We recommend using Azure Native.
azure.network.VpnGatewayConnection
Explore with Pulumi AI
Manages a VPN Gateway Connection.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleVirtualWan = new azure.network.VirtualWan("example", {
name: "example-vwan",
resourceGroupName: example.name,
location: example.location,
});
const exampleVirtualHub = new azure.network.VirtualHub("example", {
name: "example-hub",
resourceGroupName: example.name,
location: example.location,
virtualWanId: exampleVirtualWan.id,
addressPrefix: "10.0.0.0/24",
});
const exampleVpnGateway = new azure.network.VpnGateway("example", {
name: "example-vpng",
location: example.location,
resourceGroupName: example.name,
virtualHubId: exampleVirtualHub.id,
});
const exampleVpnSite = new azure.network.VpnSite("example", {
name: "example-vpn-site",
location: example.location,
resourceGroupName: example.name,
virtualWanId: exampleVirtualWan.id,
links: [
{
name: "link1",
ipAddress: "10.1.0.0",
},
{
name: "link2",
ipAddress: "10.2.0.0",
},
],
});
const exampleVpnGatewayConnection = new azure.network.VpnGatewayConnection("example", {
name: "example",
vpnGatewayId: exampleVpnGateway.id,
remoteVpnSiteId: exampleVpnSite.id,
vpnLinks: [
{
name: "link1",
vpnSiteLinkId: exampleVpnSite.links.apply(links => links?.[0]?.id),
},
{
name: "link2",
vpnSiteLinkId: exampleVpnSite.links.apply(links => links?.[1]?.id),
},
],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_virtual_wan = azure.network.VirtualWan("example",
name="example-vwan",
resource_group_name=example.name,
location=example.location)
example_virtual_hub = azure.network.VirtualHub("example",
name="example-hub",
resource_group_name=example.name,
location=example.location,
virtual_wan_id=example_virtual_wan.id,
address_prefix="10.0.0.0/24")
example_vpn_gateway = azure.network.VpnGateway("example",
name="example-vpng",
location=example.location,
resource_group_name=example.name,
virtual_hub_id=example_virtual_hub.id)
example_vpn_site = azure.network.VpnSite("example",
name="example-vpn-site",
location=example.location,
resource_group_name=example.name,
virtual_wan_id=example_virtual_wan.id,
links=[
{
"name": "link1",
"ip_address": "10.1.0.0",
},
{
"name": "link2",
"ip_address": "10.2.0.0",
},
])
example_vpn_gateway_connection = azure.network.VpnGatewayConnection("example",
name="example",
vpn_gateway_id=example_vpn_gateway.id,
remote_vpn_site_id=example_vpn_site.id,
vpn_links=[
{
"name": "link1",
"vpn_site_link_id": example_vpn_site.links[0].id,
},
{
"name": "link2",
"vpn_site_link_id": example_vpn_site.links[1].id,
},
])
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleVirtualWan, err := network.NewVirtualWan(ctx, "example", &network.VirtualWanArgs{
Name: pulumi.String("example-vwan"),
ResourceGroupName: example.Name,
Location: example.Location,
})
if err != nil {
return err
}
exampleVirtualHub, err := network.NewVirtualHub(ctx, "example", &network.VirtualHubArgs{
Name: pulumi.String("example-hub"),
ResourceGroupName: example.Name,
Location: example.Location,
VirtualWanId: exampleVirtualWan.ID(),
AddressPrefix: pulumi.String("10.0.0.0/24"),
})
if err != nil {
return err
}
exampleVpnGateway, err := network.NewVpnGateway(ctx, "example", &network.VpnGatewayArgs{
Name: pulumi.String("example-vpng"),
Location: example.Location,
ResourceGroupName: example.Name,
VirtualHubId: exampleVirtualHub.ID(),
})
if err != nil {
return err
}
exampleVpnSite, err := network.NewVpnSite(ctx, "example", &network.VpnSiteArgs{
Name: pulumi.String("example-vpn-site"),
Location: example.Location,
ResourceGroupName: example.Name,
VirtualWanId: exampleVirtualWan.ID(),
Links: network.VpnSiteLinkArray{
&network.VpnSiteLinkArgs{
Name: pulumi.String("link1"),
IpAddress: pulumi.String("10.1.0.0"),
},
&network.VpnSiteLinkArgs{
Name: pulumi.String("link2"),
IpAddress: pulumi.String("10.2.0.0"),
},
},
})
if err != nil {
return err
}
_, err = network.NewVpnGatewayConnection(ctx, "example", &network.VpnGatewayConnectionArgs{
Name: pulumi.String("example"),
VpnGatewayId: exampleVpnGateway.ID(),
RemoteVpnSiteId: exampleVpnSite.ID(),
VpnLinks: network.VpnGatewayConnectionVpnLinkArray{
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("link1"),
VpnSiteLinkId: exampleVpnSite.Links.ApplyT(func(links []network.VpnSiteLink) (*string, error) {
return &links[0].Id, nil
}).(pulumi.StringPtrOutput),
},
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("link2"),
VpnSiteLinkId: exampleVpnSite.Links.ApplyT(func(links []network.VpnSiteLink) (*string, error) {
return &links[1].Id, nil
}).(pulumi.StringPtrOutput),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleVirtualWan = new Azure.Network.VirtualWan("example", new()
{
Name = "example-vwan",
ResourceGroupName = example.Name,
Location = example.Location,
});
var exampleVirtualHub = new Azure.Network.VirtualHub("example", new()
{
Name = "example-hub",
ResourceGroupName = example.Name,
Location = example.Location,
VirtualWanId = exampleVirtualWan.Id,
AddressPrefix = "10.0.0.0/24",
});
var exampleVpnGateway = new Azure.Network.VpnGateway("example", new()
{
Name = "example-vpng",
Location = example.Location,
ResourceGroupName = example.Name,
VirtualHubId = exampleVirtualHub.Id,
});
var exampleVpnSite = new Azure.Network.VpnSite("example", new()
{
Name = "example-vpn-site",
Location = example.Location,
ResourceGroupName = example.Name,
VirtualWanId = exampleVirtualWan.Id,
Links = new[]
{
new Azure.Network.Inputs.VpnSiteLinkArgs
{
Name = "link1",
IpAddress = "10.1.0.0",
},
new Azure.Network.Inputs.VpnSiteLinkArgs
{
Name = "link2",
IpAddress = "10.2.0.0",
},
},
});
var exampleVpnGatewayConnection = new Azure.Network.VpnGatewayConnection("example", new()
{
Name = "example",
VpnGatewayId = exampleVpnGateway.Id,
RemoteVpnSiteId = exampleVpnSite.Id,
VpnLinks = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "link1",
VpnSiteLinkId = exampleVpnSite.Links.Apply(links => links[0]?.Id),
},
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "link2",
VpnSiteLinkId = exampleVpnSite.Links.Apply(links => links[1]?.Id),
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualWan;
import com.pulumi.azure.network.VirtualWanArgs;
import com.pulumi.azure.network.VirtualHub;
import com.pulumi.azure.network.VirtualHubArgs;
import com.pulumi.azure.network.VpnGateway;
import com.pulumi.azure.network.VpnGatewayArgs;
import com.pulumi.azure.network.VpnSite;
import com.pulumi.azure.network.VpnSiteArgs;
import com.pulumi.azure.network.inputs.VpnSiteLinkArgs;
import com.pulumi.azure.network.VpnGatewayConnection;
import com.pulumi.azure.network.VpnGatewayConnectionArgs;
import com.pulumi.azure.network.inputs.VpnGatewayConnectionVpnLinkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleVirtualWan = new VirtualWan("exampleVirtualWan", VirtualWanArgs.builder()
.name("example-vwan")
.resourceGroupName(example.name())
.location(example.location())
.build());
var exampleVirtualHub = new VirtualHub("exampleVirtualHub", VirtualHubArgs.builder()
.name("example-hub")
.resourceGroupName(example.name())
.location(example.location())
.virtualWanId(exampleVirtualWan.id())
.addressPrefix("10.0.0.0/24")
.build());
var exampleVpnGateway = new VpnGateway("exampleVpnGateway", VpnGatewayArgs.builder()
.name("example-vpng")
.location(example.location())
.resourceGroupName(example.name())
.virtualHubId(exampleVirtualHub.id())
.build());
var exampleVpnSite = new VpnSite("exampleVpnSite", VpnSiteArgs.builder()
.name("example-vpn-site")
.location(example.location())
.resourceGroupName(example.name())
.virtualWanId(exampleVirtualWan.id())
.links(
VpnSiteLinkArgs.builder()
.name("link1")
.ipAddress("10.1.0.0")
.build(),
VpnSiteLinkArgs.builder()
.name("link2")
.ipAddress("10.2.0.0")
.build())
.build());
var exampleVpnGatewayConnection = new VpnGatewayConnection("exampleVpnGatewayConnection", VpnGatewayConnectionArgs.builder()
.name("example")
.vpnGatewayId(exampleVpnGateway.id())
.remoteVpnSiteId(exampleVpnSite.id())
.vpnLinks(
VpnGatewayConnectionVpnLinkArgs.builder()
.name("link1")
.vpnSiteLinkId(exampleVpnSite.links().applyValue(links -> links[0].id()))
.build(),
VpnGatewayConnectionVpnLinkArgs.builder()
.name("link2")
.vpnSiteLinkId(exampleVpnSite.links().applyValue(links -> links[1].id()))
.build())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleVirtualWan:
type: azure:network:VirtualWan
name: example
properties:
name: example-vwan
resourceGroupName: ${example.name}
location: ${example.location}
exampleVirtualHub:
type: azure:network:VirtualHub
name: example
properties:
name: example-hub
resourceGroupName: ${example.name}
location: ${example.location}
virtualWanId: ${exampleVirtualWan.id}
addressPrefix: 10.0.0.0/24
exampleVpnGateway:
type: azure:network:VpnGateway
name: example
properties:
name: example-vpng
location: ${example.location}
resourceGroupName: ${example.name}
virtualHubId: ${exampleVirtualHub.id}
exampleVpnSite:
type: azure:network:VpnSite
name: example
properties:
name: example-vpn-site
location: ${example.location}
resourceGroupName: ${example.name}
virtualWanId: ${exampleVirtualWan.id}
links:
- name: link1
ipAddress: 10.1.0.0
- name: link2
ipAddress: 10.2.0.0
exampleVpnGatewayConnection:
type: azure:network:VpnGatewayConnection
name: example
properties:
name: example
vpnGatewayId: ${exampleVpnGateway.id}
remoteVpnSiteId: ${exampleVpnSite.id}
vpnLinks:
- name: link1
vpnSiteLinkId: ${exampleVpnSite.links[0].id}
- name: link2
vpnSiteLinkId: ${exampleVpnSite.links[1].id}
Create VpnGatewayConnection Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpnGatewayConnection(name: string, args: VpnGatewayConnectionArgs, opts?: CustomResourceOptions);
@overload
def VpnGatewayConnection(resource_name: str,
args: VpnGatewayConnectionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpnGatewayConnection(resource_name: str,
opts: Optional[ResourceOptions] = None,
remote_vpn_site_id: Optional[str] = None,
vpn_gateway_id: Optional[str] = None,
vpn_links: Optional[Sequence[VpnGatewayConnectionVpnLinkArgs]] = None,
internet_security_enabled: Optional[bool] = None,
name: Optional[str] = None,
routing: Optional[VpnGatewayConnectionRoutingArgs] = None,
traffic_selector_policies: Optional[Sequence[VpnGatewayConnectionTrafficSelectorPolicyArgs]] = None)
func NewVpnGatewayConnection(ctx *Context, name string, args VpnGatewayConnectionArgs, opts ...ResourceOption) (*VpnGatewayConnection, error)
public VpnGatewayConnection(string name, VpnGatewayConnectionArgs args, CustomResourceOptions? opts = null)
public VpnGatewayConnection(String name, VpnGatewayConnectionArgs args)
public VpnGatewayConnection(String name, VpnGatewayConnectionArgs args, CustomResourceOptions options)
type: azure:network:VpnGatewayConnection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VpnGatewayConnectionArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. VpnGatewayConnectionArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VpnGatewayConnectionArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VpnGatewayConnectionArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. VpnGatewayConnectionArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpnGatewayConnectionResource = new Azure.Network.VpnGatewayConnection("vpnGatewayConnectionResource", new()
{
RemoteVpnSiteId = "string",
VpnGatewayId = "string",
VpnLinks = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "string",
VpnSiteLinkId = "string",
IpsecPolicies = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkIpsecPolicyArgs
{
DhGroup = "string",
EncryptionAlgorithm = "string",
IkeEncryptionAlgorithm = "string",
IkeIntegrityAlgorithm = "string",
IntegrityAlgorithm = "string",
PfsGroup = "string",
SaDataSizeKb = 0,
SaLifetimeSec = 0,
},
},
CustomBgpAddresses = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkCustomBgpAddressArgs
{
IpAddress = "string",
IpConfigurationId = "string",
},
},
EgressNatRuleIds = new[]
{
"string",
},
IngressNatRuleIds = new[]
{
"string",
},
BandwidthMbps = 0,
LocalAzureIpAddressEnabled = false,
ConnectionMode = "string",
PolicyBasedTrafficSelectorEnabled = false,
Protocol = "string",
RatelimitEnabled = false,
RouteWeight = 0,
SharedKey = "string",
BgpEnabled = false,
},
},
InternetSecurityEnabled = false,
Name = "string",
Routing = new Azure.Network.Inputs.VpnGatewayConnectionRoutingArgs
{
AssociatedRouteTable = "string",
InboundRouteMapId = "string",
OutboundRouteMapId = "string",
PropagatedRouteTable = new Azure.Network.Inputs.VpnGatewayConnectionRoutingPropagatedRouteTableArgs
{
RouteTableIds = new[]
{
"string",
},
Labels = new[]
{
"string",
},
},
},
TrafficSelectorPolicies = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionTrafficSelectorPolicyArgs
{
LocalAddressRanges = new[]
{
"string",
},
RemoteAddressRanges = new[]
{
"string",
},
},
},
});
example, err := network.NewVpnGatewayConnection(ctx, "vpnGatewayConnectionResource", &network.VpnGatewayConnectionArgs{
RemoteVpnSiteId: pulumi.String("string"),
VpnGatewayId: pulumi.String("string"),
VpnLinks: network.VpnGatewayConnectionVpnLinkArray{
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("string"),
VpnSiteLinkId: pulumi.String("string"),
IpsecPolicies: network.VpnGatewayConnectionVpnLinkIpsecPolicyArray{
&network.VpnGatewayConnectionVpnLinkIpsecPolicyArgs{
DhGroup: pulumi.String("string"),
EncryptionAlgorithm: pulumi.String("string"),
IkeEncryptionAlgorithm: pulumi.String("string"),
IkeIntegrityAlgorithm: pulumi.String("string"),
IntegrityAlgorithm: pulumi.String("string"),
PfsGroup: pulumi.String("string"),
SaDataSizeKb: pulumi.Int(0),
SaLifetimeSec: pulumi.Int(0),
},
},
CustomBgpAddresses: network.VpnGatewayConnectionVpnLinkCustomBgpAddressArray{
&network.VpnGatewayConnectionVpnLinkCustomBgpAddressArgs{
IpAddress: pulumi.String("string"),
IpConfigurationId: pulumi.String("string"),
},
},
EgressNatRuleIds: pulumi.StringArray{
pulumi.String("string"),
},
IngressNatRuleIds: pulumi.StringArray{
pulumi.String("string"),
},
BandwidthMbps: pulumi.Int(0),
LocalAzureIpAddressEnabled: pulumi.Bool(false),
ConnectionMode: pulumi.String("string"),
PolicyBasedTrafficSelectorEnabled: pulumi.Bool(false),
Protocol: pulumi.String("string"),
RatelimitEnabled: pulumi.Bool(false),
RouteWeight: pulumi.Int(0),
SharedKey: pulumi.String("string"),
BgpEnabled: pulumi.Bool(false),
},
},
InternetSecurityEnabled: pulumi.Bool(false),
Name: pulumi.String("string"),
Routing: &network.VpnGatewayConnectionRoutingArgs{
AssociatedRouteTable: pulumi.String("string"),
InboundRouteMapId: pulumi.String("string"),
OutboundRouteMapId: pulumi.String("string"),
PropagatedRouteTable: &network.VpnGatewayConnectionRoutingPropagatedRouteTableArgs{
RouteTableIds: pulumi.StringArray{
pulumi.String("string"),
},
Labels: pulumi.StringArray{
pulumi.String("string"),
},
},
},
TrafficSelectorPolicies: network.VpnGatewayConnectionTrafficSelectorPolicyArray{
&network.VpnGatewayConnectionTrafficSelectorPolicyArgs{
LocalAddressRanges: pulumi.StringArray{
pulumi.String("string"),
},
RemoteAddressRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
})
var vpnGatewayConnectionResource = new VpnGatewayConnection("vpnGatewayConnectionResource", VpnGatewayConnectionArgs.builder()
.remoteVpnSiteId("string")
.vpnGatewayId("string")
.vpnLinks(VpnGatewayConnectionVpnLinkArgs.builder()
.name("string")
.vpnSiteLinkId("string")
.ipsecPolicies(VpnGatewayConnectionVpnLinkIpsecPolicyArgs.builder()
.dhGroup("string")
.encryptionAlgorithm("string")
.ikeEncryptionAlgorithm("string")
.ikeIntegrityAlgorithm("string")
.integrityAlgorithm("string")
.pfsGroup("string")
.saDataSizeKb(0)
.saLifetimeSec(0)
.build())
.customBgpAddresses(VpnGatewayConnectionVpnLinkCustomBgpAddressArgs.builder()
.ipAddress("string")
.ipConfigurationId("string")
.build())
.egressNatRuleIds("string")
.ingressNatRuleIds("string")
.bandwidthMbps(0)
.localAzureIpAddressEnabled(false)
.connectionMode("string")
.policyBasedTrafficSelectorEnabled(false)
.protocol("string")
.ratelimitEnabled(false)
.routeWeight(0)
.sharedKey("string")
.bgpEnabled(false)
.build())
.internetSecurityEnabled(false)
.name("string")
.routing(VpnGatewayConnectionRoutingArgs.builder()
.associatedRouteTable("string")
.inboundRouteMapId("string")
.outboundRouteMapId("string")
.propagatedRouteTable(VpnGatewayConnectionRoutingPropagatedRouteTableArgs.builder()
.routeTableIds("string")
.labels("string")
.build())
.build())
.trafficSelectorPolicies(VpnGatewayConnectionTrafficSelectorPolicyArgs.builder()
.localAddressRanges("string")
.remoteAddressRanges("string")
.build())
.build());
vpn_gateway_connection_resource = azure.network.VpnGatewayConnection("vpnGatewayConnectionResource",
remote_vpn_site_id="string",
vpn_gateway_id="string",
vpn_links=[{
"name": "string",
"vpn_site_link_id": "string",
"ipsec_policies": [{
"dh_group": "string",
"encryption_algorithm": "string",
"ike_encryption_algorithm": "string",
"ike_integrity_algorithm": "string",
"integrity_algorithm": "string",
"pfs_group": "string",
"sa_data_size_kb": 0,
"sa_lifetime_sec": 0,
}],
"custom_bgp_addresses": [{
"ip_address": "string",
"ip_configuration_id": "string",
}],
"egress_nat_rule_ids": ["string"],
"ingress_nat_rule_ids": ["string"],
"bandwidth_mbps": 0,
"local_azure_ip_address_enabled": False,
"connection_mode": "string",
"policy_based_traffic_selector_enabled": False,
"protocol": "string",
"ratelimit_enabled": False,
"route_weight": 0,
"shared_key": "string",
"bgp_enabled": False,
}],
internet_security_enabled=False,
name="string",
routing={
"associated_route_table": "string",
"inbound_route_map_id": "string",
"outbound_route_map_id": "string",
"propagated_route_table": {
"route_table_ids": ["string"],
"labels": ["string"],
},
},
traffic_selector_policies=[{
"local_address_ranges": ["string"],
"remote_address_ranges": ["string"],
}])
const vpnGatewayConnectionResource = new azure.network.VpnGatewayConnection("vpnGatewayConnectionResource", {
remoteVpnSiteId: "string",
vpnGatewayId: "string",
vpnLinks: [{
name: "string",
vpnSiteLinkId: "string",
ipsecPolicies: [{
dhGroup: "string",
encryptionAlgorithm: "string",
ikeEncryptionAlgorithm: "string",
ikeIntegrityAlgorithm: "string",
integrityAlgorithm: "string",
pfsGroup: "string",
saDataSizeKb: 0,
saLifetimeSec: 0,
}],
customBgpAddresses: [{
ipAddress: "string",
ipConfigurationId: "string",
}],
egressNatRuleIds: ["string"],
ingressNatRuleIds: ["string"],
bandwidthMbps: 0,
localAzureIpAddressEnabled: false,
connectionMode: "string",
policyBasedTrafficSelectorEnabled: false,
protocol: "string",
ratelimitEnabled: false,
routeWeight: 0,
sharedKey: "string",
bgpEnabled: false,
}],
internetSecurityEnabled: false,
name: "string",
routing: {
associatedRouteTable: "string",
inboundRouteMapId: "string",
outboundRouteMapId: "string",
propagatedRouteTable: {
routeTableIds: ["string"],
labels: ["string"],
},
},
trafficSelectorPolicies: [{
localAddressRanges: ["string"],
remoteAddressRanges: ["string"],
}],
});
type: azure:network:VpnGatewayConnection
properties:
internetSecurityEnabled: false
name: string
remoteVpnSiteId: string
routing:
associatedRouteTable: string
inboundRouteMapId: string
outboundRouteMapId: string
propagatedRouteTable:
labels:
- string
routeTableIds:
- string
trafficSelectorPolicies:
- localAddressRanges:
- string
remoteAddressRanges:
- string
vpnGatewayId: string
vpnLinks:
- bandwidthMbps: 0
bgpEnabled: false
connectionMode: string
customBgpAddresses:
- ipAddress: string
ipConfigurationId: string
egressNatRuleIds:
- string
ingressNatRuleIds:
- string
ipsecPolicies:
- dhGroup: string
encryptionAlgorithm: string
ikeEncryptionAlgorithm: string
ikeIntegrityAlgorithm: string
integrityAlgorithm: string
pfsGroup: string
saDataSizeKb: 0
saLifetimeSec: 0
localAzureIpAddressEnabled: false
name: string
policyBasedTrafficSelectorEnabled: false
protocol: string
ratelimitEnabled: false
routeWeight: 0
sharedKey: string
vpnSiteLinkId: string
VpnGatewayConnection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VpnGatewayConnection resource accepts the following input properties:
- Remote
Vpn Site Id This property is required. Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Gateway Id This property is required. Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links This property is required. List<VpnGateway Connection Vpn Link> - One or more
vpn_link
blocks as defined below. - Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - Name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policy
blocks as defined below.
- Remote
Vpn Site Id This property is required. Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Gateway Id This property is required. Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links This property is required. []VpnGateway Connection Vpn Link Args - One or more
vpn_link
blocks as defined below. - Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - Name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing Args - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector []VpnPolicies Gateway Connection Traffic Selector Policy Args - One or more
traffic_selector_policy
blocks as defined below.
- remote
Vpn Site Id This property is required. Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway Id This property is required. Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links This property is required. List<VpnGateway Connection Vpn Link> - One or more
vpn_link
blocks as defined below. - internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policy
blocks as defined below.
- remote
Vpn Site Id This property is required. Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway Id This property is required. Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links This property is required. VpnGateway Connection Vpn Link[] - One or more
vpn_link
blocks as defined below. - internet
Security booleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector VpnPolicies Gateway Connection Traffic Selector Policy[] - One or more
traffic_selector_policy
blocks as defined below.
- remote_
vpn_ site_ id This property is required. Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
gateway_ id This property is required. Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
links This property is required. Sequence[VpnGateway Connection Vpn Link Args] - One or more
vpn_link
blocks as defined below. - internet_
security_ boolenabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing Args - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic_
selector_ Sequence[Vpnpolicies Gateway Connection Traffic Selector Policy Args] - One or more
traffic_selector_policy
blocks as defined below.
- remote
Vpn Site Id This property is required. Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway Id This property is required. Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links This property is required. List<Property Map> - One or more
vpn_link
blocks as defined below. - internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing Property Map
- A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<Property Map>Policies - One or more
traffic_selector_policy
blocks as defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the VpnGatewayConnection resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing VpnGatewayConnection Resource
Get an existing VpnGatewayConnection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpnGatewayConnectionState, opts?: CustomResourceOptions): VpnGatewayConnection
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
internet_security_enabled: Optional[bool] = None,
name: Optional[str] = None,
remote_vpn_site_id: Optional[str] = None,
routing: Optional[VpnGatewayConnectionRoutingArgs] = None,
traffic_selector_policies: Optional[Sequence[VpnGatewayConnectionTrafficSelectorPolicyArgs]] = None,
vpn_gateway_id: Optional[str] = None,
vpn_links: Optional[Sequence[VpnGatewayConnectionVpnLinkArgs]] = None) -> VpnGatewayConnection
func GetVpnGatewayConnection(ctx *Context, name string, id IDInput, state *VpnGatewayConnectionState, opts ...ResourceOption) (*VpnGatewayConnection, error)
public static VpnGatewayConnection Get(string name, Input<string> id, VpnGatewayConnectionState? state, CustomResourceOptions? opts = null)
public static VpnGatewayConnection get(String name, Output<String> id, VpnGatewayConnectionState state, CustomResourceOptions options)
resources: _: type: azure:network:VpnGatewayConnection get: id: ${id}
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - Name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Remote
Vpn Site Id Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policy
blocks as defined below. - Vpn
Gateway Id Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_link
blocks as defined below.
- Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - Name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Remote
Vpn Site Id Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing Args - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector []VpnPolicies Gateway Connection Traffic Selector Policy Args - One or more
traffic_selector_policy
blocks as defined below. - Vpn
Gateway Id Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links []VpnGateway Connection Vpn Link Args - One or more
vpn_link
blocks as defined below.
- internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn Site Id Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policy
blocks as defined below. - vpn
Gateway Id Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_link
blocks as defined below.
- internet
Security booleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn Site Id Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector VpnPolicies Gateway Connection Traffic Selector Policy[] - One or more
traffic_selector_policy
blocks as defined below. - vpn
Gateway Id Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links VpnGateway Connection Vpn Link[] - One or more
vpn_link
blocks as defined below.
- internet_
security_ boolenabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote_
vpn_ site_ id Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing Args - A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic_
selector_ Sequence[Vpnpolicies Gateway Connection Traffic Selector Policy Args] - One or more
traffic_selector_policy
blocks as defined below. - vpn_
gateway_ id Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
links Sequence[VpnGateway Connection Vpn Link Args] - One or more
vpn_link
blocks as defined below.
- internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false
. - name
Changes to this property will trigger replacement.
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn Site Id Changes to this property will trigger replacement.
- The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing Property Map
- A
routing
block as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<Property Map>Policies - One or more
traffic_selector_policy
blocks as defined below. - vpn
Gateway Id Changes to this property will trigger replacement.
- The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<Property Map> - One or more
vpn_link
blocks as defined below.
Supporting Types
VpnGatewayConnectionRouting, VpnGatewayConnectionRoutingArgs
- Associated
Route Table This property is required. string - The ID of the Route Table associated with this VPN Connection.
- Inbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- Outbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- Propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_table
block as defined below.
- Associated
Route Table This property is required. string - The ID of the Route Table associated with this VPN Connection.
- Inbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- Outbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- Propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_table
block as defined below.
- associated
Route Table This property is required. String - The ID of the Route Table associated with this VPN Connection.
- inbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_table
block as defined below.
- associated
Route Table This property is required. string - The ID of the Route Table associated with this VPN Connection.
- inbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_table
block as defined below.
- associated_
route_ table This property is required. str - The ID of the Route Table associated with this VPN Connection.
- inbound_
route_ strmap_ id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound_
route_ strmap_ id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated_
route_ Vpntable Gateway Connection Routing Propagated Route Table - A
propagated_route_table
block as defined below.
- associated
Route Table This property is required. String - The ID of the Route Table associated with this VPN Connection.
- inbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated
Route Property MapTable - A
propagated_route_table
block as defined below.
VpnGatewayConnectionRoutingPropagatedRouteTable, VpnGatewayConnectionRoutingPropagatedRouteTableArgs
- Route
Table Ids This property is required. List<string> - A list of Route Table IDs to associated with this VPN Gateway Connection.
- Labels List<string>
- A list of labels to assign to this route table.
- Route
Table Ids This property is required. []string - A list of Route Table IDs to associated with this VPN Gateway Connection.
- Labels []string
- A list of labels to assign to this route table.
- route
Table Ids This property is required. List<String> - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels List<String>
- A list of labels to assign to this route table.
- route
Table Ids This property is required. string[] - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels string[]
- A list of labels to assign to this route table.
- route_
table_ ids This property is required. Sequence[str] - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels Sequence[str]
- A list of labels to assign to this route table.
- route
Table Ids This property is required. List<String> - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels List<String>
- A list of labels to assign to this route table.
VpnGatewayConnectionTrafficSelectorPolicy, VpnGatewayConnectionTrafficSelectorPolicyArgs
- Local
Address Ranges This property is required. List<string> - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- Remote
Address Ranges This property is required. List<string> - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- Local
Address Ranges This property is required. []string - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- Remote
Address Ranges This property is required. []string - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address Ranges This property is required. List<String> - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address Ranges This property is required. List<String> - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address Ranges This property is required. string[] - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address Ranges This property is required. string[] - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local_
address_ ranges This property is required. Sequence[str] - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote_
address_ ranges This property is required. Sequence[str] - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address Ranges This property is required. List<String> - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address Ranges This property is required. List<String> - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
VpnGatewayConnectionVpnLink, VpnGatewayConnectionVpnLinkArgs
- Name
This property is required. string - The name which should be used for this VPN Link Connection.
- Vpn
Site Link Id This property is required. Changes to this property will trigger replacement.
- The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- Bandwidth
Mbps int - The expected connection bandwidth in MBPS. Defaults to
10
. - Bgp
Enabled Changes to this property will trigger replacement.
- Should the BGP be enabled? Defaults to
false
. Changing this forces a new VPN Gateway Connection to be created. - Connection
Mode string - The connection mode of this VPN Link. Possible values are
Default
,InitiatorOnly
andResponderOnly
. Defaults toDefault
. - Custom
Bgp List<VpnAddresses Gateway Connection Vpn Link Custom Bgp Address> - One or more
custom_bgp_address
blocks as defined below. - Egress
Nat List<string>Rule Ids - A list of the egress NAT Rule Ids.
- Ingress
Nat List<string>Rule Ids - A list of the ingress NAT Rule Ids.
- Ipsec
Policies List<VpnGateway Connection Vpn Link Ipsec Policy> - One or more
ipsec_policy
blocks as defined above. - Local
Azure boolIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false
. - Policy
Based boolTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false
. - Protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1
andIKEv2
. Defaults toIKEv2
. - Ratelimit
Enabled bool - Should the rate limit be enabled? Defaults to
false
. - Route
Weight int - Routing weight for this VPN Link Connection. Defaults to
0
. - string
- SharedKey for this VPN Link Connection.
- Name
This property is required. string - The name which should be used for this VPN Link Connection.
- Vpn
Site Link Id This property is required. Changes to this property will trigger replacement.
- The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- Bandwidth
Mbps int - The expected connection bandwidth in MBPS. Defaults to
10
. - Bgp
Enabled Changes to this property will trigger replacement.
- Should the BGP be enabled? Defaults to
false
. Changing this forces a new VPN Gateway Connection to be created. - Connection
Mode string - The connection mode of this VPN Link. Possible values are
Default
,InitiatorOnly
andResponderOnly
. Defaults toDefault
. - Custom
Bgp []VpnAddresses Gateway Connection Vpn Link Custom Bgp Address - One or more
custom_bgp_address
blocks as defined below. - Egress
Nat []stringRule Ids - A list of the egress NAT Rule Ids.
- Ingress
Nat []stringRule Ids - A list of the ingress NAT Rule Ids.
- Ipsec
Policies []VpnGateway Connection Vpn Link Ipsec Policy - One or more
ipsec_policy
blocks as defined above. - Local
Azure boolIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false
. - Policy
Based boolTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false
. - Protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1
andIKEv2
. Defaults toIKEv2
. - Ratelimit
Enabled bool - Should the rate limit be enabled? Defaults to
false
. - Route
Weight int - Routing weight for this VPN Link Connection. Defaults to
0
. - string
- SharedKey for this VPN Link Connection.
- name
This property is required. String - The name which should be used for this VPN Link Connection.
- vpn
Site Link Id This property is required. Changes to this property will trigger replacement.
- The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps Integer - The expected connection bandwidth in MBPS. Defaults to
10
. - bgp
Enabled Changes to this property will trigger replacement.
- Should the BGP be enabled? Defaults to
false
. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode String - The connection mode of this VPN Link. Possible values are
Default
,InitiatorOnly
andResponderOnly
. Defaults toDefault
. - custom
Bgp List<VpnAddresses Gateway Connection Vpn Link Custom Bgp Address> - One or more
custom_bgp_address
blocks as defined below. - egress
Nat List<String>Rule Ids - A list of the egress NAT Rule Ids.
- ingress
Nat List<String>Rule Ids - A list of the ingress NAT Rule Ids.
- ipsec
Policies List<VpnGateway Connection Vpn Link Ipsec Policy> - One or more
ipsec_policy
blocks as defined above. - local
Azure BooleanIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false
. - policy
Based BooleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false
. - protocol String
- The protocol used for this VPN Link Connection. Possible values are
IKEv1
andIKEv2
. Defaults toIKEv2
. - ratelimit
Enabled Boolean - Should the rate limit be enabled? Defaults to
false
. - route
Weight Integer - Routing weight for this VPN Link Connection. Defaults to
0
. - String
- SharedKey for this VPN Link Connection.
- name
This property is required. string - The name which should be used for this VPN Link Connection.
- vpn
Site Link Id This property is required. Changes to this property will trigger replacement.
- The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps number - The expected connection bandwidth in MBPS. Defaults to
10
. - bgp
Enabled Changes to this property will trigger replacement.
- Should the BGP be enabled? Defaults to
false
. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode string - The connection mode of this VPN Link. Possible values are
Default
,InitiatorOnly
andResponderOnly
. Defaults toDefault
. - custom
Bgp VpnAddresses Gateway Connection Vpn Link Custom Bgp Address[] - One or more
custom_bgp_address
blocks as defined below. - egress
Nat string[]Rule Ids - A list of the egress NAT Rule Ids.
- ingress
Nat string[]Rule Ids - A list of the ingress NAT Rule Ids.
- ipsec
Policies VpnGateway Connection Vpn Link Ipsec Policy[] - One or more
ipsec_policy
blocks as defined above. - local
Azure booleanIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false
. - policy
Based booleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false
. - protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1
andIKEv2
. Defaults toIKEv2
. - ratelimit
Enabled boolean - Should the rate limit be enabled? Defaults to
false
. - route
Weight number - Routing weight for this VPN Link Connection. Defaults to
0
. - string
- SharedKey for this VPN Link Connection.
- name
This property is required. str - The name which should be used for this VPN Link Connection.
- vpn_
site_ link_ id This property is required. Changes to this property will trigger replacement.
- The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth_
mbps int - The expected connection bandwidth in MBPS. Defaults to
10
. - bgp_
enabled Changes to this property will trigger replacement.
- Should the BGP be enabled? Defaults to
false
. Changing this forces a new VPN Gateway Connection to be created. - connection_
mode str - The connection mode of this VPN Link. Possible values are
Default
,InitiatorOnly
andResponderOnly
. Defaults toDefault
. - custom_
bgp_ Sequence[Vpnaddresses Gateway Connection Vpn Link Custom Bgp Address] - One or more
custom_bgp_address
blocks as defined below. - egress_
nat_ Sequence[str]rule_ ids - A list of the egress NAT Rule Ids.
- ingress_
nat_ Sequence[str]rule_ ids - A list of the ingress NAT Rule Ids.
- ipsec_
policies Sequence[VpnGateway Connection Vpn Link Ipsec Policy] - One or more
ipsec_policy
blocks as defined above. - local_
azure_ boolip_ address_ enabled - Whether to use local Azure IP to initiate connection? Defaults to
false
. - policy_
based_ booltraffic_ selector_ enabled - Whether to enable policy-based traffic selectors? Defaults to
false
. - protocol str
- The protocol used for this VPN Link Connection. Possible values are
IKEv1
andIKEv2
. Defaults toIKEv2
. - ratelimit_
enabled bool - Should the rate limit be enabled? Defaults to
false
. - route_
weight int - Routing weight for this VPN Link Connection. Defaults to
0
. - str
- SharedKey for this VPN Link Connection.
- name
This property is required. String - The name which should be used for this VPN Link Connection.
- vpn
Site Link Id This property is required. Changes to this property will trigger replacement.
- The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps Number - The expected connection bandwidth in MBPS. Defaults to
10
. - bgp
Enabled Changes to this property will trigger replacement.
- Should the BGP be enabled? Defaults to
false
. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode String - The connection mode of this VPN Link. Possible values are
Default
,InitiatorOnly
andResponderOnly
. Defaults toDefault
. - custom
Bgp List<Property Map>Addresses - One or more
custom_bgp_address
blocks as defined below. - egress
Nat List<String>Rule Ids - A list of the egress NAT Rule Ids.
- ingress
Nat List<String>Rule Ids - A list of the ingress NAT Rule Ids.
- ipsec
Policies List<Property Map> - One or more
ipsec_policy
blocks as defined above. - local
Azure BooleanIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false
. - policy
Based BooleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false
. - protocol String
- The protocol used for this VPN Link Connection. Possible values are
IKEv1
andIKEv2
. Defaults toIKEv2
. - ratelimit
Enabled Boolean - Should the rate limit be enabled? Defaults to
false
. - route
Weight Number - Routing weight for this VPN Link Connection. Defaults to
0
. - String
- SharedKey for this VPN Link Connection.
VpnGatewayConnectionVpnLinkCustomBgpAddress, VpnGatewayConnectionVpnLinkCustomBgpAddressArgs
- Ip
Address This property is required. string - The custom bgp ip address which belongs to the IP Configuration.
- Ip
Configuration Id This property is required. string - The ID of the IP Configuration which belongs to the VPN Gateway.
- Ip
Address This property is required. string - The custom bgp ip address which belongs to the IP Configuration.
- Ip
Configuration Id This property is required. string - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip
Address This property is required. String - The custom bgp ip address which belongs to the IP Configuration.
- ip
Configuration Id This property is required. String - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip
Address This property is required. string - The custom bgp ip address which belongs to the IP Configuration.
- ip
Configuration Id This property is required. string - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip_
address This property is required. str - The custom bgp ip address which belongs to the IP Configuration.
- ip_
configuration_ id This property is required. str - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip
Address This property is required. String - The custom bgp ip address which belongs to the IP Configuration.
- ip
Configuration Id This property is required. String - The ID of the IP Configuration which belongs to the VPN Gateway.
VpnGatewayConnectionVpnLinkIpsecPolicy, VpnGatewayConnectionVpnLinkIpsecPolicyArgs
- Dh
Group This property is required. string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None
,DHGroup1
,DHGroup2
,DHGroup14
,DHGroup24
,DHGroup2048
,ECP256
,ECP384
. - Encryption
Algorithm This property is required. string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128
,AES192
,AES256
,DES
,DES3
,GCMAES128
,GCMAES192
,GCMAES256
,None
. - Ike
Encryption Algorithm This property is required. string - The IKE encryption algorithm (IKE phase 2). Possible values are
DES
,DES3
,AES128
,AES192
,AES256
,GCMAES128
,GCMAES256
. - Ike
Integrity Algorithm This property is required. string - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5
,SHA1
,SHA256
,SHA384
,GCMAES128
,GCMAES256
. - Integrity
Algorithm This property is required. string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5
,SHA1
,SHA256
,GCMAES128
,GCMAES192
,GCMAES256
. - Pfs
Group This property is required. string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None
,PFS1
,PFS2
,PFS14
,PFS24
,PFS2048
,PFSMM
,ECP256
,ECP384
. - Sa
Data Size Kb This property is required. int - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- Sa
Lifetime Sec This property is required. int - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- Dh
Group This property is required. string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None
,DHGroup1
,DHGroup2
,DHGroup14
,DHGroup24
,DHGroup2048
,ECP256
,ECP384
. - Encryption
Algorithm This property is required. string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128
,AES192
,AES256
,DES
,DES3
,GCMAES128
,GCMAES192
,GCMAES256
,None
. - Ike
Encryption Algorithm This property is required. string - The IKE encryption algorithm (IKE phase 2). Possible values are
DES
,DES3
,AES128
,AES192
,AES256
,GCMAES128
,GCMAES256
. - Ike
Integrity Algorithm This property is required. string - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5
,SHA1
,SHA256
,SHA384
,GCMAES128
,GCMAES256
. - Integrity
Algorithm This property is required. string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5
,SHA1
,SHA256
,GCMAES128
,GCMAES192
,GCMAES256
. - Pfs
Group This property is required. string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None
,PFS1
,PFS2
,PFS14
,PFS24
,PFS2048
,PFSMM
,ECP256
,ECP384
. - Sa
Data Size Kb This property is required. int - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- Sa
Lifetime Sec This property is required. int - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group This property is required. String - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None
,DHGroup1
,DHGroup2
,DHGroup14
,DHGroup24
,DHGroup2048
,ECP256
,ECP384
. - encryption
Algorithm This property is required. String - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128
,AES192
,AES256
,DES
,DES3
,GCMAES128
,GCMAES192
,GCMAES256
,None
. - ike
Encryption Algorithm This property is required. String - The IKE encryption algorithm (IKE phase 2). Possible values are
DES
,DES3
,AES128
,AES192
,AES256
,GCMAES128
,GCMAES256
. - ike
Integrity Algorithm This property is required. String - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5
,SHA1
,SHA256
,SHA384
,GCMAES128
,GCMAES256
. - integrity
Algorithm This property is required. String - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5
,SHA1
,SHA256
,GCMAES128
,GCMAES192
,GCMAES256
. - pfs
Group This property is required. String - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None
,PFS1
,PFS2
,PFS14
,PFS24
,PFS2048
,PFSMM
,ECP256
,ECP384
. - sa
Data Size Kb This property is required. Integer - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime Sec This property is required. Integer - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group This property is required. string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None
,DHGroup1
,DHGroup2
,DHGroup14
,DHGroup24
,DHGroup2048
,ECP256
,ECP384
. - encryption
Algorithm This property is required. string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128
,AES192
,AES256
,DES
,DES3
,GCMAES128
,GCMAES192
,GCMAES256
,None
. - ike
Encryption Algorithm This property is required. string - The IKE encryption algorithm (IKE phase 2). Possible values are
DES
,DES3
,AES128
,AES192
,AES256
,GCMAES128
,GCMAES256
. - ike
Integrity Algorithm This property is required. string - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5
,SHA1
,SHA256
,SHA384
,GCMAES128
,GCMAES256
. - integrity
Algorithm This property is required. string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5
,SHA1
,SHA256
,GCMAES128
,GCMAES192
,GCMAES256
. - pfs
Group This property is required. string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None
,PFS1
,PFS2
,PFS14
,PFS24
,PFS2048
,PFSMM
,ECP256
,ECP384
. - sa
Data Size Kb This property is required. number - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime Sec This property is required. number - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh_
group This property is required. str - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None
,DHGroup1
,DHGroup2
,DHGroup14
,DHGroup24
,DHGroup2048
,ECP256
,ECP384
. - encryption_
algorithm This property is required. str - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128
,AES192
,AES256
,DES
,DES3
,GCMAES128
,GCMAES192
,GCMAES256
,None
. - ike_
encryption_ algorithm This property is required. str - The IKE encryption algorithm (IKE phase 2). Possible values are
DES
,DES3
,AES128
,AES192
,AES256
,GCMAES128
,GCMAES256
. - ike_
integrity_ algorithm This property is required. str - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5
,SHA1
,SHA256
,SHA384
,GCMAES128
,GCMAES256
. - integrity_
algorithm This property is required. str - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5
,SHA1
,SHA256
,GCMAES128
,GCMAES192
,GCMAES256
. - pfs_
group This property is required. str - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None
,PFS1
,PFS2
,PFS14
,PFS24
,PFS2048
,PFSMM
,ECP256
,ECP384
. - sa_
data_ size_ kb This property is required. int - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa_
lifetime_ sec This property is required. int - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group This property is required. String - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None
,DHGroup1
,DHGroup2
,DHGroup14
,DHGroup24
,DHGroup2048
,ECP256
,ECP384
. - encryption
Algorithm This property is required. String - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128
,AES192
,AES256
,DES
,DES3
,GCMAES128
,GCMAES192
,GCMAES256
,None
. - ike
Encryption Algorithm This property is required. String - The IKE encryption algorithm (IKE phase 2). Possible values are
DES
,DES3
,AES128
,AES192
,AES256
,GCMAES128
,GCMAES256
. - ike
Integrity Algorithm This property is required. String - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5
,SHA1
,SHA256
,SHA384
,GCMAES128
,GCMAES256
. - integrity
Algorithm This property is required. String - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5
,SHA1
,SHA256
,GCMAES128
,GCMAES192
,GCMAES256
. - pfs
Group This property is required. String - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None
,PFS1
,PFS2
,PFS14
,PFS24
,PFS2048
,PFSMM
,ECP256
,ECP384
. - sa
Data Size Kb This property is required. Number - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime Sec This property is required. Number - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
Import
VPN Gateway Connections can be imported using the resource id
, e.g.
$ pulumi import azure:network/vpnGatewayConnection:VpnGatewayConnection example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/conn1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurerm
Terraform Provider.