1. Docs
  2. Reference
  3. API
  4. pulumi_openstack
  5. vpnaas

This page documents the language specification for the openstack package. If you're looking for help working with the inputs, outputs, or functions of openstack resources in a Pulumi program, please see the resource documentation for examples and API reference.

vpnaas

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-openstack repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-openstack repo.

class pulumi_openstack.vpnaas.EndpointGroup(resource_name, opts=None, description=None, endpoints=None, name=None, region=None, tenant_id=None, type=None, value_specs=None, __props__=None, __name__=None, __opts__=None)

Manages a V2 Neutron Endpoint Group resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

group1 = openstack.vpnaas.EndpointGroup("group1",
    endpoints=[
        "10.2.0.0/24",
        "10.3.0.0/24",
    ],
    type="cidr")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • description (pulumi.Input[str]) – The human-readable description for the group. Changing this updates the description of the existing group.

  • endpoints (pulumi.Input[list]) – List of endpoints of the same type, for the endpoint group. The values will depend on the type. Changing this creates a new group.

  • name (pulumi.Input[str]) – The name of the group. Changing this updates the name of the existing group.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create an endpoint group. If omitted, the region argument of the provider is used. Changing this creates a new group.

  • tenant_id (pulumi.Input[str]) – The owner of the group. Required if admin wants to create an endpoint group for another project. Changing this creates a new group.

  • type (pulumi.Input[str]) – The type of the endpoints in the group. A valid value is subnet, cidr, network, router, or vlan. Changing this creates a new group.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

description: pulumi.Output[str] = None

The human-readable description for the group. Changing this updates the description of the existing group.

endpoints: pulumi.Output[list] = None

List of endpoints of the same type, for the endpoint group. The values will depend on the type. Changing this creates a new group.

name: pulumi.Output[str] = None

The name of the group. Changing this updates the name of the existing group.

region: pulumi.Output[str] = None

The region in which to obtain the V2 Networking client. A Networking client is needed to create an endpoint group. If omitted, the region argument of the provider is used. Changing this creates a new group.

tenant_id: pulumi.Output[str] = None

The owner of the group. Required if admin wants to create an endpoint group for another project. Changing this creates a new group.

type: pulumi.Output[str] = None

The type of the endpoints in the group. A valid value is subnet, cidr, network, router, or vlan. Changing this creates a new group.

value_specs: pulumi.Output[dict] = None

Map of additional options.

static get(resource_name, id, opts=None, description=None, endpoints=None, name=None, region=None, tenant_id=None, type=None, value_specs=None)

Get an existing EndpointGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • description (pulumi.Input[str]) – The human-readable description for the group. Changing this updates the description of the existing group.

  • endpoints (pulumi.Input[list]) – List of endpoints of the same type, for the endpoint group. The values will depend on the type. Changing this creates a new group.

  • name (pulumi.Input[str]) – The name of the group. Changing this updates the name of the existing group.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create an endpoint group. If omitted, the region argument of the provider is used. Changing this creates a new group.

  • tenant_id (pulumi.Input[str]) – The owner of the group. Required if admin wants to create an endpoint group for another project. Changing this creates a new group.

  • type (pulumi.Input[str]) – The type of the endpoints in the group. A valid value is subnet, cidr, network, router, or vlan. Changing this creates a new group.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_openstack.vpnaas.IkePolicy(resource_name, opts=None, auth_algorithm=None, description=None, encryption_algorithm=None, ike_version=None, lifetimes=None, name=None, pfs=None, phase1_negotiation_mode=None, region=None, tenant_id=None, value_specs=None, __props__=None, __name__=None, __opts__=None)

Manages a V2 Neutron IKE policy resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

policy1 = openstack.vpnaas.IkePolicy("policy1")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auth_algorithm (pulumi.Input[str]) – The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512. Default is sha1. Changing this updates the algorithm of the existing policy.

  • description (pulumi.Input[str]) – The human-readable description for the policy. Changing this updates the description of the existing policy.

  • encryption_algorithm (pulumi.Input[str]) – The encryption algorithm. Valid values are 3des, aes-128, aes-192 and so on. The default value is aes-128. Changing this updates the existing policy.

  • ike_version (pulumi.Input[str]) – The IKE mode. A valid value is v1 or v2. Default is v1. Changing this updates the existing policy.

  • lifetimes (pulumi.Input[list]) – The lifetime of the security association. Consists of Unit and Value.

- `unit` - (Optional) The units for the lifetime of the security association. Can be either seconds or kilobytes.
Default is seconds.
- `value` - (Optional) The value for the lifetime of the security association. Must be a positive integer.
Default is 3600.
Parameters

  • name (pulumi.Input[str]) – The name of the policy. Changing this updates the name of the existing policy.

  • pfs (pulumi.Input[str]) – The perfect forward secrecy mode. Valid values are Group2, Group5 and Group14. Default is Group5. Changing this updates the existing policy.

  • phase1_negotiation_mode (pulumi.Input[str]) – The IKE mode. A valid value is main, which is the default. Changing this updates the existing policy.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create a VPN service. If omitted, the region argument of the provider is used. Changing this creates a new service.

  • tenant_id (pulumi.Input[str]) – The owner of the policy. Required if admin wants to create a service for another policy. Changing this creates a new policy.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

The lifetimes object supports the following:

  • units (pulumi.Input[str])

  • value (pulumi.Input[float])

auth_algorithm: pulumi.Output[str] = None

The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512. Default is sha1. Changing this updates the algorithm of the existing policy.

description: pulumi.Output[str] = None

The human-readable description for the policy. Changing this updates the description of the existing policy.

encryption_algorithm: pulumi.Output[str] = None

The encryption algorithm. Valid values are 3des, aes-128, aes-192 and so on. The default value is aes-128. Changing this updates the existing policy.

ike_version: pulumi.Output[str] = None

The IKE mode. A valid value is v1 or v2. Default is v1. Changing this updates the existing policy.

lifetimes: pulumi.Output[list] = None

The lifetime of the security association. Consists of Unit and Value.

  • unit - (Optional) The units for the lifetime of the security association. Can be either seconds or kilobytes. Default is seconds.

  • value - (Optional) The value for the lifetime of the security association. Must be a positive integer. Default is 3600.

    • units (str)

    • value (float)

name: pulumi.Output[str] = None

The name of the policy. Changing this updates the name of the existing policy.

pfs: pulumi.Output[str] = None

The perfect forward secrecy mode. Valid values are Group2, Group5 and Group14. Default is Group5. Changing this updates the existing policy.

phase1_negotiation_mode: pulumi.Output[str] = None

The IKE mode. A valid value is main, which is the default. Changing this updates the existing policy.

region: pulumi.Output[str] = None

The region in which to obtain the V2 Networking client. A Networking client is needed to create a VPN service. If omitted, the region argument of the provider is used. Changing this creates a new service.

tenant_id: pulumi.Output[str] = None

The owner of the policy. Required if admin wants to create a service for another policy. Changing this creates a new policy.

value_specs: pulumi.Output[dict] = None

Map of additional options.

static get(resource_name, id, opts=None, auth_algorithm=None, description=None, encryption_algorithm=None, ike_version=None, lifetimes=None, name=None, pfs=None, phase1_negotiation_mode=None, region=None, tenant_id=None, value_specs=None)

Get an existing IkePolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auth_algorithm (pulumi.Input[str]) – The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512. Default is sha1. Changing this updates the algorithm of the existing policy.

  • description (pulumi.Input[str]) – The human-readable description for the policy. Changing this updates the description of the existing policy.

  • encryption_algorithm (pulumi.Input[str]) – The encryption algorithm. Valid values are 3des, aes-128, aes-192 and so on. The default value is aes-128. Changing this updates the existing policy.

  • ike_version (pulumi.Input[str]) – The IKE mode. A valid value is v1 or v2. Default is v1. Changing this updates the existing policy.

  • lifetimes (pulumi.Input[list]) – The lifetime of the security association. Consists of Unit and Value.

- `unit` - (Optional) The units for the lifetime of the security association. Can be either seconds or kilobytes.
Default is seconds.
- `value` - (Optional) The value for the lifetime of the security association. Must be a positive integer.
Default is 3600.
Parameters

  • name (pulumi.Input[str]) – The name of the policy. Changing this updates the name of the existing policy.

  • pfs (pulumi.Input[str]) – The perfect forward secrecy mode. Valid values are Group2, Group5 and Group14. Default is Group5. Changing this updates the existing policy.

  • phase1_negotiation_mode (pulumi.Input[str]) – The IKE mode. A valid value is main, which is the default. Changing this updates the existing policy.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create a VPN service. If omitted, the region argument of the provider is used. Changing this creates a new service.

  • tenant_id (pulumi.Input[str]) – The owner of the policy. Required if admin wants to create a service for another policy. Changing this creates a new policy.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

The lifetimes object supports the following:

  • units (pulumi.Input[str])

  • value (pulumi.Input[float])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_openstack.vpnaas.IpSecPolicy(resource_name, opts=None, auth_algorithm=None, description=None, encapsulation_mode=None, encryption_algorithm=None, lifetimes=None, name=None, pfs=None, region=None, tenant_id=None, transform_protocol=None, value_specs=None, __props__=None, __name__=None, __opts__=None)

Manages a V2 Neutron IPSec policy resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

policy1 = openstack.vpnaas.IpSecPolicy("policy1")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auth_algorithm (pulumi.Input[str]) – The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512. Default is sha1. Changing this updates the algorithm of the existing policy.

  • description (pulumi.Input[str]) – The human-readable description for the policy. Changing this updates the description of the existing policy.

  • encapsulation_mode (pulumi.Input[str]) – The encapsulation mode. Valid values are tunnel and transport. Default is tunnel. Changing this updates the existing policy.

  • encryption_algorithm (pulumi.Input[str]) – The encryption algorithm. Valid values are 3des, aes-128, aes-192 and so on. The default value is aes-128. Changing this updates the existing policy.

  • lifetimes (pulumi.Input[list]) – The lifetime of the security association. Consists of Unit and Value.

- `unit` - (Optional) The units for the lifetime of the security association. Can be either seconds or kilobytes.
Default is seconds.
- `value` - (Optional) The value for the lifetime of the security association. Must be a positive integer.
Default is 3600.
Parameters

  • name (pulumi.Input[str]) – The name of the policy. Changing this updates the name of the existing policy.

  • pfs (pulumi.Input[str]) – The perfect forward secrecy mode. Valid values are Group2, Group5 and Group14. Default is Group5. Changing this updates the existing policy.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create an IPSec policy. If omitted, the region argument of the provider is used. Changing this creates a new policy.

  • tenant_id (pulumi.Input[str]) – The owner of the policy. Required if admin wants to create a policy for another project. Changing this creates a new policy.

  • transform_protocol (pulumi.Input[str]) – The transform protocol. Valid values are ESP, AH and AH-ESP. Changing this updates the existing policy. Default is ESP.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

The lifetimes object supports the following:

  • units (pulumi.Input[str])

  • value (pulumi.Input[float])

auth_algorithm: pulumi.Output[str] = None

The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512. Default is sha1. Changing this updates the algorithm of the existing policy.

description: pulumi.Output[str] = None

The human-readable description for the policy. Changing this updates the description of the existing policy.

encapsulation_mode: pulumi.Output[str] = None

The encapsulation mode. Valid values are tunnel and transport. Default is tunnel. Changing this updates the existing policy.

encryption_algorithm: pulumi.Output[str] = None

The encryption algorithm. Valid values are 3des, aes-128, aes-192 and so on. The default value is aes-128. Changing this updates the existing policy.

lifetimes: pulumi.Output[list] = None

The lifetime of the security association. Consists of Unit and Value.

  • unit - (Optional) The units for the lifetime of the security association. Can be either seconds or kilobytes. Default is seconds.

  • value - (Optional) The value for the lifetime of the security association. Must be a positive integer. Default is 3600.

    • units (str)

    • value (float)

name: pulumi.Output[str] = None

The name of the policy. Changing this updates the name of the existing policy.

pfs: pulumi.Output[str] = None

The perfect forward secrecy mode. Valid values are Group2, Group5 and Group14. Default is Group5. Changing this updates the existing policy.

region: pulumi.Output[str] = None

The region in which to obtain the V2 Networking client. A Networking client is needed to create an IPSec policy. If omitted, the region argument of the provider is used. Changing this creates a new policy.

tenant_id: pulumi.Output[str] = None

The owner of the policy. Required if admin wants to create a policy for another project. Changing this creates a new policy.

transform_protocol: pulumi.Output[str] = None

The transform protocol. Valid values are ESP, AH and AH-ESP. Changing this updates the existing policy. Default is ESP.

value_specs: pulumi.Output[dict] = None

Map of additional options.

static get(resource_name, id, opts=None, auth_algorithm=None, description=None, encapsulation_mode=None, encryption_algorithm=None, lifetimes=None, name=None, pfs=None, region=None, tenant_id=None, transform_protocol=None, value_specs=None)

Get an existing IpSecPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auth_algorithm (pulumi.Input[str]) – The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512. Default is sha1. Changing this updates the algorithm of the existing policy.

  • description (pulumi.Input[str]) – The human-readable description for the policy. Changing this updates the description of the existing policy.

  • encapsulation_mode (pulumi.Input[str]) – The encapsulation mode. Valid values are tunnel and transport. Default is tunnel. Changing this updates the existing policy.

  • encryption_algorithm (pulumi.Input[str]) – The encryption algorithm. Valid values are 3des, aes-128, aes-192 and so on. The default value is aes-128. Changing this updates the existing policy.

  • lifetimes (pulumi.Input[list]) – The lifetime of the security association. Consists of Unit and Value.

- `unit` - (Optional) The units for the lifetime of the security association. Can be either seconds or kilobytes.
Default is seconds.
- `value` - (Optional) The value for the lifetime of the security association. Must be a positive integer.
Default is 3600.
Parameters

  • name (pulumi.Input[str]) – The name of the policy. Changing this updates the name of the existing policy.

  • pfs (pulumi.Input[str]) – The perfect forward secrecy mode. Valid values are Group2, Group5 and Group14. Default is Group5. Changing this updates the existing policy.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create an IPSec policy. If omitted, the region argument of the provider is used. Changing this creates a new policy.

  • tenant_id (pulumi.Input[str]) – The owner of the policy. Required if admin wants to create a policy for another project. Changing this creates a new policy.

  • transform_protocol (pulumi.Input[str]) – The transform protocol. Valid values are ESP, AH and AH-ESP. Changing this updates the existing policy. Default is ESP.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

The lifetimes object supports the following:

  • units (pulumi.Input[str])

  • value (pulumi.Input[float])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_openstack.vpnaas.Service(resource_name, opts=None, admin_state_up=None, description=None, name=None, region=None, router_id=None, subnet_id=None, tenant_id=None, value_specs=None, __props__=None, __name__=None, __opts__=None)

Manages a V2 Neutron VPN service resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

service1 = openstack.vpnaas.Service("service1",
    admin_state_up="true",
    router_id="14a75700-fc03-4602-9294-26ee44f366b3")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • admin_state_up (pulumi.Input[bool]) – The administrative state of the resource. Can either be up(true) or down(false). Changing this updates the administrative state of the existing service.

  • description (pulumi.Input[str]) – The human-readable description for the service. Changing this updates the description of the existing service.

  • name (pulumi.Input[str]) – The name of the service. Changing this updates the name of the existing service.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create a VPN service. If omitted, the region argument of the provider is used. Changing this creates a new service.

  • router_id (pulumi.Input[str]) – The ID of the router. Changing this creates a new service.

  • subnet_id (pulumi.Input[str]) – SubnetID is the ID of the subnet. Default is null.

  • tenant_id (pulumi.Input[str]) – The owner of the service. Required if admin wants to create a service for another project. Changing this creates a new service.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

admin_state_up: pulumi.Output[bool] = None

The administrative state of the resource. Can either be up(true) or down(false). Changing this updates the administrative state of the existing service.

description: pulumi.Output[str] = None

The human-readable description for the service. Changing this updates the description of the existing service.

external_v4_ip: pulumi.Output[str] = None

The read-only external (public) IPv4 address that is used for the VPN service.

external_v6_ip: pulumi.Output[str] = None

The read-only external (public) IPv6 address that is used for the VPN service.

name: pulumi.Output[str] = None

The name of the service. Changing this updates the name of the existing service.

region: pulumi.Output[str] = None

The region in which to obtain the V2 Networking client. A Networking client is needed to create a VPN service. If omitted, the region argument of the provider is used. Changing this creates a new service.

router_id: pulumi.Output[str] = None

The ID of the router. Changing this creates a new service.

status: pulumi.Output[str] = None

Indicates whether IPsec VPN service is currently operational. Values are ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE.

subnet_id: pulumi.Output[str] = None

SubnetID is the ID of the subnet. Default is null.

tenant_id: pulumi.Output[str] = None

The owner of the service. Required if admin wants to create a service for another project. Changing this creates a new service.

value_specs: pulumi.Output[dict] = None

Map of additional options.

static get(resource_name, id, opts=None, admin_state_up=None, description=None, external_v4_ip=None, external_v6_ip=None, name=None, region=None, router_id=None, status=None, subnet_id=None, tenant_id=None, value_specs=None)

Get an existing Service resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • admin_state_up (pulumi.Input[bool]) – The administrative state of the resource. Can either be up(true) or down(false). Changing this updates the administrative state of the existing service.

  • description (pulumi.Input[str]) – The human-readable description for the service. Changing this updates the description of the existing service.

  • external_v4_ip (pulumi.Input[str]) – The read-only external (public) IPv4 address that is used for the VPN service.

  • external_v6_ip (pulumi.Input[str]) – The read-only external (public) IPv6 address that is used for the VPN service.

  • name (pulumi.Input[str]) – The name of the service. Changing this updates the name of the existing service.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create a VPN service. If omitted, the region argument of the provider is used. Changing this creates a new service.

  • router_id (pulumi.Input[str]) – The ID of the router. Changing this creates a new service.

  • status (pulumi.Input[str]) – Indicates whether IPsec VPN service is currently operational. Values are ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE.

  • subnet_id (pulumi.Input[str]) – SubnetID is the ID of the subnet. Default is null.

  • tenant_id (pulumi.Input[str]) – The owner of the service. Required if admin wants to create a service for another project. Changing this creates a new service.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_openstack.vpnaas.SiteConnection(resource_name, opts=None, admin_state_up=None, description=None, dpds=None, ikepolicy_id=None, initiator=None, ipsecpolicy_id=None, local_ep_group_id=None, local_id=None, mtu=None, name=None, peer_address=None, peer_cidrs=None, peer_ep_group_id=None, peer_id=None, psk=None, region=None, tenant_id=None, value_specs=None, vpnservice_id=None, __props__=None, __name__=None, __opts__=None)

Manages a V2 Neutron IPSec site connection resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

conn1 = openstack.vpnaas.SiteConnection("conn1",
    ikepolicy_id=openstack_vpnaas_ike_policy_v2["policy_2"]["id"],
    ipsecpolicy_id=openstack_vpnaas_ipsec_policy_v2["policy_1"]["id"],
    local_ep_group_id=openstack_vpnaas_endpoint_group_v2["group_2"]["id"],
    peer_address="192.168.10.1",
    peer_ep_group_id=openstack_vpnaas_endpoint_group_v2["group_1"]["id"],
    psk="secret",
    vpnservice_id=openstack_vpnaas_service_v2["service_1"]["id"])
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • admin_state_up (pulumi.Input[bool]) – The administrative state of the resource. Can either be up(true) or down(false). Changing this updates the administrative state of the existing connection.

  • description (pulumi.Input[str]) – The human-readable description for the connection. Changing this updates the description of the existing connection.

  • dpds (pulumi.Input[list]) – A dictionary with dead peer detection (DPD) protocol controls.

- `action` - (Optional) The dead peer detection (DPD) action.
A valid value is clear, hold, restart, disabled, or restart-by-peer.
Default value is hold.
Parameters

  • ikepolicy_id (pulumi.Input[str]) – The ID of the IKE policy. Changing this creates a new connection.

  • initiator (pulumi.Input[str]) – A valid value is response-only or bi-directional. Default is bi-directional.

  • ipsecpolicy_id (pulumi.Input[str]) – The ID of the IPsec policy. Changing this creates a new connection.

  • local_ep_group_id (pulumi.Input[str]) – The ID for the endpoint group that contains private subnets for the local side of the connection. You must specify this parameter with the peer_ep_group_id parameter unless in backward- compatible mode where peer_cidrs is provided with a subnet_id for the VPN service. Changing this updates the existing connection.

  • local_id (pulumi.Input[str]) – An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID.

  • mtu (pulumi.Input[float]) – The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6.

  • name (pulumi.Input[str]) – The name of the connection. Changing this updates the name of the existing connection.

  • peer_address (pulumi.Input[str]) – The peer gateway public IPv4 or IPv6 address or FQDN.

  • peer_cidrs (pulumi.Input[list]) – Unique list of valid peer private CIDRs in the form < net_address > / < prefix > .

  • peer_ep_group_id (pulumi.Input[str]) – The ID for the endpoint group that contains private CIDRs in the form < net_address > / < prefix > for the peer side of the connection. You must specify this parameter with the local_ep_group_id parameter unless in backward-compatible mode where peer_cidrs is provided with a subnet_id for the VPN service.

  • peer_id (pulumi.Input[str]) – The peer router identity for authentication. A valid value is an IPv4 address, IPv6 address, e-mail address, key ID, or FQDN. Typically, this value matches the peer_address value. Changing this updates the existing policy.

  • psk (pulumi.Input[str]) – The pre-shared key. A valid value is any string.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create an IPSec site connection. If omitted, the region argument of the provider is used. Changing this creates a new site connection.

  • tenant_id (pulumi.Input[str]) – The owner of the connection. Required if admin wants to create a connection for another project. Changing this creates a new connection.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

  • vpnservice_id (pulumi.Input[str]) – The ID of the VPN service. Changing this creates a new connection.

The dpds object supports the following:

  • action (pulumi.Input[str])

  • interval (pulumi.Input[float])

  • timeout (pulumi.Input[float])

admin_state_up: pulumi.Output[bool] = None

The administrative state of the resource. Can either be up(true) or down(false). Changing this updates the administrative state of the existing connection.

description: pulumi.Output[str] = None

The human-readable description for the connection. Changing this updates the description of the existing connection.

dpds: pulumi.Output[list] = None

A dictionary with dead peer detection (DPD) protocol controls.

  • action - (Optional) The dead peer detection (DPD) action. A valid value is clear, hold, restart, disabled, or restart-by-peer. Default value is hold.

    • action (str)

    • interval (float)

    • timeout (float)

ikepolicy_id: pulumi.Output[str] = None

The ID of the IKE policy. Changing this creates a new connection.

initiator: pulumi.Output[str] = None

A valid value is response-only or bi-directional. Default is bi-directional.

ipsecpolicy_id: pulumi.Output[str] = None

The ID of the IPsec policy. Changing this creates a new connection.

local_ep_group_id: pulumi.Output[str] = None

The ID for the endpoint group that contains private subnets for the local side of the connection. You must specify this parameter with the peer_ep_group_id parameter unless in backward- compatible mode where peer_cidrs is provided with a subnet_id for the VPN service. Changing this updates the existing connection.

local_id: pulumi.Output[str] = None

An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID.

mtu: pulumi.Output[float] = None

The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6.

name: pulumi.Output[str] = None

The name of the connection. Changing this updates the name of the existing connection.

peer_address: pulumi.Output[str] = None

The peer gateway public IPv4 or IPv6 address or FQDN.

peer_cidrs: pulumi.Output[list] = None

Unique list of valid peer private CIDRs in the form < net_address > / < prefix > .

peer_ep_group_id: pulumi.Output[str] = None

The ID for the endpoint group that contains private CIDRs in the form < net_address > / < prefix > for the peer side of the connection. You must specify this parameter with the local_ep_group_id parameter unless in backward-compatible mode where peer_cidrs is provided with a subnet_id for the VPN service.

peer_id: pulumi.Output[str] = None

The peer router identity for authentication. A valid value is an IPv4 address, IPv6 address, e-mail address, key ID, or FQDN. Typically, this value matches the peer_address value. Changing this updates the existing policy.

psk: pulumi.Output[str] = None

The pre-shared key. A valid value is any string.

region: pulumi.Output[str] = None

The region in which to obtain the V2 Networking client. A Networking client is needed to create an IPSec site connection. If omitted, the region argument of the provider is used. Changing this creates a new site connection.

tenant_id: pulumi.Output[str] = None

The owner of the connection. Required if admin wants to create a connection for another project. Changing this creates a new connection.

value_specs: pulumi.Output[dict] = None

Map of additional options.

vpnservice_id: pulumi.Output[str] = None

The ID of the VPN service. Changing this creates a new connection.

static get(resource_name, id, opts=None, admin_state_up=None, description=None, dpds=None, ikepolicy_id=None, initiator=None, ipsecpolicy_id=None, local_ep_group_id=None, local_id=None, mtu=None, name=None, peer_address=None, peer_cidrs=None, peer_ep_group_id=None, peer_id=None, psk=None, region=None, tenant_id=None, value_specs=None, vpnservice_id=None)

Get an existing SiteConnection resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • admin_state_up (pulumi.Input[bool]) – The administrative state of the resource. Can either be up(true) or down(false). Changing this updates the administrative state of the existing connection.

  • description (pulumi.Input[str]) – The human-readable description for the connection. Changing this updates the description of the existing connection.

  • dpds (pulumi.Input[list]) – A dictionary with dead peer detection (DPD) protocol controls.

- `action` - (Optional) The dead peer detection (DPD) action.
A valid value is clear, hold, restart, disabled, or restart-by-peer.
Default value is hold.
Parameters

  • ikepolicy_id (pulumi.Input[str]) – The ID of the IKE policy. Changing this creates a new connection.

  • initiator (pulumi.Input[str]) – A valid value is response-only or bi-directional. Default is bi-directional.

  • ipsecpolicy_id (pulumi.Input[str]) – The ID of the IPsec policy. Changing this creates a new connection.

  • local_ep_group_id (pulumi.Input[str]) – The ID for the endpoint group that contains private subnets for the local side of the connection. You must specify this parameter with the peer_ep_group_id parameter unless in backward- compatible mode where peer_cidrs is provided with a subnet_id for the VPN service. Changing this updates the existing connection.

  • local_id (pulumi.Input[str]) – An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID.

  • mtu (pulumi.Input[float]) – The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6.

  • name (pulumi.Input[str]) – The name of the connection. Changing this updates the name of the existing connection.

  • peer_address (pulumi.Input[str]) – The peer gateway public IPv4 or IPv6 address or FQDN.

  • peer_cidrs (pulumi.Input[list]) – Unique list of valid peer private CIDRs in the form < net_address > / < prefix > .

  • peer_ep_group_id (pulumi.Input[str]) – The ID for the endpoint group that contains private CIDRs in the form < net_address > / < prefix > for the peer side of the connection. You must specify this parameter with the local_ep_group_id parameter unless in backward-compatible mode where peer_cidrs is provided with a subnet_id for the VPN service.

  • peer_id (pulumi.Input[str]) – The peer router identity for authentication. A valid value is an IPv4 address, IPv6 address, e-mail address, key ID, or FQDN. Typically, this value matches the peer_address value. Changing this updates the existing policy.

  • psk (pulumi.Input[str]) – The pre-shared key. A valid value is any string.

  • region (pulumi.Input[str]) – The region in which to obtain the V2 Networking client. A Networking client is needed to create an IPSec site connection. If omitted, the region argument of the provider is used. Changing this creates a new site connection.

  • tenant_id (pulumi.Input[str]) – The owner of the connection. Required if admin wants to create a connection for another project. Changing this creates a new connection.

  • value_specs (pulumi.Input[dict]) – Map of additional options.

  • vpnservice_id (pulumi.Input[str]) – The ID of the VPN service. Changing this creates a new connection.

The dpds object supports the following:

  • action (pulumi.Input[str])

  • interval (pulumi.Input[float])

  • timeout (pulumi.Input[float])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str