Module vpn_connection

Expand description

Manages a Site-to-Site VPN connection. A Site-to-Site VPN connection is an Internet Protocol security (IPsec) VPN connection between a VPC and an on-premises network. Any new Site-to-Site VPN connection that you create is an AWS VPN connection.

Note: The CIDR blocks in the arguments tunnel1_inside_cidr and tunnel2_inside_cidr must have a prefix of /30 and be a part of a specific range. Read more about this in the AWS documentation.

§Example Usage

§EC2 Transit Gateway

resources:
  example:
    type: aws:ec2transitgateway:TransitGateway
  exampleCustomerGateway:
    type: aws:ec2:CustomerGateway
    name: example
    properties:
      bgpAsn: 65000
      ipAddress: 172.0.0.1
      type: ipsec.1
  exampleVpnConnection:
    type: aws:ec2:VpnConnection
    name: example
    properties:
      customerGatewayId: ${exampleCustomerGateway.id}
      transitGatewayId: ${example.id}
      type: ${exampleCustomerGateway.type}

§Virtual Private Gateway

resources:
  vpc:
    type: aws:ec2:Vpc
    properties:
      cidrBlock: 10.0.0.0/16
  vpnGateway:
    type: aws:ec2:VpnGateway
    name: vpn_gateway
    properties:
      vpcId: ${vpc.id}
  customerGateway:
    type: aws:ec2:CustomerGateway
    name: customer_gateway
    properties:
      bgpAsn: 65000
      ipAddress: 172.0.0.1
      type: ipsec.1
  main:
    type: aws:ec2:VpnConnection
    properties:
      vpnGatewayId: ${vpnGateway.id}
      customerGatewayId: ${customerGateway.id}
      type: ipsec.1
      staticRoutesOnly: true

§AWS Site to Site Private VPN

resources:
  exampleGateway:
    type: aws:directconnect:Gateway
    name: example
    properties:
      name: example_ipsec_vpn_example
      amazonSideAsn: '64512'
  exampleTransitGateway:
    type: aws:ec2transitgateway:TransitGateway
    name: example
    properties:
      amazonSideAsn: '64513'
      description: example_ipsec_vpn_example
      transitGatewayCidrBlocks:
        - 10.0.0.0/24
  exampleCustomerGateway:
    type: aws:ec2:CustomerGateway
    name: example
    properties:
      bgpAsn: 64514
      ipAddress: 10.0.0.1
      type: ipsec.1
      tags:
        Name: example_ipsec_vpn_example
  exampleGatewayAssociation:
    type: aws:directconnect:GatewayAssociation
    name: example
    properties:
      dxGatewayId: ${exampleGateway.id}
      associatedGatewayId: ${exampleTransitGateway.id}
      allowedPrefixes:
        - 10.0.0.0/8
  exampleVpnConnection:
    type: aws:ec2:VpnConnection
    name: example
    properties:
      customerGatewayId: ${exampleCustomerGateway.id}
      outsideIpAddressType: PrivateIpv4
      transitGatewayId: ${exampleTransitGateway.id}
      transportTransitGatewayAttachmentId: ${example.id}
      type: ipsec.1
      tags:
        Name: example_ipsec_vpn_example
variables:
  example:
    fn::invoke:
      function: aws:ec2transitgateway:getDirectConnectGatewayAttachment
      arguments:
        transitGatewayId: ${exampleTransitGateway.id}
        dxGatewayId: ${exampleGateway.id}

§Import

Using pulumi import, import VPN Connections using the VPN connection id. For example:

$ pulumi import aws:ec2/vpnConnection:VpnConnection testvpnconnection vpn-40f41529

Structs§

VpnConnectionArgs
VpnConnectionArgsBuilder
Use builder syntax to set the inputs and finish with build_struct().
VpnConnectionResult

Functions§

create
Registers a new resource with the given unique name and arguments

Module vpn_connectionCopy item path