CfnClientVpnAuthorizationRuleProps

class aws_cdk.aws_ec2.CfnClientVpnAuthorizationRuleProps(*, client_vpn_endpoint_id, target_network_cidr, access_group_id=None, authorize_all_groups=None, description=None)

Bases: object

Properties for defining a CfnClientVpnAuthorizationRule.

Parameters

  • client_vpn_endpoint_id (str) – The ID of the Client VPN endpoint.

  • target_network_cidr (str) – The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

  • access_group_id (Optional[str]) – The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if AuthorizeAllGroups is false or not specified.

  • authorize_all_groups (Union[bool, IResolvable, None]) – Indicates whether to grant access to all clients. Specify true to grant all clients who successfully establish a VPN connection access to the network. Must be set to true if AccessGroupId is not specified.

  • description (Optional[str]) – A brief description of the authorization rule.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html

ExampleMetadata

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_ec2 as ec2

cfn_client_vpn_authorization_rule_props = ec2.CfnClientVpnAuthorizationRuleProps(
    client_vpn_endpoint_id="clientVpnEndpointId",
    target_network_cidr="targetNetworkCidr",

    # the properties below are optional
    access_group_id="accessGroupId",
    authorize_all_groups=False,
    description="description"
)

Attributes

access_group_id

The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group.

Required if AuthorizeAllGroups is false or not specified.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-accessgroupid

Return type

Optional[str]

authorize_all_groups

Indicates whether to grant access to all clients.

Specify true to grant all clients who successfully establish a VPN connection access to the network. Must be set to true if AccessGroupId is not specified.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-authorizeallgroups

Return type

Union[bool, IResolvable, None]

client_vpn_endpoint_id

The ID of the Client VPN endpoint.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-clientvpnendpointid

Return type

str

description

A brief description of the authorization rule.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-description

Return type

Optional[str]

target_network_cidr

The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-targetnetworkcidr

Return type

str