App Mesh Tls Validation Context Structure

{
  "type": "object",
  "properties": {
    "subjectAlternativeNames": {
      "allOf": [
        {
          "$ref": "#/components/schemas/SubjectAlternativeNames"
        },
        {
          "description": "A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the <i>terminating</i> mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the <i>originating</i> mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name."
        }
      ]
    },
    "trust": {
      "allOf": [
        {
          "$ref": "#/components/schemas/TlsValidationContextTrust"
        },
        {
          "description": "A reference to where to retrieve the trust chain when validating a peer\u2019s Transport Layer Security (TLS) certificate."
        }
      ]
    }
  },
  "required": [
    "trust"
  ],
  "description": "An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.",
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/aws-app-mesh/refs/heads/main/json-structure/app-mesh-tls-validation-context-structure.json",
  "name": "TlsValidationContext"
}