pub struct VpnConnectionResult {Show 72 fields
pub arn: Output<String>,
pub core_network_arn: Output<String>,
pub core_network_attachment_arn: Output<String>,
pub customer_gateway_configuration: Output<String>,
pub customer_gateway_id: Output<String>,
pub enable_acceleration: Output<bool>,
pub local_ipv4_network_cidr: Output<String>,
pub local_ipv6_network_cidr: Output<String>,
pub outside_ip_address_type: Output<String>,
pub remote_ipv4_network_cidr: Output<String>,
pub remote_ipv6_network_cidr: Output<String>,
pub routes: Output<Vec<VpnConnectionRoute>>,
pub static_routes_only: Output<bool>,
pub tags: Output<Option<HashMap<String, String>>>,
pub tags_all: Output<HashMap<String, String>>,
pub transit_gateway_attachment_id: Output<String>,
pub transit_gateway_id: Output<Option<String>>,
pub transport_transit_gateway_attachment_id: Output<Option<String>>,
pub tunnel1_address: Output<String>,
pub tunnel1_bgp_asn: Output<String>,
pub tunnel1_bgp_holdtime: Output<i32>,
pub tunnel1_cgw_inside_address: Output<String>,
pub tunnel1_dpd_timeout_action: Output<Option<String>>,
pub tunnel1_dpd_timeout_seconds: Output<Option<i32>>,
pub tunnel1_enable_tunnel_lifecycle_control: Output<Option<bool>>,
pub tunnel1_ike_versions: Output<Option<Vec<String>>>,
pub tunnel1_inside_cidr: Output<String>,
pub tunnel1_inside_ipv6_cidr: Output<String>,
pub tunnel1_log_options: Output<VpnConnectionTunnel1LogOptions>,
pub tunnel1_phase1_dh_group_numbers: Output<Option<Vec<i32>>>,
pub tunnel1_phase1_encryption_algorithms: Output<Option<Vec<String>>>,
pub tunnel1_phase1_integrity_algorithms: Output<Option<Vec<String>>>,
pub tunnel1_phase1_lifetime_seconds: Output<Option<i32>>,
pub tunnel1_phase2_dh_group_numbers: Output<Option<Vec<i32>>>,
pub tunnel1_phase2_encryption_algorithms: Output<Option<Vec<String>>>,
pub tunnel1_phase2_integrity_algorithms: Output<Option<Vec<String>>>,
pub tunnel1_phase2_lifetime_seconds: Output<Option<i32>>,
pub tunnel1_preshared_key: Output<String>,
pub tunnel1_rekey_fuzz_percentage: Output<Option<i32>>,
pub tunnel1_rekey_margin_time_seconds: Output<Option<i32>>,
pub tunnel1_replay_window_size: Output<Option<i32>>,
pub tunnel1_startup_action: Output<Option<String>>,
pub tunnel1_vgw_inside_address: Output<String>,
pub tunnel2_address: Output<String>,
pub tunnel2_bgp_asn: Output<String>,
pub tunnel2_bgp_holdtime: Output<i32>,
pub tunnel2_cgw_inside_address: Output<String>,
pub tunnel2_dpd_timeout_action: Output<Option<String>>,
pub tunnel2_dpd_timeout_seconds: Output<Option<i32>>,
pub tunnel2_enable_tunnel_lifecycle_control: Output<Option<bool>>,
pub tunnel2_ike_versions: Output<Option<Vec<String>>>,
pub tunnel2_inside_cidr: Output<String>,
pub tunnel2_inside_ipv6_cidr: Output<String>,
pub tunnel2_log_options: Output<VpnConnectionTunnel2LogOptions>,
pub tunnel2_phase1_dh_group_numbers: Output<Option<Vec<i32>>>,
pub tunnel2_phase1_encryption_algorithms: Output<Option<Vec<String>>>,
pub tunnel2_phase1_integrity_algorithms: Output<Option<Vec<String>>>,
pub tunnel2_phase1_lifetime_seconds: Output<Option<i32>>,
pub tunnel2_phase2_dh_group_numbers: Output<Option<Vec<i32>>>,
pub tunnel2_phase2_encryption_algorithms: Output<Option<Vec<String>>>,
pub tunnel2_phase2_integrity_algorithms: Output<Option<Vec<String>>>,
pub tunnel2_phase2_lifetime_seconds: Output<Option<i32>>,
pub tunnel2_preshared_key: Output<String>,
pub tunnel2_rekey_fuzz_percentage: Output<Option<i32>>,
pub tunnel2_rekey_margin_time_seconds: Output<Option<i32>>,
pub tunnel2_replay_window_size: Output<Option<i32>>,
pub tunnel2_startup_action: Output<Option<String>>,
pub tunnel2_vgw_inside_address: Output<String>,
pub tunnel_inside_ip_version: Output<String>,
pub type_: Output<String>,
pub vgw_telemetries: Output<Vec<VpnConnectionVgwTelemetry>>,
pub vpn_gateway_id: Output<Option<String>>,
}Fields§
§arn: Output<String>Amazon Resource Name (ARN) of the VPN Connection.
core_network_arn: Output<String>The ARN of the core network.
core_network_attachment_arn: Output<String>The ARN of the core network attachment.
customer_gateway_configuration: Output<String>The configuration information for the VPN connection’s customer gateway (in the native XML format).
customer_gateway_id: Output<String>The ID of the customer gateway.
enable_acceleration: Output<bool>Indicate whether to enable acceleration for the VPN connection. Supports only EC2 Transit Gateway.
local_ipv4_network_cidr: Output<String>The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.
local_ipv6_network_cidr: Output<String>The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.
outside_ip_address_type: Output<String>Indicates if a Public S2S VPN or Private S2S VPN over AWS Direct Connect. Valid values are PublicIpv4 | PrivateIpv4
remote_ipv4_network_cidr: Output<String>The IPv4 CIDR on the AWS side of the VPN connection.
remote_ipv6_network_cidr: Output<String>The IPv6 CIDR on the AWS side of the VPN connection.
routes: Output<Vec<VpnConnectionRoute>>The static routes associated with the VPN connection. Detailed below.
static_routes_only: Output<bool>Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
Tags to apply to the connection. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
transit_gateway_attachment_id: Output<String>When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID. See also the aws.ec2.Tag resource for tagging the EC2 Transit Gateway VPN Attachment.
transit_gateway_id: Output<Option<String>>The ID of the EC2 Transit Gateway.
transport_transit_gateway_attachment_id: Output<Option<String>>. The attachment ID of the Transit Gateway attachment to Direct Connect Gateway. The ID is obtained through a data source only.
tunnel1_address: Output<String>The public IP address of the first VPN tunnel.
tunnel1_bgp_asn: Output<String>The bgp asn number of the first VPN tunnel.
tunnel1_bgp_holdtime: Output<i32>The bgp holdtime of the first VPN tunnel.
tunnel1_cgw_inside_address: Output<String>The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
tunnel1_dpd_timeout_action: Output<Option<String>>The action to take after DPD timeout occurs for the first VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are clear | none | restart.
tunnel1_dpd_timeout_seconds: Output<Option<i32>>The number of seconds after which a DPD timeout occurs for the first VPN tunnel. Valid value is equal or higher than 30.
tunnel1_enable_tunnel_lifecycle_control: Output<Option<bool>>Turn on or off tunnel endpoint lifecycle control feature for the first VPN tunnel. Valid values are true | false.
tunnel1_ike_versions: Output<Option<Vec<String>>>The IKE versions that are permitted for the first VPN tunnel. Valid values are ikev1 | ikev2.
tunnel1_inside_cidr: Output<String>The CIDR block of the inside IP addresses for the first VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.
tunnel1_inside_ipv6_cidr: Output<String>The range of inside IPv6 addresses for the first VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.
tunnel1_log_options: Output<VpnConnectionTunnel1LogOptions>Options for logging VPN tunnel activity. See Log Options below for more details.
tunnel1_phase1_dh_group_numbers: Output<Option<Vec<i32>>>List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24.
tunnel1_phase1_encryption_algorithms: Output<Option<Vec<String>>>List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16.
tunnel1_phase1_integrity_algorithms: Output<Option<Vec<String>>>One or more integrity algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512.
tunnel1_phase1_lifetime_seconds: Output<Option<i32>>The lifetime for phase 1 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between 900 and 28800.
tunnel1_phase2_dh_group_numbers: Output<Option<Vec<i32>>>List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24.
tunnel1_phase2_encryption_algorithms: Output<Option<Vec<String>>>List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16.
tunnel1_phase2_integrity_algorithms: Output<Option<Vec<String>>>List of one or more integrity algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512.
tunnel1_phase2_lifetime_seconds: Output<Option<i32>>The lifetime for phase 2 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between 900 and 3600.
The preshared key of the first VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).
tunnel1_rekey_fuzz_percentage: Output<Option<i32>>The percentage of the rekey window for the first VPN tunnel (determined by tunnel1_rekey_margin_time_seconds) during which the rekey time is randomly selected. Valid value is between 0 and 100.
tunnel1_rekey_margin_time_seconds: Output<Option<i32>>The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the first VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for tunnel1_rekey_fuzz_percentage. Valid value is between 60 and half of tunnel1_phase2_lifetime_seconds.
tunnel1_replay_window_size: Output<Option<i32>>The number of packets in an IKE replay window for the first VPN tunnel. Valid value is between 64 and 2048.
tunnel1_startup_action: Output<Option<String>>The action to take when the establishing the tunnel for the first VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are add | start.
tunnel1_vgw_inside_address: Output<String>The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
tunnel2_address: Output<String>The public IP address of the second VPN tunnel.
tunnel2_bgp_asn: Output<String>The bgp asn number of the second VPN tunnel.
tunnel2_bgp_holdtime: Output<i32>The bgp holdtime of the second VPN tunnel.
tunnel2_cgw_inside_address: Output<String>The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
tunnel2_dpd_timeout_action: Output<Option<String>>The action to take after DPD timeout occurs for the second VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are clear | none | restart.
tunnel2_dpd_timeout_seconds: Output<Option<i32>>The number of seconds after which a DPD timeout occurs for the second VPN tunnel. Valid value is equal or higher than 30.
tunnel2_enable_tunnel_lifecycle_control: Output<Option<bool>>Turn on or off tunnel endpoint lifecycle control feature for the second VPN tunnel. Valid values are true | false.
tunnel2_ike_versions: Output<Option<Vec<String>>>The IKE versions that are permitted for the second VPN tunnel. Valid values are ikev1 | ikev2.
tunnel2_inside_cidr: Output<String>The CIDR block of the inside IP addresses for the second VPN tunnel. Valid value is a size /30 CIDR block from the 169.254.0.0/16 range.
tunnel2_inside_ipv6_cidr: Output<String>The range of inside IPv6 addresses for the second VPN tunnel. Supports only EC2 Transit Gateway. Valid value is a size /126 CIDR block from the local fd00::/8 range.
tunnel2_log_options: Output<VpnConnectionTunnel2LogOptions>Options for logging VPN tunnel activity. See Log Options below for more details.
tunnel2_phase1_dh_group_numbers: Output<Option<Vec<i32>>>List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24.
tunnel2_phase1_encryption_algorithms: Output<Option<Vec<String>>>List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16.
tunnel2_phase1_integrity_algorithms: Output<Option<Vec<String>>>One or more integrity algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512.
tunnel2_phase1_lifetime_seconds: Output<Option<i32>>The lifetime for phase 1 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between 900 and 28800.
tunnel2_phase2_dh_group_numbers: Output<Option<Vec<i32>>>List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24.
tunnel2_phase2_encryption_algorithms: Output<Option<Vec<String>>>List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16.
tunnel2_phase2_integrity_algorithms: Output<Option<Vec<String>>>List of one or more integrity algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512.
tunnel2_phase2_lifetime_seconds: Output<Option<i32>>The lifetime for phase 2 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between 900 and 3600.
The preshared key of the second VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_).
tunnel2_rekey_fuzz_percentage: Output<Option<i32>>The percentage of the rekey window for the second VPN tunnel (determined by tunnel2_rekey_margin_time_seconds) during which the rekey time is randomly selected. Valid value is between 0 and 100.
tunnel2_rekey_margin_time_seconds: Output<Option<i32>>The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for tunnel2_rekey_fuzz_percentage. Valid value is between 60 and half of tunnel2_phase2_lifetime_seconds.
tunnel2_replay_window_size: Output<Option<i32>>The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between 64 and 2048.
tunnel2_startup_action: Output<Option<String>>The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are add | start.
tunnel2_vgw_inside_address: Output<String>The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
tunnel_inside_ip_version: Output<String>Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are ipv4 | ipv6. ipv6 Supports only EC2 Transit Gateway.
type_: Output<String>The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
vgw_telemetries: Output<Vec<VpnConnectionVgwTelemetry>>Telemetry for the VPN tunnels. Detailed below.
vpn_gateway_id: Output<Option<String>>The ID of the Virtual Private Gateway.