Menu
Amazon Elastic Compute Cloud
API Reference (API Version 2016-11-15)

CreateVpnConnection

Creates a VPN connection between an existing virtual private gateway and a VPN customer gateway. The only supported connection type is ipsec.1.

The response includes information that you need to give to your network administrator to configure your customer gateway.

Important

We strongly recommend that you use HTTPS when calling this operation because the response contains sensitive cryptographic information for configuring your customer gateway.

If you decide to shut down your VPN connection for any reason and later create a new VPN connection, you must reconfigure your customer gateway with the new information returned from this call.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.

For more information about VPN connections, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide.

Request Parameters

The following parameters are for this specific action. For more information about required and optional parameters that are common to all actions, see Common Query Parameters.

CustomerGatewayId

The ID of the customer gateway.

Type: String

Required: Yes

DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Type: Boolean

Required: No

Options

Indicates whether the VPN connection requires static routes. If you are creating a VPN connection for a device that does not support BGP, you must specify true.

Default: false

Type: VpnConnectionOptionsSpecification object

Required: No

Type

The type of VPN connection (ipsec.1).

Type: String

Required: Yes

VpnGatewayId

The ID of the virtual private gateway.

Type: String

Required: Yes

Response Elements

The following elements are returned by the service.

requestId

The ID of the request.

Type: String

vpnConnection

Information about the VPN connection.

Type: VpnConnection object

Errors

For information about the errors that are common to all actions, see Common Errors.

Examples

Example 1

This example creates a VPN connection between the virtual private gateway with the ID vgw-8db04f81 and the customer gateway with the ID cgw-b4dc3961. The response includes configuration information for the customer gateway. Because it's a long set of information, we haven't included the complete response here. To see an example of the configuration information, see the Amazon Virtual Private Cloud Network Administrator Guide.

Sample Request

Copy
https://ec2.amazonaws.com/?Action=CreateVpnConnection &Type=ipsec.1 &CustomerGatewayId=cgw-b4dc3961 &VpnGatewayId=vgw-8db04f81 &AUTHPARAMS

Sample Response

Copy
<CreateVpnConnectionResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/"> <requestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</requestId> <vpnConnection> <vpnConnectionId>vpn-44a8938f</vpnConnectionId> <state>pending</state> <customerGatewayConfiguration> ...Customer gateway configuration data in escaped XML format... </customerGatewayConfiguration> <type>ipsec.1</type> <customerGatewayId>cgw-b4dc3961</customerGatewayId> <vpnGatewayId>vgw-8db04f81</vpnGatewayId> <tagSet/> </vpnConnection> </CreateVpnConnectionResponse>

Example 2

This example creates a VPN connection with the static routes option between the virtual private gateway with the ID vgw-8db04f81, and the customer gateway with the ID cgw-b4dc3961, for a device that does not support the Border Gateway Protocol (BGP). The response includes configuration information for the VPN connection's customer gateway. Because it's a long set of information, we haven't included the complete response here.

Sample Request

Copy
https://ec2.amazonaws.com/?Action=CreateVpnConnection &Type=ipsec.1 &CustomerGatewayId=cgw-b4dc3961 &VpnGatewayId=vgw-8db04f81 &Options.StaticRoutesOnly=true &AUTHPARAMS

Sample Response

Copy
<CreateVpnConnectionResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/"> <requestId>5cc7891f-1f3b-4fc4-a626-bdea8f63ff5a</requestId> <vpnConnection> <vpnConnectionId>vpn-83ad48ea</vpnConnectionId> <state>pending</state> <customerGatewayConfiguration> ...Customer gateway configuration data in escaped XML format... </customerGatewayConfiguration> <customerGatewayId>cgw-63ae4b0a</customerGatewayId> <vpnGatewayId>vgw-4ea04527</vpnGatewayId> <options> <staticRoutesOnly>true</staticRoutesOnly> </options> <routes/> </vpnConnection> </CreateVpnConnectionResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: