Docs
PackagesAlibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi
alicloud.vpn.Connection
Explore with Pulumi AI
Example Usage
Basic Usage
IPsec-VPN connections support the dual-tunnel mode
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const spec = config.get("spec") || "5";
const default = alicloud.vpn.getGatewayZones({
spec: "5M",
});
const defaultGetNetworks = alicloud.vpc.getNetworks({
nameRegex: "^default-NODELETING$",
cidrBlock: "172.16.0.0/16",
});
const default0 = Promise.all([defaultGetNetworks, _default]).then(([defaultGetNetworks, _default]) => alicloud.vpc.getSwitches({
vpcId: defaultGetNetworks.ids?.[0],
zoneId: _default.ids?.[0],
}));
const default1 = Promise.all([defaultGetNetworks, _default]).then(([defaultGetNetworks, _default]) => alicloud.vpc.getSwitches({
vpcId: defaultGetNetworks.ids?.[0],
zoneId: _default.ids?.[1],
}));
const HA_VPN = new alicloud.vpn.Gateway("HA-VPN", {
vpnType: "Normal",
disasterRecoveryVswitchId: default1.then(default1 => default1.ids?.[0]),
vpnGatewayName: name,
vswitchId: default0.then(default0 => default0.ids?.[0]),
autoPay: true,
vpcId: defaultGetNetworks.then(defaultGetNetworks => defaultGetNetworks.ids?.[0]),
networkType: "public",
paymentType: "Subscription",
enableIpsec: true,
bandwidth: spec,
});
const defaultCustomerGateway = new alicloud.vpn.CustomerGateway("defaultCustomerGateway", {
description: "defaultCustomerGateway",
ipAddress: "2.2.2.5",
asn: "2224",
customerGatewayName: name,
});
const changeCustomerGateway = new alicloud.vpn.CustomerGateway("changeCustomerGateway", {
description: "changeCustomerGateway",
ipAddress: "2.2.2.6",
asn: "2225",
customerGatewayName: name,
});
const defaultConnection = new alicloud.vpn.Connection("default", {
vpnGatewayId: HA_VPN.id,
vpnConnectionName: name,
localSubnets: ["3.0.0.0/24"],
remoteSubnets: [
"10.0.0.0/24",
"10.0.1.0/24",
],
tags: {
Created: "TF",
For: "example",
},
enableTunnelsBgp: true,
tunnelOptionsSpecifications: [
{
tunnelIpsecConfig: {
ipsecAuthAlg: "md5",
ipsecEncAlg: "aes256",
ipsecLifetime: 16400,
ipsecPfs: "group5",
},
customerGatewayId: defaultCustomerGateway.id,
role: "master",
tunnelBgpConfig: {
localAsn: "1219002",
tunnelCidr: "169.254.30.0/30",
localBgpIp: "169.254.30.1",
},
tunnelIkeConfig: {
ikeMode: "aggressive",
ikeVersion: "ikev2",
localId: "localid_tunnel2",
psk: "12345678",
remoteId: "remote2",
ikeAuthAlg: "md5",
ikeEncAlg: "aes256",
ikeLifetime: 3600,
ikePfs: "group14",
},
},
{
tunnelIkeConfig: {
remoteId: "remote24",
ikeEncAlg: "aes256",
ikeLifetime: 27000,
ikeMode: "aggressive",
ikePfs: "group5",
ikeAuthAlg: "md5",
ikeVersion: "ikev2",
localId: "localid_tunnel2",
psk: "12345678",
},
tunnelIpsecConfig: {
ipsecLifetime: 2700,
ipsecPfs: "group14",
ipsecAuthAlg: "md5",
ipsecEncAlg: "aes256",
},
customerGatewayId: defaultCustomerGateway.id,
role: "slave",
tunnelBgpConfig: {
localAsn: "1219002",
localBgpIp: "169.254.40.1",
tunnelCidr: "169.254.40.0/30",
},
},
],
});
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
spec = config.get("spec")
if spec is None:
spec = "5"
default = alicloud.vpn.get_gateway_zones(spec="5M")
default_get_networks = alicloud.vpc.get_networks(name_regex="^default-NODELETING$",
cidr_block="172.16.0.0/16")
default0 = alicloud.vpc.get_switches(vpc_id=default_get_networks.ids[0],
zone_id=default.ids[0])
default1 = alicloud.vpc.get_switches(vpc_id=default_get_networks.ids[0],
zone_id=default.ids[1])
h_a__vpn = alicloud.vpn.Gateway("HA-VPN",
vpn_type="Normal",
disaster_recovery_vswitch_id=default1.ids[0],
vpn_gateway_name=name,
vswitch_id=default0.ids[0],
auto_pay=True,
vpc_id=default_get_networks.ids[0],
network_type="public",
payment_type="Subscription",
enable_ipsec=True,
bandwidth=spec)
default_customer_gateway = alicloud.vpn.CustomerGateway("defaultCustomerGateway",
description="defaultCustomerGateway",
ip_address="2.2.2.5",
asn="2224",
customer_gateway_name=name)
change_customer_gateway = alicloud.vpn.CustomerGateway("changeCustomerGateway",
description="changeCustomerGateway",
ip_address="2.2.2.6",
asn="2225",
customer_gateway_name=name)
default_connection = alicloud.vpn.Connection("default",
vpn_gateway_id=h_a__vpn.id,
vpn_connection_name=name,
local_subnets=["3.0.0.0/24"],
remote_subnets=[
"10.0.0.0/24",
"10.0.1.0/24",
],
tags={
"Created": "TF",
"For": "example",
},
enable_tunnels_bgp=True,
tunnel_options_specifications=[
alicloud.vpn.ConnectionTunnelOptionsSpecificationArgs(
tunnel_ipsec_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs(
ipsec_auth_alg="md5",
ipsec_enc_alg="aes256",
ipsec_lifetime=16400,
ipsec_pfs="group5",
),
customer_gateway_id=default_customer_gateway.id,
role="master",
tunnel_bgp_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs(
local_asn="1219002",
tunnel_cidr="169.254.30.0/30",
local_bgp_ip="169.254.30.1",
),
tunnel_ike_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs(
ike_mode="aggressive",
ike_version="ikev2",
local_id="localid_tunnel2",
psk="12345678",
remote_id="remote2",
ike_auth_alg="md5",
ike_enc_alg="aes256",
ike_lifetime=3600,
ike_pfs="group14",
),
),
alicloud.vpn.ConnectionTunnelOptionsSpecificationArgs(
tunnel_ike_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs(
remote_id="remote24",
ike_enc_alg="aes256",
ike_lifetime=27000,
ike_mode="aggressive",
ike_pfs="group5",
ike_auth_alg="md5",
ike_version="ikev2",
local_id="localid_tunnel2",
psk="12345678",
),
tunnel_ipsec_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs(
ipsec_lifetime=2700,
ipsec_pfs="group14",
ipsec_auth_alg="md5",
ipsec_enc_alg="aes256",
),
customer_gateway_id=default_customer_gateway.id,
role="slave",
tunnel_bgp_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs(
local_asn="1219002",
local_bgp_ip="169.254.40.1",
tunnel_cidr="169.254.40.0/30",
),
),
])
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpn"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
spec := "5"
if param := cfg.Get("spec"); param != "" {
spec = param
}
_default, err := vpn.GetGatewayZones(ctx, &vpn.GetGatewayZonesArgs{
Spec: "5M",
}, nil)
if err != nil {
return err
}
defaultGetNetworks, err := vpc.GetNetworks(ctx, &vpc.GetNetworksArgs{
NameRegex: pulumi.StringRef("^default-NODELETING$"),
CidrBlock: pulumi.StringRef("172.16.0.0/16"),
}, nil)
if err != nil {
return err
}
default0, err := vpc.GetSwitches(ctx, &vpc.GetSwitchesArgs{
VpcId: pulumi.StringRef(defaultGetNetworks.Ids[0]),
ZoneId: pulumi.StringRef(_default.Ids[0]),
}, nil)
if err != nil {
return err
}
default1, err := vpc.GetSwitches(ctx, &vpc.GetSwitchesArgs{
VpcId: pulumi.StringRef(defaultGetNetworks.Ids[0]),
ZoneId: pulumi.StringRef(_default.Ids[1]),
}, nil)
if err != nil {
return err
}
_, err = vpn.NewGateway(ctx, "HA-VPN", &vpn.GatewayArgs{
VpnType: pulumi.String("Normal"),
DisasterRecoveryVswitchId: pulumi.String(default1.Ids[0]),
VpnGatewayName: pulumi.String(name),
VswitchId: pulumi.String(default0.Ids[0]),
AutoPay: pulumi.Bool(true),
VpcId: pulumi.String(defaultGetNetworks.Ids[0]),
NetworkType: pulumi.String("public"),
PaymentType: pulumi.String("Subscription"),
EnableIpsec: pulumi.Bool(true),
Bandwidth: pulumi.String(spec),
})
if err != nil {
return err
}
defaultCustomerGateway, err := vpn.NewCustomerGateway(ctx, "defaultCustomerGateway", &vpn.CustomerGatewayArgs{
Description: pulumi.String("defaultCustomerGateway"),
IpAddress: pulumi.String("2.2.2.5"),
Asn: pulumi.String("2224"),
CustomerGatewayName: pulumi.String(name),
})
if err != nil {
return err
}
_, err = vpn.NewCustomerGateway(ctx, "changeCustomerGateway", &vpn.CustomerGatewayArgs{
Description: pulumi.String("changeCustomerGateway"),
IpAddress: pulumi.String("2.2.2.6"),
Asn: pulumi.String("2225"),
CustomerGatewayName: pulumi.String(name),
})
if err != nil {
return err
}
_, err = vpn.NewConnection(ctx, "default", &vpn.ConnectionArgs{
VpnGatewayId: HA_VPN.ID(),
VpnConnectionName: pulumi.String(name),
LocalSubnets: pulumi.StringArray{
pulumi.String("3.0.0.0/24"),
},
RemoteSubnets: pulumi.StringArray{
pulumi.String("10.0.0.0/24"),
pulumi.String("10.0.1.0/24"),
},
Tags: pulumi.Map{
"Created": pulumi.Any("TF"),
"For": pulumi.Any("example"),
},
EnableTunnelsBgp: pulumi.Bool(true),
TunnelOptionsSpecifications: vpn.ConnectionTunnelOptionsSpecificationArray{
&vpn.ConnectionTunnelOptionsSpecificationArgs{
TunnelIpsecConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs{
IpsecAuthAlg: pulumi.String("md5"),
IpsecEncAlg: pulumi.String("aes256"),
IpsecLifetime: pulumi.Int(16400),
IpsecPfs: pulumi.String("group5"),
},
CustomerGatewayId: defaultCustomerGateway.ID(),
Role: pulumi.String("master"),
TunnelBgpConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs{
LocalAsn: pulumi.String("1219002"),
TunnelCidr: pulumi.String("169.254.30.0/30"),
LocalBgpIp: pulumi.String("169.254.30.1"),
},
TunnelIkeConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs{
IkeMode: pulumi.String("aggressive"),
IkeVersion: pulumi.String("ikev2"),
LocalId: pulumi.String("localid_tunnel2"),
Psk: pulumi.String("12345678"),
RemoteId: pulumi.String("remote2"),
IkeAuthAlg: pulumi.String("md5"),
IkeEncAlg: pulumi.String("aes256"),
IkeLifetime: pulumi.Int(3600),
IkePfs: pulumi.String("group14"),
},
},
&vpn.ConnectionTunnelOptionsSpecificationArgs{
TunnelIkeConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs{
RemoteId: pulumi.String("remote24"),
IkeEncAlg: pulumi.String("aes256"),
IkeLifetime: pulumi.Int(27000),
IkeMode: pulumi.String("aggressive"),
IkePfs: pulumi.String("group5"),
IkeAuthAlg: pulumi.String("md5"),
IkeVersion: pulumi.String("ikev2"),
LocalId: pulumi.String("localid_tunnel2"),
Psk: pulumi.String("12345678"),
},
TunnelIpsecConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs{
IpsecLifetime: pulumi.Int(2700),
IpsecPfs: pulumi.String("group14"),
IpsecAuthAlg: pulumi.String("md5"),
IpsecEncAlg: pulumi.String("aes256"),
},
CustomerGatewayId: defaultCustomerGateway.ID(),
Role: pulumi.String("slave"),
TunnelBgpConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs{
LocalAsn: pulumi.String("1219002"),
LocalBgpIp: pulumi.String("169.254.40.1"),
TunnelCidr: pulumi.String("169.254.40.0/30"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var spec = config.Get("spec") ?? "5";
var @default = AliCloud.Vpn.GetGatewayZones.Invoke(new()
{
Spec = "5M",
});
var defaultGetNetworks = AliCloud.Vpc.GetNetworks.Invoke(new()
{
NameRegex = "^default-NODELETING$",
CidrBlock = "172.16.0.0/16",
});
var default0 = AliCloud.Vpc.GetSwitches.Invoke(new()
{
VpcId = defaultGetNetworks.Apply(getNetworksResult => getNetworksResult.Ids[0]),
ZoneId = @default.Apply(getGatewayZonesResult => getGatewayZonesResult.Ids[0]),
});
var default1 = AliCloud.Vpc.GetSwitches.Invoke(new()
{
VpcId = defaultGetNetworks.Apply(getNetworksResult => getNetworksResult.Ids[0]),
ZoneId = @default.Apply(getGatewayZonesResult => getGatewayZonesResult.Ids[1]),
});
var HA_VPN = new AliCloud.Vpn.Gateway("HA-VPN", new()
{
VpnType = "Normal",
DisasterRecoveryVswitchId = default1.Apply(getSwitchesResult => getSwitchesResult.Ids[0]),
VpnGatewayName = name,
VswitchId = default0.Apply(getSwitchesResult => getSwitchesResult.Ids[0]),
AutoPay = true,
VpcId = defaultGetNetworks.Apply(getNetworksResult => getNetworksResult.Ids[0]),
NetworkType = "public",
PaymentType = "Subscription",
EnableIpsec = true,
Bandwidth = spec,
});
var defaultCustomerGateway = new AliCloud.Vpn.CustomerGateway("defaultCustomerGateway", new()
{
Description = "defaultCustomerGateway",
IpAddress = "2.2.2.5",
Asn = "2224",
CustomerGatewayName = name,
});
var changeCustomerGateway = new AliCloud.Vpn.CustomerGateway("changeCustomerGateway", new()
{
Description = "changeCustomerGateway",
IpAddress = "2.2.2.6",
Asn = "2225",
CustomerGatewayName = name,
});
var defaultConnection = new AliCloud.Vpn.Connection("default", new()
{
VpnGatewayId = HA_VPN.Id,
VpnConnectionName = name,
LocalSubnets = new[]
{
"3.0.0.0/24",
},
RemoteSubnets = new[]
{
"10.0.0.0/24",
"10.0.1.0/24",
},
Tags =
{
{ "Created", "TF" },
{ "For", "example" },
},
EnableTunnelsBgp = true,
TunnelOptionsSpecifications = new[]
{
new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationArgs
{
TunnelIpsecConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs
{
IpsecAuthAlg = "md5",
IpsecEncAlg = "aes256",
IpsecLifetime = 16400,
IpsecPfs = "group5",
},
CustomerGatewayId = defaultCustomerGateway.Id,
Role = "master",
TunnelBgpConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs
{
LocalAsn = "1219002",
TunnelCidr = "169.254.30.0/30",
LocalBgpIp = "169.254.30.1",
},
TunnelIkeConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs
{
IkeMode = "aggressive",
IkeVersion = "ikev2",
LocalId = "localid_tunnel2",
Psk = "12345678",
RemoteId = "remote2",
IkeAuthAlg = "md5",
IkeEncAlg = "aes256",
IkeLifetime = 3600,
IkePfs = "group14",
},
},
new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationArgs
{
TunnelIkeConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs
{
RemoteId = "remote24",
IkeEncAlg = "aes256",
IkeLifetime = 27000,
IkeMode = "aggressive",
IkePfs = "group5",
IkeAuthAlg = "md5",
IkeVersion = "ikev2",
LocalId = "localid_tunnel2",
Psk = "12345678",
},
TunnelIpsecConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs
{
IpsecLifetime = 2700,
IpsecPfs = "group14",
IpsecAuthAlg = "md5",
IpsecEncAlg = "aes256",
},
CustomerGatewayId = defaultCustomerGateway.Id,
Role = "slave",
TunnelBgpConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs
{
LocalAsn = "1219002",
LocalBgpIp = "169.254.40.1",
TunnelCidr = "169.254.40.0/30",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.vpn.VpnFunctions;
import com.pulumi.alicloud.vpn.inputs.GetGatewayZonesArgs;
import com.pulumi.alicloud.vpc.VpcFunctions;
import com.pulumi.alicloud.vpc.inputs.GetNetworksArgs;
import com.pulumi.alicloud.vpc.inputs.GetSwitchesArgs;
import com.pulumi.alicloud.vpn.Gateway;
import com.pulumi.alicloud.vpn.GatewayArgs;
import com.pulumi.alicloud.vpn.CustomerGateway;
import com.pulumi.alicloud.vpn.CustomerGatewayArgs;
import com.pulumi.alicloud.vpn.Connection;
import com.pulumi.alicloud.vpn.ConnectionArgs;
import com.pulumi.alicloud.vpn.inputs.ConnectionTunnelOptionsSpecificationArgs;
import com.pulumi.alicloud.vpn.inputs.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs;
import com.pulumi.alicloud.vpn.inputs.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs;
import com.pulumi.alicloud.vpn.inputs.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
final var spec = config.get("spec").orElse("5");
final var default = VpnFunctions.getGatewayZones(GetGatewayZonesArgs.builder()
.spec("5M")
.build());
final var defaultGetNetworks = VpcFunctions.getNetworks(GetNetworksArgs.builder()
.nameRegex("^default-NODELETING$")
.cidrBlock("172.16.0.0/16")
.build());
final var default0 = VpcFunctions.getSwitches(GetSwitchesArgs.builder()
.vpcId(defaultGetNetworks.applyValue(getNetworksResult -> getNetworksResult.ids()[0]))
.zoneId(default_.ids()[0])
.build());
final var default1 = VpcFunctions.getSwitches(GetSwitchesArgs.builder()
.vpcId(defaultGetNetworks.applyValue(getNetworksResult -> getNetworksResult.ids()[0]))
.zoneId(default_.ids()[1])
.build());
var hA_VPN = new Gateway("HA-VPN", GatewayArgs.builder()
.vpnType("Normal")
.disasterRecoveryVswitchId(default1.applyValue(getSwitchesResult -> getSwitchesResult.ids()[0]))
.vpnGatewayName(name)
.vswitchId(default0.applyValue(getSwitchesResult -> getSwitchesResult.ids()[0]))
.autoPay(true)
.vpcId(defaultGetNetworks.applyValue(getNetworksResult -> getNetworksResult.ids()[0]))
.networkType("public")
.paymentType("Subscription")
.enableIpsec(true)
.bandwidth(spec)
.build());
var defaultCustomerGateway = new CustomerGateway("defaultCustomerGateway", CustomerGatewayArgs.builder()
.description("defaultCustomerGateway")
.ipAddress("2.2.2.5")
.asn("2224")
.customerGatewayName(name)
.build());
var changeCustomerGateway = new CustomerGateway("changeCustomerGateway", CustomerGatewayArgs.builder()
.description("changeCustomerGateway")
.ipAddress("2.2.2.6")
.asn("2225")
.customerGatewayName(name)
.build());
var defaultConnection = new Connection("defaultConnection", ConnectionArgs.builder()
.vpnGatewayId(HA_VPN.id())
.vpnConnectionName(name)
.localSubnets("3.0.0.0/24")
.remoteSubnets(
"10.0.0.0/24",
"10.0.1.0/24")
.tags(Map.ofEntries(
Map.entry("Created", "TF"),
Map.entry("For", "example")
))
.enableTunnelsBgp("true")
.tunnelOptionsSpecifications(
ConnectionTunnelOptionsSpecificationArgs.builder()
.tunnelIpsecConfig(ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs.builder()
.ipsecAuthAlg("md5")
.ipsecEncAlg("aes256")
.ipsecLifetime("16400")
.ipsecPfs("group5")
.build())
.customerGatewayId(defaultCustomerGateway.id())
.role("master")
.tunnelBgpConfig(ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs.builder()
.localAsn("1219002")
.tunnelCidr("169.254.30.0/30")
.localBgpIp("169.254.30.1")
.build())
.tunnelIkeConfig(ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs.builder()
.ikeMode("aggressive")
.ikeVersion("ikev2")
.localId("localid_tunnel2")
.psk("12345678")
.remoteId("remote2")
.ikeAuthAlg("md5")
.ikeEncAlg("aes256")
.ikeLifetime("3600")
.ikePfs("group14")
.build())
.build(),
ConnectionTunnelOptionsSpecificationArgs.builder()
.tunnelIkeConfig(ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs.builder()
.remoteId("remote24")
.ikeEncAlg("aes256")
.ikeLifetime("27000")
.ikeMode("aggressive")
.ikePfs("group5")
.ikeAuthAlg("md5")
.ikeVersion("ikev2")
.localId("localid_tunnel2")
.psk("12345678")
.build())
.tunnelIpsecConfig(ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs.builder()
.ipsecLifetime("2700")
.ipsecPfs("group14")
.ipsecAuthAlg("md5")
.ipsecEncAlg("aes256")
.build())
.customerGatewayId(defaultCustomerGateway.id())
.role("slave")
.tunnelBgpConfig(ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs.builder()
.localAsn("1219002")
.localBgpIp("169.254.40.1")
.tunnelCidr("169.254.40.0/30")
.build())
.build())
.build());
}
}
configuration:
name:
type: string
default: terraform-example
spec:
type: string
default: '5'
resources:
HA-VPN:
type: alicloud:vpn:Gateway
properties:
vpnType: Normal
disasterRecoveryVswitchId: ${default1.ids[0]}
vpnGatewayName: ${name}
vswitchId: ${default0.ids[0]}
autoPay: true
vpcId: ${defaultGetNetworks.ids[0]}
networkType: public
paymentType: Subscription
enableIpsec: true
bandwidth: ${spec}
defaultCustomerGateway:
type: alicloud:vpn:CustomerGateway
properties:
description: defaultCustomerGateway
ipAddress: 2.2.2.5
asn: '2224'
customerGatewayName: ${name}
changeCustomerGateway:
type: alicloud:vpn:CustomerGateway
properties:
description: changeCustomerGateway
ipAddress: 2.2.2.6
asn: '2225'
customerGatewayName: ${name}
defaultConnection:
type: alicloud:vpn:Connection
name: default
properties:
vpnGatewayId: ${["HA-VPN"].id}
vpnConnectionName: ${name}
localSubnets:
- 3.0.0.0/24
remoteSubnets:
- 10.0.0.0/24
- 10.0.1.0/24
tags:
Created: TF
For: example
enableTunnelsBgp: 'true'
tunnelOptionsSpecifications:
- tunnelIpsecConfig:
ipsecAuthAlg: md5
ipsecEncAlg: aes256
ipsecLifetime: '16400'
ipsecPfs: group5
customerGatewayId: ${defaultCustomerGateway.id}
role: master
tunnelBgpConfig:
localAsn: '1219002'
tunnelCidr: 169.254.30.0/30
localBgpIp: 169.254.30.1
tunnelIkeConfig:
ikeMode: aggressive
ikeVersion: ikev2
localId: localid_tunnel2
psk: '12345678'
remoteId: remote2
ikeAuthAlg: md5
ikeEncAlg: aes256
ikeLifetime: '3600'
ikePfs: group14
- tunnelIkeConfig:
remoteId: remote24
ikeEncAlg: aes256
ikeLifetime: '27000'
ikeMode: aggressive
ikePfs: group5
ikeAuthAlg: md5
ikeVersion: ikev2
localId: localid_tunnel2
psk: '12345678'
tunnelIpsecConfig:
ipsecLifetime: '2700'
ipsecPfs: group14
ipsecAuthAlg: md5
ipsecEncAlg: aes256
customerGatewayId: ${defaultCustomerGateway.id}
role: slave
tunnelBgpConfig:
localAsn: '1219002'
localBgpIp: 169.254.40.1
tunnelCidr: 169.254.40.0/30
variables:
default:
fn::invoke:
Function: alicloud:vpn:getGatewayZones
Arguments:
spec: 5M
defaultGetNetworks:
fn::invoke:
Function: alicloud:vpc:getNetworks
Arguments:
nameRegex: ^default-NODELETING$
cidrBlock: 172.16.0.0/16
default0:
fn::invoke:
Function: alicloud:vpc:getSwitches
Arguments:
vpcId: ${defaultGetNetworks.ids[0]}
zoneId: ${default.ids[0]}
default1:
fn::invoke:
Function: alicloud:vpc:getSwitches
Arguments:
vpcId: ${defaultGetNetworks.ids[0]}
zoneId: ${default.ids[1]}
Create Connection Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Connection(name: string, args: ConnectionArgs, opts?: CustomResourceOptions);@overload
def Connection(resource_name: str,
args: ConnectionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Connection(resource_name: str,
opts: Optional[ResourceOptions] = None,
local_subnets: Optional[Sequence[str]] = None,
vpn_gateway_id: Optional[str] = None,
remote_subnets: Optional[Sequence[str]] = None,
ike_config: Optional[ConnectionIkeConfigArgs] = None,
effect_immediately: Optional[bool] = None,
enable_nat_traversal: Optional[bool] = None,
enable_tunnels_bgp: Optional[bool] = None,
health_check_config: Optional[ConnectionHealthCheckConfigArgs] = None,
auto_config_route: Optional[bool] = None,
ipsec_config: Optional[ConnectionIpsecConfigArgs] = None,
enable_dpd: Optional[bool] = None,
name: Optional[str] = None,
network_type: Optional[str] = None,
customer_gateway_id: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None,
tunnel_options_specifications: Optional[Sequence[ConnectionTunnelOptionsSpecificationArgs]] = None,
vpn_connection_name: Optional[str] = None,
bgp_config: Optional[ConnectionBgpConfigArgs] = None)func NewConnection(ctx *Context, name string, args ConnectionArgs, opts ...ResourceOption) (*Connection, error)public Connection(string name, ConnectionArgs args, CustomResourceOptions? opts = null)
public Connection(String name, ConnectionArgs args)
public Connection(String name, ConnectionArgs args, CustomResourceOptions options)
type: alicloud:vpn:Connection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var exampleconnectionResourceResourceFromVpnconnection = new AliCloud.Vpn.Connection("exampleconnectionResourceResourceFromVpnconnection", new()
{
LocalSubnets = new[]
{
"string",
},
VpnGatewayId = "string",
RemoteSubnets = new[]
{
"string",
},
IkeConfig = new AliCloud.Vpn.Inputs.ConnectionIkeConfigArgs
{
IkeAuthAlg = "string",
IkeEncAlg = "string",
IkeLifetime = 0,
IkeLocalId = "string",
IkeMode = "string",
IkePfs = "string",
IkeRemoteId = "string",
IkeVersion = "string",
Psk = "string",
},
EffectImmediately = false,
EnableNatTraversal = false,
EnableTunnelsBgp = false,
HealthCheckConfig = new AliCloud.Vpn.Inputs.ConnectionHealthCheckConfigArgs
{
Dip = "string",
Enable = false,
Interval = 0,
Retry = 0,
Sip = "string",
},
AutoConfigRoute = false,
IpsecConfig = new AliCloud.Vpn.Inputs.ConnectionIpsecConfigArgs
{
IpsecAuthAlg = "string",
IpsecEncAlg = "string",
IpsecLifetime = 0,
IpsecPfs = "string",
},
EnableDpd = false,
NetworkType = "string",
CustomerGatewayId = "string",
Tags =
{
{ "string", "any" },
},
TunnelOptionsSpecifications = new[]
{
new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationArgs
{
CustomerGatewayId = "string",
EnableDpd = false,
EnableNatTraversal = false,
InternetIp = "string",
Role = "string",
State = "string",
Status = "string",
TunnelBgpConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs
{
BgpStatus = "string",
LocalAsn = "string",
LocalBgpIp = "string",
PeerAsn = "string",
PeerBgpIp = "string",
TunnelCidr = "string",
},
TunnelId = "string",
TunnelIkeConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs
{
IkeAuthAlg = "string",
IkeEncAlg = "string",
IkeLifetime = 0,
IkeMode = "string",
IkePfs = "string",
IkeVersion = "string",
LocalId = "string",
Psk = "string",
RemoteId = "string",
},
TunnelIpsecConfig = new AliCloud.Vpn.Inputs.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs
{
IpsecAuthAlg = "string",
IpsecEncAlg = "string",
IpsecLifetime = 0,
IpsecPfs = "string",
},
ZoneNo = "string",
},
},
VpnConnectionName = "string",
BgpConfig = new AliCloud.Vpn.Inputs.ConnectionBgpConfigArgs
{
Enable = false,
LocalAsn = "string",
LocalBgpIp = "string",
Status = "string",
TunnelCidr = "string",
},
});
example, err := vpn.NewConnection(ctx, "exampleconnectionResourceResourceFromVpnconnection", &vpn.ConnectionArgs{
LocalSubnets: pulumi.StringArray{
pulumi.String("string"),
},
VpnGatewayId: pulumi.String("string"),
RemoteSubnets: pulumi.StringArray{
pulumi.String("string"),
},
IkeConfig: &vpn.ConnectionIkeConfigArgs{
IkeAuthAlg: pulumi.String("string"),
IkeEncAlg: pulumi.String("string"),
IkeLifetime: pulumi.Int(0),
IkeLocalId: pulumi.String("string"),
IkeMode: pulumi.String("string"),
IkePfs: pulumi.String("string"),
IkeRemoteId: pulumi.String("string"),
IkeVersion: pulumi.String("string"),
Psk: pulumi.String("string"),
},
EffectImmediately: pulumi.Bool(false),
EnableNatTraversal: pulumi.Bool(false),
EnableTunnelsBgp: pulumi.Bool(false),
HealthCheckConfig: &vpn.ConnectionHealthCheckConfigArgs{
Dip: pulumi.String("string"),
Enable: pulumi.Bool(false),
Interval: pulumi.Int(0),
Retry: pulumi.Int(0),
Sip: pulumi.String("string"),
},
AutoConfigRoute: pulumi.Bool(false),
IpsecConfig: &vpn.ConnectionIpsecConfigArgs{
IpsecAuthAlg: pulumi.String("string"),
IpsecEncAlg: pulumi.String("string"),
IpsecLifetime: pulumi.Int(0),
IpsecPfs: pulumi.String("string"),
},
EnableDpd: pulumi.Bool(false),
NetworkType: pulumi.String("string"),
CustomerGatewayId: pulumi.String("string"),
Tags: pulumi.Map{
"string": pulumi.Any("any"),
},
TunnelOptionsSpecifications: vpn.ConnectionTunnelOptionsSpecificationArray{
&vpn.ConnectionTunnelOptionsSpecificationArgs{
CustomerGatewayId: pulumi.String("string"),
EnableDpd: pulumi.Bool(false),
EnableNatTraversal: pulumi.Bool(false),
InternetIp: pulumi.String("string"),
Role: pulumi.String("string"),
State: pulumi.String("string"),
Status: pulumi.String("string"),
TunnelBgpConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs{
BgpStatus: pulumi.String("string"),
LocalAsn: pulumi.String("string"),
LocalBgpIp: pulumi.String("string"),
PeerAsn: pulumi.String("string"),
PeerBgpIp: pulumi.String("string"),
TunnelCidr: pulumi.String("string"),
},
TunnelId: pulumi.String("string"),
TunnelIkeConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs{
IkeAuthAlg: pulumi.String("string"),
IkeEncAlg: pulumi.String("string"),
IkeLifetime: pulumi.Int(0),
IkeMode: pulumi.String("string"),
IkePfs: pulumi.String("string"),
IkeVersion: pulumi.String("string"),
LocalId: pulumi.String("string"),
Psk: pulumi.String("string"),
RemoteId: pulumi.String("string"),
},
TunnelIpsecConfig: &vpn.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs{
IpsecAuthAlg: pulumi.String("string"),
IpsecEncAlg: pulumi.String("string"),
IpsecLifetime: pulumi.Int(0),
IpsecPfs: pulumi.String("string"),
},
ZoneNo: pulumi.String("string"),
},
},
VpnConnectionName: pulumi.String("string"),
BgpConfig: &vpn.ConnectionBgpConfigArgs{
Enable: pulumi.Bool(false),
LocalAsn: pulumi.String("string"),
LocalBgpIp: pulumi.String("string"),
Status: pulumi.String("string"),
TunnelCidr: pulumi.String("string"),
},
})
var exampleconnectionResourceResourceFromVpnconnection = new Connection("exampleconnectionResourceResourceFromVpnconnection", ConnectionArgs.builder()
.localSubnets("string")
.vpnGatewayId("string")
.remoteSubnets("string")
.ikeConfig(ConnectionIkeConfigArgs.builder()
.ikeAuthAlg("string")
.ikeEncAlg("string")
.ikeLifetime(0)
.ikeLocalId("string")
.ikeMode("string")
.ikePfs("string")
.ikeRemoteId("string")
.ikeVersion("string")
.psk("string")
.build())
.effectImmediately(false)
.enableNatTraversal(false)
.enableTunnelsBgp(false)
.healthCheckConfig(ConnectionHealthCheckConfigArgs.builder()
.dip("string")
.enable(false)
.interval(0)
.retry(0)
.sip("string")
.build())
.autoConfigRoute(false)
.ipsecConfig(ConnectionIpsecConfigArgs.builder()
.ipsecAuthAlg("string")
.ipsecEncAlg("string")
.ipsecLifetime(0)
.ipsecPfs("string")
.build())
.enableDpd(false)
.networkType("string")
.customerGatewayId("string")
.tags(Map.of("string", "any"))
.tunnelOptionsSpecifications(ConnectionTunnelOptionsSpecificationArgs.builder()
.customerGatewayId("string")
.enableDpd(false)
.enableNatTraversal(false)
.internetIp("string")
.role("string")
.state("string")
.status("string")
.tunnelBgpConfig(ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs.builder()
.bgpStatus("string")
.localAsn("string")
.localBgpIp("string")
.peerAsn("string")
.peerBgpIp("string")
.tunnelCidr("string")
.build())
.tunnelId("string")
.tunnelIkeConfig(ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs.builder()
.ikeAuthAlg("string")
.ikeEncAlg("string")
.ikeLifetime(0)
.ikeMode("string")
.ikePfs("string")
.ikeVersion("string")
.localId("string")
.psk("string")
.remoteId("string")
.build())
.tunnelIpsecConfig(ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs.builder()
.ipsecAuthAlg("string")
.ipsecEncAlg("string")
.ipsecLifetime(0)
.ipsecPfs("string")
.build())
.zoneNo("string")
.build())
.vpnConnectionName("string")
.bgpConfig(ConnectionBgpConfigArgs.builder()
.enable(false)
.localAsn("string")
.localBgpIp("string")
.status("string")
.tunnelCidr("string")
.build())
.build());
exampleconnection_resource_resource_from_vpnconnection = alicloud.vpn.Connection("exampleconnectionResourceResourceFromVpnconnection",
local_subnets=["string"],
vpn_gateway_id="string",
remote_subnets=["string"],
ike_config=alicloud.vpn.ConnectionIkeConfigArgs(
ike_auth_alg="string",
ike_enc_alg="string",
ike_lifetime=0,
ike_local_id="string",
ike_mode="string",
ike_pfs="string",
ike_remote_id="string",
ike_version="string",
psk="string",
),
effect_immediately=False,
enable_nat_traversal=False,
enable_tunnels_bgp=False,
health_check_config=alicloud.vpn.ConnectionHealthCheckConfigArgs(
dip="string",
enable=False,
interval=0,
retry=0,
sip="string",
),
auto_config_route=False,
ipsec_config=alicloud.vpn.ConnectionIpsecConfigArgs(
ipsec_auth_alg="string",
ipsec_enc_alg="string",
ipsec_lifetime=0,
ipsec_pfs="string",
),
enable_dpd=False,
network_type="string",
customer_gateway_id="string",
tags={
"string": "any",
},
tunnel_options_specifications=[alicloud.vpn.ConnectionTunnelOptionsSpecificationArgs(
customer_gateway_id="string",
enable_dpd=False,
enable_nat_traversal=False,
internet_ip="string",
role="string",
state="string",
status="string",
tunnel_bgp_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs(
bgp_status="string",
local_asn="string",
local_bgp_ip="string",
peer_asn="string",
peer_bgp_ip="string",
tunnel_cidr="string",
),
tunnel_id="string",
tunnel_ike_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs(
ike_auth_alg="string",
ike_enc_alg="string",
ike_lifetime=0,
ike_mode="string",
ike_pfs="string",
ike_version="string",
local_id="string",
psk="string",
remote_id="string",
),
tunnel_ipsec_config=alicloud.vpn.ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs(
ipsec_auth_alg="string",
ipsec_enc_alg="string",
ipsec_lifetime=0,
ipsec_pfs="string",
),
zone_no="string",
)],
vpn_connection_name="string",
bgp_config=alicloud.vpn.ConnectionBgpConfigArgs(
enable=False,
local_asn="string",
local_bgp_ip="string",
status="string",
tunnel_cidr="string",
))
const exampleconnectionResourceResourceFromVpnconnection = new alicloud.vpn.Connection("exampleconnectionResourceResourceFromVpnconnection", {
localSubnets: ["string"],
vpnGatewayId: "string",
remoteSubnets: ["string"],
ikeConfig: {
ikeAuthAlg: "string",
ikeEncAlg: "string",
ikeLifetime: 0,
ikeLocalId: "string",
ikeMode: "string",
ikePfs: "string",
ikeRemoteId: "string",
ikeVersion: "string",
psk: "string",
},
effectImmediately: false,
enableNatTraversal: false,
enableTunnelsBgp: false,
healthCheckConfig: {
dip: "string",
enable: false,
interval: 0,
retry: 0,
sip: "string",
},
autoConfigRoute: false,
ipsecConfig: {
ipsecAuthAlg: "string",
ipsecEncAlg: "string",
ipsecLifetime: 0,
ipsecPfs: "string",
},
enableDpd: false,
networkType: "string",
customerGatewayId: "string",
tags: {
string: "any",
},
tunnelOptionsSpecifications: [{
customerGatewayId: "string",
enableDpd: false,
enableNatTraversal: false,
internetIp: "string",
role: "string",
state: "string",
status: "string",
tunnelBgpConfig: {
bgpStatus: "string",
localAsn: "string",
localBgpIp: "string",
peerAsn: "string",
peerBgpIp: "string",
tunnelCidr: "string",
},
tunnelId: "string",
tunnelIkeConfig: {
ikeAuthAlg: "string",
ikeEncAlg: "string",
ikeLifetime: 0,
ikeMode: "string",
ikePfs: "string",
ikeVersion: "string",
localId: "string",
psk: "string",
remoteId: "string",
},
tunnelIpsecConfig: {
ipsecAuthAlg: "string",
ipsecEncAlg: "string",
ipsecLifetime: 0,
ipsecPfs: "string",
},
zoneNo: "string",
}],
vpnConnectionName: "string",
bgpConfig: {
enable: false,
localAsn: "string",
localBgpIp: "string",
status: "string",
tunnelCidr: "string",
},
});
type: alicloud:vpn:Connection
properties:
autoConfigRoute: false
bgpConfig:
enable: false
localAsn: string
localBgpIp: string
status: string
tunnelCidr: string
customerGatewayId: string
effectImmediately: false
enableDpd: false
enableNatTraversal: false
enableTunnelsBgp: false
healthCheckConfig:
dip: string
enable: false
interval: 0
retry: 0
sip: string
ikeConfig:
ikeAuthAlg: string
ikeEncAlg: string
ikeLifetime: 0
ikeLocalId: string
ikeMode: string
ikePfs: string
ikeRemoteId: string
ikeVersion: string
psk: string
ipsecConfig:
ipsecAuthAlg: string
ipsecEncAlg: string
ipsecLifetime: 0
ipsecPfs: string
localSubnets:
- string
networkType: string
remoteSubnets:
- string
tags:
string: any
tunnelOptionsSpecifications:
- customerGatewayId: string
enableDpd: false
enableNatTraversal: false
internetIp: string
role: string
state: string
status: string
tunnelBgpConfig:
bgpStatus: string
localAsn: string
localBgpIp: string
peerAsn: string
peerBgpIp: string
tunnelCidr: string
tunnelId: string
tunnelIkeConfig:
ikeAuthAlg: string
ikeEncAlg: string
ikeLifetime: 0
ikeMode: string
ikePfs: string
ikeVersion: string
localId: string
psk: string
remoteId: string
tunnelIpsecConfig:
ipsecAuthAlg: string
ipsecEncAlg: string
ipsecLifetime: 0
ipsecPfs: string
zoneNo: string
vpnConnectionName: string
vpnGatewayId: string
Connection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Connection resource accepts the following input properties:
- Local
Subnets List<string> - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Remote
Subnets List<string> - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Vpn
Gateway stringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- Auto
Config boolRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- Bgp
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Bgp Config - vpnBgp configuration. See
bgp_configbelow. - Customer
Gateway stringId - The ID of the customer gateway.
- Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Wether enable Dpd detection.
- Enable
Nat boolTraversal - enable nat traversal.
- Enable
Tunnels boolBgp - Enable tunnel bgp.
- Health
Check Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Health Check Config - Health Check information. See
health_check_configbelow. - Ike
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ike Config - The configuration of Phase 1 negotiations. See
ike_configbelow. - Ipsec
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ipsec Config - IPsec configuration. See
ipsec_configbelow. - Name string
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- Network
Type string - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- Dictionary<string, object>
- Tags.
- Tunnel
Options List<Pulumi.Specifications Ali Cloud. Vpn. Inputs. Connection Tunnel Options Specification> - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - Vpn
Connection stringName - The name of the IPsec-VPN connection.
- Local
Subnets []string - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Remote
Subnets []string - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Vpn
Gateway stringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- Auto
Config boolRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- Bgp
Config ConnectionBgp Config Args - vpnBgp configuration. See
bgp_configbelow. - Customer
Gateway stringId - The ID of the customer gateway.
- Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Wether enable Dpd detection.
- Enable
Nat boolTraversal - enable nat traversal.
- Enable
Tunnels boolBgp - Enable tunnel bgp.
- Health
Check ConnectionConfig Health Check Config Args - Health Check information. See
health_check_configbelow. - Ike
Config ConnectionIke Config Args - The configuration of Phase 1 negotiations. See
ike_configbelow. - Ipsec
Config ConnectionIpsec Config Args - IPsec configuration. See
ipsec_configbelow. - Name string
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- Network
Type string - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- map[string]interface{}
- Tags.
- Tunnel
Options []ConnectionSpecifications Tunnel Options Specification Args - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - Vpn
Connection stringName - The name of the IPsec-VPN connection.
- local
Subnets List<String> - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote
Subnets List<String> - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn
Gateway StringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto
Config BooleanRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp
Config ConnectionBgp Config - vpnBgp configuration. See
bgp_configbelow. - customer
Gateway StringId - The ID of the customer gateway.
- effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Wether enable Dpd detection.
- enable
Nat BooleanTraversal - enable nat traversal.
- enable
Tunnels BooleanBgp - Enable tunnel bgp.
- health
Check ConnectionConfig Health Check Config - Health Check information. See
health_check_configbelow. - ike
Config ConnectionIke Config - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec
Config ConnectionIpsec Config - IPsec configuration. See
ipsec_configbelow. - name String
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network
Type String - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- Map<String,Object>
- Tags.
- tunnel
Options List<ConnectionSpecifications Tunnel Options Specification> - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn
Connection StringName - The name of the IPsec-VPN connection.
- local
Subnets string[] - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote
Subnets string[] - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn
Gateway stringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto
Config booleanRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp
Config ConnectionBgp Config - vpnBgp configuration. See
bgp_configbelow. - customer
Gateway stringId - The ID of the customer gateway.
- effect
Immediately boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd boolean - Wether enable Dpd detection.
- enable
Nat booleanTraversal - enable nat traversal.
- enable
Tunnels booleanBgp - Enable tunnel bgp.
- health
Check ConnectionConfig Health Check Config - Health Check information. See
health_check_configbelow. - ike
Config ConnectionIke Config - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec
Config ConnectionIpsec Config - IPsec configuration. See
ipsec_configbelow. - name string
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network
Type string - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- {[key: string]: any}
- Tags.
- tunnel
Options ConnectionSpecifications Tunnel Options Specification[] - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn
Connection stringName - The name of the IPsec-VPN connection.
- local_
subnets Sequence[str] - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote_
subnets Sequence[str] - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn_
gateway_ strid The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto_
config_ boolroute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp_
config ConnectionBgp Config Args - vpnBgp configuration. See
bgp_configbelow. - customer_
gateway_ strid - The ID of the customer gateway.
- effect_
immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable_
dpd bool - Wether enable Dpd detection.
- enable_
nat_ booltraversal - enable nat traversal.
- enable_
tunnels_ boolbgp - Enable tunnel bgp.
- health_
check_ Connectionconfig Health Check Config Args - Health Check information. See
health_check_configbelow. - ike_
config ConnectionIke Config Args - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec_
config ConnectionIpsec Config Args - IPsec configuration. See
ipsec_configbelow. - name str
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network_
type str - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- Mapping[str, Any]
- Tags.
- tunnel_
options_ Sequence[Connectionspecifications Tunnel Options Specification Args] - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn_
connection_ strname - The name of the IPsec-VPN connection.
- local
Subnets List<String> - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- remote
Subnets List<String> - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- vpn
Gateway StringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto
Config BooleanRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp
Config Property Map - vpnBgp configuration. See
bgp_configbelow. - customer
Gateway StringId - The ID of the customer gateway.
- effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Wether enable Dpd detection.
- enable
Nat BooleanTraversal - enable nat traversal.
- enable
Tunnels BooleanBgp - Enable tunnel bgp.
- health
Check Property MapConfig - Health Check information. See
health_check_configbelow. - ike
Config Property Map - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec
Config Property Map - IPsec configuration. See
ipsec_configbelow. - name String
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network
Type String - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- Map<Any>
- Tags.
- tunnel
Options List<Property Map>Specifications - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn
Connection StringName - The name of the IPsec-VPN connection.
Outputs
All input properties are implicitly available as output properties. Additionally, the Connection resource produces the following output properties:
- Create
Time int - The time when the IPsec-VPN connection was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Resource
Group stringId - The ID of the resource group.
- Status string
- The negotiation status of Tunnel.
- Create
Time int - The time when the IPsec-VPN connection was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Resource
Group stringId - The ID of the resource group.
- Status string
- The negotiation status of Tunnel.
- create
Time Integer - The time when the IPsec-VPN connection was created.
- id String
- The provider-assigned unique ID for this managed resource.
- resource
Group StringId - The ID of the resource group.
- status String
- The negotiation status of Tunnel.
- create
Time number - The time when the IPsec-VPN connection was created.
- id string
- The provider-assigned unique ID for this managed resource.
- resource
Group stringId - The ID of the resource group.
- status string
- The negotiation status of Tunnel.
- create_
time int - The time when the IPsec-VPN connection was created.
- id str
- The provider-assigned unique ID for this managed resource.
- resource_
group_ strid - The ID of the resource group.
- status str
- The negotiation status of Tunnel.
- create
Time Number - The time when the IPsec-VPN connection was created.
- id String
- The provider-assigned unique ID for this managed resource.
- resource
Group StringId - The ID of the resource group.
- status String
- The negotiation status of Tunnel.
Look up Existing Connection Resource
Get an existing Connection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ConnectionState, opts?: CustomResourceOptions): Connection@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auto_config_route: Optional[bool] = None,
bgp_config: Optional[ConnectionBgpConfigArgs] = None,
create_time: Optional[int] = None,
customer_gateway_id: Optional[str] = None,
effect_immediately: Optional[bool] = None,
enable_dpd: Optional[bool] = None,
enable_nat_traversal: Optional[bool] = None,
enable_tunnels_bgp: Optional[bool] = None,
health_check_config: Optional[ConnectionHealthCheckConfigArgs] = None,
ike_config: Optional[ConnectionIkeConfigArgs] = None,
ipsec_config: Optional[ConnectionIpsecConfigArgs] = None,
local_subnets: Optional[Sequence[str]] = None,
name: Optional[str] = None,
network_type: Optional[str] = None,
remote_subnets: Optional[Sequence[str]] = None,
resource_group_id: Optional[str] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None,
tunnel_options_specifications: Optional[Sequence[ConnectionTunnelOptionsSpecificationArgs]] = None,
vpn_connection_name: Optional[str] = None,
vpn_gateway_id: Optional[str] = None) -> Connectionfunc GetConnection(ctx *Context, name string, id IDInput, state *ConnectionState, opts ...ResourceOption) (*Connection, error)public static Connection Get(string name, Input<string> id, ConnectionState? state, CustomResourceOptions? opts = null)public static Connection get(String name, Output<String> id, ConnectionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auto
Config boolRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- Bgp
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Bgp Config - vpnBgp configuration. See
bgp_configbelow. - Create
Time int - The time when the IPsec-VPN connection was created.
- Customer
Gateway stringId - The ID of the customer gateway.
- Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Wether enable Dpd detection.
- Enable
Nat boolTraversal - enable nat traversal.
- Enable
Tunnels boolBgp - Enable tunnel bgp.
- Health
Check Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Health Check Config - Health Check information. See
health_check_configbelow. - Ike
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ike Config - The configuration of Phase 1 negotiations. See
ike_configbelow. - Ipsec
Config Pulumi.Ali Cloud. Vpn. Inputs. Connection Ipsec Config - IPsec configuration. See
ipsec_configbelow. - Local
Subnets List<string> - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Name string
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- Network
Type string - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- Remote
Subnets List<string> - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Resource
Group stringId - The ID of the resource group.
- Status string
- The negotiation status of Tunnel.
- Dictionary<string, object>
- Tags.
- Tunnel
Options List<Pulumi.Specifications Ali Cloud. Vpn. Inputs. Connection Tunnel Options Specification> - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - Vpn
Connection stringName - The name of the IPsec-VPN connection.
- Vpn
Gateway stringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- Auto
Config boolRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- Bgp
Config ConnectionBgp Config Args - vpnBgp configuration. See
bgp_configbelow. - Create
Time int - The time when the IPsec-VPN connection was created.
- Customer
Gateway stringId - The ID of the customer gateway.
- Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Wether enable Dpd detection.
- Enable
Nat boolTraversal - enable nat traversal.
- Enable
Tunnels boolBgp - Enable tunnel bgp.
- Health
Check ConnectionConfig Health Check Config Args - Health Check information. See
health_check_configbelow. - Ike
Config ConnectionIke Config Args - The configuration of Phase 1 negotiations. See
ike_configbelow. - Ipsec
Config ConnectionIpsec Config Args - IPsec configuration. See
ipsec_configbelow. - Local
Subnets []string - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- Name string
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- Network
Type string - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- Remote
Subnets []string - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- Resource
Group stringId - The ID of the resource group.
- Status string
- The negotiation status of Tunnel.
- map[string]interface{}
- Tags.
- Tunnel
Options []ConnectionSpecifications Tunnel Options Specification Args - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - Vpn
Connection stringName - The name of the IPsec-VPN connection.
- Vpn
Gateway stringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto
Config BooleanRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp
Config ConnectionBgp Config - vpnBgp configuration. See
bgp_configbelow. - create
Time Integer - The time when the IPsec-VPN connection was created.
- customer
Gateway StringId - The ID of the customer gateway.
- effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Wether enable Dpd detection.
- enable
Nat BooleanTraversal - enable nat traversal.
- enable
Tunnels BooleanBgp - Enable tunnel bgp.
- health
Check ConnectionConfig Health Check Config - Health Check information. See
health_check_configbelow. - ike
Config ConnectionIke Config - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec
Config ConnectionIpsec Config - IPsec configuration. See
ipsec_configbelow. - local
Subnets List<String> - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name String
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network
Type String - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- remote
Subnets List<String> - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- resource
Group StringId - The ID of the resource group.
- status String
- The negotiation status of Tunnel.
- Map<String,Object>
- Tags.
- tunnel
Options List<ConnectionSpecifications Tunnel Options Specification> - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn
Connection StringName - The name of the IPsec-VPN connection.
- vpn
Gateway StringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto
Config booleanRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp
Config ConnectionBgp Config - vpnBgp configuration. See
bgp_configbelow. - create
Time number - The time when the IPsec-VPN connection was created.
- customer
Gateway stringId - The ID of the customer gateway.
- effect
Immediately boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd boolean - Wether enable Dpd detection.
- enable
Nat booleanTraversal - enable nat traversal.
- enable
Tunnels booleanBgp - Enable tunnel bgp.
- health
Check ConnectionConfig Health Check Config - Health Check information. See
health_check_configbelow. - ike
Config ConnectionIke Config - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec
Config ConnectionIpsec Config - IPsec configuration. See
ipsec_configbelow. - local
Subnets string[] - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name string
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network
Type string - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- remote
Subnets string[] - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- resource
Group stringId - The ID of the resource group.
- status string
- The negotiation status of Tunnel.
- {[key: string]: any}
- Tags.
- tunnel
Options ConnectionSpecifications Tunnel Options Specification[] - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn
Connection stringName - The name of the IPsec-VPN connection.
- vpn
Gateway stringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto_
config_ boolroute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp_
config ConnectionBgp Config Args - vpnBgp configuration. See
bgp_configbelow. - create_
time int - The time when the IPsec-VPN connection was created.
- customer_
gateway_ strid - The ID of the customer gateway.
- effect_
immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable_
dpd bool - Wether enable Dpd detection.
- enable_
nat_ booltraversal - enable nat traversal.
- enable_
tunnels_ boolbgp - Enable tunnel bgp.
- health_
check_ Connectionconfig Health Check Config Args - Health Check information. See
health_check_configbelow. - ike_
config ConnectionIke Config Args - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec_
config ConnectionIpsec Config Args - IPsec configuration. See
ipsec_configbelow. - local_
subnets Sequence[str] - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name str
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network_
type str - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- remote_
subnets Sequence[str] - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- resource_
group_ strid - The ID of the resource group.
- status str
- The negotiation status of Tunnel.
- Mapping[str, Any]
- Tags.
- tunnel_
options_ Sequence[Connectionspecifications Tunnel Options Specification Args] - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn_
connection_ strname - The name of the IPsec-VPN connection.
- vpn_
gateway_ strid The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
- auto
Config BooleanRoute - Whether to configure routing automatically. Value:
- true: Automatically configure routes.
- false: does not automatically configure routes.
- bgp
Config Property Map - vpnBgp configuration. See
bgp_configbelow. - create
Time Number - The time when the IPsec-VPN connection was created.
- customer
Gateway StringId - The ID of the customer gateway.
- effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Wether enable Dpd detection.
- enable
Nat BooleanTraversal - enable nat traversal.
- enable
Tunnels BooleanBgp - Enable tunnel bgp.
- health
Check Property MapConfig - Health Check information. See
health_check_configbelow. - ike
Config Property Map - The configuration of Phase 1 negotiations. See
ike_configbelow. - ipsec
Config Property Map - IPsec configuration. See
ipsec_configbelow. - local
Subnets List<String> - The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation.
- name String
- . Field 'name' has been deprecated from provider version 1.216.0. New field 'vpn_connection_name' instead.
- network
Type String - The network type of the IPsec connection. Value:
- public: public network, indicating that the IPsec connection establishes an encrypted communication channel through the public network.
- private: private network, indicating that the IPsec connection establishes an encrypted communication channel through the private network.
- remote
Subnets List<String> - The CIDR block of the local data center. This parameter is used for phase-two negotiation.
- resource
Group StringId - The ID of the resource group.
- status String
- The negotiation status of Tunnel.
- Map<Any>
- Tags.
- tunnel
Options List<Property Map>Specifications - The tunnel options of IPsec. See
tunnel_options_specificationbelow. - vpn
Connection StringName - The name of the IPsec-VPN connection.
- vpn
Gateway StringId The ID of the VPN gateway.
The following arguments will be discarded. Please use new fields as soon as possible:
Supporting Types
ConnectionBgpConfig, ConnectionBgpConfigArgs
- Enable bool
- Bgp enable.
- Local
Asn string - Local asn.
- Local
Bgp stringIp - Local bgp IP.
- Status string
- The negotiation status of Tunnel.
- Tunnel
Cidr string - IPSec tunnel Cidr.
- Enable bool
- Bgp enable.
- Local
Asn string - Local asn.
- Local
Bgp stringIp - Local bgp IP.
- Status string
- The negotiation status of Tunnel.
- Tunnel
Cidr string - IPSec tunnel Cidr.
- enable Boolean
- Bgp enable.
- local
Asn String - Local asn.
- local
Bgp StringIp - Local bgp IP.
- status String
- The negotiation status of Tunnel.
- tunnel
Cidr String - IPSec tunnel Cidr.
- enable boolean
- Bgp enable.
- local
Asn string - Local asn.
- local
Bgp stringIp - Local bgp IP.
- status string
- The negotiation status of Tunnel.
- tunnel
Cidr string - IPSec tunnel Cidr.
- enable bool
- Bgp enable.
- local_
asn str - Local asn.
- local_
bgp_ strip - Local bgp IP.
- status str
- The negotiation status of Tunnel.
- tunnel_
cidr str - IPSec tunnel Cidr.
- enable Boolean
- Bgp enable.
- local
Asn String - Local asn.
- local
Bgp StringIp - Local bgp IP.
- status String
- The negotiation status of Tunnel.
- tunnel
Cidr String - IPSec tunnel Cidr.
ConnectionHealthCheckConfig, ConnectionHealthCheckConfigArgs
ConnectionIkeConfig, ConnectionIkeConfigArgs
- Ike
Auth stringAlg - IKE auth Algorithm.
- Ike
Enc stringAlg - IKE encript algorithm.
- Ike
Lifetime int - IKE lifetime.
- Ike
Local stringId - The local ID, which supports the FQDN and IP formats, and defaults to the IP address of the selected VPN gateway.
- Ike
Mode string - IKE mode, supports main and aggressive mode. The main mode is highly secure. If NAT traversal is enabled, we recommend that you use the aggressive mode.
- Ike
Pfs string - DH group.
- Ike
Remote stringId - The peer ID. The FQDN and IP address formats are supported. The default value is the IP address of the selected customer gateway.
- Ike
Version string - IKE version.
- Psk string
- Preshared secret key.
- Ike
Auth stringAlg - IKE auth Algorithm.
- Ike
Enc stringAlg - IKE encript algorithm.
- Ike
Lifetime int - IKE lifetime.
- Ike
Local stringId - The local ID, which supports the FQDN and IP formats, and defaults to the IP address of the selected VPN gateway.
- Ike
Mode string - IKE mode, supports main and aggressive mode. The main mode is highly secure. If NAT traversal is enabled, we recommend that you use the aggressive mode.
- Ike
Pfs string - DH group.
- Ike
Remote stringId - The peer ID. The FQDN and IP address formats are supported. The default value is the IP address of the selected customer gateway.
- Ike
Version string - IKE version.
- Psk string
- Preshared secret key.
- ike
Auth StringAlg - IKE auth Algorithm.
- ike
Enc StringAlg - IKE encript algorithm.
- ike
Lifetime Integer - IKE lifetime.
- ike
Local StringId - The local ID, which supports the FQDN and IP formats, and defaults to the IP address of the selected VPN gateway.
- ike
Mode String - IKE mode, supports main and aggressive mode. The main mode is highly secure. If NAT traversal is enabled, we recommend that you use the aggressive mode.
- ike
Pfs String - DH group.
- ike
Remote StringId - The peer ID. The FQDN and IP address formats are supported. The default value is the IP address of the selected customer gateway.
- ike
Version String - IKE version.
- psk String
- Preshared secret key.
- ike
Auth stringAlg - IKE auth Algorithm.
- ike
Enc stringAlg - IKE encript algorithm.
- ike
Lifetime number - IKE lifetime.
- ike
Local stringId - The local ID, which supports the FQDN and IP formats, and defaults to the IP address of the selected VPN gateway.
- ike
Mode string - IKE mode, supports main and aggressive mode. The main mode is highly secure. If NAT traversal is enabled, we recommend that you use the aggressive mode.
- ike
Pfs string - DH group.
- ike
Remote stringId - The peer ID. The FQDN and IP address formats are supported. The default value is the IP address of the selected customer gateway.
- ike
Version string - IKE version.
- psk string
- Preshared secret key.
- ike_
auth_ stralg - IKE auth Algorithm.
- ike_
enc_ stralg - IKE encript algorithm.
- ike_
lifetime int - IKE lifetime.
- ike_
local_ strid - The local ID, which supports the FQDN and IP formats, and defaults to the IP address of the selected VPN gateway.
- ike_
mode str - IKE mode, supports main and aggressive mode. The main mode is highly secure. If NAT traversal is enabled, we recommend that you use the aggressive mode.
- ike_
pfs str - DH group.
- ike_
remote_ strid - The peer ID. The FQDN and IP address formats are supported. The default value is the IP address of the selected customer gateway.
- ike_
version str - IKE version.
- psk str
- Preshared secret key.
- ike
Auth StringAlg - IKE auth Algorithm.
- ike
Enc StringAlg - IKE encript algorithm.
- ike
Lifetime Number - IKE lifetime.
- ike
Local StringId - The local ID, which supports the FQDN and IP formats, and defaults to the IP address of the selected VPN gateway.
- ike
Mode String - IKE mode, supports main and aggressive mode. The main mode is highly secure. If NAT traversal is enabled, we recommend that you use the aggressive mode.
- ike
Pfs String - DH group.
- ike
Remote StringId - The peer ID. The FQDN and IP address formats are supported. The default value is the IP address of the selected customer gateway.
- ike
Version String - IKE version.
- psk String
- Preshared secret key.
ConnectionIpsecConfig, ConnectionIpsecConfigArgs
- Ipsec
Auth stringAlg - IPsec authentication algorithm. sha1 and md5 are supported.
- Ipsec
Enc stringAlg - IPsec Encript algorithm.
- Ipsec
Lifetime int - IPsec lifetime.
- Ipsec
Pfs string - DH Group.
- Ipsec
Auth stringAlg - IPsec authentication algorithm. sha1 and md5 are supported.
- Ipsec
Enc stringAlg - IPsec Encript algorithm.
- Ipsec
Lifetime int - IPsec lifetime.
- Ipsec
Pfs string - DH Group.
- ipsec
Auth StringAlg - IPsec authentication algorithm. sha1 and md5 are supported.
- ipsec
Enc StringAlg - IPsec Encript algorithm.
- ipsec
Lifetime Integer - IPsec lifetime.
- ipsec
Pfs String - DH Group.
- ipsec
Auth stringAlg - IPsec authentication algorithm. sha1 and md5 are supported.
- ipsec
Enc stringAlg - IPsec Encript algorithm.
- ipsec
Lifetime number - IPsec lifetime.
- ipsec
Pfs string - DH Group.
- ipsec_
auth_ stralg - IPsec authentication algorithm. sha1 and md5 are supported.
- ipsec_
enc_ stralg - IPsec Encript algorithm.
- ipsec_
lifetime int - IPsec lifetime.
- ipsec_
pfs str - DH Group.
- ipsec
Auth StringAlg - IPsec authentication algorithm. sha1 and md5 are supported.
- ipsec
Enc StringAlg - IPsec Encript algorithm.
- ipsec
Lifetime Number - IPsec lifetime.
- ipsec
Pfs String - DH Group.
ConnectionTunnelOptionsSpecification, ConnectionTunnelOptionsSpecificationArgs
- Customer
Gateway stringId - The ID of the customer gateway in Tunnel.
- Enable
Dpd bool - Wether enable Dpd detection.
- Enable
Nat boolTraversal - enable nat traversal.
- Internet
Ip string - The local internet IP in Tunnel.
- Role string
- The role of Tunnel.
- State string
- The state of Tunnel.
- Status string
- The negotiation status of Tunnel.
- Tunnel
Bgp Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Tunnel Options Specification Tunnel Bgp Config - The bgp config of Tunnel. See
tunnel_bgp_configbelow. - Tunnel
Id string - The tunnel ID of IPsec-VPN connection.
- Tunnel
Ike Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Tunnel Options Specification Tunnel Ike Config - The configuration of Phase 1 negotiations in Tunnel. See
tunnel_ike_configbelow. - Tunnel
Ipsec Pulumi.Config Ali Cloud. Vpn. Inputs. Connection Tunnel Options Specification Tunnel Ipsec Config - IPsec configuration in Tunnel. See
tunnel_ipsec_configbelow. - Zone
No string - The zoneNo of tunnel.
- Customer
Gateway stringId - The ID of the customer gateway in Tunnel.
- Enable
Dpd bool - Wether enable Dpd detection.
- Enable
Nat boolTraversal - enable nat traversal.
- Internet
Ip string - The local internet IP in Tunnel.
- Role string
- The role of Tunnel.
- State string
- The state of Tunnel.
- Status string
- The negotiation status of Tunnel.
- Tunnel
Bgp ConnectionConfig Tunnel Options Specification Tunnel Bgp Config - The bgp config of Tunnel. See
tunnel_bgp_configbelow. - Tunnel
Id string - The tunnel ID of IPsec-VPN connection.
- Tunnel
Ike ConnectionConfig Tunnel Options Specification Tunnel Ike Config - The configuration of Phase 1 negotiations in Tunnel. See
tunnel_ike_configbelow. - Tunnel
Ipsec ConnectionConfig Tunnel Options Specification Tunnel Ipsec Config - IPsec configuration in Tunnel. See
tunnel_ipsec_configbelow. - Zone
No string - The zoneNo of tunnel.
- customer
Gateway StringId - The ID of the customer gateway in Tunnel.
- enable
Dpd Boolean - Wether enable Dpd detection.
- enable
Nat BooleanTraversal - enable nat traversal.
- internet
Ip String - The local internet IP in Tunnel.
- role String
- The role of Tunnel.
- state String
- The state of Tunnel.
- status String
- The negotiation status of Tunnel.
- tunnel
Bgp ConnectionConfig Tunnel Options Specification Tunnel Bgp Config - The bgp config of Tunnel. See
tunnel_bgp_configbelow. - tunnel
Id String - The tunnel ID of IPsec-VPN connection.
- tunnel
Ike ConnectionConfig Tunnel Options Specification Tunnel Ike Config - The configuration of Phase 1 negotiations in Tunnel. See
tunnel_ike_configbelow. - tunnel
Ipsec ConnectionConfig Tunnel Options Specification Tunnel Ipsec Config - IPsec configuration in Tunnel. See
tunnel_ipsec_configbelow. - zone
No String - The zoneNo of tunnel.
- customer
Gateway stringId - The ID of the customer gateway in Tunnel.
- enable
Dpd boolean - Wether enable Dpd detection.
- enable
Nat booleanTraversal - enable nat traversal.
- internet
Ip string - The local internet IP in Tunnel.
- role string
- The role of Tunnel.
- state string
- The state of Tunnel.
- status string
- The negotiation status of Tunnel.
- tunnel
Bgp ConnectionConfig Tunnel Options Specification Tunnel Bgp Config - The bgp config of Tunnel. See
tunnel_bgp_configbelow. - tunnel
Id string - The tunnel ID of IPsec-VPN connection.
- tunnel
Ike ConnectionConfig Tunnel Options Specification Tunnel Ike Config - The configuration of Phase 1 negotiations in Tunnel. See
tunnel_ike_configbelow. - tunnel
Ipsec ConnectionConfig Tunnel Options Specification Tunnel Ipsec Config - IPsec configuration in Tunnel. See
tunnel_ipsec_configbelow. - zone
No string - The zoneNo of tunnel.
- customer_
gateway_ strid - The ID of the customer gateway in Tunnel.
- enable_
dpd bool - Wether enable Dpd detection.
- enable_
nat_ booltraversal - enable nat traversal.
- internet_
ip str - The local internet IP in Tunnel.
- role str
- The role of Tunnel.
- state str
- The state of Tunnel.
- status str
- The negotiation status of Tunnel.
- tunnel_
bgp_ Connectionconfig Tunnel Options Specification Tunnel Bgp Config - The bgp config of Tunnel. See
tunnel_bgp_configbelow. - tunnel_
id str - The tunnel ID of IPsec-VPN connection.
- tunnel_
ike_ Connectionconfig Tunnel Options Specification Tunnel Ike Config - The configuration of Phase 1 negotiations in Tunnel. See
tunnel_ike_configbelow. - tunnel_
ipsec_ Connectionconfig Tunnel Options Specification Tunnel Ipsec Config - IPsec configuration in Tunnel. See
tunnel_ipsec_configbelow. - zone_
no str - The zoneNo of tunnel.
- customer
Gateway StringId - The ID of the customer gateway in Tunnel.
- enable
Dpd Boolean - Wether enable Dpd detection.
- enable
Nat BooleanTraversal - enable nat traversal.
- internet
Ip String - The local internet IP in Tunnel.
- role String
- The role of Tunnel.
- state String
- The state of Tunnel.
- status String
- The negotiation status of Tunnel.
- tunnel
Bgp Property MapConfig - The bgp config of Tunnel. See
tunnel_bgp_configbelow. - tunnel
Id String - The tunnel ID of IPsec-VPN connection.
- tunnel
Ike Property MapConfig - The configuration of Phase 1 negotiations in Tunnel. See
tunnel_ike_configbelow. - tunnel
Ipsec Property MapConfig - IPsec configuration in Tunnel. See
tunnel_ipsec_configbelow. - zone
No String - The zoneNo of tunnel.
ConnectionTunnelOptionsSpecificationTunnelBgpConfig, ConnectionTunnelOptionsSpecificationTunnelBgpConfigArgs
- Bgp
Status string - Whether BGP function is turned on.
- Local
Asn string - Local
Bgp stringIp - Peer
Asn string - Peer asn.
- Peer
Bgp stringIp - Peer bgp ip.
- Tunnel
Cidr string
- Bgp
Status string - Whether BGP function is turned on.
- Local
Asn string - Local
Bgp stringIp - Peer
Asn string - Peer asn.
- Peer
Bgp stringIp - Peer bgp ip.
- Tunnel
Cidr string
- bgp
Status String - Whether BGP function is turned on.
- local
Asn String - local
Bgp StringIp - peer
Asn String - Peer asn.
- peer
Bgp StringIp - Peer bgp ip.
- tunnel
Cidr String
- bgp
Status string - Whether BGP function is turned on.
- local
Asn string - local
Bgp stringIp - peer
Asn string - Peer asn.
- peer
Bgp stringIp - Peer bgp ip.
- tunnel
Cidr string
- bgp_
status str - Whether BGP function is turned on.
- local_
asn str - local_
bgp_ strip - peer_
asn str - Peer asn.
- peer_
bgp_ strip - Peer bgp ip.
- tunnel_
cidr str
- bgp
Status String - Whether BGP function is turned on.
- local
Asn String - local
Bgp StringIp - peer
Asn String - Peer asn.
- peer
Bgp StringIp - Peer bgp ip.
- tunnel
Cidr String
ConnectionTunnelOptionsSpecificationTunnelIkeConfig, ConnectionTunnelOptionsSpecificationTunnelIkeConfigArgs
- Ike
Auth stringAlg - Ike
Enc stringAlg - Ike
Lifetime int - Ike
Mode string - Ike
Pfs string - Ike
Version string - Local
Id string - Psk string
- Remote
Id string
- Ike
Auth stringAlg - Ike
Enc stringAlg - Ike
Lifetime int - Ike
Mode string - Ike
Pfs string - Ike
Version string - Local
Id string - Psk string
- Remote
Id string
- ike
Auth StringAlg - ike
Enc StringAlg - ike
Lifetime Integer - ike
Mode String - ike
Pfs String - ike
Version String - local
Id String - psk String
- remote
Id String
- ike
Auth stringAlg - ike
Enc stringAlg - ike
Lifetime number - ike
Mode string - ike
Pfs string - ike
Version string - local
Id string - psk string
- remote
Id string
- ike_
auth_ stralg - ike_
enc_ stralg - ike_
lifetime int - ike_
mode str - ike_
pfs str - ike_
version str - local_
id str - psk str
- remote_
id str
- ike
Auth StringAlg - ike
Enc StringAlg - ike
Lifetime Number - ike
Mode String - ike
Pfs String - ike
Version String - local
Id String - psk String
- remote
Id String
ConnectionTunnelOptionsSpecificationTunnelIpsecConfig, ConnectionTunnelOptionsSpecificationTunnelIpsecConfigArgs
- Ipsec
Auth stringAlg - Ipsec
Enc stringAlg - Ipsec
Lifetime int - Ipsec
Pfs string
- Ipsec
Auth stringAlg - Ipsec
Enc stringAlg - Ipsec
Lifetime int - Ipsec
Pfs string
- ipsec
Auth StringAlg - ipsec
Enc StringAlg - ipsec
Lifetime Integer - ipsec
Pfs String
- ipsec
Auth stringAlg - ipsec
Enc stringAlg - ipsec
Lifetime number - ipsec
Pfs string
- ipsec_
auth_ stralg - ipsec_
enc_ stralg - ipsec_
lifetime int - ipsec_
pfs str
- ipsec
Auth StringAlg - ipsec
Enc StringAlg - ipsec
Lifetime Number - ipsec
Pfs String
Import
VPN connection can be imported using the id, e.g.
$ pulumi import alicloud:vpn/connection:Connection example <id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.