CfnClientVpnAuthorizationRuleProps

class aws_cdk.aws_ec2.CfnClientVpnAuthorizationRuleProps(*, client_vpn_endpoint_id, target_network_cidr, access_group_id=None, authorize_all_groups=None, description=None)

Bases: object

Properties for defining a CfnClientVpnAuthorizationRule.

Parameters:
  • client_vpn_endpoint_id (str) – The ID of the Client VPN endpoint.

  • target_network_cidr (str) – The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

  • access_group_id (Optional[str]) – The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if AuthorizeAllGroups is false or not specified.

  • authorize_all_groups (Union[bool, IResolvable, None]) – Indicates whether to grant access to all clients. Specify true to grant all clients who successfully establish a VPN connection access to the network. Must be set to true if AccessGroupId is not specified.

  • description (Optional[str]) – A brief description of the authorization rule.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_ec2 as ec2

cfn_client_vpn_authorization_rule_props = ec2.CfnClientVpnAuthorizationRuleProps(
    client_vpn_endpoint_id="clientVpnEndpointId",
    target_network_cidr="targetNetworkCidr",

    # the properties below are optional
    access_group_id="accessGroupId",
    authorize_all_groups=False,
    description="description"
)

Attributes

access_group_id

The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group.

Required if AuthorizeAllGroups is false or not specified.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-accessgroupid

authorize_all_groups

Indicates whether to grant access to all clients.

Specify true to grant all clients who successfully establish a VPN connection access to the network. Must be set to true if AccessGroupId is not specified.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-authorizeallgroups

client_vpn_endpoint_id

The ID of the Client VPN endpoint.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-clientvpnendpointid

description

A brief description of the authorization rule.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-description

target_network_cidr

The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnauthorizationrule.html#cfn-ec2-clientvpnauthorizationrule-targetnetworkcidr