@Generated(value="jsii-pacmak/1.58.0 (build f8ba112)",
date="2022-05-13T01:13:32.786Z")
public interface ClientVpnEndpointOptions
Example:
ClientVpnEndpoint endpoint = vpc.addClientVpnEndpoint("Endpoint", ClientVpnEndpointOptions.builder() .cidr("10.100.0.0/16") .serverCertificateArn("arn:aws:acm:us-east-1:123456789012:certificate/server-certificate-id") .userBasedAuthentication(ClientVpnUserBasedAuthentication.federated(samlProvider)) .authorizeAllUsersToVpcCidr(false) .build()); endpoint.addAuthorizationRule("Rule", ClientVpnAuthorizationRuleOptions.builder() .cidr("10.0.10.0/32") .groupId("group-id") .build());
Modifier and Type | Interface and Description |
---|---|
static class |
ClientVpnEndpointOptions.Builder
A builder for
ClientVpnEndpointOptions |
static class |
ClientVpnEndpointOptions.Jsii$Proxy
An implementation for
ClientVpnEndpointOptions |
Modifier and Type | Method and Description |
---|---|
static ClientVpnEndpointOptions.Builder |
builder() |
default java.lang.Boolean |
getAuthorizeAllUsersToVpcCidr()
Whether to authorize all users to the VPC CIDR.
|
java.lang.String |
getCidr()
The IPv4 address range, in CIDR notation, from which to assign client IP addresses.
|
default java.lang.String |
getClientCertificateArn()
The ARN of the client certificate for mutual authentication.
|
default IClientVpnConnectionHandler |
getClientConnectionHandler()
The AWS Lambda function used for connection authorization.
|
default java.lang.String |
getClientLoginBanner()
Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established.
|
default java.lang.String |
getDescription()
A brief description of the Client VPN endpoint.
|
default java.util.List<java.lang.String> |
getDnsServers()
Information about the DNS servers to be used for DNS resolution.
|
default java.lang.Boolean |
getLogging()
Whether to enable connections logging.
|
default ILogGroup |
getLogGroup()
A CloudWatch Logs log group for connection logging.
|
default ILogStream |
getLogStream()
A CloudWatch Logs log stream for connection logging.
|
default VpnPort |
getPort()
The port number to assign to the Client VPN endpoint for TCP and UDP traffic.
|
default java.util.List<ISecurityGroup> |
getSecurityGroups()
The security groups to apply to the target network.
|
default java.lang.Boolean |
getSelfServicePortal()
Specify whether to enable the self-service portal for the Client VPN endpoint.
|
java.lang.String |
getServerCertificateArn()
The ARN of the server certificate.
|
default ClientVpnSessionTimeout |
getSessionTimeout()
The maximum VPN session duration time.
|
default java.lang.Boolean |
getSplitTunnel()
Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.
|
default TransportProtocol |
getTransportProtocol()
The transport protocol to be used by the VPN session.
|
default ClientVpnUserBasedAuthentication |
getUserBasedAuthentication()
The type of user-based authentication to use.
|
default SubnetSelection |
getVpcSubnets()
Subnets to associate to the client VPN endpoint.
|
java.lang.String getCidr()
The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually.
Changing the address range will replace the Client VPN endpoint.
The CIDR block should be /22 or greater.
java.lang.String getServerCertificateArn()
default java.lang.Boolean getAuthorizeAllUsersToVpcCidr()
This automatically creates an authorization rule. Set this to false
and
use addAuthorizationRule()
to create your own rules instead.
Default: true
default java.lang.String getClientCertificateArn()
The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).
Default: - use user-based authentication
default IClientVpnConnectionHandler getClientConnectionHandler()
The name of the Lambda function must begin with the AWSClientVPN-
prefix
Default: - no connection handler
default java.lang.String getClientLoginBanner()
UTF-8 encoded characters only. Maximum of 1400 characters.
Default: - no banner is presented to the client
default java.lang.String getDescription()
Default: - no description
default java.util.List<java.lang.String> getDnsServers()
A Client VPN endpoint can have up to two DNS servers.
Default: - use the DNS address configured on the device
default java.lang.Boolean getLogging()
Default: true
default ILogGroup getLogGroup()
Default: - a new group is created
default ILogStream getLogStream()
Default: - a new stream is created
default VpnPort getPort()
Default: VpnPort.HTTPS
default java.util.List<ISecurityGroup> getSecurityGroups()
Default: - a new security group is created
default java.lang.Boolean getSelfServicePortal()
Default: true
default ClientVpnSessionTimeout getSessionTimeout()
Default: ClientVpnSessionTimeout.TWENTY_FOUR_HOURS
default java.lang.Boolean getSplitTunnel()
Default: false
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html
default TransportProtocol getTransportProtocol()
Default: TransportProtocol.UDP
default ClientVpnUserBasedAuthentication getUserBasedAuthentication()
Default: - use mutual authentication
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-authentication.html
default SubnetSelection getVpcSubnets()
Default: - the VPC default strategy
static ClientVpnEndpointOptions.Builder builder()
ClientVpnEndpointOptions.Builder
of ClientVpnEndpointOptions