alicloud.vpn.Connection
Explore with Pulumi AI
Import
VPN connection can be imported using the id, e.g.
$ pulumi import alicloud:vpn/connection:Connection example vco-abc123456
Example Usage
Basic Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var fooZones = AliCloud.GetZones.Invoke(new()
{
AvailableResourceCreation = "VSwitch",
});
var fooNetwork = new AliCloud.Vpc.Network("fooNetwork", new()
{
VpcName = "terraform-example",
CidrBlock = "172.16.0.0/12",
});
var fooSwitch = new AliCloud.Vpc.Switch("fooSwitch", new()
{
VswitchName = "terraform-example",
CidrBlock = "172.16.0.0/21",
VpcId = fooNetwork.Id,
ZoneId = fooZones.Apply(getZonesResult => getZonesResult.Zones[0]?.Id),
});
var fooGateway = new AliCloud.Vpn.Gateway("fooGateway", new()
{
VpcId = fooNetwork.Id,
Bandwidth = 10,
EnableSsl = true,
InstanceChargeType = "PrePaid",
Description = "test_create_description",
VswitchId = fooSwitch.Id,
});
var fooCustomerGateway = new AliCloud.Vpn.CustomerGateway("fooCustomerGateway", new()
{
IpAddress = "42.104.22.210",
Description = "terraform-example",
});
var fooConnection = new AliCloud.Vpn.Connection("fooConnection", new()
{
VpnGatewayId = fooGateway.Id,
CustomerGatewayId = fooCustomerGateway.Id,
LocalSubnets = new[]
{
"172.16.0.0/24",
"172.16.1.0/24",
},
RemoteSubnets = new[]
{
"10.0.0.0/24",
"10.0.1.0/24",
},
EffectImmediately = true,
IkeConfig = new AliCloud.Vpn.Inputs.ConnectionIkeConfigArgs
{
IkeAuthAlg = "md5",
IkeEncAlg = "des",
IkeVersion = "ikev2",
IkeMode = "main",
IkeLifetime = 86400,
Psk = "tf-testvpn2",
IkePfs = "group1",
IkeRemoteId = "testbob2",
IkeLocalId = "testalice2",
},
IpsecConfig = new AliCloud.Vpn.Inputs.ConnectionIpsecConfigArgs
{
IpsecPfs = "group5",
IpsecEncAlg = "des",
IpsecAuthAlg = "md5",
IpsecLifetime = 8640,
},
});
});
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpn"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
fooZones, err := alicloud.GetZones(ctx, &alicloud.GetZonesArgs{
AvailableResourceCreation: pulumi.StringRef("VSwitch"),
}, nil)
if err != nil {
return err
}
fooNetwork, err := vpc.NewNetwork(ctx, "fooNetwork", &vpc.NetworkArgs{
VpcName: pulumi.String("terraform-example"),
CidrBlock: pulumi.String("172.16.0.0/12"),
})
if err != nil {
return err
}
fooSwitch, err := vpc.NewSwitch(ctx, "fooSwitch", &vpc.SwitchArgs{
VswitchName: pulumi.String("terraform-example"),
CidrBlock: pulumi.String("172.16.0.0/21"),
VpcId: fooNetwork.ID(),
ZoneId: *pulumi.String(fooZones.Zones[0].Id),
})
if err != nil {
return err
}
fooGateway, err := vpn.NewGateway(ctx, "fooGateway", &vpn.GatewayArgs{
VpcId: fooNetwork.ID(),
Bandwidth: pulumi.Int(10),
EnableSsl: pulumi.Bool(true),
InstanceChargeType: pulumi.String("PrePaid"),
Description: pulumi.String("test_create_description"),
VswitchId: fooSwitch.ID(),
})
if err != nil {
return err
}
fooCustomerGateway, err := vpn.NewCustomerGateway(ctx, "fooCustomerGateway", &vpn.CustomerGatewayArgs{
IpAddress: pulumi.String("42.104.22.210"),
Description: pulumi.String("terraform-example"),
})
if err != nil {
return err
}
_, err = vpn.NewConnection(ctx, "fooConnection", &vpn.ConnectionArgs{
VpnGatewayId: fooGateway.ID(),
CustomerGatewayId: fooCustomerGateway.ID(),
LocalSubnets: pulumi.StringArray{
pulumi.String("172.16.0.0/24"),
pulumi.String("172.16.1.0/24"),
},
RemoteSubnets: pulumi.StringArray{
pulumi.String("10.0.0.0/24"),
pulumi.String("10.0.1.0/24"),
},
EffectImmediately: pulumi.Bool(true),
IkeConfig: &vpn.ConnectionIkeConfigArgs{
IkeAuthAlg: pulumi.String("md5"),
IkeEncAlg: pulumi.String("des"),
IkeVersion: pulumi.String("ikev2"),
IkeMode: pulumi.String("main"),
IkeLifetime: pulumi.Int(86400),
Psk: pulumi.String("tf-testvpn2"),
IkePfs: pulumi.String("group1"),
IkeRemoteId: pulumi.String("testbob2"),
IkeLocalId: pulumi.String("testalice2"),
},
IpsecConfig: &vpn.ConnectionIpsecConfigArgs{
IpsecPfs: pulumi.String("group5"),
IpsecEncAlg: pulumi.String("des"),
IpsecAuthAlg: pulumi.String("md5"),
IpsecLifetime: pulumi.Int(8640),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetZonesArgs;
import com.pulumi.alicloud.vpc.Network;
import com.pulumi.alicloud.vpc.NetworkArgs;
import com.pulumi.alicloud.vpc.Switch;
import com.pulumi.alicloud.vpc.SwitchArgs;
import com.pulumi.alicloud.vpn.Gateway;
import com.pulumi.alicloud.vpn.GatewayArgs;
import com.pulumi.alicloud.vpn.CustomerGateway;
import com.pulumi.alicloud.vpn.CustomerGatewayArgs;
import com.pulumi.alicloud.vpn.Connection;
import com.pulumi.alicloud.vpn.ConnectionArgs;
import com.pulumi.alicloud.vpn.inputs.ConnectionIkeConfigArgs;
import com.pulumi.alicloud.vpn.inputs.ConnectionIpsecConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var fooZones = AlicloudFunctions.getZones(GetZonesArgs.builder()
.availableResourceCreation("VSwitch")
.build());
var fooNetwork = new Network("fooNetwork", NetworkArgs.builder()
.vpcName("terraform-example")
.cidrBlock("172.16.0.0/12")
.build());
var fooSwitch = new Switch("fooSwitch", SwitchArgs.builder()
.vswitchName("terraform-example")
.cidrBlock("172.16.0.0/21")
.vpcId(fooNetwork.id())
.zoneId(fooZones.applyValue(getZonesResult -> getZonesResult.zones()[0].id()))
.build());
var fooGateway = new Gateway("fooGateway", GatewayArgs.builder()
.vpcId(fooNetwork.id())
.bandwidth("10")
.enableSsl(true)
.instanceChargeType("PrePaid")
.description("test_create_description")
.vswitchId(fooSwitch.id())
.build());
var fooCustomerGateway = new CustomerGateway("fooCustomerGateway", CustomerGatewayArgs.builder()
.ipAddress("42.104.22.210")
.description("terraform-example")
.build());
var fooConnection = new Connection("fooConnection", ConnectionArgs.builder()
.vpnGatewayId(fooGateway.id())
.customerGatewayId(fooCustomerGateway.id())
.localSubnets(
"172.16.0.0/24",
"172.16.1.0/24")
.remoteSubnets(
"10.0.0.0/24",
"10.0.1.0/24")
.effectImmediately(true)
.ikeConfig(ConnectionIkeConfigArgs.builder()
.ikeAuthAlg("md5")
.ikeEncAlg("des")
.ikeVersion("ikev2")
.ikeMode("main")
.ikeLifetime(86400)
.psk("tf-testvpn2")
.ikePfs("group1")
.ikeRemoteId("testbob2")
.ikeLocalId("testalice2")
.build())
.ipsecConfig(ConnectionIpsecConfigArgs.builder()
.ipsecPfs("group5")
.ipsecEncAlg("des")
.ipsecAuthAlg("md5")
.ipsecLifetime(8640)
.build())
.build());
}
}
import pulumi
import pulumi_alicloud as alicloud
foo_zones = alicloud.get_zones(available_resource_creation="VSwitch")
foo_network = alicloud.vpc.Network("fooNetwork",
vpc_name="terraform-example",
cidr_block="172.16.0.0/12")
foo_switch = alicloud.vpc.Switch("fooSwitch",
vswitch_name="terraform-example",
cidr_block="172.16.0.0/21",
vpc_id=foo_network.id,
zone_id=foo_zones.zones[0].id)
foo_gateway = alicloud.vpn.Gateway("fooGateway",
vpc_id=foo_network.id,
bandwidth=10,
enable_ssl=True,
instance_charge_type="PrePaid",
description="test_create_description",
vswitch_id=foo_switch.id)
foo_customer_gateway = alicloud.vpn.CustomerGateway("fooCustomerGateway",
ip_address="42.104.22.210",
description="terraform-example")
foo_connection = alicloud.vpn.Connection("fooConnection",
vpn_gateway_id=foo_gateway.id,
customer_gateway_id=foo_customer_gateway.id,
local_subnets=[
"172.16.0.0/24",
"172.16.1.0/24",
],
remote_subnets=[
"10.0.0.0/24",
"10.0.1.0/24",
],
effect_immediately=True,
ike_config=alicloud.vpn.ConnectionIkeConfigArgs(
ike_auth_alg="md5",
ike_enc_alg="des",
ike_version="ikev2",
ike_mode="main",
ike_lifetime=86400,
psk="tf-testvpn2",
ike_pfs="group1",
ike_remote_id="testbob2",
ike_local_id="testalice2",
),
ipsec_config=alicloud.vpn.ConnectionIpsecConfigArgs(
ipsec_pfs="group5",
ipsec_enc_alg="des",
ipsec_auth_alg="md5",
ipsec_lifetime=8640,
))
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const fooZones = alicloud.getZones({
availableResourceCreation: "VSwitch",
});
const fooNetwork = new alicloud.vpc.Network("fooNetwork", {
vpcName: "terraform-example",
cidrBlock: "172.16.0.0/12",
});
const fooSwitch = new alicloud.vpc.Switch("fooSwitch", {
vswitchName: "terraform-example",
cidrBlock: "172.16.0.0/21",
vpcId: fooNetwork.id,
zoneId: fooZones.then(fooZones => fooZones.zones?.[0]?.id),
});
const fooGateway = new alicloud.vpn.Gateway("fooGateway", {
vpcId: fooNetwork.id,
bandwidth: 10,
enableSsl: true,
instanceChargeType: "PrePaid",
description: "test_create_description",
vswitchId: fooSwitch.id,
});
const fooCustomerGateway = new alicloud.vpn.CustomerGateway("fooCustomerGateway", {
ipAddress: "42.104.22.210",
description: "terraform-example",
});
const fooConnection = new alicloud.vpn.Connection("fooConnection", {
vpnGatewayId: fooGateway.id,
customerGatewayId: fooCustomerGateway.id,
localSubnets: [
"172.16.0.0/24",
"172.16.1.0/24",
],
remoteSubnets: [
"10.0.0.0/24",
"10.0.1.0/24",
],
effectImmediately: true,
ikeConfig: {
ikeAuthAlg: "md5",
ikeEncAlg: "des",
ikeVersion: "ikev2",
ikeMode: "main",
ikeLifetime: 86400,
psk: "tf-testvpn2",
ikePfs: "group1",
ikeRemoteId: "testbob2",
ikeLocalId: "testalice2",
},
ipsecConfig: {
ipsecPfs: "group5",
ipsecEncAlg: "des",
ipsecAuthAlg: "md5",
ipsecLifetime: 8640,
},
});
resources:
fooNetwork:
type: alicloud:vpc:Network
properties:
vpcName: terraform-example
cidrBlock: 172.16.0.0/12
fooSwitch:
type: alicloud:vpc:Switch
properties:
vswitchName: terraform-example
cidrBlock: 172.16.0.0/21
vpcId: ${fooNetwork.id}
zoneId: ${fooZones.zones[0].id}
fooGateway:
type: alicloud:vpn:Gateway
properties:
vpcId: ${fooNetwork.id}
bandwidth: '10'
enableSsl: true
instanceChargeType: PrePaid
description: test_create_description
vswitchId: ${fooSwitch.id}
fooCustomerGateway:
type: alicloud:vpn:CustomerGateway
properties:
ipAddress: 42.104.22.210
description: terraform-example
fooConnection:
type: alicloud:vpn:Connection
properties:
vpnGatewayId: ${fooGateway.id}
customerGatewayId: ${fooCustomerGateway.id}
localSubnets:
- 172.16.0.0/24
- 172.16.1.0/24
remoteSubnets:
- 10.0.0.0/24
- 10.0.1.0/24
effectImmediately: true
ikeConfig:
ikeAuthAlg: md5
ikeEncAlg: des
ikeVersion: ikev2
ikeMode: main
ikeLifetime: 86400
psk: tf-testvpn2
ikePfs: group1
ikeRemoteId: testbob2
ikeLocalId: testalice2
ipsecConfig:
ipsecPfs: group5
ipsecEncAlg: des
ipsecAuthAlg: md5
ipsecLifetime: 8640
variables:
fooZones:
fn::invoke:
Function: alicloud:getZones
Arguments:
availableResourceCreation: VSwitch
Create Connection Resource
new Connection(name: string, args: ConnectionArgs, opts?: CustomResourceOptions);
@overload
def Connection(resource_name: str,
opts: Optional[ResourceOptions] = None,
bgp_config: Optional[ConnectionBgpConfigArgs] = None,
customer_gateway_id: Optional[str] = None,
effect_immediately: Optional[bool] = None,
enable_dpd: Optional[bool] = None,
enable_nat_traversal: Optional[bool] = None,
health_check_config: Optional[ConnectionHealthCheckConfigArgs] = None,
ike_config: Optional[ConnectionIkeConfigArgs] = None,
ipsec_config: Optional[ConnectionIpsecConfigArgs] = None,
local_subnets: Optional[Sequence[str]] = None,
name: Optional[str] = None,
remote_subnets: Optional[Sequence[str]] = None,
vpn_gateway_id: Optional[str] = None)
@overload
def Connection(resource_name: str,
args: ConnectionArgs,
opts: Optional[ResourceOptions] = None)
func NewConnection(ctx *Context, name string, args ConnectionArgs, opts ...ResourceOption) (*Connection, error)
public Connection(string name, ConnectionArgs args, CustomResourceOptions? opts = null)
public Connection(String name, ConnectionArgs args)
public Connection(String name, ConnectionArgs args, CustomResourceOptions options)
type: alicloud:vpn:Connection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Connection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Connection resource accepts the following input properties:
- Customer
Gateway stringId The ID of the customer gateway.
- Local
Subnets List<string> The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Remote
Subnets List<string> The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Vpn
Gateway stringId The ID of the VPN gateway.
- Bgp
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Bgp Config The configurations of the BGP routing protocol. See the following
Block bgp_config
.- Effect
Immediately bool Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- Enable
Dpd bool Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- Enable
Nat boolTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- Health
Check Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Health Check Config The health check configurations. See the following
Block health_check_config
.- Ike
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ike Config The configurations of phase-one negotiation. See the following
Block ike_config
.- Ipsec
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ipsec Config The configurations of phase-two negotiation. See the following
Block ipsec_config
.- Name string
The name of the IPsec connection.
- Customer
Gateway stringId The ID of the customer gateway.
- Local
Subnets []string The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Remote
Subnets []string The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Vpn
Gateway stringId The ID of the VPN gateway.
- Bgp
Config ConnectionBgp Config Args The configurations of the BGP routing protocol. See the following
Block bgp_config
.- Effect
Immediately bool Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- Enable
Dpd bool Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- Enable
Nat boolTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- Health
Check ConnectionConfig Health Check Config Args The health check configurations. See the following
Block health_check_config
.- Ike
Config ConnectionIke Config Args The configurations of phase-one negotiation. See the following
Block ike_config
.- Ipsec
Config ConnectionIpsec Config Args The configurations of phase-two negotiation. See the following
Block ipsec_config
.- Name string
The name of the IPsec connection.
- customer
Gateway StringId The ID of the customer gateway.
- local
Subnets List<String> The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote
Subnets List<String> The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn
Gateway StringId The ID of the VPN gateway.
- bgp
Config ConnectionBgp Config The configurations of the BGP routing protocol. See the following
Block bgp_config
.- effect
Immediately Boolean Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable
Dpd Boolean Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable
Nat BooleanTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health
Check ConnectionConfig Health Check Config The health check configurations. See the following
Block health_check_config
.- ike
Config ConnectionIke Config The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec
Config ConnectionIpsec Config The configurations of phase-two negotiation. See the following
Block ipsec_config
.- name String
The name of the IPsec connection.
- customer
Gateway stringId The ID of the customer gateway.
- local
Subnets string[] The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote
Subnets string[] The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn
Gateway stringId The ID of the VPN gateway.
- bgp
Config ConnectionBgp Config The configurations of the BGP routing protocol. See the following
Block bgp_config
.- effect
Immediately boolean Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable
Dpd boolean Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable
Nat booleanTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health
Check ConnectionConfig Health Check Config The health check configurations. See the following
Block health_check_config
.- ike
Config ConnectionIke Config The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec
Config ConnectionIpsec Config The configurations of phase-two negotiation. See the following
Block ipsec_config
.- name string
The name of the IPsec connection.
- customer_
gateway_ strid The ID of the customer gateway.
- local_
subnets Sequence[str] The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote_
subnets Sequence[str] The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn_
gateway_ strid The ID of the VPN gateway.
- bgp_
config ConnectionBgp Config Args The configurations of the BGP routing protocol. See the following
Block bgp_config
.- effect_
immediately bool Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable_
dpd bool Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable_
nat_ booltraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health_
check_ Connectionconfig Health Check Config Args The health check configurations. See the following
Block health_check_config
.- ike_
config ConnectionIke Config Args The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec_
config ConnectionIpsec Config Args The configurations of phase-two negotiation. See the following
Block ipsec_config
.- name str
The name of the IPsec connection.
- customer
Gateway StringId The ID of the customer gateway.
- local
Subnets List<String> The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote
Subnets List<String> The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn
Gateway StringId The ID of the VPN gateway.
- bgp
Config Property Map The configurations of the BGP routing protocol. See the following
Block bgp_config
.- effect
Immediately Boolean Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable
Dpd Boolean Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable
Nat BooleanTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health
Check Property MapConfig The health check configurations. See the following
Block health_check_config
.- ike
Config Property Map The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec
Config Property Map The configurations of phase-two negotiation. See the following
Block ipsec_config
.- name String
The name of the IPsec connection.
Outputs
All input properties are implicitly available as output properties. Additionally, the Connection resource produces the following output properties:
Look up Existing Connection Resource
Get an existing Connection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ConnectionState, opts?: CustomResourceOptions): Connection
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bgp_config: Optional[ConnectionBgpConfigArgs] = None,
customer_gateway_id: Optional[str] = None,
effect_immediately: Optional[bool] = None,
enable_dpd: Optional[bool] = None,
enable_nat_traversal: Optional[bool] = None,
health_check_config: Optional[ConnectionHealthCheckConfigArgs] = None,
ike_config: Optional[ConnectionIkeConfigArgs] = None,
ipsec_config: Optional[ConnectionIpsecConfigArgs] = None,
local_subnets: Optional[Sequence[str]] = None,
name: Optional[str] = None,
remote_subnets: Optional[Sequence[str]] = None,
status: Optional[str] = None,
vpn_gateway_id: Optional[str] = None) -> Connection
func GetConnection(ctx *Context, name string, id IDInput, state *ConnectionState, opts ...ResourceOption) (*Connection, error)
public static Connection Get(string name, Input<string> id, ConnectionState? state, CustomResourceOptions? opts = null)
public static Connection get(String name, Output<String> id, ConnectionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bgp
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Bgp Config The configurations of the BGP routing protocol. See the following
Block bgp_config
.- Customer
Gateway stringId The ID of the customer gateway.
- Effect
Immediately bool Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- Enable
Dpd bool Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- Enable
Nat boolTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- Health
Check Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Health Check Config The health check configurations. See the following
Block health_check_config
.- Ike
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ike Config The configurations of phase-one negotiation. See the following
Block ike_config
.- Ipsec
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ipsec Config The configurations of phase-two negotiation. See the following
Block ipsec_config
.- Local
Subnets List<string> The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Name string
The name of the IPsec connection.
- Remote
Subnets List<string> The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Status string
The status of VPN connection.
- Vpn
Gateway stringId The ID of the VPN gateway.
- Bgp
Config ConnectionBgp Config Args The configurations of the BGP routing protocol. See the following
Block bgp_config
.- Customer
Gateway stringId The ID of the customer gateway.
- Effect
Immediately bool Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- Enable
Dpd bool Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- Enable
Nat boolTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- Health
Check ConnectionConfig Health Check Config Args The health check configurations. See the following
Block health_check_config
.- Ike
Config ConnectionIke Config Args The configurations of phase-one negotiation. See the following
Block ike_config
.- Ipsec
Config ConnectionIpsec Config Args The configurations of phase-two negotiation. See the following
Block ipsec_config
.- Local
Subnets []string The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Name string
The name of the IPsec connection.
- Remote
Subnets []string The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Status string
The status of VPN connection.
- Vpn
Gateway stringId The ID of the VPN gateway.
- bgp
Config ConnectionBgp Config The configurations of the BGP routing protocol. See the following
Block bgp_config
.- customer
Gateway StringId The ID of the customer gateway.
- effect
Immediately Boolean Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable
Dpd Boolean Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable
Nat BooleanTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health
Check ConnectionConfig Health Check Config The health check configurations. See the following
Block health_check_config
.- ike
Config ConnectionIke Config The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec
Config ConnectionIpsec Config The configurations of phase-two negotiation. See the following
Block ipsec_config
.- local
Subnets List<String> The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name String
The name of the IPsec connection.
- remote
Subnets List<String> The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- status String
The status of VPN connection.
- vpn
Gateway StringId The ID of the VPN gateway.
- bgp
Config ConnectionBgp Config The configurations of the BGP routing protocol. See the following
Block bgp_config
.- customer
Gateway stringId The ID of the customer gateway.
- effect
Immediately boolean Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable
Dpd boolean Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable
Nat booleanTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health
Check ConnectionConfig Health Check Config The health check configurations. See the following
Block health_check_config
.- ike
Config ConnectionIke Config The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec
Config ConnectionIpsec Config The configurations of phase-two negotiation. See the following
Block ipsec_config
.- local
Subnets string[] The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name string
The name of the IPsec connection.
- remote
Subnets string[] The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- status string
The status of VPN connection.
- vpn
Gateway stringId The ID of the VPN gateway.
- bgp_
config ConnectionBgp Config Args The configurations of the BGP routing protocol. See the following
Block bgp_config
.- customer_
gateway_ strid The ID of the customer gateway.
- effect_
immediately bool Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable_
dpd bool Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable_
nat_ booltraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health_
check_ Connectionconfig Health Check Config Args The health check configurations. See the following
Block health_check_config
.- ike_
config ConnectionIke Config Args The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec_
config ConnectionIpsec Config Args The configurations of phase-two negotiation. See the following
Block ipsec_config
.- local_
subnets Sequence[str] The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name str
The name of the IPsec connection.
- remote_
subnets Sequence[str] The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- status str
The status of VPN connection.
- vpn_
gateway_ strid The ID of the VPN gateway.
- bgp
Config Property Map The configurations of the BGP routing protocol. See the following
Block bgp_config
.- customer
Gateway StringId The ID of the customer gateway.
- effect
Immediately Boolean Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false.
- enable
Dpd Boolean Specifies whether to enable the dead peer detection (DPD) feature. Valid values:
true
(default),false
.- enable
Nat BooleanTraversal Specifies whether to enable NAT traversal. Valid values:
true
(default),false
.- health
Check Property MapConfig The health check configurations. See the following
Block health_check_config
.- ike
Config Property Map The configurations of phase-one negotiation. See the following
Block ike_config
.- ipsec
Config Property Map The configurations of phase-two negotiation. See the following
Block ipsec_config
.- local
Subnets List<String> The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name String
The name of the IPsec connection.
- remote
Subnets List<String> The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- status String
The status of VPN connection.
- vpn
Gateway StringId The ID of the VPN gateway.
Supporting Types
ConnectionBgpConfig, ConnectionBgpConfigArgs
- Enable bool
Whether to enable Health Check.
- Local
Asn string The ASN on the Alibaba Cloud side.
- Local
Bgp stringIp The BGP IP address on the Alibaba Cloud side.
- Tunnel
Cidr string The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- Enable bool
Whether to enable Health Check.
- Local
Asn string The ASN on the Alibaba Cloud side.
- Local
Bgp stringIp The BGP IP address on the Alibaba Cloud side.
- Tunnel
Cidr string The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable Boolean
Whether to enable Health Check.
- local
Asn String The ASN on the Alibaba Cloud side.
- local
Bgp StringIp The BGP IP address on the Alibaba Cloud side.
- tunnel
Cidr String The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable boolean
Whether to enable Health Check.
- local
Asn string The ASN on the Alibaba Cloud side.
- local
Bgp stringIp The BGP IP address on the Alibaba Cloud side.
- tunnel
Cidr string The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable bool
Whether to enable Health Check.
- local_
asn str The ASN on the Alibaba Cloud side.
- local_
bgp_ strip The BGP IP address on the Alibaba Cloud side.
- tunnel_
cidr str The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable Boolean
Whether to enable Health Check.
- local
Asn String The ASN on the Alibaba Cloud side.
- local
Bgp StringIp The BGP IP address on the Alibaba Cloud side.
- tunnel
Cidr String The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
ConnectionHealthCheckConfig, ConnectionHealthCheckConfigArgs
ConnectionIkeConfig, ConnectionIkeConfigArgs
- Ike
Auth stringAlg The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5
- Ike
Enc stringAlg The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes
- Ike
Lifetime int The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- Ike
Local stringId The identification of the VPN gateway.
- Ike
Mode string The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main
- Ike
Pfs string The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- Ike
Remote stringId The identification of the customer gateway.
- Ike
Version string The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1
- Psk string
Used for authentication between the IPsec VPN gateway and the customer gateway.
- Ike
Auth stringAlg The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5
- Ike
Enc stringAlg The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes
- Ike
Lifetime int The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- Ike
Local stringId The identification of the VPN gateway.
- Ike
Mode string The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main
- Ike
Pfs string The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- Ike
Remote stringId The identification of the customer gateway.
- Ike
Version string The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1
- Psk string
Used for authentication between the IPsec VPN gateway and the customer gateway.
- ike
Auth StringAlg The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5
- ike
Enc StringAlg The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes
- ike
Lifetime Integer The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike
Local StringId The identification of the VPN gateway.
- ike
Mode String The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main
- ike
Pfs String The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike
Remote StringId The identification of the customer gateway.
- ike
Version String The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1
- psk String
Used for authentication between the IPsec VPN gateway and the customer gateway.
- ike
Auth stringAlg The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5
- ike
Enc stringAlg The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes
- ike
Lifetime number The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike
Local stringId The identification of the VPN gateway.
- ike
Mode string The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main
- ike
Pfs string The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike
Remote stringId The identification of the customer gateway.
- ike
Version string The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1
- psk string
Used for authentication between the IPsec VPN gateway and the customer gateway.
- ike_
auth_ stralg The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5
- ike_
enc_ stralg The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes
- ike_
lifetime int The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike_
local_ strid The identification of the VPN gateway.
- ike_
mode str The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main
- ike_
pfs str The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike_
remote_ strid The identification of the customer gateway.
- ike_
version str The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1
- psk str
Used for authentication between the IPsec VPN gateway and the customer gateway.
- ike
Auth StringAlg The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1 . Default value: md5
- ike
Enc StringAlg The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes
- ike
Lifetime Number The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike
Local StringId The identification of the VPN gateway.
- ike
Mode String The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main
- ike
Pfs String The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike
Remote StringId The identification of the customer gateway.
- ike
Version String The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1
- psk String
Used for authentication between the IPsec VPN gateway and the customer gateway.
ConnectionIpsecConfig, ConnectionIpsecConfigArgs
- Ipsec
Auth stringAlg The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- Ipsec
Enc stringAlg The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- Ipsec
Lifetime int The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- Ipsec
Pfs string The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- Ipsec
Auth stringAlg The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- Ipsec
Enc stringAlg The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- Ipsec
Lifetime int The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- Ipsec
Pfs string The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec
Auth StringAlg The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec
Enc StringAlg The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec
Lifetime Integer The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec
Pfs String The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec
Auth stringAlg The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec
Enc stringAlg The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec
Lifetime number The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec
Pfs string The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec_
auth_ stralg The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec_
enc_ stralg The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec_
lifetime int The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec_
pfs str The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec
Auth StringAlg The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec
Enc StringAlg The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec
Lifetime Number The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec
Pfs String The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
alicloud
Terraform Provider.