CfnVPNConnectionProps

class aws_cdk.aws_ec2.CfnVPNConnectionProps(*, customer_gateway_id, type, enable_acceleration=None, local_ipv4_network_cidr=None, local_ipv6_network_cidr=None, outside_ip_address_type=None, remote_ipv4_network_cidr=None, remote_ipv6_network_cidr=None, static_routes_only=None, tags=None, transit_gateway_id=None, transport_transit_gateway_attachment_id=None, tunnel_inside_ip_version=None, vpn_gateway_id=None, vpn_tunnel_options_specifications=None)

Bases: object

Properties for defining a CfnVPNConnection.

Parameters:
  • customer_gateway_id (str) – The ID of the customer gateway at your end of the VPN connection.

  • type (str) – The type of VPN connection.

  • enable_acceleration (Union[bool, IResolvable, None]) – Indicate whether to enable acceleration for the VPN connection. Default: false

  • local_ipv4_network_cidr (Optional[str]) – The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection. Default: 0.0.0.0/0

  • local_ipv6_network_cidr (Optional[str]) – The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection. Default: ::/0

  • outside_ip_address_type (Optional[str]) – The type of IPv4 address assigned to the outside interface of the customer gateway device. Valid values: PrivateIpv4 | PublicIpv4 Default: PublicIpv4

  • remote_ipv4_network_cidr (Optional[str]) – The IPv4 CIDR on the AWS side of the VPN connection. Default: 0.0.0.0/0

  • remote_ipv6_network_cidr (Optional[str]) – The IPv6 CIDR on the AWS side of the VPN connection. Default: ::/0

  • static_routes_only (Union[bool, IResolvable, None]) – Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don’t support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true .

  • tags (Optional[Sequence[Union[CfnTag, Dict[str, Any]]]]) – Any tags assigned to the VPN connection.

  • transit_gateway_id (Optional[str]) – The ID of the transit gateway associated with the VPN connection. You must specify either TransitGatewayId or VpnGatewayId , but not both.

  • transport_transit_gateway_attachment_id (Optional[str]) – The transit gateway attachment ID to use for the VPN tunnel. Required if OutsideIpAddressType is set to PrivateIpv4 .

  • tunnel_inside_ip_version (Optional[str]) – Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Default: ipv4

  • vpn_gateway_id (Optional[str]) – The ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either TransitGatewayId or VpnGatewayId , but not both.

  • vpn_tunnel_options_specifications (Union[IResolvable, Sequence[Union[IResolvable, VpnTunnelOptionsSpecificationProperty, Dict[str, Any]]], None]) – The tunnel options for the VPN connection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_ec2 as ec2

cfn_vPNConnection_props = ec2.CfnVPNConnectionProps(
    customer_gateway_id="customerGatewayId",
    type="type",

    # the properties below are optional
    enable_acceleration=False,
    local_ipv4_network_cidr="localIpv4NetworkCidr",
    local_ipv6_network_cidr="localIpv6NetworkCidr",
    outside_ip_address_type="outsideIpAddressType",
    remote_ipv4_network_cidr="remoteIpv4NetworkCidr",
    remote_ipv6_network_cidr="remoteIpv6NetworkCidr",
    static_routes_only=False,
    tags=[CfnTag(
        key="key",
        value="value"
    )],
    transit_gateway_id="transitGatewayId",
    transport_transit_gateway_attachment_id="transportTransitGatewayAttachmentId",
    tunnel_inside_ip_version="tunnelInsideIpVersion",
    vpn_gateway_id="vpnGatewayId",
    vpn_tunnel_options_specifications=[ec2.CfnVPNConnection.VpnTunnelOptionsSpecificationProperty(
        dpd_timeout_action="dpdTimeoutAction",
        dpd_timeout_seconds=123,
        enable_tunnel_lifecycle_control=False,
        ike_versions=[{
            "value": "value"
        }],
        log_options=ec2.CfnVPNConnection.VpnTunnelLogOptionsSpecificationProperty(
            cloudwatch_log_options=ec2.CfnVPNConnection.CloudwatchLogOptionsSpecificationProperty(
                log_enabled=False,
                log_group_arn="logGroupArn",
                log_output_format="logOutputFormat"
            )
        ),
        phase1_dh_group_numbers=[ec2.CfnVPNConnection.Phase1DHGroupNumbersRequestListValueProperty(
            value=123
        )],
        phase1_encryption_algorithms=[ec2.CfnVPNConnection.Phase1EncryptionAlgorithmsRequestListValueProperty(
            value="value"
        )],
        phase1_integrity_algorithms=[ec2.CfnVPNConnection.Phase1IntegrityAlgorithmsRequestListValueProperty(
            value="value"
        )],
        phase1_lifetime_seconds=123,
        phase2_dh_group_numbers=[ec2.CfnVPNConnection.Phase2DHGroupNumbersRequestListValueProperty(
            value=123
        )],
        phase2_encryption_algorithms=[ec2.CfnVPNConnection.Phase2EncryptionAlgorithmsRequestListValueProperty(
            value="value"
        )],
        phase2_integrity_algorithms=[ec2.CfnVPNConnection.Phase2IntegrityAlgorithmsRequestListValueProperty(
            value="value"
        )],
        phase2_lifetime_seconds=123,
        pre_shared_key="preSharedKey",
        rekey_fuzz_percentage=123,
        rekey_margin_time_seconds=123,
        replay_window_size=123,
        startup_action="startupAction",
        tunnel_inside_cidr="tunnelInsideCidr",
        tunnel_inside_ipv6_cidr="tunnelInsideIpv6Cidr"
    )]
)

Attributes

customer_gateway_id

The ID of the customer gateway at your end of the VPN connection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-customergatewayid

enable_acceleration

Indicate whether to enable acceleration for the VPN connection.

Default: false

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-enableacceleration

local_ipv4_network_cidr

The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.

Default: 0.0.0.0/0

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-localipv4networkcidr

local_ipv6_network_cidr

The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.

Default: ::/0

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-localipv6networkcidr

outside_ip_address_type

The type of IPv4 address assigned to the outside interface of the customer gateway device.

Valid values: PrivateIpv4 | PublicIpv4

Default: PublicIpv4

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-outsideipaddresstype

remote_ipv4_network_cidr

The IPv4 CIDR on the AWS side of the VPN connection.

Default: 0.0.0.0/0

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-remoteipv4networkcidr

remote_ipv6_network_cidr

The IPv6 CIDR on the AWS side of the VPN connection.

Default: ::/0

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-remoteipv6networkcidr

static_routes_only

Indicates whether the VPN connection uses static routes only.

Static routes must be used for devices that don’t support BGP.

If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-staticroutesonly

tags

Any tags assigned to the VPN connection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-tags

transit_gateway_id

The ID of the transit gateway associated with the VPN connection.

You must specify either TransitGatewayId or VpnGatewayId , but not both.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-transitgatewayid

transport_transit_gateway_attachment_id

The transit gateway attachment ID to use for the VPN tunnel.

Required if OutsideIpAddressType is set to PrivateIpv4 .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-transporttransitgatewayattachmentid

tunnel_inside_ip_version

Indicate whether the VPN tunnels process IPv4 or IPv6 traffic.

Default: ipv4

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-tunnelinsideipversion

type

The type of VPN connection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-type

vpn_gateway_id

The ID of the virtual private gateway at the AWS side of the VPN connection.

You must specify either TransitGatewayId or VpnGatewayId , but not both.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-vpngatewayid

vpn_tunnel_options_specifications

The tunnel options for the VPN connection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpnconnection.html#cfn-ec2-vpnconnection-vpntunneloptionsspecifications