AWS v7.9.0 published on Tuesday, Oct 21, 2025 by Pulumi
aws.vpn.getConnection
Deprecated: aws.vpn/getconnection.getConnection has been deprecated in favor of aws.ec2/getvpnconnection.getVpnConnection
Fetches details of a Site-to-Site VPN connection. A Site-to-Site VPN connection is an Internet Protocol security (IPsec) VPN connection between a VPC and an on-premises network.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.ec2.getVpnConnection({
filters: [{
name: "customer-gateway-id",
values: ["cgw-1234567890"],
}],
});
export const vpnConnectionId = example.then(example => example.vpnConnectionId);
import pulumi
import pulumi_aws as aws
example = aws.ec2.get_vpn_connection(filters=[{
"name": "customer-gateway-id",
"values": ["cgw-1234567890"],
}])
pulumi.export("vpnConnectionId", example.vpn_connection_id)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := ec2.LookupVpnConnection(ctx, &ec2.LookupVpnConnectionArgs{
Filters: []ec2.GetVpnConnectionFilter{
{
Name: "customer-gateway-id",
Values: []string{
"cgw-1234567890",
},
},
},
}, nil)
if err != nil {
return err
}
ctx.Export("vpnConnectionId", example.VpnConnectionId)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Ec2.GetVpnConnection.Invoke(new()
{
Filters = new[]
{
new Aws.Ec2.Inputs.GetVpnConnectionFilterInputArgs
{
Name = "customer-gateway-id",
Values = new[]
{
"cgw-1234567890",
},
},
},
});
return new Dictionary<string, object?>
{
["vpnConnectionId"] = example.Apply(getVpnConnectionResult => getVpnConnectionResult.VpnConnectionId),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetVpnConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = Ec2Functions.getVpnConnection(GetVpnConnectionArgs.builder()
.filters(GetVpnConnectionFilterArgs.builder()
.name("customer-gateway-id")
.values("cgw-1234567890")
.build())
.build());
ctx.export("vpnConnectionId", example.vpnConnectionId());
}
}
variables:
example:
fn::invoke:
function: aws:ec2:getVpnConnection
arguments:
filters:
- name: customer-gateway-id
values:
- cgw-1234567890
outputs:
vpnConnectionId: ${example.vpnConnectionId}
Find by VPN Connection ID
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.ec2.getVpnConnection({
vpnConnectionId: "vpn-abcd1234567890",
});
export const gatewayAssociationState = example.then(example => example.gatewayAssociationState);
import pulumi
import pulumi_aws as aws
example = aws.ec2.get_vpn_connection(vpn_connection_id="vpn-abcd1234567890")
pulumi.export("gatewayAssociationState", example.gateway_association_state)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := ec2.LookupVpnConnection(ctx, &ec2.LookupVpnConnectionArgs{
VpnConnectionId: pulumi.StringRef("vpn-abcd1234567890"),
}, nil)
if err != nil {
return err
}
ctx.Export("gatewayAssociationState", example.GatewayAssociationState)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.Ec2.GetVpnConnection.Invoke(new()
{
VpnConnectionId = "vpn-abcd1234567890",
});
return new Dictionary<string, object?>
{
["gatewayAssociationState"] = example.Apply(getVpnConnectionResult => getVpnConnectionResult.GatewayAssociationState),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetVpnConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = Ec2Functions.getVpnConnection(GetVpnConnectionArgs.builder()
.vpnConnectionId("vpn-abcd1234567890")
.build());
ctx.export("gatewayAssociationState", example.gatewayAssociationState());
}
}
variables:
example:
fn::invoke:
function: aws:ec2:getVpnConnection
arguments:
vpnConnectionId: vpn-abcd1234567890
outputs:
gatewayAssociationState: ${example.gatewayAssociationState}
Using getConnection
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getConnection(args: GetConnectionArgs, opts?: InvokeOptions): Promise<GetConnectionResult>
function getConnectionOutput(args: GetConnectionOutputArgs, opts?: InvokeOptions): Output<GetConnectionResult>def get_connection(filters: Optional[Sequence[GetConnectionFilter]] = None,
region: Optional[str] = None,
vpn_connection_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetConnectionResult
def get_connection_output(filters: Optional[pulumi.Input[Sequence[pulumi.Input[GetConnectionFilterArgs]]]] = None,
region: Optional[pulumi.Input[str]] = None,
vpn_connection_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetConnectionResult]func GetConnection(ctx *Context, args *GetConnectionArgs, opts ...InvokeOption) (*GetConnectionResult, error)
func GetConnectionOutput(ctx *Context, args *GetConnectionOutputArgs, opts ...InvokeOption) GetConnectionResultOutput> Note: This function is named GetConnection in the Go SDK.
public static class GetConnection
{
public static Task<GetConnectionResult> InvokeAsync(GetConnectionArgs args, InvokeOptions? opts = null)
public static Output<GetConnectionResult> Invoke(GetConnectionInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetConnectionResult> getConnection(GetConnectionArgs args, InvokeOptions options)
public static Output<GetConnectionResult> getConnection(GetConnectionArgs args, InvokeOptions options)
fn::invoke:
function: aws:vpn/getConnection:getConnection
arguments:
# arguments dictionaryThe following arguments are supported:
- Filters
List<Get
Connection Filter> - Configuration block(s) for filtering. Detailed below.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Vpn
Connection stringId - Identifier of the EC2 VPN Connection.
- Filters
[]Get
Connection Filter - Configuration block(s) for filtering. Detailed below.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Vpn
Connection stringId - Identifier of the EC2 VPN Connection.
- filters
List<Get
Connection Filter> - Configuration block(s) for filtering. Detailed below.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn
Connection StringId - Identifier of the EC2 VPN Connection.
- filters
Get
Connection Filter[] - Configuration block(s) for filtering. Detailed below.
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn
Connection stringId - Identifier of the EC2 VPN Connection.
- filters
Sequence[Get
Connection Filter] - Configuration block(s) for filtering. Detailed below.
- region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn_
connection_ strid - Identifier of the EC2 VPN Connection.
- filters List<Property Map>
- Configuration block(s) for filtering. Detailed below.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- vpn
Connection StringId - Identifier of the EC2 VPN Connection.
getConnection Result
The following output properties are available:
- Category string
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- Core
Network stringArn - ARN of the core network.
- Core
Network stringAttachment Arn - ARN of the core network attachment.
- Customer
Gateway stringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- Customer
Gateway stringId - ID of the customer gateway at your end of the VPN connection.
- Gateway
Association stringState - Current state of the gateway association.
- Id string
- The provider-assigned unique ID for this managed resource.
- string
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- Region string
- Routes
List<Get
Connection Route> - List of static routes associated with the VPN connection.
- State string
- Current state of the VPN connection.
- Dictionary<string, string>
- Tags associated to the VPN Connection.
- Transit
Gateway stringId - ID of a transit gateway associated with the VPN connection.
- Type string
- Type of VPN connection. Currently the only supported type is ipsec.1.
- Vgw
Telemetries List<GetConnection Vgw Telemetry> - List of objects containing information about the VPN tunnel.
- Vpn
Connection stringId - Vpn
Gateway stringId - ID of a virtual private gateway associated with the VPN connection.
- Filters
List<Get
Connection Filter>
- Category string
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- Core
Network stringArn - ARN of the core network.
- Core
Network stringAttachment Arn - ARN of the core network attachment.
- Customer
Gateway stringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- Customer
Gateway stringId - ID of the customer gateway at your end of the VPN connection.
- Gateway
Association stringState - Current state of the gateway association.
- Id string
- The provider-assigned unique ID for this managed resource.
- string
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- Region string
- Routes
[]Get
Connection Route - List of static routes associated with the VPN connection.
- State string
- Current state of the VPN connection.
- map[string]string
- Tags associated to the VPN Connection.
- Transit
Gateway stringId - ID of a transit gateway associated with the VPN connection.
- Type string
- Type of VPN connection. Currently the only supported type is ipsec.1.
- Vgw
Telemetries []GetConnection Vgw Telemetry - List of objects containing information about the VPN tunnel.
- Vpn
Connection stringId - Vpn
Gateway stringId - ID of a virtual private gateway associated with the VPN connection.
- Filters
[]Get
Connection Filter
- category String
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core
Network StringArn - ARN of the core network.
- core
Network StringAttachment Arn - ARN of the core network attachment.
- customer
Gateway StringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer
Gateway StringId - ID of the customer gateway at your end of the VPN connection.
- gateway
Association StringState - Current state of the gateway association.
- id String
- The provider-assigned unique ID for this managed resource.
- String
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region String
- routes
List<Get
Connection Route> - List of static routes associated with the VPN connection.
- state String
- Current state of the VPN connection.
- Map<String,String>
- Tags associated to the VPN Connection.
- transit
Gateway StringId - ID of a transit gateway associated with the VPN connection.
- type String
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw
Telemetries List<GetConnection Vgw Telemetry> - List of objects containing information about the VPN tunnel.
- vpn
Connection StringId - vpn
Gateway StringId - ID of a virtual private gateway associated with the VPN connection.
- filters
List<Get
Connection Filter>
- category string
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core
Network stringArn - ARN of the core network.
- core
Network stringAttachment Arn - ARN of the core network attachment.
- customer
Gateway stringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer
Gateway stringId - ID of the customer gateway at your end of the VPN connection.
- gateway
Association stringState - Current state of the gateway association.
- id string
- The provider-assigned unique ID for this managed resource.
- string
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region string
- routes
Get
Connection Route[] - List of static routes associated with the VPN connection.
- state string
- Current state of the VPN connection.
- {[key: string]: string}
- Tags associated to the VPN Connection.
- transit
Gateway stringId - ID of a transit gateway associated with the VPN connection.
- type string
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw
Telemetries GetConnection Vgw Telemetry[] - List of objects containing information about the VPN tunnel.
- vpn
Connection stringId - vpn
Gateway stringId - ID of a virtual private gateway associated with the VPN connection.
- filters
Get
Connection Filter[]
- category str
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core_
network_ strarn - ARN of the core network.
- core_
network_ strattachment_ arn - ARN of the core network attachment.
- customer_
gateway_ strconfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer_
gateway_ strid - ID of the customer gateway at your end of the VPN connection.
- gateway_
association_ strstate - Current state of the gateway association.
- id str
- The provider-assigned unique ID for this managed resource.
- str
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region str
- routes
Sequence[Get
Connection Route] - List of static routes associated with the VPN connection.
- state str
- Current state of the VPN connection.
- Mapping[str, str]
- Tags associated to the VPN Connection.
- transit_
gateway_ strid - ID of a transit gateway associated with the VPN connection.
- type str
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw_
telemetries Sequence[GetConnection Vgw Telemetry] - List of objects containing information about the VPN tunnel.
- vpn_
connection_ strid - vpn_
gateway_ strid - ID of a virtual private gateway associated with the VPN connection.
- filters
Sequence[Get
Connection Filter]
- category String
- Category of the VPN connection. A value of VPN indicates an AWS VPN connection. A value of VPN-Classic indicates an AWS Classic VPN connection.
- core
Network StringArn - ARN of the core network.
- core
Network StringAttachment Arn - ARN of the core network attachment.
- customer
Gateway StringConfiguration - Configuration information for the VPN connection's customer gateway (in the native XML format).
- customer
Gateway StringId - ID of the customer gateway at your end of the VPN connection.
- gateway
Association StringState - Current state of the gateway association.
- id String
- The provider-assigned unique ID for this managed resource.
- String
- (ARN) of the Secrets Manager secret storing the pre-shared key(s) for the VPN connection.
- region String
- routes List<Property Map>
- List of static routes associated with the VPN connection.
- state String
- Current state of the VPN connection.
- Map<String>
- Tags associated to the VPN Connection.
- transit
Gateway StringId - ID of a transit gateway associated with the VPN connection.
- type String
- Type of VPN connection. Currently the only supported type is ipsec.1.
- vgw
Telemetries List<Property Map> - List of objects containing information about the VPN tunnel.
- vpn
Connection StringId - vpn
Gateway StringId - ID of a virtual private gateway associated with the VPN connection.
- filters List<Property Map>
Supporting Types
GetConnectionFilter
- Name string
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - Values List<string>
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- Name string
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - Values []string
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name String
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values List<String>
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name string
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values string[]
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name str
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values Sequence[str]
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
- name String
- Name of the filter field. Valid values can be found in the EC2
DescribeVPNConnectionsAPI Reference. - values List<String>
- Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
GetConnectionRoute
- Destination
Cidr stringBlock - Source string
- State string
- Current state of the VPN connection.
- Destination
Cidr stringBlock - Source string
- State string
- Current state of the VPN connection.
- destination
Cidr StringBlock - source String
- state String
- Current state of the VPN connection.
- destination
Cidr stringBlock - source string
- state string
- Current state of the VPN connection.
- destination_
cidr_ strblock - source str
- state str
- Current state of the VPN connection.
- destination
Cidr StringBlock - source String
- state String
- Current state of the VPN connection.
GetConnectionVgwTelemetry
- Accepted
Route intCount - Last
Status stringChange - Outside
Ip stringAddress - Status string
- Status
Message string
- Accepted
Route intCount - Last
Status stringChange - Outside
Ip stringAddress - Status string
- Status
Message string
- accepted
Route IntegerCount - last
Status StringChange - outside
Ip StringAddress - status String
- status
Message String
- accepted
Route numberCount - last
Status stringChange - outside
Ip stringAddress - status string
- status
Message string
- accepted_
route_ intcount - last_
status_ strchange - outside_
ip_ straddress - status str
- status_
message str
- accepted
Route NumberCount - last
Status StringChange - outside
Ip StringAddress - status String
- status
Message String
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
