Viewing docs for AWS v7.21.0
published on Wednesday, Mar 4, 2026 by Pulumi
published on Wednesday, Mar 4, 2026 by Pulumi
Viewing docs for AWS v7.21.0
published on Wednesday, Mar 4, 2026 by Pulumi
published on Wednesday, Mar 4, 2026 by Pulumi
Fetches details of a Site-to-Site VPN connection. A Site-to-Site VPN connection is an Internet Protocol security (IPsec) VPN connection between a VPC and an on-premises network.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.ec2.getVpnConnection({
filters: [{
name: "customer-gateway-id",
values: ["cgw-1234567890"],
}],
});
export const vpnConnectionId = example.then(example => example.vpnConnectionId);
import pulumi
import pulumi_aws as aws
example = aws.ec2.get_vpn_connection(filters=[{
"name": "customer-gateway-id",
"values": ["cgw-1234567890"],
}])
pulumi.export("vpnConnectionId", example.vpn_connection_id)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := ec2.LookupVpnConnection(ctx, &ec2.LookupVpnConnectionArgs{
Filters: []ec2.GetVpnConnectionFilter{
{
Name: "customer-gateway-id",
Values: []string{
"cgw-1234567890",
},
},
},
}, nil)
if err != nil {
return err
}
ctx.Export("vpnConnectionId", example.VpnConnectionId)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Ec2.GetVpnConnection.Invoke(new()
{
Filters = new[]
{
new Aws.Ec2.Inputs.GetVpnConnectionFilterInputArgs
{
Name = "customer-gateway-id",
Values = new[]
{
"cgw-1234567890",
},
},
},
});
return new Dictionary<string, object?>
{
["vpnConnectionId"] = example.Apply(getVpnConnectionResult => getVpnConnectionResult.VpnConnectionId),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetVpnConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = Ec2Functions.getVpnConnection(GetVpnConnectionArgs.builder()
.filters(GetVpnConnectionFilterArgs.builder()
.name("customer-gateway-id")
.values("cgw-1234567890")
.build())
.build());
ctx.export("vpnConnectionId", example.vpnConnectionId());
}
}
variables:
example:
fn::invoke:
function: aws:ec2:getVpnConnection
arguments:
filters:
- name: customer-gateway-id
values:
- cgw-1234567890
outputs:
vpnConnectionId: ${example.vpnConnectionId}
Find by VPN Connection ID
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.ec2.getVpnConnection({
vpnConnectionId: "vpn-abcd1234567890",
});
export const gatewayAssociationState = example.then(example => example.gatewayAssociationState);
import pulumi
import pulumi_aws as aws
example = aws.ec2.get_vpn_connection(vpn_connection_id="vpn-abcd1234567890")
pulumi.export("gatewayAssociationState", example.gateway_association_state)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := ec2.LookupVpnConnection(ctx, &ec2.LookupVpnConnectionArgs{
VpnConnectionId: pulumi.StringRef("vpn-abcd1234567890"),
}, nil)
if err != nil {
return err
}
ctx.Export("gatewayAssociationState", example.GatewayAssociationState)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Ec2.GetVpnConnection.Invoke(new()
{
VpnConnectionId = "vpn-abcd1234567890",
});
return new Dictionary<string, object?>
{
["gatewayAssociationState"] = example.Apply(getVpnConnectionResult => getVpnConnectionResult.GatewayAssociationState),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetVpnConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = Ec2Functions.getVpnConnection(GetVpnConnectionArgs.builder()
.vpnConnectionId("vpn-abcd1234567890")
.build());
ctx.export("gatewayAssociationState", example.gatewayAssociationState());
}
}
variables:
example:
fn::invoke:
function: aws:ec2:getVpnConnection
arguments:
vpnConnectionId: vpn-abcd1234567890
outputs:
gatewayAssociationState: ${example.gatewayAssociationState}
Using getVpnConnection
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getVpnConnection(args: GetVpnConnectionArgs, opts?: InvokeOptions): Promise<GetVpnConnectionResult>
function getVpnConnectionOutput(args: GetVpnConnectionOutputArgs, opts?: InvokeOptions): Output<GetVpnConnectionResult>def get_vpn_connection(filters: Optional[Sequence[GetVpnConnectionFilter]] = None,
region: Optional[str] = None,
vpn_connection_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetVpnConnectionResult
def get_vpn_connection_output(filters: Optional[pulumi.Input[Sequence[pulumi.Input[GetVpnConnectionFilterArgs]]]] = None,
region: Optional[pulumi.Input[str]] = None,
vpn_connection_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetVpnConnectionResult]func LookupVpnConnection(ctx *Context, args *LookupVpnConnectionArgs, opts ...InvokeOption) (*LookupVpnConnectionResult, error)
func LookupVpnConnectionOutput(ctx *Context, args *LookupVpnConnectionOutputArgs, opts ...InvokeOption) LookupVpnConnectionResultOutput> Note: This function is named LookupVpnConnection in the Go SDK.
public static class GetVpnConnection
{
public static Task<GetVpnConnectionResult> InvokeAsync(GetVpnConnectionArgs args, InvokeOptions? opts = null)
public static Output<GetVpnConnectionResult> Invoke(GetVpnConnectionInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetVpnConnectionResult> getVpnConnection(GetVpnConnectionArgs args, InvokeOptions options)
public static Output<GetVpnConnectionResult> getVpnConnection(GetVpnConnectionArgs args, InvokeOptions options)
fn::invoke:
function: aws:ec2/getVpnConnection:getVpnConnection
arguments:
# arguments dictionaryThe following arguments are supported:
- Filters
List<Get
Vpn Connection Filter> - Configuration block(s) for filtering. Detailed below.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Vpn
Connection stringId - Identifier of the EC2 VPN Connection.
- Filters
[]Get
Vpn Connection Filter - Configuration block(s) for filtering. Detailed below.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Vpn
Connection stringId - Identifier of the EC2 VPN Connection.
- filters
List<Get
Vpn Connection Filter> - Configuration block(s) for filtering. Detailed below.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn
Connection StringId - Identifier of the EC2 VPN Connection.
- filters
Get
Vpn Connection Filter[] - Configuration block(s) for filtering. Detailed below.
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn
Connection stringId - Identifier of the EC2 VPN Connection.
- filters
Sequence[Get
Vpn Connection Filter] - Configuration block(s) for filtering. Detailed below.
- region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn_
connection_ strid - Identifier of the EC2 VPN Connection.
- filters List<Property Map>
- Configuration block(s) for filtering. Detailed below.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn
Connection StringId - Identifier of the EC2 VPN Connection.
getVpnConnection Result
The following output properties are available:
- Category string
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- Core
Network stringArn - ARN of the core network.
- Core
Network stringAttachment Arn - ARN of the core network attachment.
- Customer
Gateway stringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- Customer
Gateway stringId - ID of the customer gateway at your end of the VPN connection.
- Gateway
Association stringState - Current state of the gateway association.
- Id string
- The provider-assigned unique ID for this managed resource.
- string
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- Region string
- Routes
List<Get
Vpn Connection Route> - List of static routes associated with the VPN connection.
- State string
- Current state of the VPN connection.
- Dictionary<string, string>
- Tags associated to the VPN Connection.
- Transit
Gateway stringId - ID of a transit gateway associated with the VPN connection.
- Type string
- Type of VPN connection. Currently the only supported type is ipsec.1.
- Vgw
Telemetries List<GetVpn Connection Vgw Telemetry> - List of objects containing information about the VPN tunnel.
- Vpn
Concentrator stringId - ID of a VPN concentrator associated with the VPN connection.
- Vpn
Connection stringId - Vpn
Gateway stringId - ID of a virtual private gateway associated with the VPN connection.
- Filters
List<Get
Vpn Connection Filter>
- Category string
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- Core
Network stringArn - ARN of the core network.
- Core
Network stringAttachment Arn - ARN of the core network attachment.
- Customer
Gateway stringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- Customer
Gateway stringId - ID of the customer gateway at your end of the VPN connection.
- Gateway
Association stringState - Current state of the gateway association.
- Id string
- The provider-assigned unique ID for this managed resource.
- string
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- Region string
- Routes
[]Get
Vpn Connection Route Type - List of static routes associated with the VPN connection.
- State string
- Current state of the VPN connection.
- map[string]string
- Tags associated to the VPN Connection.
- Transit
Gateway stringId - ID of a transit gateway associated with the VPN connection.
- Type string
- Type of VPN connection. Currently the only supported type is ipsec.1.
- Vgw
Telemetries []GetVpn Connection Vgw Telemetry - List of objects containing information about the VPN tunnel.
- Vpn
Concentrator stringId - ID of a VPN concentrator associated with the VPN connection.
- Vpn
Connection stringId - Vpn
Gateway stringId - ID of a virtual private gateway associated with the VPN connection.
- Filters
[]Get
Vpn Connection Filter
- category String
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core
Network StringArn - ARN of the core network.
- core
Network StringAttachment Arn - ARN of the core network attachment.
- customer
Gateway StringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer
Gateway StringId - ID of the customer gateway at your end of the VPN connection.
- gateway
Association StringState - Current state of the gateway association.
- id String
- The provider-assigned unique ID for this managed resource.
- String
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region String
- routes
List<Get
Vpn Connection Route> - List of static routes associated with the VPN connection.
- state String
- Current state of the VPN connection.
- Map<String,String>
- Tags associated to the VPN Connection.
- transit
Gateway StringId - ID of a transit gateway associated with the VPN connection.
- type String
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw
Telemetries List<GetVpn Connection Vgw Telemetry> - List of objects containing information about the VPN tunnel.
- vpn
Concentrator StringId - ID of a VPN concentrator associated with the VPN connection.
- vpn
Connection StringId - vpn
Gateway StringId - ID of a virtual private gateway associated with the VPN connection.
- filters
List<Get
Vpn Connection Filter>
- category string
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core
Network stringArn - ARN of the core network.
- core
Network stringAttachment Arn - ARN of the core network attachment.
- customer
Gateway stringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer
Gateway stringId - ID of the customer gateway at your end of the VPN connection.
- gateway
Association stringState - Current state of the gateway association.
- id string
- The provider-assigned unique ID for this managed resource.
- string
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region string
- routes
Get
Vpn Connection Route[] - List of static routes associated with the VPN connection.
- state string
- Current state of the VPN connection.
- {[key: string]: string}
- Tags associated to the VPN Connection.
- transit
Gateway stringId - ID of a transit gateway associated with the VPN connection.
- type string
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw
Telemetries GetVpn Connection Vgw Telemetry[] - List of objects containing information about the VPN tunnel.
- vpn
Concentrator stringId - ID of a VPN concentrator associated with the VPN connection.
- vpn
Connection stringId - vpn
Gateway stringId - ID of a virtual private gateway associated with the VPN connection.
- filters
Get
Vpn Connection Filter[]
- category str
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core_
network_ strarn - ARN of the core network.
- core_
network_ strattachment_ arn - ARN of the core network attachment.
- customer_
gateway_ strconfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer_
gateway_ strid - ID of the customer gateway at your end of the VPN connection.
- gateway_
association_ strstate - Current state of the gateway association.
- id str
- The provider-assigned unique ID for this managed resource.
- str
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region str
- routes
Sequence[Get
Vpn Connection Route] - List of static routes associated with the VPN connection.
- state str
- Current state of the VPN connection.
- Mapping[str, str]
- Tags associated to the VPN Connection.
- transit_
gateway_ strid - ID of a transit gateway associated with the VPN connection.
- type str
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw_
telemetries Sequence[GetVpn Connection Vgw Telemetry] - List of objects containing information about the VPN tunnel.
- vpn_
concentrator_ strid - ID of a VPN concentrator associated with the VPN connection.
- vpn_
connection_ strid - vpn_
gateway_ strid - ID of a virtual private gateway associated with the VPN connection.
- filters
Sequence[Get
Vpn Connection Filter]
- category String
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core
Network StringArn - ARN of the core network.
- core
Network StringAttachment Arn - ARN of the core network attachment.
- customer
Gateway StringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer
Gateway StringId - ID of the customer gateway at your end of the VPN connection.
- gateway
Association StringState - Current state of the gateway association.
- id String
- The provider-assigned unique ID for this managed resource.
- String
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region String
- routes List<Property Map>
- List of static routes associated with the VPN connection.
- state String
- Current state of the VPN connection.
- Map<String>
- Tags associated to the VPN Connection.
- transit
Gateway StringId - ID of a transit gateway associated with the VPN connection.
- type String
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw
Telemetries List<Property Map> - List of objects containing information about the VPN tunnel.
- vpn
Concentrator StringId - ID of a VPN concentrator associated with the VPN connection.
- vpn
Connection StringId - vpn
Gateway StringId - ID of a virtual private gateway associated with the VPN connection.
- filters List<Property Map>
Supporting Types
GetVpnConnectionFilter
- Name string
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - Values List<string>
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- Name string
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - Values []string
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name String
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values List<String>
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name string
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values string[]
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name str
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values Sequence[str]
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name String
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values List<String>
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
GetVpnConnectionRoute
- Destination
Cidr stringBlock - Source string
- State string
- Current state of the VPN connection.
- Destination
Cidr stringBlock - Source string
- State string
- Current state of the VPN connection.
- destination
Cidr StringBlock - source String
- state String
- Current state of the VPN connection.
- destination
Cidr stringBlock - source string
- state string
- Current state of the VPN connection.
- destination_
cidr_ strblock - source str
- state str
- Current state of the VPN connection.
- destination
Cidr StringBlock - source String
- state String
- Current state of the VPN connection.
GetVpnConnectionVgwTelemetry
- Accepted
Route intCount - Last
Status stringChange - Outside
Ip stringAddress - Status string
- Status
Message string
- Accepted
Route intCount - Last
Status stringChange - Outside
Ip stringAddress - Status string
- Status
Message string
- accepted
Route IntegerCount - last
Status StringChange - outside
Ip StringAddress - status String
- status
Message String
- accepted
Route numberCount - last
Status stringChange - outside
Ip stringAddress - status string
- status
Message string
- accepted_
route_ intcount - last_
status_ strchange - outside_
ip_ straddress - status str
- status_
message str
- accepted
Route NumberCount - last
Status StringChange - outside
Ip StringAddress - status String
- status
Message String
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Viewing docs for AWS v7.21.0
published on Wednesday, Mar 4, 2026 by Pulumi
published on Wednesday, Mar 4, 2026 by Pulumi
