We recommend using Azure Native.
Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
We recommend using Azure Native.
Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Manages a VPN Gateway Connection.
Example Usage
using Pulumi;
using Azure = Pulumi.Azure;
class MyStack : Stack
{
public MyStack()
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new Azure.Core.ResourceGroupArgs
{
Location = "West Europe",
});
var exampleVirtualWan = new Azure.Network.VirtualWan("exampleVirtualWan", new Azure.Network.VirtualWanArgs
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
});
var exampleVirtualHub = new Azure.Network.VirtualHub("exampleVirtualHub", new Azure.Network.VirtualHubArgs
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
VirtualWanId = exampleVirtualWan.Id,
AddressPrefix = "10.0.0.0/24",
});
var exampleVpnGateway = new Azure.Network.VpnGateway("exampleVpnGateway", new Azure.Network.VpnGatewayArgs
{
Location = exampleResourceGroup.Location,
ResourceGroupName = exampleResourceGroup.Name,
VirtualHubId = exampleVirtualHub.Id,
});
var exampleVpnSite = new Azure.Network.VpnSite("exampleVpnSite", new Azure.Network.VpnSiteArgs
{
Location = exampleResourceGroup.Location,
ResourceGroupName = exampleResourceGroup.Name,
VirtualWanId = exampleVirtualWan.Id,
Links =
{
new Azure.Network.Inputs.VpnSiteLinkArgs
{
Name = "link1",
IpAddress = "10.1.0.0",
},
new Azure.Network.Inputs.VpnSiteLinkArgs
{
Name = "link2",
IpAddress = "10.2.0.0",
},
},
});
var exampleVpnGatewayConnection = new Azure.Network.VpnGatewayConnection("exampleVpnGatewayConnection", new Azure.Network.VpnGatewayConnectionArgs
{
VpnGatewayId = exampleVpnGateway.Id,
RemoteVpnSiteId = exampleVpnSite.Id,
VpnLinks =
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "link1",
VpnSiteLinkId = exampleVpnSite.Links.Apply(links => links?[0]?.Id),
},
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "link2",
VpnSiteLinkId = exampleVpnSite.Links.Apply(links => links?[1]?.Id),
},
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleVirtualWan, err := network.NewVirtualWan(ctx, "exampleVirtualWan", &network.VirtualWanArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
})
if err != nil {
return err
}
exampleVirtualHub, err := network.NewVirtualHub(ctx, "exampleVirtualHub", &network.VirtualHubArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
VirtualWanId: exampleVirtualWan.ID(),
AddressPrefix: pulumi.String("10.0.0.0/24"),
})
if err != nil {
return err
}
exampleVpnGateway, err := network.NewVpnGateway(ctx, "exampleVpnGateway", &network.VpnGatewayArgs{
Location: exampleResourceGroup.Location,
ResourceGroupName: exampleResourceGroup.Name,
VirtualHubId: exampleVirtualHub.ID(),
})
if err != nil {
return err
}
exampleVpnSite, err := network.NewVpnSite(ctx, "exampleVpnSite", &network.VpnSiteArgs{
Location: exampleResourceGroup.Location,
ResourceGroupName: exampleResourceGroup.Name,
VirtualWanId: exampleVirtualWan.ID(),
Links: network.VpnSiteLinkArray{
&network.VpnSiteLinkArgs{
Name: pulumi.String("link1"),
IpAddress: pulumi.String("10.1.0.0"),
},
&network.VpnSiteLinkArgs{
Name: pulumi.String("link2"),
IpAddress: pulumi.String("10.2.0.0"),
},
},
})
if err != nil {
return err
}
_, err = network.NewVpnGatewayConnection(ctx, "exampleVpnGatewayConnection", &network.VpnGatewayConnectionArgs{
VpnGatewayId: exampleVpnGateway.ID(),
RemoteVpnSiteId: exampleVpnSite.ID(),
VpnLinks: network.VpnGatewayConnectionVpnLinkArray{
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("link1"),
VpnSiteLinkId: exampleVpnSite.Links.ApplyT(func(links []network.VpnSiteLink) (string, error) {
return links[0].Id, nil
}).(pulumi.StringOutput),
},
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("link2"),
VpnSiteLinkId: exampleVpnSite.Links.ApplyT(func(links []network.VpnSiteLink) (string, error) {
return links[1].Id, nil
}).(pulumi.StringOutput),
},
},
})
if err != nil {
return err
}
return nil
})
}
Example coming soon!
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleVirtualWan = new azure.network.VirtualWan("exampleVirtualWan", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
});
const exampleVirtualHub = new azure.network.VirtualHub("exampleVirtualHub", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
virtualWanId: exampleVirtualWan.id,
addressPrefix: "10.0.0.0/24",
});
const exampleVpnGateway = new azure.network.VpnGateway("exampleVpnGateway", {
location: exampleResourceGroup.location,
resourceGroupName: exampleResourceGroup.name,
virtualHubId: exampleVirtualHub.id,
});
const exampleVpnSite = new azure.network.VpnSite("exampleVpnSite", {
location: exampleResourceGroup.location,
resourceGroupName: exampleResourceGroup.name,
virtualWanId: exampleVirtualWan.id,
links: [
{
name: "link1",
ipAddress: "10.1.0.0",
},
{
name: "link2",
ipAddress: "10.2.0.0",
},
],
});
const exampleVpnGatewayConnection = new azure.network.VpnGatewayConnection("exampleVpnGatewayConnection", {
vpnGatewayId: exampleVpnGateway.id,
remoteVpnSiteId: exampleVpnSite.id,
vpnLinks: [
{
name: "link1",
vpnSiteLinkId: exampleVpnSite.links.apply(links => links?[0]?.id),
},
{
name: "link2",
vpnSiteLinkId: exampleVpnSite.links.apply(links => links?[1]?.id),
},
],
});
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_wan = azure.network.VirtualWan("exampleVirtualWan",
resource_group_name=example_resource_group.name,
location=example_resource_group.location)
example_virtual_hub = azure.network.VirtualHub("exampleVirtualHub",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
virtual_wan_id=example_virtual_wan.id,
address_prefix="10.0.0.0/24")
example_vpn_gateway = azure.network.VpnGateway("exampleVpnGateway",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
virtual_hub_id=example_virtual_hub.id)
example_vpn_site = azure.network.VpnSite("exampleVpnSite",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
virtual_wan_id=example_virtual_wan.id,
links=[
azure.network.VpnSiteLinkArgs(
name="link1",
ip_address="10.1.0.0",
),
azure.network.VpnSiteLinkArgs(
name="link2",
ip_address="10.2.0.0",
),
])
example_vpn_gateway_connection = azure.network.VpnGatewayConnection("exampleVpnGatewayConnection",
vpn_gateway_id=example_vpn_gateway.id,
remote_vpn_site_id=example_vpn_site.id,
vpn_links=[
azure.network.VpnGatewayConnectionVpnLinkArgs(
name="link1",
vpn_site_link_id=example_vpn_site.links[0].id,
),
azure.network.VpnGatewayConnectionVpnLinkArgs(
name="link2",
vpn_site_link_id=example_vpn_site.links[1].id,
),
])
Example coming soon!
Create VpnGatewayConnection Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpnGatewayConnection(name: string, args: VpnGatewayConnectionArgs, opts?: CustomResourceOptions);@overload
def VpnGatewayConnection(resource_name: str,
args: VpnGatewayConnectionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpnGatewayConnection(resource_name: str,
opts: Optional[ResourceOptions] = None,
remote_vpn_site_id: Optional[str] = None,
vpn_gateway_id: Optional[str] = None,
vpn_links: Optional[Sequence[VpnGatewayConnectionVpnLinkArgs]] = None,
internet_security_enabled: Optional[bool] = None,
name: Optional[str] = None,
routings: Optional[Sequence[VpnGatewayConnectionRoutingArgs]] = None,
traffic_selector_policies: Optional[Sequence[VpnGatewayConnectionTrafficSelectorPolicyArgs]] = None)func NewVpnGatewayConnection(ctx *Context, name string, args VpnGatewayConnectionArgs, opts ...ResourceOption) (*VpnGatewayConnection, error)public VpnGatewayConnection(string name, VpnGatewayConnectionArgs args, CustomResourceOptions? opts = null)
public VpnGatewayConnection(String name, VpnGatewayConnectionArgs args)
public VpnGatewayConnection(String name, VpnGatewayConnectionArgs args, CustomResourceOptions options)
type: azure:network:VpnGatewayConnection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpnGatewayConnectionResource = new Azure.Network.VpnGatewayConnection("vpnGatewayConnectionResource", new()
{
RemoteVpnSiteId = "string",
VpnGatewayId = "string",
VpnLinks = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "string",
VpnSiteLinkId = "string",
LocalAzureIpAddressEnabled = false,
EgressNatRuleIds = new[]
{
"string",
},
IngressNatRuleIds = new[]
{
"string",
},
IpsecPolicies = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkIpsecPolicyArgs
{
DhGroup = "string",
EncryptionAlgorithm = "string",
IkeEncryptionAlgorithm = "string",
IkeIntegrityAlgorithm = "string",
IntegrityAlgorithm = "string",
PfsGroup = "string",
SaDataSizeKb = 0,
SaLifetimeSec = 0,
},
},
BandwidthMbps = 0,
ConnectionMode = "string",
PolicyBasedTrafficSelectorEnabled = false,
Protocol = "string",
RatelimitEnabled = false,
RouteWeight = 0,
SharedKey = "string",
BgpEnabled = false,
},
},
InternetSecurityEnabled = false,
Name = "string",
Routings = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionRoutingArgs
{
AssociatedRouteTable = "string",
PropagatedRouteTable = new Azure.Network.Inputs.VpnGatewayConnectionRoutingPropagatedRouteTableArgs
{
RouteTableIds = new[]
{
"string",
},
Labels = new[]
{
"string",
},
},
},
},
TrafficSelectorPolicies = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionTrafficSelectorPolicyArgs
{
LocalAddressRanges = new[]
{
"string",
},
RemoteAddressRanges = new[]
{
"string",
},
},
},
});
example, err := network.NewVpnGatewayConnection(ctx, "vpnGatewayConnectionResource", &network.VpnGatewayConnectionArgs{
RemoteVpnSiteId: pulumi.String("string"),
VpnGatewayId: pulumi.String("string"),
VpnLinks: network.VpnGatewayConnectionVpnLinkArray{
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("string"),
VpnSiteLinkId: pulumi.String("string"),
LocalAzureIpAddressEnabled: pulumi.Bool(false),
EgressNatRuleIds: pulumi.StringArray{
pulumi.String("string"),
},
IngressNatRuleIds: pulumi.StringArray{
pulumi.String("string"),
},
IpsecPolicies: network.VpnGatewayConnectionVpnLinkIpsecPolicyArray{
&network.VpnGatewayConnectionVpnLinkIpsecPolicyArgs{
DhGroup: pulumi.String("string"),
EncryptionAlgorithm: pulumi.String("string"),
IkeEncryptionAlgorithm: pulumi.String("string"),
IkeIntegrityAlgorithm: pulumi.String("string"),
IntegrityAlgorithm: pulumi.String("string"),
PfsGroup: pulumi.String("string"),
SaDataSizeKb: pulumi.Int(0),
SaLifetimeSec: pulumi.Int(0),
},
},
BandwidthMbps: pulumi.Int(0),
ConnectionMode: pulumi.String("string"),
PolicyBasedTrafficSelectorEnabled: pulumi.Bool(false),
Protocol: pulumi.String("string"),
RatelimitEnabled: pulumi.Bool(false),
RouteWeight: pulumi.Int(0),
SharedKey: pulumi.String("string"),
BgpEnabled: pulumi.Bool(false),
},
},
InternetSecurityEnabled: pulumi.Bool(false),
Name: pulumi.String("string"),
Routings: network.VpnGatewayConnectionRoutingArray{
&network.VpnGatewayConnectionRoutingArgs{
AssociatedRouteTable: pulumi.String("string"),
PropagatedRouteTable: &network.VpnGatewayConnectionRoutingPropagatedRouteTableArgs{
RouteTableIds: pulumi.StringArray{
pulumi.String("string"),
},
Labels: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
TrafficSelectorPolicies: network.VpnGatewayConnectionTrafficSelectorPolicyArray{
&network.VpnGatewayConnectionTrafficSelectorPolicyArgs{
LocalAddressRanges: pulumi.StringArray{
pulumi.String("string"),
},
RemoteAddressRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
})
var vpnGatewayConnectionResource = new VpnGatewayConnection("vpnGatewayConnectionResource", VpnGatewayConnectionArgs.builder()
.remoteVpnSiteId("string")
.vpnGatewayId("string")
.vpnLinks(VpnGatewayConnectionVpnLinkArgs.builder()
.name("string")
.vpnSiteLinkId("string")
.localAzureIpAddressEnabled(false)
.egressNatRuleIds("string")
.ingressNatRuleIds("string")
.ipsecPolicies(VpnGatewayConnectionVpnLinkIpsecPolicyArgs.builder()
.dhGroup("string")
.encryptionAlgorithm("string")
.ikeEncryptionAlgorithm("string")
.ikeIntegrityAlgorithm("string")
.integrityAlgorithm("string")
.pfsGroup("string")
.saDataSizeKb(0)
.saLifetimeSec(0)
.build())
.bandwidthMbps(0)
.connectionMode("string")
.policyBasedTrafficSelectorEnabled(false)
.protocol("string")
.ratelimitEnabled(false)
.routeWeight(0)
.sharedKey("string")
.bgpEnabled(false)
.build())
.internetSecurityEnabled(false)
.name("string")
.routings(VpnGatewayConnectionRoutingArgs.builder()
.associatedRouteTable("string")
.propagatedRouteTable(VpnGatewayConnectionRoutingPropagatedRouteTableArgs.builder()
.routeTableIds("string")
.labels("string")
.build())
.build())
.trafficSelectorPolicies(VpnGatewayConnectionTrafficSelectorPolicyArgs.builder()
.localAddressRanges("string")
.remoteAddressRanges("string")
.build())
.build());
vpn_gateway_connection_resource = azure.network.VpnGatewayConnection("vpnGatewayConnectionResource",
remote_vpn_site_id="string",
vpn_gateway_id="string",
vpn_links=[{
"name": "string",
"vpn_site_link_id": "string",
"local_azure_ip_address_enabled": False,
"egress_nat_rule_ids": ["string"],
"ingress_nat_rule_ids": ["string"],
"ipsec_policies": [{
"dh_group": "string",
"encryption_algorithm": "string",
"ike_encryption_algorithm": "string",
"ike_integrity_algorithm": "string",
"integrity_algorithm": "string",
"pfs_group": "string",
"sa_data_size_kb": 0,
"sa_lifetime_sec": 0,
}],
"bandwidth_mbps": 0,
"connection_mode": "string",
"policy_based_traffic_selector_enabled": False,
"protocol": "string",
"ratelimit_enabled": False,
"route_weight": 0,
"shared_key": "string",
"bgp_enabled": False,
}],
internet_security_enabled=False,
name="string",
routings=[{
"associated_route_table": "string",
"propagated_route_table": {
"route_table_ids": ["string"],
"labels": ["string"],
},
}],
traffic_selector_policies=[{
"local_address_ranges": ["string"],
"remote_address_ranges": ["string"],
}])
const vpnGatewayConnectionResource = new azure.network.VpnGatewayConnection("vpnGatewayConnectionResource", {
remoteVpnSiteId: "string",
vpnGatewayId: "string",
vpnLinks: [{
name: "string",
vpnSiteLinkId: "string",
localAzureIpAddressEnabled: false,
egressNatRuleIds: ["string"],
ingressNatRuleIds: ["string"],
ipsecPolicies: [{
dhGroup: "string",
encryptionAlgorithm: "string",
ikeEncryptionAlgorithm: "string",
ikeIntegrityAlgorithm: "string",
integrityAlgorithm: "string",
pfsGroup: "string",
saDataSizeKb: 0,
saLifetimeSec: 0,
}],
bandwidthMbps: 0,
connectionMode: "string",
policyBasedTrafficSelectorEnabled: false,
protocol: "string",
ratelimitEnabled: false,
routeWeight: 0,
sharedKey: "string",
bgpEnabled: false,
}],
internetSecurityEnabled: false,
name: "string",
routings: [{
associatedRouteTable: "string",
propagatedRouteTable: {
routeTableIds: ["string"],
labels: ["string"],
},
}],
trafficSelectorPolicies: [{
localAddressRanges: ["string"],
remoteAddressRanges: ["string"],
}],
});
type: azure:network:VpnGatewayConnection
properties:
internetSecurityEnabled: false
name: string
remoteVpnSiteId: string
routings:
- associatedRouteTable: string
propagatedRouteTable:
labels:
- string
routeTableIds:
- string
trafficSelectorPolicies:
- localAddressRanges:
- string
remoteAddressRanges:
- string
vpnGatewayId: string
vpnLinks:
- bandwidthMbps: 0
bgpEnabled: false
connectionMode: string
egressNatRuleIds:
- string
ingressNatRuleIds:
- string
ipsecPolicies:
- dhGroup: string
encryptionAlgorithm: string
ikeEncryptionAlgorithm: string
ikeIntegrityAlgorithm: string
integrityAlgorithm: string
pfsGroup: string
saDataSizeKb: 0
saLifetimeSec: 0
localAzureIpAddressEnabled: false
name: string
policyBasedTrafficSelectorEnabled: false
protocol: string
ratelimitEnabled: false
routeWeight: 0
sharedKey: string
vpnSiteLinkId: string
VpnGatewayConnection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VpnGatewayConnection resource accepts the following input properties:
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below. - Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Routings
List<Vpn
Gateway Connection Routing> - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below.
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links []VpnGateway Connection Vpn Link Args - One or more
vpn_linkblocks as defined below. - Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Routings
[]Vpn
Gateway Connection Routing Args - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector []VpnPolicies Gateway Connection Traffic Selector Policy Args - One or more
traffic_selector_policyblocks as defined below.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below. - internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routings
List<Vpn
Gateway Connection Routing> - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below.
- remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links VpnGateway Connection Vpn Link[] - One or more
vpn_linkblocks as defined below. - internet
Security booleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routings
Vpn
Gateway Connection Routing[] - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector VpnPolicies Gateway Connection Traffic Selector Policy[] - One or more
traffic_selector_policyblocks as defined below.
- remote_
vpn_ strsite_ id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
gateway_ strid - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
links Sequence[VpnGateway Connection Vpn Link Args] - One or more
vpn_linkblocks as defined below. - internet_
security_ boolenabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name str
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routings
Sequence[Vpn
Gateway Connection Routing Args] - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic_
selector_ Sequence[Vpnpolicies Gateway Connection Traffic Selector Policy Args] - One or more
traffic_selector_policyblocks as defined below.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<Property Map> - One or more
vpn_linkblocks as defined below. - internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routings List<Property Map>
- A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<Property Map>Policies - One or more
traffic_selector_policyblocks as defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the VpnGatewayConnection resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing VpnGatewayConnection Resource
Get an existing VpnGatewayConnection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpnGatewayConnectionState, opts?: CustomResourceOptions): VpnGatewayConnection@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
internet_security_enabled: Optional[bool] = None,
name: Optional[str] = None,
remote_vpn_site_id: Optional[str] = None,
routings: Optional[Sequence[VpnGatewayConnectionRoutingArgs]] = None,
traffic_selector_policies: Optional[Sequence[VpnGatewayConnectionTrafficSelectorPolicyArgs]] = None,
vpn_gateway_id: Optional[str] = None,
vpn_links: Optional[Sequence[VpnGatewayConnectionVpnLinkArgs]] = None) -> VpnGatewayConnectionfunc GetVpnGatewayConnection(ctx *Context, name string, id IDInput, state *VpnGatewayConnectionState, opts ...ResourceOption) (*VpnGatewayConnection, error)public static VpnGatewayConnection Get(string name, Input<string> id, VpnGatewayConnectionState? state, CustomResourceOptions? opts = null)public static VpnGatewayConnection get(String name, Output<String> id, VpnGatewayConnectionState state, CustomResourceOptions options)resources: _: type: azure:network:VpnGatewayConnection get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Routings
List<Vpn
Gateway Connection Routing> - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below. - Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below.
- Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Routings
[]Vpn
Gateway Connection Routing Args - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector []VpnPolicies Gateway Connection Traffic Selector Policy Args - One or more
traffic_selector_policyblocks as defined below. - Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links []VpnGateway Connection Vpn Link Args - One or more
vpn_linkblocks as defined below.
- internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routings
List<Vpn
Gateway Connection Routing> - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below. - vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below.
- internet
Security booleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routings
Vpn
Gateway Connection Routing[] - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector VpnPolicies Gateway Connection Traffic Selector Policy[] - One or more
traffic_selector_policyblocks as defined below. - vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links VpnGateway Connection Vpn Link[] - One or more
vpn_linkblocks as defined below.
- internet_
security_ boolenabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name str
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote_
vpn_ strsite_ id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routings
Sequence[Vpn
Gateway Connection Routing Args] - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic_
selector_ Sequence[Vpnpolicies Gateway Connection Traffic Selector Policy Args] - One or more
traffic_selector_policyblocks as defined below. - vpn_
gateway_ strid - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
links Sequence[VpnGateway Connection Vpn Link Args] - One or more
vpn_linkblocks as defined below.
- internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routings List<Property Map>
- A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<Property Map>Policies - One or more
traffic_selector_policyblocks as defined below. - vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<Property Map> - One or more
vpn_linkblocks as defined below.
Supporting Types
VpnGatewayConnectionRouting, VpnGatewayConnectionRoutingArgs
- Associated
Route stringTable - The ID of the Route Table associated with this VPN Connection.
- Propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below. - Propagated
Route List<string>Tables
- Associated
Route stringTable - The ID of the Route Table associated with this VPN Connection.
- Propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below. - Propagated
Route []stringTables
- associated
Route StringTable - The ID of the Route Table associated with this VPN Connection.
- propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below. - propagated
Route List<String>Tables
- associated
Route stringTable - The ID of the Route Table associated with this VPN Connection.
- propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below. - propagated
Route string[]Tables
- associated_
route_ strtable - The ID of the Route Table associated with this VPN Connection.
- propagated_
route_ Vpntable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below. - propagated_
route_ Sequence[str]tables
- associated
Route StringTable - The ID of the Route Table associated with this VPN Connection.
- propagated
Route Property MapTable - A
propagated_route_tableblock as defined below. - propagated
Route List<String>Tables
VpnGatewayConnectionRoutingPropagatedRouteTable, VpnGatewayConnectionRoutingPropagatedRouteTableArgs
- Route
Table List<string>Ids - A list of Route Table ID's to associated with this VPN Gateway Connection.
- Labels List<string>
- A list of labels to assign to this route table.
- Route
Table []stringIds - A list of Route Table ID's to associated with this VPN Gateway Connection.
- Labels []string
- A list of labels to assign to this route table.
- route
Table List<String>Ids - A list of Route Table ID's to associated with this VPN Gateway Connection.
- labels List<String>
- A list of labels to assign to this route table.
- route
Table string[]Ids - A list of Route Table ID's to associated with this VPN Gateway Connection.
- labels string[]
- A list of labels to assign to this route table.
- route_
table_ Sequence[str]ids - A list of Route Table ID's to associated with this VPN Gateway Connection.
- labels Sequence[str]
- A list of labels to assign to this route table.
- route
Table List<String>Ids - A list of Route Table ID's to associated with this VPN Gateway Connection.
- labels List<String>
- A list of labels to assign to this route table.
VpnGatewayConnectionTrafficSelectorPolicy, VpnGatewayConnectionTrafficSelectorPolicyArgs
- Local
Address List<string>Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- Remote
Address List<string>Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- Local
Address []stringRanges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- Remote
Address []stringRanges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address List<String>Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address List<String>Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address string[]Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address string[]Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local_
address_ Sequence[str]ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote_
address_ Sequence[str]ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address List<String>Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address List<String>Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
VpnGatewayConnectionVpnLink, VpnGatewayConnectionVpnLinkArgs
- Name string
- The name which should be used for this VPN Link Connection.
- Vpn
Site stringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- Bandwidth
Mbps int - The expected connection bandwidth in MBPS. Defaults to
10. - Bgp
Enabled bool - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - Connection
Mode string - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - Egress
Nat List<string>Rule Ids - A list of the egress Nat Rule Ids.
- Ingress
Nat List<string>Rule Ids - A list of the ingress Nat Rule Ids.
- Ipsec
Policies List<VpnGateway Connection Vpn Link Ipsec Policy> - One or more
ipsec_policyblocks as defined above. - Local
Azure boolIp Address Enabled - Whether to use local azure ip to initiate connection? Defaults to
false. - Policy
Based boolTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - Protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - Ratelimit
Enabled bool - Should the rate limit be enabled? Defaults to
false. - Route
Weight int - Routing weight for this VPN Link Connection. Defaults to
0. - string
- SharedKey for this VPN Link Connection.
- Name string
- The name which should be used for this VPN Link Connection.
- Vpn
Site stringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- Bandwidth
Mbps int - The expected connection bandwidth in MBPS. Defaults to
10. - Bgp
Enabled bool - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - Connection
Mode string - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - Egress
Nat []stringRule Ids - A list of the egress Nat Rule Ids.
- Ingress
Nat []stringRule Ids - A list of the ingress Nat Rule Ids.
- Ipsec
Policies []VpnGateway Connection Vpn Link Ipsec Policy - One or more
ipsec_policyblocks as defined above. - Local
Azure boolIp Address Enabled - Whether to use local azure ip to initiate connection? Defaults to
false. - Policy
Based boolTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - Protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - Ratelimit
Enabled bool - Should the rate limit be enabled? Defaults to
false. - Route
Weight int - Routing weight for this VPN Link Connection. Defaults to
0. - string
- SharedKey for this VPN Link Connection.
- name String
- The name which should be used for this VPN Link Connection.
- vpn
Site StringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps Integer - The expected connection bandwidth in MBPS. Defaults to
10. - bgp
Enabled Boolean - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode String - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - egress
Nat List<String>Rule Ids - A list of the egress Nat Rule Ids.
- ingress
Nat List<String>Rule Ids - A list of the ingress Nat Rule Ids.
- ipsec
Policies List<VpnGateway Connection Vpn Link Ipsec Policy> - One or more
ipsec_policyblocks as defined above. - local
Azure BooleanIp Address Enabled - Whether to use local azure ip to initiate connection? Defaults to
false. - policy
Based BooleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol String
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit
Enabled Boolean - Should the rate limit be enabled? Defaults to
false. - route
Weight Integer - Routing weight for this VPN Link Connection. Defaults to
0. - String
- SharedKey for this VPN Link Connection.
- name string
- The name which should be used for this VPN Link Connection.
- vpn
Site stringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps number - The expected connection bandwidth in MBPS. Defaults to
10. - bgp
Enabled boolean - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode string - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - egress
Nat string[]Rule Ids - A list of the egress Nat Rule Ids.
- ingress
Nat string[]Rule Ids - A list of the ingress Nat Rule Ids.
- ipsec
Policies VpnGateway Connection Vpn Link Ipsec Policy[] - One or more
ipsec_policyblocks as defined above. - local
Azure booleanIp Address Enabled - Whether to use local azure ip to initiate connection? Defaults to
false. - policy
Based booleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit
Enabled boolean - Should the rate limit be enabled? Defaults to
false. - route
Weight number - Routing weight for this VPN Link Connection. Defaults to
0. - string
- SharedKey for this VPN Link Connection.
- name str
- The name which should be used for this VPN Link Connection.
- vpn_
site_ strlink_ id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth_
mbps int - The expected connection bandwidth in MBPS. Defaults to
10. - bgp_
enabled bool - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection_
mode str - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - egress_
nat_ Sequence[str]rule_ ids - A list of the egress Nat Rule Ids.
- ingress_
nat_ Sequence[str]rule_ ids - A list of the ingress Nat Rule Ids.
- ipsec_
policies Sequence[VpnGateway Connection Vpn Link Ipsec Policy] - One or more
ipsec_policyblocks as defined above. - local_
azure_ boolip_ address_ enabled - Whether to use local azure ip to initiate connection? Defaults to
false. - policy_
based_ booltraffic_ selector_ enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol str
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit_
enabled bool - Should the rate limit be enabled? Defaults to
false. - route_
weight int - Routing weight for this VPN Link Connection. Defaults to
0. - str
- SharedKey for this VPN Link Connection.
- name String
- The name which should be used for this VPN Link Connection.
- vpn
Site StringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps Number - The expected connection bandwidth in MBPS. Defaults to
10. - bgp
Enabled Boolean - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode String - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - egress
Nat List<String>Rule Ids - A list of the egress Nat Rule Ids.
- ingress
Nat List<String>Rule Ids - A list of the ingress Nat Rule Ids.
- ipsec
Policies List<Property Map> - One or more
ipsec_policyblocks as defined above. - local
Azure BooleanIp Address Enabled - Whether to use local azure ip to initiate connection? Defaults to
false. - policy
Based BooleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol String
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit
Enabled Boolean - Should the rate limit be enabled? Defaults to
false. - route
Weight Number - Routing weight for this VPN Link Connection. Defaults to
0. - String
- SharedKey for this VPN Link Connection.
VpnGatewayConnectionVpnLinkIpsecPolicy, VpnGatewayConnectionVpnLinkIpsecPolicyArgs
- Dh
Group string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - Encryption
Algorithm string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - Ike
Encryption stringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - Ike
Integrity stringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - Integrity
Algorithm string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - Pfs
Group string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - Sa
Data intSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- Sa
Lifetime intSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- Dh
Group string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - Encryption
Algorithm string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - Ike
Encryption stringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - Ike
Integrity stringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - Integrity
Algorithm string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - Pfs
Group string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - Sa
Data intSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- Sa
Lifetime intSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group String - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption
Algorithm String - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike
Encryption StringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike
Integrity StringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity
Algorithm String - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs
Group String - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa
Data IntegerSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime IntegerSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption
Algorithm string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike
Encryption stringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike
Integrity stringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity
Algorithm string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs
Group string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa
Data numberSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime numberSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh_
group str - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption_
algorithm str - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike_
encryption_ stralgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike_
integrity_ stralgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity_
algorithm str - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs_
group str - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa_
data_ intsize_ kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa_
lifetime_ intsec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group String - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption
Algorithm String - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike
Encryption StringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike
Integrity StringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity
Algorithm String - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs
Group String - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa
Data NumberSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime NumberSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
Import
VPN Gateway Connections can be imported using the resource id, e.g.
$ pulumi import azure:network/vpnGatewayConnection:VpnGatewayConnection example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/conn1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.
We recommend using Azure Native.
Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
