@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)", date="2023-05-19T23:09:26.198Z") @Stability(value=Stable) public interface ClientVpnEndpointOptions extends software.amazon.jsii.JsiiSerializable
Example:
ClientVpnEndpoint endpoint = vpc.addClientVpnEndpoint("Endpoint", ClientVpnEndpointOptions.builder() .cidr("10.100.0.0/16") .serverCertificateArn("arn:aws:acm:us-east-1:123456789012:certificate/server-certificate-id") .userBasedAuthentication(ClientVpnUserBasedAuthentication.federated(samlProvider)) .authorizeAllUsersToVpcCidr(false) .build()); endpoint.addAuthorizationRule("Rule", ClientVpnAuthorizationRuleOptions.builder() .cidr("10.0.10.0/32") .groupId("group-id") .build());
Modifier and Type | Interface and Description |
---|---|
static class |
ClientVpnEndpointOptions.Builder
A builder for
ClientVpnEndpointOptions |
static class |
ClientVpnEndpointOptions.Jsii$Proxy
An implementation for
ClientVpnEndpointOptions |
Modifier and Type | Method and Description |
---|---|
static ClientVpnEndpointOptions.Builder |
builder() |
default Boolean |
getAuthorizeAllUsersToVpcCidr()
Whether to authorize all users to the VPC CIDR.
|
String |
getCidr()
The IPv4 address range, in CIDR notation, from which to assign client IP addresses.
|
default String |
getClientCertificateArn()
The ARN of the client certificate for mutual authentication.
|
default IClientVpnConnectionHandler |
getClientConnectionHandler()
The AWS Lambda function used for connection authorization.
|
default String |
getClientLoginBanner()
Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established.
|
default String |
getDescription()
A brief description of the Client VPN endpoint.
|
default List<String> |
getDnsServers()
Information about the DNS servers to be used for DNS resolution.
|
default Boolean |
getLogging()
Whether to enable connections logging.
|
default ILogGroup |
getLogGroup()
A CloudWatch Logs log group for connection logging.
|
default ILogStream |
getLogStream()
A CloudWatch Logs log stream for connection logging.
|
default VpnPort |
getPort()
The port number to assign to the Client VPN endpoint for TCP and UDP traffic.
|
default List<ISecurityGroup> |
getSecurityGroups()
The security groups to apply to the target network.
|
default Boolean |
getSelfServicePortal()
Specify whether to enable the self-service portal for the Client VPN endpoint.
|
String |
getServerCertificateArn()
The ARN of the server certificate.
|
default ClientVpnSessionTimeout |
getSessionTimeout()
The maximum VPN session duration time.
|
default Boolean |
getSplitTunnel()
Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.
|
default TransportProtocol |
getTransportProtocol()
The transport protocol to be used by the VPN session.
|
default ClientVpnUserBasedAuthentication |
getUserBasedAuthentication()
The type of user-based authentication to use.
|
default SubnetSelection |
getVpcSubnets()
Subnets to associate to the client VPN endpoint.
|
@Stability(value=Stable) @NotNull String getCidr()
The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually.
Changing the address range will replace the Client VPN endpoint.
The CIDR block should be /22 or greater.
@Stability(value=Stable) @NotNull String getServerCertificateArn()
@Stability(value=Stable) @Nullable default Boolean getAuthorizeAllUsersToVpcCidr()
This automatically creates an authorization rule. Set this to false
and
use addAuthorizationRule()
to create your own rules instead.
Default: true
@Stability(value=Stable) @Nullable default String getClientCertificateArn()
The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).
Default: - use user-based authentication
@Stability(value=Stable) @Nullable default IClientVpnConnectionHandler getClientConnectionHandler()
The name of the Lambda function must begin with the AWSClientVPN-
prefix
Default: - no connection handler
@Stability(value=Stable) @Nullable default String getClientLoginBanner()
UTF-8 encoded characters only. Maximum of 1400 characters.
Default: - no banner is presented to the client
@Stability(value=Stable) @Nullable default String getDescription()
Default: - no description
@Stability(value=Stable) @Nullable default List<String> getDnsServers()
A Client VPN endpoint can have up to two DNS servers.
Default: - use the DNS address configured on the device
@Stability(value=Stable) @Nullable default Boolean getLogging()
Default: true
@Stability(value=Stable) @Nullable default ILogGroup getLogGroup()
Default: - a new group is created
@Stability(value=Stable) @Nullable default ILogStream getLogStream()
Default: - a new stream is created
@Stability(value=Stable) @Nullable default VpnPort getPort()
Default: VpnPort.HTTPS
@Stability(value=Stable) @Nullable default List<ISecurityGroup> getSecurityGroups()
Default: - a new security group is created
@Stability(value=Stable) @Nullable default Boolean getSelfServicePortal()
Default: true
@Stability(value=Stable) @Nullable default ClientVpnSessionTimeout getSessionTimeout()
Default: ClientVpnSessionTimeout.TWENTY_FOUR_HOURS
@Stability(value=Stable) @Nullable default Boolean getSplitTunnel()
Default: false
@Stability(value=Stable) @Nullable default TransportProtocol getTransportProtocol()
Default: TransportProtocol.UDP
@Stability(value=Stable) @Nullable default ClientVpnUserBasedAuthentication getUserBasedAuthentication()
Default: - use mutual authentication
@Stability(value=Stable) @Nullable default SubnetSelection getVpcSubnets()
Default: - the VPC default strategy
@Stability(value=Stable) static ClientVpnEndpointOptions.Builder builder()
ClientVpnEndpointOptions.Builder
of ClientVpnEndpointOptions
Copyright © 2023. All rights reserved.