/
enums.ts
147 lines (126 loc) · 2.87 KB
/
enums.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
/**
* What kind of addresses to allocate to the load balancer
*/
export enum IpAddressType {
/**
* Allocate IPv4 addresses
*/
IPV4 = 'ipv4',
/**
* Allocate both IPv4 and IPv6 addresses
*/
DUAL_STACK = 'dualstack',
}
/**
* Backend protocol for network load balancers and health checks
*/
export enum Protocol {
/**
* HTTP (ALB health checks and NLB health checks)
*/
HTTP = 'HTTP',
/**
* HTTPS (ALB health checks and NLB health checks)
*/
HTTPS = 'HTTPS',
/**
* TCP (NLB, NLB health checks)
*/
TCP = 'TCP',
/**
* TLS (NLB)
*/
TLS = 'TLS',
/**
* UDP (NLB)
*/
UDP = 'UDP',
/**
* Listen to both TCP and UDP on the same port (NLB)
*/
TCP_UDP = 'TCP_UDP',
}
/**
* Load balancing protocol for application load balancers
*/
export enum ApplicationProtocol {
/**
* HTTP
*/
HTTP = 'HTTP',
/**
* HTTPS
*/
HTTPS = 'HTTPS'
}
/**
* Elastic Load Balancing provides the following security policies for Application Load Balancers
*
* We recommend the Recommended policy for general use. You can
* use the ForwardSecrecy policy if you require Forward Secrecy
* (FS).
*
* You can use one of the TLS policies to meet compliance and security
* standards that require disabling certain TLS protocol versions, or to
* support legacy clients that require deprecated ciphers.
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
*/
export enum SslPolicy {
/**
* The recommended security policy
*/
RECOMMENDED = 'ELBSecurityPolicy-2016-08',
/**
* Strong forward secrecy ciphers and TLS1.2 only
*/
FORWARD_SECRECY_TLS12_RES = 'ELBSecurityPolicy-FS-1-2-Res-2019-08',
/**
* Forward secrecy ciphers and TLS1.2 only
*/
FORWARD_SECRECY_TLS12 = 'ELBSecurityPolicy-FS-1-2-2019-08',
/**
* Forward secrecy ciphers only with TLS1.1 and higher
*/
FORWARD_SECRECY_TLS11 = 'ELBSecurityPolicy-FS-1-1-2019-08',
/**
* Forward secrecy ciphers only
*/
FORWARD_SECRECY = 'ELBSecurityPolicy-FS-2018-06',
/**
* TLS1.2 only and no SHA ciphers
*/
TLS12 = 'ELBSecurityPolicy-TLS-1-2-2017-01',
/**
* TLS1.2 only with all ciphers
*/
TLS12_EXT = 'ELBSecurityPolicy-TLS-1-2-Ext-2018-06',
/**
* TLS1.1 and higher with all ciphers
*/
TLS11 = 'ELBSecurityPolicy-TLS-1-1-2017-01',
/**
* Support for DES-CBC3-SHA
*
* Do not use this security policy unless you must support a legacy client
* that requires the DES-CBC3-SHA cipher, which is a weak cipher.
*/
LEGACY = 'ELBSecurityPolicy-TLS-1-0-2015-04',
}
/**
* How to interpret the load balancing target identifiers
*/
export enum TargetType {
/**
* Targets identified by instance ID
*/
INSTANCE = 'instance',
/**
* Targets identified by IP address
*/
IP = 'ip',
/**
* Target is a single Lambda Function
*/
LAMBDA = 'lambda',
}