VpnConnection

Manages an EC2 VPN connection. These objects can be connected to customer gateways, and allow you to establish tunnels between your network and Amazon.

Note: All arguments including tunnel1_preshared_key and tunnel2_preshared_key will be stored in the raw state as plain-text.
Note: The CIDR blocks in the arguments tunnel1_inside_cidr and tunnel2_inside_cidr must have a prefix of /30 and be a part of a specific range. Read more about this in the AWS documentation.

Example Usage

EC2 Transit Gateway

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway("exampleTransitGateway", new Aws.Ec2TransitGateway.TransitGatewayArgs
        {
        });
        var exampleCustomerGateway = new Aws.Ec2.CustomerGateway("exampleCustomerGateway", new Aws.Ec2.CustomerGatewayArgs
        {
            BgpAsn = "65000",
            IpAddress = "172.0.0.1",
            Type = "ipsec.1",
        });
        var exampleVpnConnection = new Aws.Ec2.VpnConnection("exampleVpnConnection", new Aws.Ec2.VpnConnectionArgs
        {
            CustomerGatewayId = exampleCustomerGateway.Id,
            TransitGatewayId = exampleTransitGateway.Id,
            Type = exampleCustomerGateway.Type,
        });
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2"
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2transitgateway"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        exampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, "exampleTransitGateway", nil)
        if err != nil {
            return err
        }
        exampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, "exampleCustomerGateway", &ec2.CustomerGatewayArgs{
            BgpAsn:    pulumi.String("65000"),
            IpAddress: pulumi.String("172.0.0.1"),
            Type:      pulumi.String("ipsec.1"),
        })
        if err != nil {
            return err
        }
        _, err = ec2.NewVpnConnection(ctx, "exampleVpnConnection", &ec2.VpnConnectionArgs{
            CustomerGatewayId: exampleCustomerGateway.ID(),
            TransitGatewayId:  exampleTransitGateway.ID(),
            Type:              exampleCustomerGateway.Type,
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

example_transit_gateway = aws.ec2transitgateway.TransitGateway("exampleTransitGateway")
example_customer_gateway = aws.ec2.CustomerGateway("exampleCustomerGateway",
    bgp_asn=65000,
    ip_address="172.0.0.1",
    type="ipsec.1")
example_vpn_connection = aws.ec2.VpnConnection("exampleVpnConnection",
    customer_gateway_id=example_customer_gateway.id,
    transit_gateway_id=example_transit_gateway.id,
    type=example_customer_gateway.type)

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleTransitGateway = new aws.ec2transitgateway.TransitGateway("example", {});
const exampleCustomerGateway = new aws.ec2.CustomerGateway("example", {
    bgpAsn: "65000",
    ipAddress: "172.0.0.1",
    type: "ipsec.1",
});
const exampleVpnConnection = new aws.ec2.VpnConnection("example", {
    customerGatewayId: exampleCustomerGateway.id,
    transitGatewayId: exampleTransitGateway.id,
    type: exampleCustomerGateway.type,
});

Virtual Private Gateway

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var vpc = new Aws.Ec2.Vpc("vpc", new Aws.Ec2.VpcArgs
        {
            CidrBlock = "10.0.0.0/16",
        });
        var vpnGateway = new Aws.Ec2.VpnGateway("vpnGateway", new Aws.Ec2.VpnGatewayArgs
        {
            VpcId = vpc.Id,
        });
        var customerGateway = new Aws.Ec2.CustomerGateway("customerGateway", new Aws.Ec2.CustomerGatewayArgs
        {
            BgpAsn = "65000",
            IpAddress = "172.0.0.1",
            Type = "ipsec.1",
        });
        var main = new Aws.Ec2.VpnConnection("main", new Aws.Ec2.VpnConnectionArgs
        {
            CustomerGatewayId = customerGateway.Id,
            StaticRoutesOnly = true,
            Type = "ipsec.1",
            VpnGatewayId = vpnGateway.Id,
        });
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        vpc, err := ec2.NewVpc(ctx, "vpc", &ec2.VpcArgs{
            CidrBlock: pulumi.String("10.0.0.0/16"),
        })
        if err != nil {
            return err
        }
        vpnGateway, err := ec2.NewVpnGateway(ctx, "vpnGateway", &ec2.VpnGatewayArgs{
            VpcId: vpc.ID(),
        })
        if err != nil {
            return err
        }
        customerGateway, err := ec2.NewCustomerGateway(ctx, "customerGateway", &ec2.CustomerGatewayArgs{
            BgpAsn:    pulumi.String("65000"),
            IpAddress: pulumi.String("172.0.0.1"),
            Type:      pulumi.String("ipsec.1"),
        })
        if err != nil {
            return err
        }
        _, err = ec2.NewVpnConnection(ctx, "main", &ec2.VpnConnectionArgs{
            CustomerGatewayId: customerGateway.ID(),
            StaticRoutesOnly:  pulumi.Bool(true),
            Type:              pulumi.String("ipsec.1"),
            VpnGatewayId:      vpnGateway.ID(),
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

vpc = aws.ec2.Vpc("vpc", cidr_block="10.0.0.0/16")
vpn_gateway = aws.ec2.VpnGateway("vpnGateway", vpc_id=vpc.id)
customer_gateway = aws.ec2.CustomerGateway("customerGateway",
    bgp_asn=65000,
    ip_address="172.0.0.1",
    type="ipsec.1")
main = aws.ec2.VpnConnection("main",
    customer_gateway_id=customer_gateway.id,
    static_routes_only=True,
    type="ipsec.1",
    vpn_gateway_id=vpn_gateway.id)

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const vpc = new aws.ec2.Vpc("vpc", {
    cidrBlock: "10.0.0.0/16",
});
const vpnGateway = new aws.ec2.VpnGateway("vpn_gateway", {
    vpcId: vpc.id,
});
const customerGateway = new aws.ec2.CustomerGateway("customer_gateway", {
    bgpAsn: "65000",
    ipAddress: "172.0.0.1",
    type: "ipsec.1",
});
const main = new aws.ec2.VpnConnection("main", {
    customerGatewayId: customerGateway.id,
    staticRoutesOnly: true,
    type: "ipsec.1",
    vpnGatewayId: vpnGateway.id,
});

Create a VpnConnection Resource

new VpnConnection(name: string, args: VpnConnectionArgs, opts?: CustomResourceOptions);

def VpnConnection(resource_name, opts=None, customer_gateway_id=None, static_routes_only=None, tags=None, transit_gateway_id=None, tunnel1_inside_cidr=None, tunnel1_preshared_key=None, tunnel2_inside_cidr=None, tunnel2_preshared_key=None, type=None, vpn_gateway_id=None, __props__=None);

func NewVpnConnection(ctx *Context, name string, args VpnConnectionArgs, opts ...ResourceOption) (*VpnConnection, error)

public VpnConnection(string name, VpnConnectionArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args VpnConnectionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VpnConnectionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpnConnectionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

VpnConnection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The VpnConnection resource accepts the following input properties:

CustomerGatewayId string: The ID of the customer gateway.
Type string: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
StaticRoutesOnly bool: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
Tags Dictionary<string, string>: Tags to apply to the connection.
TransitGatewayId string: The ID of the EC2 Transit Gateway.
Tunnel1InsideCidr string: The CIDR block of the inside IP addresses for the first VPN tunnel.
Tunnel1PresharedKey string: The preshared key of the first VPN tunnel.
Tunnel2InsideCidr string: The CIDR block of the inside IP addresses for the second VPN tunnel.
Tunnel2PresharedKey string: The preshared key of the second VPN tunnel.
VpnGatewayId string: The ID of the Virtual Private Gateway.

CustomerGatewayId string: The ID of the customer gateway.
Type string: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
StaticRoutesOnly bool: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
Tags map[string]string: Tags to apply to the connection.
TransitGatewayId string: The ID of the EC2 Transit Gateway.
Tunnel1InsideCidr string: The CIDR block of the inside IP addresses for the first VPN tunnel.
Tunnel1PresharedKey string: The preshared key of the first VPN tunnel.
Tunnel2InsideCidr string: The CIDR block of the inside IP addresses for the second VPN tunnel.
Tunnel2PresharedKey string: The preshared key of the second VPN tunnel.
VpnGatewayId string: The ID of the Virtual Private Gateway.

customerGatewayId string: The ID of the customer gateway.
type string: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
staticRoutesOnly boolean: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
tags {[key: string]: string}: Tags to apply to the connection.
transitGatewayId string: The ID of the EC2 Transit Gateway.
tunnel1InsideCidr string: The CIDR block of the inside IP addresses for the first VPN tunnel.
tunnel1PresharedKey string: The preshared key of the first VPN tunnel.
tunnel2InsideCidr string: The CIDR block of the inside IP addresses for the second VPN tunnel.
tunnel2PresharedKey string: The preshared key of the second VPN tunnel.
vpnGatewayId string: The ID of the Virtual Private Gateway.

customer_gateway_id str: The ID of the customer gateway.
type str: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
static_routes_only bool: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
tags Dict[str, str]: Tags to apply to the connection.
transit_gateway_id str: The ID of the EC2 Transit Gateway.
tunnel1_inside_cidr str: The CIDR block of the inside IP addresses for the first VPN tunnel.
tunnel1_preshared_key str: The preshared key of the first VPN tunnel.
tunnel2_inside_cidr str: The CIDR block of the inside IP addresses for the second VPN tunnel.
tunnel2_preshared_key str: The preshared key of the second VPN tunnel.
vpn_gateway_id str: The ID of the Virtual Private Gateway.

Outputs

All input properties are implicitly available as output properties. Additionally, the VpnConnection resource produces the following output properties:

Arn string: Amazon Resource Name (ARN) of the VPN Connection.
CustomerGatewayConfiguration string: The configuration information for the VPN connection’s customer gateway (in the native XML format).
Id string: The provider-assigned unique ID for this managed resource.
Routes List<VpnConnectionRoute>
TransitGatewayAttachmentId string: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
Tunnel1Address string: The public IP address of the first VPN tunnel.
Tunnel1BgpAsn string: The bgp asn number of the first VPN tunnel.
Tunnel1BgpHoldtime int: The bgp holdtime of the first VPN tunnel.
Tunnel1CgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
Tunnel1VgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
Tunnel2Address string: The public IP address of the second VPN tunnel.
Tunnel2BgpAsn string: The bgp asn number of the second VPN tunnel.
Tunnel2BgpHoldtime int: The bgp holdtime of the second VPN tunnel.
Tunnel2CgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
Tunnel2VgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
VgwTelemetries List<VpnConnectionVgwTelemetry>

Arn string: Amazon Resource Name (ARN) of the VPN Connection.
CustomerGatewayConfiguration string: The configuration information for the VPN connection’s customer gateway (in the native XML format).
Id string: The provider-assigned unique ID for this managed resource.
Routes []VpnConnectionRouteType
TransitGatewayAttachmentId string: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
Tunnel1Address string: The public IP address of the first VPN tunnel.
Tunnel1BgpAsn string: The bgp asn number of the first VPN tunnel.
Tunnel1BgpHoldtime int: The bgp holdtime of the first VPN tunnel.
Tunnel1CgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
Tunnel1VgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
Tunnel2Address string: The public IP address of the second VPN tunnel.
Tunnel2BgpAsn string: The bgp asn number of the second VPN tunnel.
Tunnel2BgpHoldtime int: The bgp holdtime of the second VPN tunnel.
Tunnel2CgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
Tunnel2VgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
VgwTelemetries []VpnConnectionVgwTelemetry

arn string: Amazon Resource Name (ARN) of the VPN Connection.
customerGatewayConfiguration string: The configuration information for the VPN connection’s customer gateway (in the native XML format).
id string: The provider-assigned unique ID for this managed resource.
routes VpnConnectionRoute[]
transitGatewayAttachmentId string: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
tunnel1Address string: The public IP address of the first VPN tunnel.
tunnel1BgpAsn string: The bgp asn number of the first VPN tunnel.
tunnel1BgpHoldtime number: The bgp holdtime of the first VPN tunnel.
tunnel1CgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
tunnel1VgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
tunnel2Address string: The public IP address of the second VPN tunnel.
tunnel2BgpAsn string: The bgp asn number of the second VPN tunnel.
tunnel2BgpHoldtime number: The bgp holdtime of the second VPN tunnel.
tunnel2CgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
tunnel2VgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
vgwTelemetries VpnConnectionVgwTelemetry[]

arn str: Amazon Resource Name (ARN) of the VPN Connection.
customer_gateway_configuration str: The configuration information for the VPN connection’s customer gateway (in the native XML format).
id str: The provider-assigned unique ID for this managed resource.
routes List[VpnConnectionRoute]
transit_gateway_attachment_id str: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
tunnel1_address str: The public IP address of the first VPN tunnel.
tunnel1_bgp_asn str: The bgp asn number of the first VPN tunnel.
tunnel1_bgp_holdtime float: The bgp holdtime of the first VPN tunnel.
tunnel1_cgw_inside_address str: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
tunnel1_vgw_inside_address str: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
tunnel2_address str: The public IP address of the second VPN tunnel.
tunnel2_bgp_asn str: The bgp asn number of the second VPN tunnel.
tunnel2_bgp_holdtime float: The bgp holdtime of the second VPN tunnel.
tunnel2_cgw_inside_address str: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
tunnel2_vgw_inside_address str: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
vgw_telemetries List[VpnConnectionVgwTelemetry]

Look up an Existing VpnConnection Resource

Get an existing VpnConnection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VpnConnectionState, opts?: CustomResourceOptions): VpnConnection

static get(resource_name, id, opts=None, arn=None, customer_gateway_configuration=None, customer_gateway_id=None, routes=None, static_routes_only=None, tags=None, transit_gateway_attachment_id=None, transit_gateway_id=None, tunnel1_address=None, tunnel1_bgp_asn=None, tunnel1_bgp_holdtime=None, tunnel1_cgw_inside_address=None, tunnel1_inside_cidr=None, tunnel1_preshared_key=None, tunnel1_vgw_inside_address=None, tunnel2_address=None, tunnel2_bgp_asn=None, tunnel2_bgp_holdtime=None, tunnel2_cgw_inside_address=None, tunnel2_inside_cidr=None, tunnel2_preshared_key=None, tunnel2_vgw_inside_address=None, type=None, vgw_telemetries=None, vpn_gateway_id=None, __props__=None);

func GetVpnConnection(ctx *Context, name string, id IDInput, state *VpnConnectionState, opts ...ResourceOption) (*VpnConnection, error)

public static VpnConnection Get(string name, Input<string> id, VpnConnectionState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Arn string: Amazon Resource Name (ARN) of the VPN Connection.
CustomerGatewayConfiguration string: The configuration information for the VPN connection’s customer gateway (in the native XML format).
CustomerGatewayId string: The ID of the customer gateway.
Routes List<VpnConnectionRouteArgs>
StaticRoutesOnly bool: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
Tags Dictionary<string, string>: Tags to apply to the connection.
TransitGatewayAttachmentId string: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
TransitGatewayId string: The ID of the EC2 Transit Gateway.
Tunnel1Address string: The public IP address of the first VPN tunnel.
Tunnel1BgpAsn string: The bgp asn number of the first VPN tunnel.
Tunnel1BgpHoldtime int: The bgp holdtime of the first VPN tunnel.
Tunnel1CgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
Tunnel1InsideCidr string: The CIDR block of the inside IP addresses for the first VPN tunnel.
Tunnel1PresharedKey string: The preshared key of the first VPN tunnel.
Tunnel1VgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
Tunnel2Address string: The public IP address of the second VPN tunnel.
Tunnel2BgpAsn string: The bgp asn number of the second VPN tunnel.
Tunnel2BgpHoldtime int: The bgp holdtime of the second VPN tunnel.
Tunnel2CgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
Tunnel2InsideCidr string: The CIDR block of the inside IP addresses for the second VPN tunnel.
Tunnel2PresharedKey string: The preshared key of the second VPN tunnel.
Tunnel2VgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
Type string: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
VgwTelemetries List<VpnConnectionVgwTelemetryArgs>
VpnGatewayId string: The ID of the Virtual Private Gateway.

Arn string: Amazon Resource Name (ARN) of the VPN Connection.
CustomerGatewayConfiguration string: The configuration information for the VPN connection’s customer gateway (in the native XML format).
CustomerGatewayId string: The ID of the customer gateway.
Routes []VpnConnectionRouteType
StaticRoutesOnly bool: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
Tags map[string]string: Tags to apply to the connection.
TransitGatewayAttachmentId string: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
TransitGatewayId string: The ID of the EC2 Transit Gateway.
Tunnel1Address string: The public IP address of the first VPN tunnel.
Tunnel1BgpAsn string: The bgp asn number of the first VPN tunnel.
Tunnel1BgpHoldtime int: The bgp holdtime of the first VPN tunnel.
Tunnel1CgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
Tunnel1InsideCidr string: The CIDR block of the inside IP addresses for the first VPN tunnel.
Tunnel1PresharedKey string: The preshared key of the first VPN tunnel.
Tunnel1VgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
Tunnel2Address string: The public IP address of the second VPN tunnel.
Tunnel2BgpAsn string: The bgp asn number of the second VPN tunnel.
Tunnel2BgpHoldtime int: The bgp holdtime of the second VPN tunnel.
Tunnel2CgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
Tunnel2InsideCidr string: The CIDR block of the inside IP addresses for the second VPN tunnel.
Tunnel2PresharedKey string: The preshared key of the second VPN tunnel.
Tunnel2VgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
Type string: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
VgwTelemetries []VpnConnectionVgwTelemetry
VpnGatewayId string: The ID of the Virtual Private Gateway.

arn string: Amazon Resource Name (ARN) of the VPN Connection.
customerGatewayConfiguration string: The configuration information for the VPN connection’s customer gateway (in the native XML format).
customerGatewayId string: The ID of the customer gateway.
routes VpnConnectionRoute[]
staticRoutesOnly boolean: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
tags {[key: string]: string}: Tags to apply to the connection.
transitGatewayAttachmentId string: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
transitGatewayId string: The ID of the EC2 Transit Gateway.
tunnel1Address string: The public IP address of the first VPN tunnel.
tunnel1BgpAsn string: The bgp asn number of the first VPN tunnel.
tunnel1BgpHoldtime number: The bgp holdtime of the first VPN tunnel.
tunnel1CgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
tunnel1InsideCidr string: The CIDR block of the inside IP addresses for the first VPN tunnel.
tunnel1PresharedKey string: The preshared key of the first VPN tunnel.
tunnel1VgwInsideAddress string: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
tunnel2Address string: The public IP address of the second VPN tunnel.
tunnel2BgpAsn string: The bgp asn number of the second VPN tunnel.
tunnel2BgpHoldtime number: The bgp holdtime of the second VPN tunnel.
tunnel2CgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
tunnel2InsideCidr string: The CIDR block of the inside IP addresses for the second VPN tunnel.
tunnel2PresharedKey string: The preshared key of the second VPN tunnel.
tunnel2VgwInsideAddress string: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
type string: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
vgwTelemetries VpnConnectionVgwTelemetry[]
vpnGatewayId string: The ID of the Virtual Private Gateway.

arn str: Amazon Resource Name (ARN) of the VPN Connection.
customer_gateway_configuration str: The configuration information for the VPN connection’s customer gateway (in the native XML format).
customer_gateway_id str: The ID of the customer gateway.
routes List[VpnConnectionRoute]
static_routes_only bool: Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don’t support BGP.
tags Dict[str, str]: Tags to apply to the connection.
transit_gateway_attachment_id str: When associated with an EC2 Transit Gateway (transit_gateway_id argument), the attachment ID.
transit_gateway_id str: The ID of the EC2 Transit Gateway.
tunnel1_address str: The public IP address of the first VPN tunnel.
tunnel1_bgp_asn str: The bgp asn number of the first VPN tunnel.
tunnel1_bgp_holdtime float: The bgp holdtime of the first VPN tunnel.
tunnel1_cgw_inside_address str: The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
tunnel1_inside_cidr str: The CIDR block of the inside IP addresses for the first VPN tunnel.
tunnel1_preshared_key str: The preshared key of the first VPN tunnel.
tunnel1_vgw_inside_address str: The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
tunnel2_address str: The public IP address of the second VPN tunnel.
tunnel2_bgp_asn str: The bgp asn number of the second VPN tunnel.
tunnel2_bgp_holdtime float: The bgp holdtime of the second VPN tunnel.
tunnel2_cgw_inside_address str: The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
tunnel2_inside_cidr str: The CIDR block of the inside IP addresses for the second VPN tunnel.
tunnel2_preshared_key str: The preshared key of the second VPN tunnel.
tunnel2_vgw_inside_address str: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
type str: The type of VPN connection. The only type AWS supports at this time is “ipsec.1”.
vgw_telemetries List[VpnConnectionVgwTelemetry]
vpn_gateway_id str: The ID of the Virtual Private Gateway.