Docs Home
We recommend using Azure Native.
Azure v6.21.0 published on Friday, Mar 7, 2025 by Pulumi
azure.network.VpnGatewayConnection
Explore with Pulumi AI
Manages a VPN Gateway Connection.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleVirtualWan = new azure.network.VirtualWan("example", {
name: "example-vwan",
resourceGroupName: example.name,
location: example.location,
});
const exampleVirtualHub = new azure.network.VirtualHub("example", {
name: "example-hub",
resourceGroupName: example.name,
location: example.location,
virtualWanId: exampleVirtualWan.id,
addressPrefix: "10.0.0.0/24",
});
const exampleVpnGateway = new azure.network.VpnGateway("example", {
name: "example-vpng",
location: example.location,
resourceGroupName: example.name,
virtualHubId: exampleVirtualHub.id,
});
const exampleVpnSite = new azure.network.VpnSite("example", {
name: "example-vpn-site",
location: example.location,
resourceGroupName: example.name,
virtualWanId: exampleVirtualWan.id,
links: [
{
name: "link1",
ipAddress: "10.1.0.0",
},
{
name: "link2",
ipAddress: "10.2.0.0",
},
],
});
const exampleVpnGatewayConnection = new azure.network.VpnGatewayConnection("example", {
name: "example",
vpnGatewayId: exampleVpnGateway.id,
remoteVpnSiteId: exampleVpnSite.id,
vpnLinks: [
{
name: "link1",
vpnSiteLinkId: exampleVpnSite.links.apply(links => links?.[0]?.id),
},
{
name: "link2",
vpnSiteLinkId: exampleVpnSite.links.apply(links => links?.[1]?.id),
},
],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_virtual_wan = azure.network.VirtualWan("example",
name="example-vwan",
resource_group_name=example.name,
location=example.location)
example_virtual_hub = azure.network.VirtualHub("example",
name="example-hub",
resource_group_name=example.name,
location=example.location,
virtual_wan_id=example_virtual_wan.id,
address_prefix="10.0.0.0/24")
example_vpn_gateway = azure.network.VpnGateway("example",
name="example-vpng",
location=example.location,
resource_group_name=example.name,
virtual_hub_id=example_virtual_hub.id)
example_vpn_site = azure.network.VpnSite("example",
name="example-vpn-site",
location=example.location,
resource_group_name=example.name,
virtual_wan_id=example_virtual_wan.id,
links=[
{
"name": "link1",
"ip_address": "10.1.0.0",
},
{
"name": "link2",
"ip_address": "10.2.0.0",
},
])
example_vpn_gateway_connection = azure.network.VpnGatewayConnection("example",
name="example",
vpn_gateway_id=example_vpn_gateway.id,
remote_vpn_site_id=example_vpn_site.id,
vpn_links=[
{
"name": "link1",
"vpn_site_link_id": example_vpn_site.links[0].id,
},
{
"name": "link2",
"vpn_site_link_id": example_vpn_site.links[1].id,
},
])
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleVirtualWan, err := network.NewVirtualWan(ctx, "example", &network.VirtualWanArgs{
Name: pulumi.String("example-vwan"),
ResourceGroupName: example.Name,
Location: example.Location,
})
if err != nil {
return err
}
exampleVirtualHub, err := network.NewVirtualHub(ctx, "example", &network.VirtualHubArgs{
Name: pulumi.String("example-hub"),
ResourceGroupName: example.Name,
Location: example.Location,
VirtualWanId: exampleVirtualWan.ID(),
AddressPrefix: pulumi.String("10.0.0.0/24"),
})
if err != nil {
return err
}
exampleVpnGateway, err := network.NewVpnGateway(ctx, "example", &network.VpnGatewayArgs{
Name: pulumi.String("example-vpng"),
Location: example.Location,
ResourceGroupName: example.Name,
VirtualHubId: exampleVirtualHub.ID(),
})
if err != nil {
return err
}
exampleVpnSite, err := network.NewVpnSite(ctx, "example", &network.VpnSiteArgs{
Name: pulumi.String("example-vpn-site"),
Location: example.Location,
ResourceGroupName: example.Name,
VirtualWanId: exampleVirtualWan.ID(),
Links: network.VpnSiteLinkArray{
&network.VpnSiteLinkArgs{
Name: pulumi.String("link1"),
IpAddress: pulumi.String("10.1.0.0"),
},
&network.VpnSiteLinkArgs{
Name: pulumi.String("link2"),
IpAddress: pulumi.String("10.2.0.0"),
},
},
})
if err != nil {
return err
}
_, err = network.NewVpnGatewayConnection(ctx, "example", &network.VpnGatewayConnectionArgs{
Name: pulumi.String("example"),
VpnGatewayId: exampleVpnGateway.ID(),
RemoteVpnSiteId: exampleVpnSite.ID(),
VpnLinks: network.VpnGatewayConnectionVpnLinkArray{
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("link1"),
VpnSiteLinkId: exampleVpnSite.Links.ApplyT(func(links []network.VpnSiteLink) (*string, error) {
return &links[0].Id, nil
}).(pulumi.StringPtrOutput),
},
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("link2"),
VpnSiteLinkId: exampleVpnSite.Links.ApplyT(func(links []network.VpnSiteLink) (*string, error) {
return &links[1].Id, nil
}).(pulumi.StringPtrOutput),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleVirtualWan = new Azure.Network.VirtualWan("example", new()
{
Name = "example-vwan",
ResourceGroupName = example.Name,
Location = example.Location,
});
var exampleVirtualHub = new Azure.Network.VirtualHub("example", new()
{
Name = "example-hub",
ResourceGroupName = example.Name,
Location = example.Location,
VirtualWanId = exampleVirtualWan.Id,
AddressPrefix = "10.0.0.0/24",
});
var exampleVpnGateway = new Azure.Network.VpnGateway("example", new()
{
Name = "example-vpng",
Location = example.Location,
ResourceGroupName = example.Name,
VirtualHubId = exampleVirtualHub.Id,
});
var exampleVpnSite = new Azure.Network.VpnSite("example", new()
{
Name = "example-vpn-site",
Location = example.Location,
ResourceGroupName = example.Name,
VirtualWanId = exampleVirtualWan.Id,
Links = new[]
{
new Azure.Network.Inputs.VpnSiteLinkArgs
{
Name = "link1",
IpAddress = "10.1.0.0",
},
new Azure.Network.Inputs.VpnSiteLinkArgs
{
Name = "link2",
IpAddress = "10.2.0.0",
},
},
});
var exampleVpnGatewayConnection = new Azure.Network.VpnGatewayConnection("example", new()
{
Name = "example",
VpnGatewayId = exampleVpnGateway.Id,
RemoteVpnSiteId = exampleVpnSite.Id,
VpnLinks = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "link1",
VpnSiteLinkId = exampleVpnSite.Links.Apply(links => links[0]?.Id),
},
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "link2",
VpnSiteLinkId = exampleVpnSite.Links.Apply(links => links[1]?.Id),
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualWan;
import com.pulumi.azure.network.VirtualWanArgs;
import com.pulumi.azure.network.VirtualHub;
import com.pulumi.azure.network.VirtualHubArgs;
import com.pulumi.azure.network.VpnGateway;
import com.pulumi.azure.network.VpnGatewayArgs;
import com.pulumi.azure.network.VpnSite;
import com.pulumi.azure.network.VpnSiteArgs;
import com.pulumi.azure.network.inputs.VpnSiteLinkArgs;
import com.pulumi.azure.network.VpnGatewayConnection;
import com.pulumi.azure.network.VpnGatewayConnectionArgs;
import com.pulumi.azure.network.inputs.VpnGatewayConnectionVpnLinkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleVirtualWan = new VirtualWan("exampleVirtualWan", VirtualWanArgs.builder()
.name("example-vwan")
.resourceGroupName(example.name())
.location(example.location())
.build());
var exampleVirtualHub = new VirtualHub("exampleVirtualHub", VirtualHubArgs.builder()
.name("example-hub")
.resourceGroupName(example.name())
.location(example.location())
.virtualWanId(exampleVirtualWan.id())
.addressPrefix("10.0.0.0/24")
.build());
var exampleVpnGateway = new VpnGateway("exampleVpnGateway", VpnGatewayArgs.builder()
.name("example-vpng")
.location(example.location())
.resourceGroupName(example.name())
.virtualHubId(exampleVirtualHub.id())
.build());
var exampleVpnSite = new VpnSite("exampleVpnSite", VpnSiteArgs.builder()
.name("example-vpn-site")
.location(example.location())
.resourceGroupName(example.name())
.virtualWanId(exampleVirtualWan.id())
.links(
VpnSiteLinkArgs.builder()
.name("link1")
.ipAddress("10.1.0.0")
.build(),
VpnSiteLinkArgs.builder()
.name("link2")
.ipAddress("10.2.0.0")
.build())
.build());
var exampleVpnGatewayConnection = new VpnGatewayConnection("exampleVpnGatewayConnection", VpnGatewayConnectionArgs.builder()
.name("example")
.vpnGatewayId(exampleVpnGateway.id())
.remoteVpnSiteId(exampleVpnSite.id())
.vpnLinks(
VpnGatewayConnectionVpnLinkArgs.builder()
.name("link1")
.vpnSiteLinkId(exampleVpnSite.links().applyValue(links -> links[0].id()))
.build(),
VpnGatewayConnectionVpnLinkArgs.builder()
.name("link2")
.vpnSiteLinkId(exampleVpnSite.links().applyValue(links -> links[1].id()))
.build())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleVirtualWan:
type: azure:network:VirtualWan
name: example
properties:
name: example-vwan
resourceGroupName: ${example.name}
location: ${example.location}
exampleVirtualHub:
type: azure:network:VirtualHub
name: example
properties:
name: example-hub
resourceGroupName: ${example.name}
location: ${example.location}
virtualWanId: ${exampleVirtualWan.id}
addressPrefix: 10.0.0.0/24
exampleVpnGateway:
type: azure:network:VpnGateway
name: example
properties:
name: example-vpng
location: ${example.location}
resourceGroupName: ${example.name}
virtualHubId: ${exampleVirtualHub.id}
exampleVpnSite:
type: azure:network:VpnSite
name: example
properties:
name: example-vpn-site
location: ${example.location}
resourceGroupName: ${example.name}
virtualWanId: ${exampleVirtualWan.id}
links:
- name: link1
ipAddress: 10.1.0.0
- name: link2
ipAddress: 10.2.0.0
exampleVpnGatewayConnection:
type: azure:network:VpnGatewayConnection
name: example
properties:
name: example
vpnGatewayId: ${exampleVpnGateway.id}
remoteVpnSiteId: ${exampleVpnSite.id}
vpnLinks:
- name: link1
vpnSiteLinkId: ${exampleVpnSite.links[0].id}
- name: link2
vpnSiteLinkId: ${exampleVpnSite.links[1].id}
Create VpnGatewayConnection Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpnGatewayConnection(name: string, args: VpnGatewayConnectionArgs, opts?: CustomResourceOptions);@overload
def VpnGatewayConnection(resource_name: str,
args: VpnGatewayConnectionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpnGatewayConnection(resource_name: str,
opts: Optional[ResourceOptions] = None,
remote_vpn_site_id: Optional[str] = None,
vpn_gateway_id: Optional[str] = None,
vpn_links: Optional[Sequence[VpnGatewayConnectionVpnLinkArgs]] = None,
internet_security_enabled: Optional[bool] = None,
name: Optional[str] = None,
routing: Optional[VpnGatewayConnectionRoutingArgs] = None,
traffic_selector_policies: Optional[Sequence[VpnGatewayConnectionTrafficSelectorPolicyArgs]] = None)func NewVpnGatewayConnection(ctx *Context, name string, args VpnGatewayConnectionArgs, opts ...ResourceOption) (*VpnGatewayConnection, error)public VpnGatewayConnection(string name, VpnGatewayConnectionArgs args, CustomResourceOptions? opts = null)
public VpnGatewayConnection(String name, VpnGatewayConnectionArgs args)
public VpnGatewayConnection(String name, VpnGatewayConnectionArgs args, CustomResourceOptions options)
type: azure:network:VpnGatewayConnection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VpnGatewayConnectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpnGatewayConnectionResource = new Azure.Network.VpnGatewayConnection("vpnGatewayConnectionResource", new()
{
RemoteVpnSiteId = "string",
VpnGatewayId = "string",
VpnLinks = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkArgs
{
Name = "string",
VpnSiteLinkId = "string",
IpsecPolicies = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkIpsecPolicyArgs
{
DhGroup = "string",
EncryptionAlgorithm = "string",
IkeEncryptionAlgorithm = "string",
IkeIntegrityAlgorithm = "string",
IntegrityAlgorithm = "string",
PfsGroup = "string",
SaDataSizeKb = 0,
SaLifetimeSec = 0,
},
},
CustomBgpAddresses = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionVpnLinkCustomBgpAddressArgs
{
IpAddress = "string",
IpConfigurationId = "string",
},
},
EgressNatRuleIds = new[]
{
"string",
},
IngressNatRuleIds = new[]
{
"string",
},
BandwidthMbps = 0,
LocalAzureIpAddressEnabled = false,
ConnectionMode = "string",
PolicyBasedTrafficSelectorEnabled = false,
Protocol = "string",
RatelimitEnabled = false,
RouteWeight = 0,
SharedKey = "string",
BgpEnabled = false,
},
},
InternetSecurityEnabled = false,
Name = "string",
Routing = new Azure.Network.Inputs.VpnGatewayConnectionRoutingArgs
{
AssociatedRouteTable = "string",
InboundRouteMapId = "string",
OutboundRouteMapId = "string",
PropagatedRouteTable = new Azure.Network.Inputs.VpnGatewayConnectionRoutingPropagatedRouteTableArgs
{
RouteTableIds = new[]
{
"string",
},
Labels = new[]
{
"string",
},
},
},
TrafficSelectorPolicies = new[]
{
new Azure.Network.Inputs.VpnGatewayConnectionTrafficSelectorPolicyArgs
{
LocalAddressRanges = new[]
{
"string",
},
RemoteAddressRanges = new[]
{
"string",
},
},
},
});
example, err := network.NewVpnGatewayConnection(ctx, "vpnGatewayConnectionResource", &network.VpnGatewayConnectionArgs{
RemoteVpnSiteId: pulumi.String("string"),
VpnGatewayId: pulumi.String("string"),
VpnLinks: network.VpnGatewayConnectionVpnLinkArray{
&network.VpnGatewayConnectionVpnLinkArgs{
Name: pulumi.String("string"),
VpnSiteLinkId: pulumi.String("string"),
IpsecPolicies: network.VpnGatewayConnectionVpnLinkIpsecPolicyArray{
&network.VpnGatewayConnectionVpnLinkIpsecPolicyArgs{
DhGroup: pulumi.String("string"),
EncryptionAlgorithm: pulumi.String("string"),
IkeEncryptionAlgorithm: pulumi.String("string"),
IkeIntegrityAlgorithm: pulumi.String("string"),
IntegrityAlgorithm: pulumi.String("string"),
PfsGroup: pulumi.String("string"),
SaDataSizeKb: pulumi.Int(0),
SaLifetimeSec: pulumi.Int(0),
},
},
CustomBgpAddresses: network.VpnGatewayConnectionVpnLinkCustomBgpAddressArray{
&network.VpnGatewayConnectionVpnLinkCustomBgpAddressArgs{
IpAddress: pulumi.String("string"),
IpConfigurationId: pulumi.String("string"),
},
},
EgressNatRuleIds: pulumi.StringArray{
pulumi.String("string"),
},
IngressNatRuleIds: pulumi.StringArray{
pulumi.String("string"),
},
BandwidthMbps: pulumi.Int(0),
LocalAzureIpAddressEnabled: pulumi.Bool(false),
ConnectionMode: pulumi.String("string"),
PolicyBasedTrafficSelectorEnabled: pulumi.Bool(false),
Protocol: pulumi.String("string"),
RatelimitEnabled: pulumi.Bool(false),
RouteWeight: pulumi.Int(0),
SharedKey: pulumi.String("string"),
BgpEnabled: pulumi.Bool(false),
},
},
InternetSecurityEnabled: pulumi.Bool(false),
Name: pulumi.String("string"),
Routing: &network.VpnGatewayConnectionRoutingArgs{
AssociatedRouteTable: pulumi.String("string"),
InboundRouteMapId: pulumi.String("string"),
OutboundRouteMapId: pulumi.String("string"),
PropagatedRouteTable: &network.VpnGatewayConnectionRoutingPropagatedRouteTableArgs{
RouteTableIds: pulumi.StringArray{
pulumi.String("string"),
},
Labels: pulumi.StringArray{
pulumi.String("string"),
},
},
},
TrafficSelectorPolicies: network.VpnGatewayConnectionTrafficSelectorPolicyArray{
&network.VpnGatewayConnectionTrafficSelectorPolicyArgs{
LocalAddressRanges: pulumi.StringArray{
pulumi.String("string"),
},
RemoteAddressRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
})
var vpnGatewayConnectionResource = new VpnGatewayConnection("vpnGatewayConnectionResource", VpnGatewayConnectionArgs.builder()
.remoteVpnSiteId("string")
.vpnGatewayId("string")
.vpnLinks(VpnGatewayConnectionVpnLinkArgs.builder()
.name("string")
.vpnSiteLinkId("string")
.ipsecPolicies(VpnGatewayConnectionVpnLinkIpsecPolicyArgs.builder()
.dhGroup("string")
.encryptionAlgorithm("string")
.ikeEncryptionAlgorithm("string")
.ikeIntegrityAlgorithm("string")
.integrityAlgorithm("string")
.pfsGroup("string")
.saDataSizeKb(0)
.saLifetimeSec(0)
.build())
.customBgpAddresses(VpnGatewayConnectionVpnLinkCustomBgpAddressArgs.builder()
.ipAddress("string")
.ipConfigurationId("string")
.build())
.egressNatRuleIds("string")
.ingressNatRuleIds("string")
.bandwidthMbps(0)
.localAzureIpAddressEnabled(false)
.connectionMode("string")
.policyBasedTrafficSelectorEnabled(false)
.protocol("string")
.ratelimitEnabled(false)
.routeWeight(0)
.sharedKey("string")
.bgpEnabled(false)
.build())
.internetSecurityEnabled(false)
.name("string")
.routing(VpnGatewayConnectionRoutingArgs.builder()
.associatedRouteTable("string")
.inboundRouteMapId("string")
.outboundRouteMapId("string")
.propagatedRouteTable(VpnGatewayConnectionRoutingPropagatedRouteTableArgs.builder()
.routeTableIds("string")
.labels("string")
.build())
.build())
.trafficSelectorPolicies(VpnGatewayConnectionTrafficSelectorPolicyArgs.builder()
.localAddressRanges("string")
.remoteAddressRanges("string")
.build())
.build());
vpn_gateway_connection_resource = azure.network.VpnGatewayConnection("vpnGatewayConnectionResource",
remote_vpn_site_id="string",
vpn_gateway_id="string",
vpn_links=[{
"name": "string",
"vpn_site_link_id": "string",
"ipsec_policies": [{
"dh_group": "string",
"encryption_algorithm": "string",
"ike_encryption_algorithm": "string",
"ike_integrity_algorithm": "string",
"integrity_algorithm": "string",
"pfs_group": "string",
"sa_data_size_kb": 0,
"sa_lifetime_sec": 0,
}],
"custom_bgp_addresses": [{
"ip_address": "string",
"ip_configuration_id": "string",
}],
"egress_nat_rule_ids": ["string"],
"ingress_nat_rule_ids": ["string"],
"bandwidth_mbps": 0,
"local_azure_ip_address_enabled": False,
"connection_mode": "string",
"policy_based_traffic_selector_enabled": False,
"protocol": "string",
"ratelimit_enabled": False,
"route_weight": 0,
"shared_key": "string",
"bgp_enabled": False,
}],
internet_security_enabled=False,
name="string",
routing={
"associated_route_table": "string",
"inbound_route_map_id": "string",
"outbound_route_map_id": "string",
"propagated_route_table": {
"route_table_ids": ["string"],
"labels": ["string"],
},
},
traffic_selector_policies=[{
"local_address_ranges": ["string"],
"remote_address_ranges": ["string"],
}])
const vpnGatewayConnectionResource = new azure.network.VpnGatewayConnection("vpnGatewayConnectionResource", {
remoteVpnSiteId: "string",
vpnGatewayId: "string",
vpnLinks: [{
name: "string",
vpnSiteLinkId: "string",
ipsecPolicies: [{
dhGroup: "string",
encryptionAlgorithm: "string",
ikeEncryptionAlgorithm: "string",
ikeIntegrityAlgorithm: "string",
integrityAlgorithm: "string",
pfsGroup: "string",
saDataSizeKb: 0,
saLifetimeSec: 0,
}],
customBgpAddresses: [{
ipAddress: "string",
ipConfigurationId: "string",
}],
egressNatRuleIds: ["string"],
ingressNatRuleIds: ["string"],
bandwidthMbps: 0,
localAzureIpAddressEnabled: false,
connectionMode: "string",
policyBasedTrafficSelectorEnabled: false,
protocol: "string",
ratelimitEnabled: false,
routeWeight: 0,
sharedKey: "string",
bgpEnabled: false,
}],
internetSecurityEnabled: false,
name: "string",
routing: {
associatedRouteTable: "string",
inboundRouteMapId: "string",
outboundRouteMapId: "string",
propagatedRouteTable: {
routeTableIds: ["string"],
labels: ["string"],
},
},
trafficSelectorPolicies: [{
localAddressRanges: ["string"],
remoteAddressRanges: ["string"],
}],
});
type: azure:network:VpnGatewayConnection
properties:
internetSecurityEnabled: false
name: string
remoteVpnSiteId: string
routing:
associatedRouteTable: string
inboundRouteMapId: string
outboundRouteMapId: string
propagatedRouteTable:
labels:
- string
routeTableIds:
- string
trafficSelectorPolicies:
- localAddressRanges:
- string
remoteAddressRanges:
- string
vpnGatewayId: string
vpnLinks:
- bandwidthMbps: 0
bgpEnabled: false
connectionMode: string
customBgpAddresses:
- ipAddress: string
ipConfigurationId: string
egressNatRuleIds:
- string
ingressNatRuleIds:
- string
ipsecPolicies:
- dhGroup: string
encryptionAlgorithm: string
ikeEncryptionAlgorithm: string
ikeIntegrityAlgorithm: string
integrityAlgorithm: string
pfsGroup: string
saDataSizeKb: 0
saLifetimeSec: 0
localAzureIpAddressEnabled: false
name: string
policyBasedTrafficSelectorEnabled: false
protocol: string
ratelimitEnabled: false
routeWeight: 0
sharedKey: string
vpnSiteLinkId: string
VpnGatewayConnection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VpnGatewayConnection resource accepts the following input properties:
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below. - Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below.
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links []VpnGateway Connection Vpn Link Args - One or more
vpn_linkblocks as defined below. - Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing Args - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector []VpnPolicies Gateway Connection Traffic Selector Policy Args - One or more
traffic_selector_policyblocks as defined below.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below. - internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below.
- remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links VpnGateway Connection Vpn Link[] - One or more
vpn_linkblocks as defined below. - internet
Security booleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector VpnPolicies Gateway Connection Traffic Selector Policy[] - One or more
traffic_selector_policyblocks as defined below.
- remote_
vpn_ strsite_ id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
gateway_ strid - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
links Sequence[VpnGateway Connection Vpn Link Args] - One or more
vpn_linkblocks as defined below. - internet_
security_ boolenabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name str
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing Args - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic_
selector_ Sequence[Vpnpolicies Gateway Connection Traffic Selector Policy Args] - One or more
traffic_selector_policyblocks as defined below.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<Property Map> - One or more
vpn_linkblocks as defined below. - internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- routing Property Map
- A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<Property Map>Policies - One or more
traffic_selector_policyblocks as defined below.
Outputs
All input properties are implicitly available as output properties. Additionally, the VpnGatewayConnection resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing VpnGatewayConnection Resource
Get an existing VpnGatewayConnection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpnGatewayConnectionState, opts?: CustomResourceOptions): VpnGatewayConnection@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
internet_security_enabled: Optional[bool] = None,
name: Optional[str] = None,
remote_vpn_site_id: Optional[str] = None,
routing: Optional[VpnGatewayConnectionRoutingArgs] = None,
traffic_selector_policies: Optional[Sequence[VpnGatewayConnectionTrafficSelectorPolicyArgs]] = None,
vpn_gateway_id: Optional[str] = None,
vpn_links: Optional[Sequence[VpnGatewayConnectionVpnLinkArgs]] = None) -> VpnGatewayConnectionfunc GetVpnGatewayConnection(ctx *Context, name string, id IDInput, state *VpnGatewayConnectionState, opts ...ResourceOption) (*VpnGatewayConnection, error)public static VpnGatewayConnection Get(string name, Input<string> id, VpnGatewayConnectionState? state, CustomResourceOptions? opts = null)public static VpnGatewayConnection get(String name, Output<String> id, VpnGatewayConnectionState state, CustomResourceOptions options)resources: _: type: azure:network:VpnGatewayConnection get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below. - Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below.
- Internet
Security boolEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - Name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- Remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- Routing
Vpn
Gateway Connection Routing Args - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - Traffic
Selector []VpnPolicies Gateway Connection Traffic Selector Policy Args - One or more
traffic_selector_policyblocks as defined below. - Vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- Vpn
Links []VpnGateway Connection Vpn Link Args - One or more
vpn_linkblocks as defined below.
- internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<VpnPolicies Gateway Connection Traffic Selector Policy> - One or more
traffic_selector_policyblocks as defined below. - vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<VpnGateway Connection Vpn Link> - One or more
vpn_linkblocks as defined below.
- internet
Security booleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name string
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn stringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector VpnPolicies Gateway Connection Traffic Selector Policy[] - One or more
traffic_selector_policyblocks as defined below. - vpn
Gateway stringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links VpnGateway Connection Vpn Link[] - One or more
vpn_linkblocks as defined below.
- internet_
security_ boolenabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name str
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote_
vpn_ strsite_ id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing
Vpn
Gateway Connection Routing Args - A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic_
selector_ Sequence[Vpnpolicies Gateway Connection Traffic Selector Policy Args] - One or more
traffic_selector_policyblocks as defined below. - vpn_
gateway_ strid - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn_
links Sequence[VpnGateway Connection Vpn Link Args] - One or more
vpn_linkblocks as defined below.
- internet
Security BooleanEnabled - Whether Internet Security is enabled for this VPN Connection. Defaults to
false. - name String
- The name which should be used for this VPN Gateway Connection. Changing this forces a new VPN Gateway Connection to be created.
- remote
Vpn StringSite Id - The ID of the remote VPN Site, which will connect to the VPN Gateway. Changing this forces a new VPN Gateway Connection to be created.
- routing Property Map
- A
routingblock as defined below. If this is not specified, there will be a default route table created implicitly. - traffic
Selector List<Property Map>Policies - One or more
traffic_selector_policyblocks as defined below. - vpn
Gateway StringId - The ID of the VPN Gateway that this VPN Gateway Connection belongs to. Changing this forces a new VPN Gateway Connection to be created.
- vpn
Links List<Property Map> - One or more
vpn_linkblocks as defined below.
Supporting Types
VpnGatewayConnectionRouting, VpnGatewayConnectionRoutingArgs
- Associated
Route stringTable - The ID of the Route Table associated with this VPN Connection.
- Inbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- Outbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- Propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below.
- Associated
Route stringTable - The ID of the Route Table associated with this VPN Connection.
- Inbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- Outbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- Propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below.
- associated
Route StringTable - The ID of the Route Table associated with this VPN Connection.
- inbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below.
- associated
Route stringTable - The ID of the Route Table associated with this VPN Connection.
- inbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound
Route stringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated
Route VpnTable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below.
- associated_
route_ strtable - The ID of the Route Table associated with this VPN Connection.
- inbound_
route_ strmap_ id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound_
route_ strmap_ id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated_
route_ Vpntable Gateway Connection Routing Propagated Route Table - A
propagated_route_tableblock as defined below.
- associated
Route StringTable - The ID of the Route Table associated with this VPN Connection.
- inbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for inbound learned routes.
- outbound
Route StringMap Id - The resource ID of the Route Map associated with this Routing Configuration for outbound advertised routes.
- propagated
Route Property MapTable - A
propagated_route_tableblock as defined below.
VpnGatewayConnectionRoutingPropagatedRouteTable, VpnGatewayConnectionRoutingPropagatedRouteTableArgs
- Route
Table List<string>Ids - A list of Route Table IDs to associated with this VPN Gateway Connection.
- Labels List<string>
- A list of labels to assign to this route table.
- Route
Table []stringIds - A list of Route Table IDs to associated with this VPN Gateway Connection.
- Labels []string
- A list of labels to assign to this route table.
- route
Table List<String>Ids - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels List<String>
- A list of labels to assign to this route table.
- route
Table string[]Ids - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels string[]
- A list of labels to assign to this route table.
- route_
table_ Sequence[str]ids - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels Sequence[str]
- A list of labels to assign to this route table.
- route
Table List<String>Ids - A list of Route Table IDs to associated with this VPN Gateway Connection.
- labels List<String>
- A list of labels to assign to this route table.
VpnGatewayConnectionTrafficSelectorPolicy, VpnGatewayConnectionTrafficSelectorPolicyArgs
- Local
Address List<string>Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- Remote
Address List<string>Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- Local
Address []stringRanges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- Remote
Address []stringRanges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address List<String>Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address List<String>Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address string[]Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address string[]Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local_
address_ Sequence[str]ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote_
address_ Sequence[str]ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
- local
Address List<String>Ranges - A list of local address spaces in CIDR format for this VPN Gateway Connection.
- remote
Address List<String>Ranges - A list of remote address spaces in CIDR format for this VPN Gateway Connection.
VpnGatewayConnectionVpnLink, VpnGatewayConnectionVpnLinkArgs
- Name string
- The name which should be used for this VPN Link Connection.
- Vpn
Site stringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- Bandwidth
Mbps int - The expected connection bandwidth in MBPS. Defaults to
10. - Bgp
Enabled bool - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - Connection
Mode string - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - Custom
Bgp List<VpnAddresses Gateway Connection Vpn Link Custom Bgp Address> - One or more
custom_bgp_addressblocks as defined below. - Egress
Nat List<string>Rule Ids - A list of the egress NAT Rule Ids.
- Ingress
Nat List<string>Rule Ids - A list of the ingress NAT Rule Ids.
- Ipsec
Policies List<VpnGateway Connection Vpn Link Ipsec Policy> - One or more
ipsec_policyblocks as defined above. - Local
Azure boolIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false. - Policy
Based boolTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - Protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - Ratelimit
Enabled bool - Should the rate limit be enabled? Defaults to
false. - Route
Weight int - Routing weight for this VPN Link Connection. Defaults to
0. - string
- SharedKey for this VPN Link Connection.
- Name string
- The name which should be used for this VPN Link Connection.
- Vpn
Site stringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- Bandwidth
Mbps int - The expected connection bandwidth in MBPS. Defaults to
10. - Bgp
Enabled bool - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - Connection
Mode string - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - Custom
Bgp []VpnAddresses Gateway Connection Vpn Link Custom Bgp Address - One or more
custom_bgp_addressblocks as defined below. - Egress
Nat []stringRule Ids - A list of the egress NAT Rule Ids.
- Ingress
Nat []stringRule Ids - A list of the ingress NAT Rule Ids.
- Ipsec
Policies []VpnGateway Connection Vpn Link Ipsec Policy - One or more
ipsec_policyblocks as defined above. - Local
Azure boolIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false. - Policy
Based boolTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - Protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - Ratelimit
Enabled bool - Should the rate limit be enabled? Defaults to
false. - Route
Weight int - Routing weight for this VPN Link Connection. Defaults to
0. - string
- SharedKey for this VPN Link Connection.
- name String
- The name which should be used for this VPN Link Connection.
- vpn
Site StringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps Integer - The expected connection bandwidth in MBPS. Defaults to
10. - bgp
Enabled Boolean - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode String - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - custom
Bgp List<VpnAddresses Gateway Connection Vpn Link Custom Bgp Address> - One or more
custom_bgp_addressblocks as defined below. - egress
Nat List<String>Rule Ids - A list of the egress NAT Rule Ids.
- ingress
Nat List<String>Rule Ids - A list of the ingress NAT Rule Ids.
- ipsec
Policies List<VpnGateway Connection Vpn Link Ipsec Policy> - One or more
ipsec_policyblocks as defined above. - local
Azure BooleanIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false. - policy
Based BooleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol String
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit
Enabled Boolean - Should the rate limit be enabled? Defaults to
false. - route
Weight Integer - Routing weight for this VPN Link Connection. Defaults to
0. - String
- SharedKey for this VPN Link Connection.
- name string
- The name which should be used for this VPN Link Connection.
- vpn
Site stringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps number - The expected connection bandwidth in MBPS. Defaults to
10. - bgp
Enabled boolean - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode string - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - custom
Bgp VpnAddresses Gateway Connection Vpn Link Custom Bgp Address[] - One or more
custom_bgp_addressblocks as defined below. - egress
Nat string[]Rule Ids - A list of the egress NAT Rule Ids.
- ingress
Nat string[]Rule Ids - A list of the ingress NAT Rule Ids.
- ipsec
Policies VpnGateway Connection Vpn Link Ipsec Policy[] - One or more
ipsec_policyblocks as defined above. - local
Azure booleanIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false. - policy
Based booleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol string
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit
Enabled boolean - Should the rate limit be enabled? Defaults to
false. - route
Weight number - Routing weight for this VPN Link Connection. Defaults to
0. - string
- SharedKey for this VPN Link Connection.
- name str
- The name which should be used for this VPN Link Connection.
- vpn_
site_ strlink_ id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth_
mbps int - The expected connection bandwidth in MBPS. Defaults to
10. - bgp_
enabled bool - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection_
mode str - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - custom_
bgp_ Sequence[Vpnaddresses Gateway Connection Vpn Link Custom Bgp Address] - One or more
custom_bgp_addressblocks as defined below. - egress_
nat_ Sequence[str]rule_ ids - A list of the egress NAT Rule Ids.
- ingress_
nat_ Sequence[str]rule_ ids - A list of the ingress NAT Rule Ids.
- ipsec_
policies Sequence[VpnGateway Connection Vpn Link Ipsec Policy] - One or more
ipsec_policyblocks as defined above. - local_
azure_ boolip_ address_ enabled - Whether to use local Azure IP to initiate connection? Defaults to
false. - policy_
based_ booltraffic_ selector_ enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol str
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit_
enabled bool - Should the rate limit be enabled? Defaults to
false. - route_
weight int - Routing weight for this VPN Link Connection. Defaults to
0. - str
- SharedKey for this VPN Link Connection.
- name String
- The name which should be used for this VPN Link Connection.
- vpn
Site StringLink Id - The ID of the connected VPN Site Link. Changing this forces a new VPN Gateway Connection to be created.
- bandwidth
Mbps Number - The expected connection bandwidth in MBPS. Defaults to
10. - bgp
Enabled Boolean - Should the BGP be enabled? Defaults to
false. Changing this forces a new VPN Gateway Connection to be created. - connection
Mode String - The connection mode of this VPN Link. Possible values are
Default,InitiatorOnlyandResponderOnly. Defaults toDefault. - custom
Bgp List<Property Map>Addresses - One or more
custom_bgp_addressblocks as defined below. - egress
Nat List<String>Rule Ids - A list of the egress NAT Rule Ids.
- ingress
Nat List<String>Rule Ids - A list of the ingress NAT Rule Ids.
- ipsec
Policies List<Property Map> - One or more
ipsec_policyblocks as defined above. - local
Azure BooleanIp Address Enabled - Whether to use local Azure IP to initiate connection? Defaults to
false. - policy
Based BooleanTraffic Selector Enabled - Whether to enable policy-based traffic selectors? Defaults to
false. - protocol String
- The protocol used for this VPN Link Connection. Possible values are
IKEv1andIKEv2. Defaults toIKEv2. - ratelimit
Enabled Boolean - Should the rate limit be enabled? Defaults to
false. - route
Weight Number - Routing weight for this VPN Link Connection. Defaults to
0. - String
- SharedKey for this VPN Link Connection.
VpnGatewayConnectionVpnLinkCustomBgpAddress, VpnGatewayConnectionVpnLinkCustomBgpAddressArgs
- Ip
Address string - The custom bgp ip address which belongs to the IP Configuration.
- Ip
Configuration stringId - The ID of the IP Configuration which belongs to the VPN Gateway.
- Ip
Address string - The custom bgp ip address which belongs to the IP Configuration.
- Ip
Configuration stringId - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip
Address String - The custom bgp ip address which belongs to the IP Configuration.
- ip
Configuration StringId - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip
Address string - The custom bgp ip address which belongs to the IP Configuration.
- ip
Configuration stringId - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip_
address str - The custom bgp ip address which belongs to the IP Configuration.
- ip_
configuration_ strid - The ID of the IP Configuration which belongs to the VPN Gateway.
- ip
Address String - The custom bgp ip address which belongs to the IP Configuration.
- ip
Configuration StringId - The ID of the IP Configuration which belongs to the VPN Gateway.
VpnGatewayConnectionVpnLinkIpsecPolicy, VpnGatewayConnectionVpnLinkIpsecPolicyArgs
- Dh
Group string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - Encryption
Algorithm string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - Ike
Encryption stringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - Ike
Integrity stringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - Integrity
Algorithm string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - Pfs
Group string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - Sa
Data intSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- Sa
Lifetime intSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- Dh
Group string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - Encryption
Algorithm string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - Ike
Encryption stringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - Ike
Integrity stringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - Integrity
Algorithm string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - Pfs
Group string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - Sa
Data intSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- Sa
Lifetime intSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group String - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption
Algorithm String - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike
Encryption StringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike
Integrity StringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity
Algorithm String - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs
Group String - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa
Data IntegerSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime IntegerSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group string - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption
Algorithm string - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike
Encryption stringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike
Integrity stringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity
Algorithm string - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs
Group string - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa
Data numberSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime numberSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh_
group str - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption_
algorithm str - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike_
encryption_ stralgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike_
integrity_ stralgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity_
algorithm str - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs_
group str - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa_
data_ intsize_ kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa_
lifetime_ intsec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
- dh
Group String - The DH Group used in IKE Phase 1 for initial SA. Possible values are
None,DHGroup1,DHGroup2,DHGroup14,DHGroup24,DHGroup2048,ECP256,ECP384. - encryption
Algorithm String - The IPSec encryption algorithm (IKE phase 1). Possible values are
AES128,AES192,AES256,DES,DES3,GCMAES128,GCMAES192,GCMAES256,None. - ike
Encryption StringAlgorithm - The IKE encryption algorithm (IKE phase 2). Possible values are
DES,DES3,AES128,AES192,AES256,GCMAES128,GCMAES256. - ike
Integrity StringAlgorithm - The IKE integrity algorithm (IKE phase 2). Possible values are
MD5,SHA1,SHA256,SHA384,GCMAES128,GCMAES256. - integrity
Algorithm String - The IPSec integrity algorithm (IKE phase 1). Possible values are
MD5,SHA1,SHA256,GCMAES128,GCMAES192,GCMAES256. - pfs
Group String - The Pfs Group used in IKE Phase 2 for the new child SA. Possible values are
None,PFS1,PFS2,PFS14,PFS24,PFS2048,PFSMM,ECP256,ECP384. - sa
Data NumberSize Kb - The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for the site to site VPN tunnel.
- sa
Lifetime NumberSec - The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for the site to site VPN tunnel.
Import
VPN Gateway Connections can be imported using the resource id, e.g.
$ pulumi import azure:network/vpnGatewayConnection:VpnGatewayConnection example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/conn1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.