AWS::NetworkFirewall::TLSInspectionConfiguration TLSInspectionConfiguration - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::NetworkFirewall::TLSInspectionConfiguration TLSInspectionConfiguration

The object that defines a TLS inspection configuration. This defines the TLS inspection configuration.

AWS Network Firewall uses a TLS inspection configuration to decrypt traffic. Network Firewall re-encrypts the traffic before sending it to its destination.

To use a TLS inspection configuration, you add it to a new Network Firewall firewall policy, then you apply the firewall policy to a firewall. Network Firewall acts as a proxy service to decrypt and inspect the traffic traveling through your firewalls. You can reference a TLS inspection configuration from more than one firewall policy, and you can use a firewall policy in more than one firewall. For more information about using TLS inspection configurations, see Inspecting SSL/TLS traffic with TLS inspection configurations in the AWS Network Firewall Developer Guide.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

Properties

ServerCertificateConfigurations

Lists the server certificate configurations that are associated with the TLS configuration.

Required: No

Type: Array of ServerCertificateConfiguration

Update requires: No interruption