jsii.String("router"), &virtualRouterBaseProps{
	listeners: []virtualRouterListener{
		appmesh.*virtualRouterListener.http(jsii.Number(8080)),
	},
})

Experimental.

type VirtualRouterListener

type VirtualRouterListener interface {
	// Called when the VirtualRouterListener type is initialized.
	//
	// Can be used to enforce
	// mutual exclusivity.
	// Experimental.
	Bind(scope awscdk.Construct) *VirtualRouterListenerConfig
}

Represents the properties needed to define listeners for a VirtualRouter.

Example:

var mesh mesh

router := mesh.addVirtualRouter(jsii.String("router"), &virtualRouterBaseProps{
	listeners: []virtualRouterListener{
		appmesh.*virtualRouterListener.http(jsii.Number(8080)),
	},
})

Experimental.

func VirtualRouterListener_Grpc

func VirtualRouterListener_Grpc(port *float64) VirtualRouterListener

Returns a GRPC Listener for a VirtualRouter. Experimental.

func VirtualRouterListener_Http

func VirtualRouterListener_Http(port *float64) VirtualRouterListener

Returns an HTTP Listener for a VirtualRouter. Experimental.

func VirtualRouterListener_Http2

func VirtualRouterListener_Http2(port *float64) VirtualRouterListener

Returns an HTTP2 Listener for a VirtualRouter. Experimental.

func VirtualRouterListener_Tcp

func VirtualRouterListener_Tcp(port *float64) VirtualRouterListener

Returns a TCP Listener for a VirtualRouter. Experimental.

type VirtualRouterListenerConfig

type VirtualRouterListenerConfig struct {
	// Single listener config for a VirtualRouter.
	// Experimental.
	Listener *CfnVirtualRouter_VirtualRouterListenerProperty `field:"required" json:"listener" yaml:"listener"`
}

Properties for a VirtualRouter listener.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

virtualRouterListenerConfig := &virtualRouterListenerConfig{
	listener: &virtualRouterListenerProperty{
		portMapping: &portMappingProperty{
			port: jsii.Number(123),
			protocol: jsii.String("protocol"),
		},
	},
}

Experimental.

type VirtualRouterProps

type VirtualRouterProps struct {
	// Listener specification for the VirtualRouter.
	// Experimental.
	Listeners *[]VirtualRouterListener `field:"optional" json:"listeners" yaml:"listeners"`
	// The name of the VirtualRouter.
	// Experimental.
	VirtualRouterName *string `field:"optional" json:"virtualRouterName" yaml:"virtualRouterName"`
	// The Mesh which the VirtualRouter belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
}

The properties used when creating a new VirtualRouter.

Example:

var infraStack stack
var appStack stack

mesh := appmesh.NewMesh(infraStack, jsii.String("AppMesh"), &meshProps{
	meshName: jsii.String("myAwsMesh"),
	egressFilter: appmesh.meshFilterType_ALLOW_ALL,
})

// the VirtualRouter will belong to 'appStack',
// even though the Mesh belongs to 'infraStack'
router := appmesh.NewVirtualRouter(appStack, jsii.String("router"), &virtualRouterProps{
	mesh: mesh,
	 // notice that mesh is a required property when creating a router with the 'new' statement
	listeners: []virtualRouterListener{
		appmesh.*virtualRouterListener.http(jsii.Number(8081)),
	},
})

Experimental.

type VirtualService

type VirtualService interface {
	awscdk.Resource
	IVirtualService
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	// Experimental.
	Env() *awscdk.ResourceEnvironment
	// The Mesh which the VirtualService belongs to.
	// Experimental.
	Mesh() IMesh
	// The construct tree node associated with this construct.
	// Experimental.
	Node() awscdk.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	// The stack in which this resource is defined.
	// Experimental.
	Stack() awscdk.Stack
	// The Amazon Resource Name (ARN) for the virtual service.
	// Experimental.
	VirtualServiceArn() *string
	// The name of the VirtualService, it is recommended this follows the fully-qualified domain name format.
	// Experimental.
	VirtualServiceName() *string
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	// Experimental.
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Experimental.
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	// Experimental.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	// Experimental.
	GetResourceNameAttribute(nameAttr *string) *string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	// Experimental.
	Prepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	// Experimental.
	Synthesize(session awscdk.ISynthesisSession)
	// Returns a string representation of this construct.
	// Experimental.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	// Experimental.
	Validate() *[]*string
}

VirtualService represents a service inside an AppMesh.

It routes traffic either to a Virtual Node or to a Virtual Router.

Example:

var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
})

virtualService := appmesh.NewVirtualService(this, jsii.String("service-1"), &virtualServiceProps{
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualNode(node),
	virtualServiceName: jsii.String("service1.domain.local"),
})

node.addBackend(appmesh.backend.virtualService(virtualService))

See: https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_services.html

Experimental.

func NewVirtualService

func NewVirtualService(scope constructs.Construct, id *string, props *VirtualServiceProps) VirtualService

Experimental.

type VirtualServiceAttributes

type VirtualServiceAttributes struct {
	// The Mesh which the VirtualService belongs to.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
	// The name of the VirtualService, it is recommended this follows the fully-qualified domain name format.
	// Experimental.
	VirtualServiceName *string `field:"required" json:"virtualServiceName" yaml:"virtualServiceName"`
}

Interface with properties ncecessary to import a reusable VirtualService.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mesh mesh

virtualServiceAttributes := &virtualServiceAttributes{
	mesh: mesh,
	virtualServiceName: jsii.String("virtualServiceName"),
}

Experimental.

type VirtualServiceBackendOptions

type VirtualServiceBackendOptions struct {
	// TLS properties for  Client policy for the backend.
	// Experimental.
	TlsClientPolicy *TlsClientPolicy `field:"optional" json:"tlsClientPolicy" yaml:"tlsClientPolicy"`
}

Represents the properties needed to define a Virtual Service backend.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mutualTlsCertificate mutualTlsCertificate
var subjectAlternativeNames subjectAlternativeNames
var tlsValidationTrust tlsValidationTrust

virtualServiceBackendOptions := &virtualServiceBackendOptions{
	tlsClientPolicy: &tlsClientPolicy{
		validation: &tlsValidation{
			trust: tlsValidationTrust,

			// the properties below are optional
			subjectAlternativeNames: subjectAlternativeNames,
		},

		// the properties below are optional
		enforce: jsii.Boolean(false),
		mutualTlsCertificate: mutualTlsCertificate,
		ports: []*f64{
			jsii.Number(123),
		},
	},
}

Experimental.

type VirtualServiceProps

type VirtualServiceProps struct {
	// The VirtualNode or VirtualRouter which the VirtualService uses as its provider.
	// Experimental.
	VirtualServiceProvider VirtualServiceProvider `field:"required" json:"virtualServiceProvider" yaml:"virtualServiceProvider"`
	// The name of the VirtualService.
	//
	// It is recommended this follows the fully-qualified domain name format,
	// such as "my-service.default.svc.cluster.local".
	//
	// Example value: `service.domain.local`
	// Experimental.
	VirtualServiceName *string `field:"optional" json:"virtualServiceName" yaml:"virtualServiceName"`
}

The properties applied to the VirtualService being defined.

Example:

var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
})

virtualService := appmesh.NewVirtualService(this, jsii.String("service-1"), &virtualServiceProps{
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualNode(node),
	virtualServiceName: jsii.String("service1.domain.local"),
})

node.addBackend(appmesh.backend.virtualService(virtualService))

Experimental.

type VirtualServiceProvider

type VirtualServiceProvider interface {
	// Enforces mutual exclusivity for VirtualService provider types.
	// Experimental.
	Bind(_construct constructs.Construct) *VirtualServiceProviderConfig
}

Represents the properties needed to define the provider for a VirtualService.

Example:

var mesh mesh

node := appmesh.NewVirtualNode(this, jsii.String("node"), &virtualNodeProps{
	mesh: mesh,
	serviceDiscovery: appmesh.serviceDiscovery.dns(jsii.String("node")),
})

virtualService := appmesh.NewVirtualService(this, jsii.String("service-1"), &virtualServiceProps{
	virtualServiceProvider: appmesh.virtualServiceProvider.virtualNode(node),
	virtualServiceName: jsii.String("service1.domain.local"),
})

node.addBackend(appmesh.backend.virtualService(virtualService))

Experimental.

func VirtualServiceProvider_None

func VirtualServiceProvider_None(mesh IMesh) VirtualServiceProvider

Returns an Empty Provider for a VirtualService.

This provides no routing capabilities and should only be used as a placeholder. Experimental.

func VirtualServiceProvider_VirtualNode

func VirtualServiceProvider_VirtualNode(virtualNode IVirtualNode) VirtualServiceProvider

Returns a VirtualNode based Provider for a VirtualService. Experimental.

func VirtualServiceProvider_VirtualRouter

func VirtualServiceProvider_VirtualRouter(virtualRouter IVirtualRouter) VirtualServiceProvider

Returns a VirtualRouter based Provider for a VirtualService. Experimental.

type VirtualServiceProviderConfig

type VirtualServiceProviderConfig struct {
	// Mesh the Provider is using.
	// Experimental.
	Mesh IMesh `field:"required" json:"mesh" yaml:"mesh"`
	// Virtual Node based provider.
	// Experimental.
	VirtualNodeProvider *CfnVirtualService_VirtualNodeServiceProviderProperty `field:"optional" json:"virtualNodeProvider" yaml:"virtualNodeProvider"`
	// Virtual Router based provider.
	// Experimental.
	VirtualRouterProvider *CfnVirtualService_VirtualRouterServiceProviderProperty `field:"optional" json:"virtualRouterProvider" yaml:"virtualRouterProvider"`
}

Properties for a VirtualService provider.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var mesh mesh

virtualServiceProviderConfig := &virtualServiceProviderConfig{
	mesh: mesh,

	// the properties below are optional
	virtualNodeProvider: &virtualNodeServiceProviderProperty{
		virtualNodeName: jsii.String("virtualNodeName"),
	},
	virtualRouterProvider: &virtualRouterServiceProviderProperty{
		virtualRouterName: jsii.String("virtualRouterName"),
	},
}

Experimental.

type WeightedTarget

type WeightedTarget struct {
	// The VirtualNode the route points to.
	// Experimental.
	VirtualNode IVirtualNode `field:"required" json:"virtualNode" yaml:"virtualNode"`
	// The weight for the target.
	// Experimental.
	Weight *float64 `field:"optional" json:"weight" yaml:"weight"`
}

Properties for the Weighted Targets in the route.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var virtualNode virtualNode

weightedTarget := &weightedTarget{
	virtualNode: virtualNode,

	// the properties below are optional
	weight: jsii.Number(123),
}

Experimental.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL