com.pulumi.aws.elb.kotlin.SslNegotiationPolicy.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-aws-kotlin Show documentation
Show all versions of pulumi-aws-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.aws.elb.kotlin
import com.pulumi.aws.elb.kotlin.outputs.SslNegotiationPolicyAttribute
import com.pulumi.aws.elb.kotlin.outputs.SslNegotiationPolicyAttribute.Companion.toKotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
/**
* Builder for [SslNegotiationPolicy].
*/
@PulumiTagMarker
public class SslNegotiationPolicyResourceBuilder internal constructor() {
public var name: String? = null
public var args: SslNegotiationPolicyArgs = SslNegotiationPolicyArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend SslNegotiationPolicyArgsBuilder.() -> Unit) {
val builder = SslNegotiationPolicyArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): SslNegotiationPolicy {
val builtJavaResource = com.pulumi.aws.elb.SslNegotiationPolicy(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return SslNegotiationPolicy(builtJavaResource)
}
}
/**
* Provides a load balancer SSL negotiation policy, which allows an ELB to control the ciphers and protocols that are supported during SSL negotiations between a client and a load balancer.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
* const lb = new aws.elb.LoadBalancer("lb", {
* name: "test-lb",
* availabilityZones: ["us-east-1a"],
* listeners: [{
* instancePort: 8000,
* instanceProtocol: "https",
* lbPort: 443,
* lbProtocol: "https",
* sslCertificateId: "arn:aws:iam::123456789012:server-certificate/certName",
* }],
* });
* const foo = new aws.elb.SslNegotiationPolicy("foo", {
* name: "foo-policy",
* loadBalancer: lb.id,
* lbPort: 443,
* attributes: [
* {
* name: "Protocol-TLSv1",
* value: "false",
* },
* {
* name: "Protocol-TLSv1.1",
* value: "false",
* },
* {
* name: "Protocol-TLSv1.2",
* value: "true",
* },
* {
* name: "Server-Defined-Cipher-Order",
* value: "true",
* },
* {
* name: "ECDHE-RSA-AES128-GCM-SHA256",
* value: "true",
* },
* {
* name: "AES128-GCM-SHA256",
* value: "true",
* },
* {
* name: "EDH-RSA-DES-CBC3-SHA",
* value: "false",
* },
* ],
* });
* ```
* ```python
* import pulumi
* import pulumi_aws as aws
* lb = aws.elb.LoadBalancer("lb",
* name="test-lb",
* availability_zones=["us-east-1a"],
* listeners=[{
* "instance_port": 8000,
* "instance_protocol": "https",
* "lb_port": 443,
* "lb_protocol": "https",
* "ssl_certificate_id": "arn:aws:iam::123456789012:server-certificate/certName",
* }])
* foo = aws.elb.SslNegotiationPolicy("foo",
* name="foo-policy",
* load_balancer=lb.id,
* lb_port=443,
* attributes=[
* {
* "name": "Protocol-TLSv1",
* "value": "false",
* },
* {
* "name": "Protocol-TLSv1.1",
* "value": "false",
* },
* {
* "name": "Protocol-TLSv1.2",
* "value": "true",
* },
* {
* "name": "Server-Defined-Cipher-Order",
* "value": "true",
* },
* {
* "name": "ECDHE-RSA-AES128-GCM-SHA256",
* "value": "true",
* },
* {
* "name": "AES128-GCM-SHA256",
* "value": "true",
* },
* {
* "name": "EDH-RSA-DES-CBC3-SHA",
* "value": "false",
* },
* ])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Aws = Pulumi.Aws;
* return await Deployment.RunAsync(() =>
* {
* var lb = new Aws.Elb.LoadBalancer("lb", new()
* {
* Name = "test-lb",
* AvailabilityZones = new[]
* {
* "us-east-1a",
* },
* Listeners = new[]
* {
* new Aws.Elb.Inputs.LoadBalancerListenerArgs
* {
* InstancePort = 8000,
* InstanceProtocol = "https",
* LbPort = 443,
* LbProtocol = "https",
* SslCertificateId = "arn:aws:iam::123456789012:server-certificate/certName",
* },
* },
* });
* var foo = new Aws.Elb.SslNegotiationPolicy("foo", new()
* {
* Name = "foo-policy",
* LoadBalancer = lb.Id,
* LbPort = 443,
* Attributes = new[]
* {
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "Protocol-TLSv1",
* Value = "false",
* },
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "Protocol-TLSv1.1",
* Value = "false",
* },
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "Protocol-TLSv1.2",
* Value = "true",
* },
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "Server-Defined-Cipher-Order",
* Value = "true",
* },
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "ECDHE-RSA-AES128-GCM-SHA256",
* Value = "true",
* },
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "AES128-GCM-SHA256",
* Value = "true",
* },
* new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
* {
* Name = "EDH-RSA-DES-CBC3-SHA",
* Value = "false",
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* lb, err := elb.NewLoadBalancer(ctx, "lb", &elb.LoadBalancerArgs{
* Name: pulumi.String("test-lb"),
* AvailabilityZones: pulumi.StringArray{
* pulumi.String("us-east-1a"),
* },
* Listeners: elb.LoadBalancerListenerArray{
* &elb.LoadBalancerListenerArgs{
* InstancePort: pulumi.Int(8000),
* InstanceProtocol: pulumi.String("https"),
* LbPort: pulumi.Int(443),
* LbProtocol: pulumi.String("https"),
* SslCertificateId: pulumi.String("arn:aws:iam::123456789012:server-certificate/certName"),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = elb.NewSslNegotiationPolicy(ctx, "foo", &elb.SslNegotiationPolicyArgs{
* Name: pulumi.String("foo-policy"),
* LoadBalancer: lb.ID(),
* LbPort: pulumi.Int(443),
* Attributes: elb.SslNegotiationPolicyAttributeArray{
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("Protocol-TLSv1"),
* Value: pulumi.String("false"),
* },
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("Protocol-TLSv1.1"),
* Value: pulumi.String("false"),
* },
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("Protocol-TLSv1.2"),
* Value: pulumi.String("true"),
* },
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("Server-Defined-Cipher-Order"),
* Value: pulumi.String("true"),
* },
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("ECDHE-RSA-AES128-GCM-SHA256"),
* Value: pulumi.String("true"),
* },
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("AES128-GCM-SHA256"),
* Value: pulumi.String("true"),
* },
* &elb.SslNegotiationPolicyAttributeArgs{
* Name: pulumi.String("EDH-RSA-DES-CBC3-SHA"),
* Value: pulumi.String("false"),
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.elb.LoadBalancer;
* import com.pulumi.aws.elb.LoadBalancerArgs;
* import com.pulumi.aws.elb.inputs.LoadBalancerListenerArgs;
* import com.pulumi.aws.elb.SslNegotiationPolicy;
* import com.pulumi.aws.elb.SslNegotiationPolicyArgs;
* import com.pulumi.aws.elb.inputs.SslNegotiationPolicyAttributeArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var lb = new LoadBalancer("lb", LoadBalancerArgs.builder()
* .name("test-lb")
* .availabilityZones("us-east-1a")
* .listeners(LoadBalancerListenerArgs.builder()
* .instancePort(8000)
* .instanceProtocol("https")
* .lbPort(443)
* .lbProtocol("https")
* .sslCertificateId("arn:aws:iam::123456789012:server-certificate/certName")
* .build())
* .build());
* var foo = new SslNegotiationPolicy("foo", SslNegotiationPolicyArgs.builder()
* .name("foo-policy")
* .loadBalancer(lb.id())
* .lbPort(443)
* .attributes(
* SslNegotiationPolicyAttributeArgs.builder()
* .name("Protocol-TLSv1")
* .value("false")
* .build(),
* SslNegotiationPolicyAttributeArgs.builder()
* .name("Protocol-TLSv1.1")
* .value("false")
* .build(),
* SslNegotiationPolicyAttributeArgs.builder()
* .name("Protocol-TLSv1.2")
* .value("true")
* .build(),
* SslNegotiationPolicyAttributeArgs.builder()
* .name("Server-Defined-Cipher-Order")
* .value("true")
* .build(),
* SslNegotiationPolicyAttributeArgs.builder()
* .name("ECDHE-RSA-AES128-GCM-SHA256")
* .value("true")
* .build(),
* SslNegotiationPolicyAttributeArgs.builder()
* .name("AES128-GCM-SHA256")
* .value("true")
* .build(),
* SslNegotiationPolicyAttributeArgs.builder()
* .name("EDH-RSA-DES-CBC3-SHA")
* .value("false")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* lb:
* type: aws:elb:LoadBalancer
* properties:
* name: test-lb
* availabilityZones:
* - us-east-1a
* listeners:
* - instancePort: 8000
* instanceProtocol: https
* lbPort: 443
* lbProtocol: https
* sslCertificateId: arn:aws:iam::123456789012:server-certificate/certName
* foo:
* type: aws:elb:SslNegotiationPolicy
* properties:
* name: foo-policy
* loadBalancer: ${lb.id}
* lbPort: 443
* attributes:
* - name: Protocol-TLSv1
* value: 'false'
* - name: Protocol-TLSv1.1
* value: 'false'
* - name: Protocol-TLSv1.2
* value: 'true'
* - name: Server-Defined-Cipher-Order
* value: 'true'
* - name: ECDHE-RSA-AES128-GCM-SHA256
* value: 'true'
* - name: AES128-GCM-SHA256
* value: 'true'
* - name: EDH-RSA-DES-CBC3-SHA
* value: 'false'
* ```
*
*/
public class SslNegotiationPolicy internal constructor(
override val javaResource: com.pulumi.aws.elb.SslNegotiationPolicy,
) : KotlinCustomResource(javaResource, SslNegotiationPolicyMapper) {
/**
* An SSL Negotiation policy attribute. Each has two properties:
*/
public val attributes: Output>?
get() = javaResource.attributes().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> toKotlin(args0) })
})
}).orElse(null)
})
/**
* The load balancer port to which the policy
* should be applied. This must be an active listener on the load
* balancer.
*/
public val lbPort: Output
get() = javaResource.lbPort().applyValue({ args0 -> args0 })
/**
* The load balancer to which the policy
* should be attached.
*/
public val loadBalancer: Output
get() = javaResource.loadBalancer().applyValue({ args0 -> args0 })
/**
* The name of the SSL negotiation policy.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* Map of arbitrary keys and values that, when changed, will trigger a redeployment.
* To set your attributes, please see the [AWS Elastic Load Balancing Developer Guide](http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html) for a listing of the supported SSL protocols, SSL options, and SSL ciphers.
* > **NOTE:** The AWS documentation references Server Order Preference, which the AWS Elastic Load Balancing API refers to as `Server-Defined-Cipher-Order`. If you wish to set Server Order Preference, use this value instead.
*/
public val triggers: Output>?
get() = javaResource.triggers().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}).orElse(null)
})
}
public object SslNegotiationPolicyMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.aws.elb.SslNegotiationPolicy::class == javaResource::class
override fun map(javaResource: Resource): SslNegotiationPolicy = SslNegotiationPolicy(
javaResource
as com.pulumi.aws.elb.SslNegotiationPolicy,
)
}
/**
* @see [SslNegotiationPolicy].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [SslNegotiationPolicy].
*/
public suspend fun sslNegotiationPolicy(
name: String,
block: suspend SslNegotiationPolicyResourceBuilder.() -> Unit,
): SslNegotiationPolicy {
val builder = SslNegotiationPolicyResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [SslNegotiationPolicy].
* @param name The _unique_ name of the resulting resource.
*/
public fun sslNegotiationPolicy(name: String): SslNegotiationPolicy {
val builder = SslNegotiationPolicyResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy