1. Packages
  2. Alibaba Cloud
  3. API Docs
  4. vpn
  5. Connection
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

alicloud.vpn.Connection

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

    Import

    VPN connection can be imported using the id, e.g.

     $ pulumi import alicloud:vpn/connection:Connection example vco-abc123456
    

    Example Usage

    Basic Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        var fooZones = AliCloud.GetZones.Invoke(new()
        {
            AvailableResourceCreation = "VSwitch",
        });
    
        var fooNetwork = new AliCloud.Vpc.Network("fooNetwork", new()
        {
            VpcName = "terraform-example",
            CidrBlock = "172.16.0.0/12",
        });
    
        var fooSwitch = new AliCloud.Vpc.Switch("fooSwitch", new()
        {
            VswitchName = "terraform-example",
            CidrBlock = "172.16.0.0/21",
            VpcId = fooNetwork.Id,
            ZoneId = fooZones.Apply(getZonesResult => getZonesResult.Zones[0]?.Id),
        });
    
        var fooGateway = new AliCloud.Vpn.Gateway("fooGateway", new()
        {
            VpcId = fooNetwork.Id,
            Bandwidth = 10,
            EnableSsl = true,
            InstanceChargeType = "PrePaid",
            Description = "test_create_description",
            VswitchId = fooSwitch.Id,
        });
    
        var fooCustomerGateway = new AliCloud.Vpn.CustomerGateway("fooCustomerGateway", new()
        {
            IpAddress = "42.104.22.210",
            Description = "terraform-example",
        });
    
        var fooConnection = new AliCloud.Vpn.Connection("fooConnection", new()
        {
            VpnGatewayId = fooGateway.Id,
            CustomerGatewayId = fooCustomerGateway.Id,
            LocalSubnets = new[]
            {
                "172.16.0.0/24",
                "172.16.1.0/24",
            },
            RemoteSubnets = new[]
            {
                "10.0.0.0/24",
                "10.0.1.0/24",
            },
            EffectImmediately = true,
            IkeConfig = new AliCloud.Vpn.Inputs.ConnectionIkeConfigArgs
            {
                IkeAuthAlg = "md5",
                IkeEncAlg = "des",
                IkeVersion = "ikev2",
                IkeMode = "main",
                IkeLifetime = 86400,
                Psk = "tf-testvpn2",
                IkePfs = "group1",
                IkeRemoteId = "testbob2",
                IkeLocalId = "testalice2",
            },
            IpsecConfig = new AliCloud.Vpn.Inputs.ConnectionIpsecConfigArgs
            {
                IpsecPfs = "group5",
                IpsecEncAlg = "des",
                IpsecAuthAlg = "md5",
                IpsecLifetime = 8640,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpn"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		fooZones, err := alicloud.GetZones(ctx, &alicloud.GetZonesArgs{
    			AvailableResourceCreation: pulumi.StringRef("VSwitch"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		fooNetwork, err := vpc.NewNetwork(ctx, "fooNetwork", &vpc.NetworkArgs{
    			VpcName:   pulumi.String("terraform-example"),
    			CidrBlock: pulumi.String("172.16.0.0/12"),
    		})
    		if err != nil {
    			return err
    		}
    		fooSwitch, err := vpc.NewSwitch(ctx, "fooSwitch", &vpc.SwitchArgs{
    			VswitchName: pulumi.String("terraform-example"),
    			CidrBlock:   pulumi.String("172.16.0.0/21"),
    			VpcId:       fooNetwork.ID(),
    			ZoneId:      *pulumi.String(fooZones.Zones[0].Id),
    		})
    		if err != nil {
    			return err
    		}
    		fooGateway, err := vpn.NewGateway(ctx, "fooGateway", &vpn.GatewayArgs{
    			VpcId:              fooNetwork.ID(),
    			Bandwidth:          pulumi.Int(10),
    			EnableSsl:          pulumi.Bool(true),
    			InstanceChargeType: pulumi.String("PrePaid"),
    			Description:        pulumi.String("test_create_description"),
    			VswitchId:          fooSwitch.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		fooCustomerGateway, err := vpn.NewCustomerGateway(ctx, "fooCustomerGateway", &vpn.CustomerGatewayArgs{
    			IpAddress:   pulumi.String("42.104.22.210"),
    			Description: pulumi.String("terraform-example"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = vpn.NewConnection(ctx, "fooConnection", &vpn.ConnectionArgs{
    			VpnGatewayId:      fooGateway.ID(),
    			CustomerGatewayId: fooCustomerGateway.ID(),
    			LocalSubnets: pulumi.StringArray{
    				pulumi.String("172.16.0.0/24"),
    				pulumi.String("172.16.1.0/24"),
    			},
    			RemoteSubnets: pulumi.StringArray{
    				pulumi.String("10.0.0.0/24"),
    				pulumi.String("10.0.1.0/24"),
    			},
    			EffectImmediately: pulumi.Bool(true),
    			IkeConfig: &vpn.ConnectionIkeConfigArgs{
    				IkeAuthAlg:  pulumi.String("md5"),
    				IkeEncAlg:   pulumi.String("des"),
    				IkeVersion:  pulumi.String("ikev2"),
    				IkeMode:     pulumi.String("main"),
    				IkeLifetime: pulumi.Int(86400),
    				Psk:         pulumi.String("tf-testvpn2"),
    				IkePfs:      pulumi.String("group1"),
    				IkeRemoteId: pulumi.String("testbob2"),
    				IkeLocalId:  pulumi.String("testalice2"),
    			},
    			IpsecConfig: &vpn.ConnectionIpsecConfigArgs{
    				IpsecPfs:      pulumi.String("group5"),
    				IpsecEncAlg:   pulumi.String("des"),
    				IpsecAuthAlg:  pulumi.String("md5"),
    				IpsecLifetime: pulumi.Int(8640),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.AlicloudFunctions;
    import com.pulumi.alicloud.inputs.GetZonesArgs;
    import com.pulumi.alicloud.vpc.Network;
    import com.pulumi.alicloud.vpc.NetworkArgs;
    import com.pulumi.alicloud.vpc.Switch;
    import com.pulumi.alicloud.vpc.SwitchArgs;
    import com.pulumi.alicloud.vpn.Gateway;
    import com.pulumi.alicloud.vpn.GatewayArgs;
    import com.pulumi.alicloud.vpn.CustomerGateway;
    import com.pulumi.alicloud.vpn.CustomerGatewayArgs;
    import com.pulumi.alicloud.vpn.Connection;
    import com.pulumi.alicloud.vpn.ConnectionArgs;
    import com.pulumi.alicloud.vpn.inputs.ConnectionIkeConfigArgs;
    import com.pulumi.alicloud.vpn.inputs.ConnectionIpsecConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var fooZones = AlicloudFunctions.getZones(GetZonesArgs.builder()
                .availableResourceCreation("VSwitch")
                .build());
    
            var fooNetwork = new Network("fooNetwork", NetworkArgs.builder()        
                .vpcName("terraform-example")
                .cidrBlock("172.16.0.0/12")
                .build());
    
            var fooSwitch = new Switch("fooSwitch", SwitchArgs.builder()        
                .vswitchName("terraform-example")
                .cidrBlock("172.16.0.0/21")
                .vpcId(fooNetwork.id())
                .zoneId(fooZones.applyValue(getZonesResult -> getZonesResult.zones()[0].id()))
                .build());
    
            var fooGateway = new Gateway("fooGateway", GatewayArgs.builder()        
                .vpcId(fooNetwork.id())
                .bandwidth("10")
                .enableSsl(true)
                .instanceChargeType("PrePaid")
                .description("test_create_description")
                .vswitchId(fooSwitch.id())
                .build());
    
            var fooCustomerGateway = new CustomerGateway("fooCustomerGateway", CustomerGatewayArgs.builder()        
                .ipAddress("42.104.22.210")
                .description("terraform-example")
                .build());
    
            var fooConnection = new Connection("fooConnection", ConnectionArgs.builder()        
                .vpnGatewayId(fooGateway.id())
                .customerGatewayId(fooCustomerGateway.id())
                .localSubnets(            
                    "172.16.0.0/24",
                    "172.16.1.0/24")
                .remoteSubnets(            
                    "10.0.0.0/24",
                    "10.0.1.0/24")
                .effectImmediately(true)
                .ikeConfig(ConnectionIkeConfigArgs.builder()
                    .ikeAuthAlg("md5")
                    .ikeEncAlg("des")
                    .ikeVersion("ikev2")
                    .ikeMode("main")
                    .ikeLifetime(86400)
                    .psk("tf-testvpn2")
                    .ikePfs("group1")
                    .ikeRemoteId("testbob2")
                    .ikeLocalId("testalice2")
                    .build())
                .ipsecConfig(ConnectionIpsecConfigArgs.builder()
                    .ipsecPfs("group5")
                    .ipsecEncAlg("des")
                    .ipsecAuthAlg("md5")
                    .ipsecLifetime(8640)
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    foo_zones = alicloud.get_zones(available_resource_creation="VSwitch")
    foo_network = alicloud.vpc.Network("fooNetwork",
        vpc_name="terraform-example",
        cidr_block="172.16.0.0/12")
    foo_switch = alicloud.vpc.Switch("fooSwitch",
        vswitch_name="terraform-example",
        cidr_block="172.16.0.0/21",
        vpc_id=foo_network.id,
        zone_id=foo_zones.zones[0].id)
    foo_gateway = alicloud.vpn.Gateway("fooGateway",
        vpc_id=foo_network.id,
        bandwidth=10,
        enable_ssl=True,
        instance_charge_type="PrePaid",
        description="test_create_description",
        vswitch_id=foo_switch.id)
    foo_customer_gateway = alicloud.vpn.CustomerGateway("fooCustomerGateway",
        ip_address="42.104.22.210",
        description="terraform-example")
    foo_connection = alicloud.vpn.Connection("fooConnection",
        vpn_gateway_id=foo_gateway.id,
        customer_gateway_id=foo_customer_gateway.id,
        local_subnets=[
            "172.16.0.0/24",
            "172.16.1.0/24",
        ],
        remote_subnets=[
            "10.0.0.0/24",
            "10.0.1.0/24",
        ],
        effect_immediately=True,
        ike_config=alicloud.vpn.ConnectionIkeConfigArgs(
            ike_auth_alg="md5",
            ike_enc_alg="des",
            ike_version="ikev2",
            ike_mode="main",
            ike_lifetime=86400,
            psk="tf-testvpn2",
            ike_pfs="group1",
            ike_remote_id="testbob2",
            ike_local_id="testalice2",
        ),
        ipsec_config=alicloud.vpn.ConnectionIpsecConfigArgs(
            ipsec_pfs="group5",
            ipsec_enc_alg="des",
            ipsec_auth_alg="md5",
            ipsec_lifetime=8640,
        ))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    const fooZones = alicloud.getZones({
        availableResourceCreation: "VSwitch",
    });
    const fooNetwork = new alicloud.vpc.Network("fooNetwork", {
        vpcName: "terraform-example",
        cidrBlock: "172.16.0.0/12",
    });
    const fooSwitch = new alicloud.vpc.Switch("fooSwitch", {
        vswitchName: "terraform-example",
        cidrBlock: "172.16.0.0/21",
        vpcId: fooNetwork.id,
        zoneId: fooZones.then(fooZones => fooZones.zones?.[0]?.id),
    });
    const fooGateway = new alicloud.vpn.Gateway("fooGateway", {
        vpcId: fooNetwork.id,
        bandwidth: 10,
        enableSsl: true,
        instanceChargeType: "PrePaid",
        description: "test_create_description",
        vswitchId: fooSwitch.id,
    });
    const fooCustomerGateway = new alicloud.vpn.CustomerGateway("fooCustomerGateway", {
        ipAddress: "42.104.22.210",
        description: "terraform-example",
    });
    const fooConnection = new alicloud.vpn.Connection("fooConnection", {
        vpnGatewayId: fooGateway.id,
        customerGatewayId: fooCustomerGateway.id,
        localSubnets: [
            "172.16.0.0/24",
            "172.16.1.0/24",
        ],
        remoteSubnets: [
            "10.0.0.0/24",
            "10.0.1.0/24",
        ],
        effectImmediately: true,
        ikeConfig: {
            ikeAuthAlg: "md5",
            ikeEncAlg: "des",
            ikeVersion: "ikev2",
            ikeMode: "main",
            ikeLifetime: 86400,
            psk: "tf-testvpn2",
            ikePfs: "group1",
            ikeRemoteId: "testbob2",
            ikeLocalId: "testalice2",
        },
        ipsecConfig: {
            ipsecPfs: "group5",
            ipsecEncAlg: "des",
            ipsecAuthAlg: "md5",
            ipsecLifetime: 8640,
        },
    });
    
    resources:
      fooNetwork:
        type: alicloud:vpc:Network
        properties:
          vpcName: terraform-example
          cidrBlock: 172.16.0.0/12
      fooSwitch:
        type: alicloud:vpc:Switch
        properties:
          vswitchName: terraform-example
          cidrBlock: 172.16.0.0/21
          vpcId: ${fooNetwork.id}
          zoneId: ${fooZones.zones[0].id}
      fooGateway:
        type: alicloud:vpn:Gateway
        properties:
          vpcId: ${fooNetwork.id}
          bandwidth: '10'
          enableSsl: true
          instanceChargeType: PrePaid
          description: test_create_description
          vswitchId: ${fooSwitch.id}
      fooCustomerGateway:
        type: alicloud:vpn:CustomerGateway
        properties:
          ipAddress: 42.104.22.210
          description: terraform-example
      fooConnection:
        type: alicloud:vpn:Connection
        properties:
          vpnGatewayId: ${fooGateway.id}
          customerGatewayId: ${fooCustomerGateway.id}
          localSubnets:
            - 172.16.0.0/24
            - 172.16.1.0/24
          remoteSubnets:
            - 10.0.0.0/24
            - 10.0.1.0/24
          effectImmediately: true
          ikeConfig:
            ikeAuthAlg: md5
            ikeEncAlg: des
            ikeVersion: ikev2
            ikeMode: main
            ikeLifetime: 86400
            psk: tf-testvpn2
            ikePfs: group1
            ikeRemoteId: testbob2
            ikeLocalId: testalice2
          ipsecConfig:
            ipsecPfs: group5
            ipsecEncAlg: des
            ipsecAuthAlg: md5
            ipsecLifetime: 8640
    variables:
      fooZones:
        fn::invoke:
          Function: alicloud:getZones
          Arguments:
            availableResourceCreation: VSwitch
    

    Create Connection Resource

    new Connection(name: string, args: ConnectionArgs, opts?: CustomResourceOptions);
    @overload
    def Connection(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   bgp_config: Optional[ConnectionBgpConfigArgs] = None,
                   customer_gateway_id: Optional[str] = None,
                   effect_immediately: Optional[bool] = None,
                   enable_dpd: Optional[bool] = None,
                   enable_nat_traversal: Optional[bool] = None,
                   health_check_config: Optional[ConnectionHealthCheckConfigArgs] = None,
                   ike_config: Optional[ConnectionIkeConfigArgs] = None,
                   ipsec_config: Optional[ConnectionIpsecConfigArgs] = None,
                   local_subnets: Optional[Sequence[str]] = None,
                   name: Optional[str] = None,
                   remote_subnets: Optional[Sequence[str]] = None,
                   vpn_gateway_id: Optional[str] = None)
    @overload
    def Connection(resource_name: str,
                   args: ConnectionArgs,
                   opts: Optional[ResourceOptions] = None)
    func NewConnection(ctx *Context, name string, args ConnectionArgs, opts ...ResourceOption) (*Connection, error)
    public Connection(string name, ConnectionArgs args, CustomResourceOptions? opts = null)
    public Connection(String name, ConnectionArgs args)
    public Connection(String name, ConnectionArgs args, CustomResourceOptions options)
    
    type: alicloud:vpn:Connection
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args ConnectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ConnectionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ConnectionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ConnectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ConnectionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Connection Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Connection resource accepts the following input properties:

    CustomerGatewayId string

    The ID of the customer gateway.

    LocalSubnets List<string>

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    RemoteSubnets List<string>

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    VpnGatewayId string

    The ID of the VPN gateway.

    BgpConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionBgpConfig

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    EffectImmediately bool

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    EnableDpd bool

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    EnableNatTraversal bool

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    HealthCheckConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionHealthCheckConfig

    The health check configurations. See the following Block health_check_config.

    IkeConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionIkeConfig

    The configurations of phase-one negotiation. See the following Block ike_config.

    IpsecConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionIpsecConfig

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    Name string

    The name of the IPsec connection.

    CustomerGatewayId string

    The ID of the customer gateway.

    LocalSubnets []string

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    RemoteSubnets []string

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    VpnGatewayId string

    The ID of the VPN gateway.

    BgpConfig ConnectionBgpConfigArgs

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    EffectImmediately bool

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    EnableDpd bool

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    EnableNatTraversal bool

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    HealthCheckConfig ConnectionHealthCheckConfigArgs

    The health check configurations. See the following Block health_check_config.

    IkeConfig ConnectionIkeConfigArgs

    The configurations of phase-one negotiation. See the following Block ike_config.

    IpsecConfig ConnectionIpsecConfigArgs

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    Name string

    The name of the IPsec connection.

    customerGatewayId String

    The ID of the customer gateway.

    localSubnets List<String>

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    remoteSubnets List<String>

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    vpnGatewayId String

    The ID of the VPN gateway.

    bgpConfig ConnectionBgpConfig

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    effectImmediately Boolean

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enableDpd Boolean

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enableNatTraversal Boolean

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    healthCheckConfig ConnectionHealthCheckConfig

    The health check configurations. See the following Block health_check_config.

    ikeConfig ConnectionIkeConfig

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsecConfig ConnectionIpsecConfig

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    name String

    The name of the IPsec connection.

    customerGatewayId string

    The ID of the customer gateway.

    localSubnets string[]

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    remoteSubnets string[]

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    vpnGatewayId string

    The ID of the VPN gateway.

    bgpConfig ConnectionBgpConfig

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    effectImmediately boolean

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enableDpd boolean

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enableNatTraversal boolean

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    healthCheckConfig ConnectionHealthCheckConfig

    The health check configurations. See the following Block health_check_config.

    ikeConfig ConnectionIkeConfig

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsecConfig ConnectionIpsecConfig

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    name string

    The name of the IPsec connection.

    customer_gateway_id str

    The ID of the customer gateway.

    local_subnets Sequence[str]

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    remote_subnets Sequence[str]

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    vpn_gateway_id str

    The ID of the VPN gateway.

    bgp_config ConnectionBgpConfigArgs

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    effect_immediately bool

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enable_dpd bool

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enable_nat_traversal bool

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    health_check_config ConnectionHealthCheckConfigArgs

    The health check configurations. See the following Block health_check_config.

    ike_config ConnectionIkeConfigArgs

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsec_config ConnectionIpsecConfigArgs

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    name str

    The name of the IPsec connection.

    customerGatewayId String

    The ID of the customer gateway.

    localSubnets List<String>

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    remoteSubnets List<String>

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    vpnGatewayId String

    The ID of the VPN gateway.

    bgpConfig Property Map

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    effectImmediately Boolean

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enableDpd Boolean

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enableNatTraversal Boolean

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    healthCheckConfig Property Map

    The health check configurations. See the following Block health_check_config.

    ikeConfig Property Map

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsecConfig Property Map

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    name String

    The name of the IPsec connection.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Connection resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Status string

    The status of VPN connection.

    Id string

    The provider-assigned unique ID for this managed resource.

    Status string

    The status of VPN connection.

    id String

    The provider-assigned unique ID for this managed resource.

    status String

    The status of VPN connection.

    id string

    The provider-assigned unique ID for this managed resource.

    status string

    The status of VPN connection.

    id str

    The provider-assigned unique ID for this managed resource.

    status str

    The status of VPN connection.

    id String

    The provider-assigned unique ID for this managed resource.

    status String

    The status of VPN connection.

    Look up Existing Connection Resource

    Get an existing Connection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ConnectionState, opts?: CustomResourceOptions): Connection
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            bgp_config: Optional[ConnectionBgpConfigArgs] = None,
            customer_gateway_id: Optional[str] = None,
            effect_immediately: Optional[bool] = None,
            enable_dpd: Optional[bool] = None,
            enable_nat_traversal: Optional[bool] = None,
            health_check_config: Optional[ConnectionHealthCheckConfigArgs] = None,
            ike_config: Optional[ConnectionIkeConfigArgs] = None,
            ipsec_config: Optional[ConnectionIpsecConfigArgs] = None,
            local_subnets: Optional[Sequence[str]] = None,
            name: Optional[str] = None,
            remote_subnets: Optional[Sequence[str]] = None,
            status: Optional[str] = None,
            vpn_gateway_id: Optional[str] = None) -> Connection
    func GetConnection(ctx *Context, name string, id IDInput, state *ConnectionState, opts ...ResourceOption) (*Connection, error)
    public static Connection Get(string name, Input<string> id, ConnectionState? state, CustomResourceOptions? opts = null)
    public static Connection get(String name, Output<String> id, ConnectionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    BgpConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionBgpConfig

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    CustomerGatewayId string

    The ID of the customer gateway.

    EffectImmediately bool

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    EnableDpd bool

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    EnableNatTraversal bool

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    HealthCheckConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionHealthCheckConfig

    The health check configurations. See the following Block health_check_config.

    IkeConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionIkeConfig

    The configurations of phase-one negotiation. See the following Block ike_config.

    IpsecConfig Pulumi.AliCloud.Vpn.Inputs.ConnectionIpsecConfig

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    LocalSubnets List<string>

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    Name string

    The name of the IPsec connection.

    RemoteSubnets List<string>

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    Status string

    The status of VPN connection.

    VpnGatewayId string

    The ID of the VPN gateway.

    BgpConfig ConnectionBgpConfigArgs

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    CustomerGatewayId string

    The ID of the customer gateway.

    EffectImmediately bool

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    EnableDpd bool

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    EnableNatTraversal bool

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    HealthCheckConfig ConnectionHealthCheckConfigArgs

    The health check configurations. See the following Block health_check_config.

    IkeConfig ConnectionIkeConfigArgs

    The configurations of phase-one negotiation. See the following Block ike_config.

    IpsecConfig ConnectionIpsecConfigArgs

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    LocalSubnets []string

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    Name string

    The name of the IPsec connection.

    RemoteSubnets []string

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    Status string

    The status of VPN connection.

    VpnGatewayId string

    The ID of the VPN gateway.

    bgpConfig ConnectionBgpConfig

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    customerGatewayId String

    The ID of the customer gateway.

    effectImmediately Boolean

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enableDpd Boolean

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enableNatTraversal Boolean

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    healthCheckConfig ConnectionHealthCheckConfig

    The health check configurations. See the following Block health_check_config.

    ikeConfig ConnectionIkeConfig

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsecConfig ConnectionIpsecConfig

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    localSubnets List<String>

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    name String

    The name of the IPsec connection.

    remoteSubnets List<String>

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    status String

    The status of VPN connection.

    vpnGatewayId String

    The ID of the VPN gateway.

    bgpConfig ConnectionBgpConfig

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    customerGatewayId string

    The ID of the customer gateway.

    effectImmediately boolean

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enableDpd boolean

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enableNatTraversal boolean

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    healthCheckConfig ConnectionHealthCheckConfig

    The health check configurations. See the following Block health_check_config.

    ikeConfig ConnectionIkeConfig

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsecConfig ConnectionIpsecConfig

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    localSubnets string[]

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    name string

    The name of the IPsec connection.

    remoteSubnets string[]

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    status string

    The status of VPN connection.

    vpnGatewayId string

    The ID of the VPN gateway.

    bgp_config ConnectionBgpConfigArgs

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    customer_gateway_id str

    The ID of the customer gateway.

    effect_immediately bool

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enable_dpd bool

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enable_nat_traversal bool

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    health_check_config ConnectionHealthCheckConfigArgs

    The health check configurations. See the following Block health_check_config.

    ike_config ConnectionIkeConfigArgs

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsec_config ConnectionIpsecConfigArgs

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    local_subnets Sequence[str]

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    name str

    The name of the IPsec connection.

    remote_subnets Sequence[str]

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    status str

    The status of VPN connection.

    vpn_gateway_id str

    The ID of the VPN gateway.

    bgpConfig Property Map

    The configurations of the BGP routing protocol. See the following Block bgp_config.

    customerGatewayId String

    The ID of the customer gateway.

    effectImmediately Boolean

    Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.

    enableDpd Boolean

    Specifies whether to enable the dead peer detection (DPD) feature. Valid values: true(default), false.

    enableNatTraversal Boolean

    Specifies whether to enable NAT traversal. Valid values: true(default), false.

    healthCheckConfig Property Map

    The health check configurations. See the following Block health_check_config.

    ikeConfig Property Map

    The configurations of phase-one negotiation. See the following Block ike_config.

    ipsecConfig Property Map

    The configurations of phase-two negotiation. See the following Block ipsec_config.

    localSubnets List<String>

    The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.

    name String

    The name of the IPsec connection.

    remoteSubnets List<String>

    The CIDR block of the local data center. This parameter is used for phase-two negotiation.

    status String

    The status of VPN connection.

    vpnGatewayId String

    The ID of the VPN gateway.

    Supporting Types

    ConnectionBgpConfig, ConnectionBgpConfigArgs

    Enable bool

    Whether to enable Health Check.

    LocalAsn string

    The ASN on the Alibaba Cloud side.

    LocalBgpIp string

    The BGP IP address on the Alibaba Cloud side.

    TunnelCidr string

    The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.

    Enable bool

    Whether to enable Health Check.

    LocalAsn string

    The ASN on the Alibaba Cloud side.

    LocalBgpIp string

    The BGP IP address on the Alibaba Cloud side.

    TunnelCidr string

    The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.

    enable Boolean

    Whether to enable Health Check.

    localAsn String

    The ASN on the Alibaba Cloud side.

    localBgpIp String

    The BGP IP address on the Alibaba Cloud side.

    tunnelCidr String

    The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.

    enable boolean

    Whether to enable Health Check.

    localAsn string

    The ASN on the Alibaba Cloud side.

    localBgpIp string

    The BGP IP address on the Alibaba Cloud side.

    tunnelCidr string

    The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.

    enable bool

    Whether to enable Health Check.

    local_asn str

    The ASN on the Alibaba Cloud side.

    local_bgp_ip str

    The BGP IP address on the Alibaba Cloud side.

    tunnel_cidr str

    The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.

    enable Boolean

    Whether to enable Health Check.

    localAsn String

    The ASN on the Alibaba Cloud side.

    localBgpIp String

    The BGP IP address on the Alibaba Cloud side.

    tunnelCidr String

    The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.

    ConnectionHealthCheckConfig, ConnectionHealthCheckConfigArgs

    Dip string

    The destination IP address.

    Enable bool

    Whether to enable Health Check.

    Interval int

    The interval between two consecutive health checks. Unit: seconds.

    Retry int

    The maximum number of health check retries.

    Sip string

    The source IP address.

    Dip string

    The destination IP address.

    Enable bool

    Whether to enable Health Check.

    Interval int

    The interval between two consecutive health checks. Unit: seconds.

    Retry int

    The maximum number of health check retries.

    Sip string

    The source IP address.

    dip String

    The destination IP address.

    enable Boolean

    Whether to enable Health Check.

    interval Integer

    The interval between two consecutive health checks. Unit: seconds.

    retry Integer

    The maximum number of health check retries.

    sip String

    The source IP address.

    dip string

    The destination IP address.

    enable boolean

    Whether to enable Health Check.

    interval number

    The interval between two consecutive health checks. Unit: seconds.

    retry number

    The maximum number of health check retries.

    sip string

    The source IP address.

    dip str

    The destination IP address.

    enable bool

    Whether to enable Health Check.

    interval int

    The interval between two consecutive health checks. Unit: seconds.

    retry int

    The maximum number of health check retries.

    sip str

    The source IP address.

    dip String

    The destination IP address.

    enable Boolean

    Whether to enable Health Check.

    interval Number

    The interval between two consecutive health checks. Unit: seconds.

    retry Number

    The maximum number of health check retries.

    sip String

    The source IP address.

    ConnectionIkeConfig, ConnectionIkeConfigArgs

    IkeAuthAlg string

    The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5

    IkeEncAlg string

    The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes

    IkeLifetime int

    The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.

    IkeLocalId string

    The identification of the VPN gateway.

    IkeMode string

    The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main

    IkePfs string

    The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2

    IkeRemoteId string

    The identification of the customer gateway.

    IkeVersion string

    The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1

    Psk string

    Used for authentication between the IPsec VPN gateway and the customer gateway.

    IkeAuthAlg string

    The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5

    IkeEncAlg string

    The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes

    IkeLifetime int

    The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.

    IkeLocalId string

    The identification of the VPN gateway.

    IkeMode string

    The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main

    IkePfs string

    The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2

    IkeRemoteId string

    The identification of the customer gateway.

    IkeVersion string

    The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1

    Psk string

    Used for authentication between the IPsec VPN gateway and the customer gateway.

    ikeAuthAlg String

    The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5

    ikeEncAlg String

    The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes

    ikeLifetime Integer

    The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.

    ikeLocalId String

    The identification of the VPN gateway.

    ikeMode String

    The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main

    ikePfs String

    The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2

    ikeRemoteId String

    The identification of the customer gateway.

    ikeVersion String

    The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1

    psk String

    Used for authentication between the IPsec VPN gateway and the customer gateway.

    ikeAuthAlg string

    The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5

    ikeEncAlg string

    The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes

    ikeLifetime number

    The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.

    ikeLocalId string

    The identification of the VPN gateway.

    ikeMode string

    The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main

    ikePfs string

    The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2

    ikeRemoteId string

    The identification of the customer gateway.

    ikeVersion string

    The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1

    psk string

    Used for authentication between the IPsec VPN gateway and the customer gateway.

    ike_auth_alg str

    The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5

    ike_enc_alg str

    The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes

    ike_lifetime int

    The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.

    ike_local_id str

    The identification of the VPN gateway.

    ike_mode str

    The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main

    ike_pfs str

    The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2

    ike_remote_id str

    The identification of the customer gateway.

    ike_version str

    The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1

    psk str

    Used for authentication between the IPsec VPN gateway and the customer gateway.

    ikeAuthAlg String

    The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5

    ikeEncAlg String

    The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes

    ikeLifetime Number

    The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.

    ikeLocalId String

    The identification of the VPN gateway.

    ikeMode String

    The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main

    ikePfs String

    The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2

    ikeRemoteId String

    The identification of the customer gateway.

    ikeVersion String

    The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1

    psk String

    Used for authentication between the IPsec VPN gateway and the customer gateway.

    ConnectionIpsecConfig, ConnectionIpsecConfigArgs

    IpsecAuthAlg string

    The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1

    IpsecEncAlg string

    The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes

    IpsecLifetime int

    The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.

    IpsecPfs string

    The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2

    IpsecAuthAlg string

    The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1

    IpsecEncAlg string

    The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes

    IpsecLifetime int

    The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.

    IpsecPfs string

    The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2

    ipsecAuthAlg String

    The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1

    ipsecEncAlg String

    The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes

    ipsecLifetime Integer

    The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.

    ipsecPfs String

    The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2

    ipsecAuthAlg string

    The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1

    ipsecEncAlg string

    The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes

    ipsecLifetime number

    The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.

    ipsecPfs string

    The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2

    ipsec_auth_alg str

    The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1

    ipsec_enc_alg str

    The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes

    ipsec_lifetime int

    The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.

    ipsec_pfs str

    The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2

    ipsecAuthAlg String

    The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1

    ipsecEncAlg String

    The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes

    ipsecLifetime Number

    The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.

    ipsecPfs String

    The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the alicloud Terraform Provider.

    alicloud logo
    Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi