1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. ec2
  5. VpnConnection

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi

aws-native.ec2.VpnConnection

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi

    Specifies a VPN connection between a virtual private gateway and a VPN customer gateway or a transit gateway and a VPN customer gateway. To specify a VPN connection between a transit gateway and customer gateway, use the TransitGatewayId and CustomerGatewayId properties. To specify a VPN connection between a virtual private gateway and customer gateway, use the VpnGatewayId and CustomerGatewayId properties. For more information, see in the User Guide.

    Create VpnConnection Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new VpnConnection(name: string, args: VpnConnectionArgs, opts?: CustomResourceOptions);
    @overload
    def VpnConnection(resource_name: str,
                      args: VpnConnectionArgs,
                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def VpnConnection(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      customer_gateway_id: Optional[str] = None,
                      type: Optional[str] = None,
                      remote_ipv6_network_cidr: Optional[str] = None,
                      local_ipv6_network_cidr: Optional[str] = None,
                      outside_ip_address_type: Optional[str] = None,
                      remote_ipv4_network_cidr: Optional[str] = None,
                      local_ipv4_network_cidr: Optional[str] = None,
                      static_routes_only: Optional[bool] = None,
                      tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
                      transit_gateway_id: Optional[str] = None,
                      transport_transit_gateway_attachment_id: Optional[str] = None,
                      tunnel_inside_ip_version: Optional[str] = None,
                      enable_acceleration: Optional[bool] = None,
                      vpn_gateway_id: Optional[str] = None,
                      vpn_tunnel_options_specifications: Optional[Sequence[VpnConnectionVpnTunnelOptionsSpecificationArgs]] = None)
    func NewVpnConnection(ctx *Context, name string, args VpnConnectionArgs, opts ...ResourceOption) (*VpnConnection, error)
    public VpnConnection(string name, VpnConnectionArgs args, CustomResourceOptions? opts = null)
    public VpnConnection(String name, VpnConnectionArgs args)
    public VpnConnection(String name, VpnConnectionArgs args, CustomResourceOptions options)
    
    type: aws-native:ec2:VpnConnection
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args VpnConnectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args VpnConnectionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args VpnConnectionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args VpnConnectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args VpnConnectionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    VpnConnection Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The VpnConnection resource accepts the following input properties:

    CustomerGatewayId string
    The ID of the customer gateway at your end of the VPN connection.
    Type string
    The type of VPN connection.
    EnableAcceleration bool
    Indicate whether to enable acceleration for the VPN connection. Default: false
    LocalIpv4NetworkCidr string

    The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: 0.0.0.0/0

    LocalIpv6NetworkCidr string

    The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: ::/0

    OutsideIpAddressType string

    The type of IPv4 address assigned to the outside interface of the customer gateway device.

    Valid values: PrivateIpv4 | PublicIpv4

    Default: PublicIpv4

    RemoteIpv4NetworkCidr string

    The IPv4 CIDR on the AWS side of the VPN connection.

    Default: 0.0.0.0/0

    RemoteIpv6NetworkCidr string

    The IPv6 CIDR on the AWS side of the VPN connection.

    Default: ::/0

    StaticRoutesOnly bool
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.
    Tags List<Pulumi.AwsNative.Inputs.Tag>
    Any tags assigned to the VPN connection.
    TransitGatewayId string
    The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    TransportTransitGatewayAttachmentId string

    The transit gateway attachment ID to use for the VPN tunnel.

    Required if OutsideIpAddressType is set to PrivateIpv4 .

    TunnelInsideIpVersion string

    Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

    Default: ipv4

    VpnGatewayId string
    The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    VpnTunnelOptionsSpecifications List<Pulumi.AwsNative.Ec2.Inputs.VpnConnectionVpnTunnelOptionsSpecification>
    The tunnel options for the VPN connection.
    CustomerGatewayId string
    The ID of the customer gateway at your end of the VPN connection.
    Type string
    The type of VPN connection.
    EnableAcceleration bool
    Indicate whether to enable acceleration for the VPN connection. Default: false
    LocalIpv4NetworkCidr string

    The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: 0.0.0.0/0

    LocalIpv6NetworkCidr string

    The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: ::/0

    OutsideIpAddressType string

    The type of IPv4 address assigned to the outside interface of the customer gateway device.

    Valid values: PrivateIpv4 | PublicIpv4

    Default: PublicIpv4

    RemoteIpv4NetworkCidr string

    The IPv4 CIDR on the AWS side of the VPN connection.

    Default: 0.0.0.0/0

    RemoteIpv6NetworkCidr string

    The IPv6 CIDR on the AWS side of the VPN connection.

    Default: ::/0

    StaticRoutesOnly bool
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.
    Tags TagArgs
    Any tags assigned to the VPN connection.
    TransitGatewayId string
    The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    TransportTransitGatewayAttachmentId string

    The transit gateway attachment ID to use for the VPN tunnel.

    Required if OutsideIpAddressType is set to PrivateIpv4 .

    TunnelInsideIpVersion string

    Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

    Default: ipv4

    VpnGatewayId string
    The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    VpnTunnelOptionsSpecifications []VpnConnectionVpnTunnelOptionsSpecificationArgs
    The tunnel options for the VPN connection.
    customerGatewayId String
    The ID of the customer gateway at your end of the VPN connection.
    type String
    The type of VPN connection.
    enableAcceleration Boolean
    Indicate whether to enable acceleration for the VPN connection. Default: false
    localIpv4NetworkCidr String

    The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: 0.0.0.0/0

    localIpv6NetworkCidr String

    The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: ::/0

    outsideIpAddressType String

    The type of IPv4 address assigned to the outside interface of the customer gateway device.

    Valid values: PrivateIpv4 | PublicIpv4

    Default: PublicIpv4

    remoteIpv4NetworkCidr String

    The IPv4 CIDR on the AWS side of the VPN connection.

    Default: 0.0.0.0/0

    remoteIpv6NetworkCidr String

    The IPv6 CIDR on the AWS side of the VPN connection.

    Default: ::/0

    staticRoutesOnly Boolean
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.
    tags List<Tag>
    Any tags assigned to the VPN connection.
    transitGatewayId String
    The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    transportTransitGatewayAttachmentId String

    The transit gateway attachment ID to use for the VPN tunnel.

    Required if OutsideIpAddressType is set to PrivateIpv4 .

    tunnelInsideIpVersion String

    Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

    Default: ipv4

    vpnGatewayId String
    The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    vpnTunnelOptionsSpecifications List<VpnConnectionVpnTunnelOptionsSpecification>
    The tunnel options for the VPN connection.
    customerGatewayId string
    The ID of the customer gateway at your end of the VPN connection.
    type string
    The type of VPN connection.
    enableAcceleration boolean
    Indicate whether to enable acceleration for the VPN connection. Default: false
    localIpv4NetworkCidr string

    The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: 0.0.0.0/0

    localIpv6NetworkCidr string

    The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: ::/0

    outsideIpAddressType string

    The type of IPv4 address assigned to the outside interface of the customer gateway device.

    Valid values: PrivateIpv4 | PublicIpv4

    Default: PublicIpv4

    remoteIpv4NetworkCidr string

    The IPv4 CIDR on the AWS side of the VPN connection.

    Default: 0.0.0.0/0

    remoteIpv6NetworkCidr string

    The IPv6 CIDR on the AWS side of the VPN connection.

    Default: ::/0

    staticRoutesOnly boolean
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.
    tags Tag[]
    Any tags assigned to the VPN connection.
    transitGatewayId string
    The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    transportTransitGatewayAttachmentId string

    The transit gateway attachment ID to use for the VPN tunnel.

    Required if OutsideIpAddressType is set to PrivateIpv4 .

    tunnelInsideIpVersion string

    Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

    Default: ipv4

    vpnGatewayId string
    The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    vpnTunnelOptionsSpecifications VpnConnectionVpnTunnelOptionsSpecification[]
    The tunnel options for the VPN connection.
    customer_gateway_id str
    The ID of the customer gateway at your end of the VPN connection.
    type str
    The type of VPN connection.
    enable_acceleration bool
    Indicate whether to enable acceleration for the VPN connection. Default: false
    local_ipv4_network_cidr str

    The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: 0.0.0.0/0

    local_ipv6_network_cidr str

    The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: ::/0

    outside_ip_address_type str

    The type of IPv4 address assigned to the outside interface of the customer gateway device.

    Valid values: PrivateIpv4 | PublicIpv4

    Default: PublicIpv4

    remote_ipv4_network_cidr str

    The IPv4 CIDR on the AWS side of the VPN connection.

    Default: 0.0.0.0/0

    remote_ipv6_network_cidr str

    The IPv6 CIDR on the AWS side of the VPN connection.

    Default: ::/0

    static_routes_only bool
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.
    tags Sequence[TagArgs]
    Any tags assigned to the VPN connection.
    transit_gateway_id str
    The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    transport_transit_gateway_attachment_id str

    The transit gateway attachment ID to use for the VPN tunnel.

    Required if OutsideIpAddressType is set to PrivateIpv4 .

    tunnel_inside_ip_version str

    Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

    Default: ipv4

    vpn_gateway_id str
    The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    vpn_tunnel_options_specifications Sequence[VpnConnectionVpnTunnelOptionsSpecificationArgs]
    The tunnel options for the VPN connection.
    customerGatewayId String
    The ID of the customer gateway at your end of the VPN connection.
    type String
    The type of VPN connection.
    enableAcceleration Boolean
    Indicate whether to enable acceleration for the VPN connection. Default: false
    localIpv4NetworkCidr String

    The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: 0.0.0.0/0

    localIpv6NetworkCidr String

    The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

    Default: ::/0

    outsideIpAddressType String

    The type of IPv4 address assigned to the outside interface of the customer gateway device.

    Valid values: PrivateIpv4 | PublicIpv4

    Default: PublicIpv4

    remoteIpv4NetworkCidr String

    The IPv4 CIDR on the AWS side of the VPN connection.

    Default: 0.0.0.0/0

    remoteIpv6NetworkCidr String

    The IPv6 CIDR on the AWS side of the VPN connection.

    Default: ::/0

    staticRoutesOnly Boolean
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.
    tags List<Property Map>
    Any tags assigned to the VPN connection.
    transitGatewayId String
    The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    transportTransitGatewayAttachmentId String

    The transit gateway attachment ID to use for the VPN tunnel.

    Required if OutsideIpAddressType is set to PrivateIpv4 .

    tunnelInsideIpVersion String

    Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

    Default: ipv4

    vpnGatewayId String
    The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId, but not both.
    vpnTunnelOptionsSpecifications List<Property Map>
    The tunnel options for the VPN connection.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the VpnConnection resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    VpnConnectionId string
    The ID of the VPN connection.
    Id string
    The provider-assigned unique ID for this managed resource.
    VpnConnectionId string
    The ID of the VPN connection.
    id String
    The provider-assigned unique ID for this managed resource.
    vpnConnectionId String
    The ID of the VPN connection.
    id string
    The provider-assigned unique ID for this managed resource.
    vpnConnectionId string
    The ID of the VPN connection.
    id str
    The provider-assigned unique ID for this managed resource.
    vpn_connection_id str
    The ID of the VPN connection.
    id String
    The provider-assigned unique ID for this managed resource.
    vpnConnectionId String
    The ID of the VPN connection.

    Supporting Types

    Tag, TagArgs

    Key string
    The key name of the tag
    Value string
    The value of the tag
    Key string
    The key name of the tag
    Value string
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag
    key string
    The key name of the tag
    value string
    The value of the tag
    key str
    The key name of the tag
    value str
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag

    VpnConnectionVpnTunnelOptionsSpecification, VpnConnectionVpnTunnelOptionsSpecificationArgs

    PreSharedKey string
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).
    TunnelInsideCidr string
    The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

    • 169.254.0.0/30
    • 169.254.1.0/30
    • 169.254.2.0/30
    • 169.254.3.0/30
    • 169.254.4.0/30
    • 169.254.5.0/30
    • 169.254.169.252/30
    PreSharedKey string
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).
    TunnelInsideCidr string
    The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

    • 169.254.0.0/30
    • 169.254.1.0/30
    • 169.254.2.0/30
    • 169.254.3.0/30
    • 169.254.4.0/30
    • 169.254.5.0/30
    • 169.254.169.252/30
    preSharedKey String
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).
    tunnelInsideCidr String
    The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

    • 169.254.0.0/30
    • 169.254.1.0/30
    • 169.254.2.0/30
    • 169.254.3.0/30
    • 169.254.4.0/30
    • 169.254.5.0/30
    • 169.254.169.252/30
    preSharedKey string
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).
    tunnelInsideCidr string
    The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

    • 169.254.0.0/30
    • 169.254.1.0/30
    • 169.254.2.0/30
    • 169.254.3.0/30
    • 169.254.4.0/30
    • 169.254.5.0/30
    • 169.254.169.252/30
    pre_shared_key str
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).
    tunnel_inside_cidr str
    The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

    • 169.254.0.0/30
    • 169.254.1.0/30
    • 169.254.2.0/30
    • 169.254.3.0/30
    • 169.254.4.0/30
    • 169.254.5.0/30
    • 169.254.169.252/30
    preSharedKey String
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).
    tunnelInsideCidr String
    The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

    • 169.254.0.0/30
    • 169.254.1.0/30
    • 169.254.2.0/30
    • 169.254.3.0/30
    • 169.254.4.0/30
    • 169.254.5.0/30
    • 169.254.169.252/30

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.0.1 published on Tuesday, Oct 1, 2024 by Pulumi