Docs Home
Packages
Alibaba Cloud v3.62.1 published on Monday, Sep 16, 2024 by Pulumi
alicloud.vpn.GatewayVpnAttachment
Explore with Pulumi AI
Provides a VPN Gateway Vpn Attachment resource.
For information about VPN Gateway Vpn Attachment and how to use it, see What is Vpn Attachment.
NOTE: Available since v1.181.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "tf-example";
const _default = new alicloud.vpn.CustomerGateway("default", {
customerGatewayName: name,
ipAddress: "42.104.22.210",
asn: "45014",
description: name,
});
const defaultGatewayVpnAttachment = new alicloud.vpn.GatewayVpnAttachment("default", {
customerGatewayId: _default.id,
networkType: "public",
localSubnet: "0.0.0.0/0",
remoteSubnet: "0.0.0.0/0",
effectImmediately: false,
ikeConfig: {
ikeAuthAlg: "md5",
ikeEncAlg: "des",
ikeVersion: "ikev2",
ikeMode: "main",
ikeLifetime: 86400,
psk: "tf-testvpn2",
ikePfs: "group1",
remoteId: "testbob2",
localId: "testalice2",
},
ipsecConfig: {
ipsecPfs: "group5",
ipsecEncAlg: "des",
ipsecAuthAlg: "md5",
ipsecLifetime: 86400,
},
bgpConfig: {
enable: true,
localAsn: 45014,
tunnelCidr: "169.254.11.0/30",
localBgpIp: "169.254.11.1",
},
healthCheckConfig: {
enable: true,
sip: "192.168.1.1",
dip: "10.0.0.1",
interval: 10,
retry: 10,
policy: "revoke_route",
},
enableDpd: true,
enableNatTraversal: true,
vpnAttachmentName: name,
});
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "tf-example"
default = alicloud.vpn.CustomerGateway("default",
customer_gateway_name=name,
ip_address="42.104.22.210",
asn="45014",
description=name)
default_gateway_vpn_attachment = alicloud.vpn.GatewayVpnAttachment("default",
customer_gateway_id=default.id,
network_type="public",
local_subnet="0.0.0.0/0",
remote_subnet="0.0.0.0/0",
effect_immediately=False,
ike_config={
"ike_auth_alg": "md5",
"ike_enc_alg": "des",
"ike_version": "ikev2",
"ike_mode": "main",
"ike_lifetime": 86400,
"psk": "tf-testvpn2",
"ike_pfs": "group1",
"remote_id": "testbob2",
"local_id": "testalice2",
},
ipsec_config={
"ipsec_pfs": "group5",
"ipsec_enc_alg": "des",
"ipsec_auth_alg": "md5",
"ipsec_lifetime": 86400,
},
bgp_config={
"enable": True,
"local_asn": 45014,
"tunnel_cidr": "169.254.11.0/30",
"local_bgp_ip": "169.254.11.1",
},
health_check_config={
"enable": True,
"sip": "192.168.1.1",
"dip": "10.0.0.1",
"interval": 10,
"retry": 10,
"policy": "revoke_route",
},
enable_dpd=True,
enable_nat_traversal=True,
vpn_attachment_name=name)
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpn"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "tf-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_, err := vpn.NewCustomerGateway(ctx, "default", &vpn.CustomerGatewayArgs{
CustomerGatewayName: pulumi.String(name),
IpAddress: pulumi.String("42.104.22.210"),
Asn: pulumi.String("45014"),
Description: pulumi.String(name),
})
if err != nil {
return err
}
_, err = vpn.NewGatewayVpnAttachment(ctx, "default", &vpn.GatewayVpnAttachmentArgs{
CustomerGatewayId: _default.ID(),
NetworkType: pulumi.String("public"),
LocalSubnet: pulumi.String("0.0.0.0/0"),
RemoteSubnet: pulumi.String("0.0.0.0/0"),
EffectImmediately: pulumi.Bool(false),
IkeConfig: &vpn.GatewayVpnAttachmentIkeConfigArgs{
IkeAuthAlg: pulumi.String("md5"),
IkeEncAlg: pulumi.String("des"),
IkeVersion: pulumi.String("ikev2"),
IkeMode: pulumi.String("main"),
IkeLifetime: pulumi.Int(86400),
Psk: pulumi.String("tf-testvpn2"),
IkePfs: pulumi.String("group1"),
RemoteId: pulumi.String("testbob2"),
LocalId: pulumi.String("testalice2"),
},
IpsecConfig: &vpn.GatewayVpnAttachmentIpsecConfigArgs{
IpsecPfs: pulumi.String("group5"),
IpsecEncAlg: pulumi.String("des"),
IpsecAuthAlg: pulumi.String("md5"),
IpsecLifetime: pulumi.Int(86400),
},
BgpConfig: &vpn.GatewayVpnAttachmentBgpConfigArgs{
Enable: pulumi.Bool(true),
LocalAsn: pulumi.Int(45014),
TunnelCidr: pulumi.String("169.254.11.0/30"),
LocalBgpIp: pulumi.String("169.254.11.1"),
},
HealthCheckConfig: &vpn.GatewayVpnAttachmentHealthCheckConfigArgs{
Enable: pulumi.Bool(true),
Sip: pulumi.String("192.168.1.1"),
Dip: pulumi.String("10.0.0.1"),
Interval: pulumi.Int(10),
Retry: pulumi.Int(10),
Policy: pulumi.String("revoke_route"),
},
EnableDpd: pulumi.Bool(true),
EnableNatTraversal: pulumi.Bool(true),
VpnAttachmentName: pulumi.String(name),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "tf-example";
var @default = new AliCloud.Vpn.CustomerGateway("default", new()
{
CustomerGatewayName = name,
IpAddress = "42.104.22.210",
Asn = "45014",
Description = name,
});
var defaultGatewayVpnAttachment = new AliCloud.Vpn.GatewayVpnAttachment("default", new()
{
CustomerGatewayId = @default.Id,
NetworkType = "public",
LocalSubnet = "0.0.0.0/0",
RemoteSubnet = "0.0.0.0/0",
EffectImmediately = false,
IkeConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentIkeConfigArgs
{
IkeAuthAlg = "md5",
IkeEncAlg = "des",
IkeVersion = "ikev2",
IkeMode = "main",
IkeLifetime = 86400,
Psk = "tf-testvpn2",
IkePfs = "group1",
RemoteId = "testbob2",
LocalId = "testalice2",
},
IpsecConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentIpsecConfigArgs
{
IpsecPfs = "group5",
IpsecEncAlg = "des",
IpsecAuthAlg = "md5",
IpsecLifetime = 86400,
},
BgpConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentBgpConfigArgs
{
Enable = true,
LocalAsn = 45014,
TunnelCidr = "169.254.11.0/30",
LocalBgpIp = "169.254.11.1",
},
HealthCheckConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentHealthCheckConfigArgs
{
Enable = true,
Sip = "192.168.1.1",
Dip = "10.0.0.1",
Interval = 10,
Retry = 10,
Policy = "revoke_route",
},
EnableDpd = true,
EnableNatTraversal = true,
VpnAttachmentName = name,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.vpn.CustomerGateway;
import com.pulumi.alicloud.vpn.CustomerGatewayArgs;
import com.pulumi.alicloud.vpn.GatewayVpnAttachment;
import com.pulumi.alicloud.vpn.GatewayVpnAttachmentArgs;
import com.pulumi.alicloud.vpn.inputs.GatewayVpnAttachmentIkeConfigArgs;
import com.pulumi.alicloud.vpn.inputs.GatewayVpnAttachmentIpsecConfigArgs;
import com.pulumi.alicloud.vpn.inputs.GatewayVpnAttachmentBgpConfigArgs;
import com.pulumi.alicloud.vpn.inputs.GatewayVpnAttachmentHealthCheckConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("tf-example");
var default_ = new CustomerGateway("default", CustomerGatewayArgs.builder()
.customerGatewayName(name)
.ipAddress("42.104.22.210")
.asn("45014")
.description(name)
.build());
var defaultGatewayVpnAttachment = new GatewayVpnAttachment("defaultGatewayVpnAttachment", GatewayVpnAttachmentArgs.builder()
.customerGatewayId(default_.id())
.networkType("public")
.localSubnet("0.0.0.0/0")
.remoteSubnet("0.0.0.0/0")
.effectImmediately(false)
.ikeConfig(GatewayVpnAttachmentIkeConfigArgs.builder()
.ikeAuthAlg("md5")
.ikeEncAlg("des")
.ikeVersion("ikev2")
.ikeMode("main")
.ikeLifetime(86400)
.psk("tf-testvpn2")
.ikePfs("group1")
.remoteId("testbob2")
.localId("testalice2")
.build())
.ipsecConfig(GatewayVpnAttachmentIpsecConfigArgs.builder()
.ipsecPfs("group5")
.ipsecEncAlg("des")
.ipsecAuthAlg("md5")
.ipsecLifetime(86400)
.build())
.bgpConfig(GatewayVpnAttachmentBgpConfigArgs.builder()
.enable(true)
.localAsn(45014)
.tunnelCidr("169.254.11.0/30")
.localBgpIp("169.254.11.1")
.build())
.healthCheckConfig(GatewayVpnAttachmentHealthCheckConfigArgs.builder()
.enable(true)
.sip("192.168.1.1")
.dip("10.0.0.1")
.interval(10)
.retry(10)
.policy("revoke_route")
.build())
.enableDpd(true)
.enableNatTraversal(true)
.vpnAttachmentName(name)
.build());
}
}
configuration:
name:
type: string
default: tf-example
resources:
default:
type: alicloud:vpn:CustomerGateway
properties:
customerGatewayName: ${name}
ipAddress: 42.104.22.210
asn: '45014'
description: ${name}
defaultGatewayVpnAttachment:
type: alicloud:vpn:GatewayVpnAttachment
name: default
properties:
customerGatewayId: ${default.id}
networkType: public
localSubnet: 0.0.0.0/0
remoteSubnet: 0.0.0.0/0
effectImmediately: false
ikeConfig:
ikeAuthAlg: md5
ikeEncAlg: des
ikeVersion: ikev2
ikeMode: main
ikeLifetime: 86400
psk: tf-testvpn2
ikePfs: group1
remoteId: testbob2
localId: testalice2
ipsecConfig:
ipsecPfs: group5
ipsecEncAlg: des
ipsecAuthAlg: md5
ipsecLifetime: 86400
bgpConfig:
enable: true
localAsn: 45014
tunnelCidr: 169.254.11.0/30
localBgpIp: 169.254.11.1
healthCheckConfig:
enable: true
sip: 192.168.1.1
dip: 10.0.0.1
interval: 10
retry: 10
policy: revoke_route
enableDpd: true
enableNatTraversal: true
vpnAttachmentName: ${name}
Create GatewayVpnAttachment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GatewayVpnAttachment(name: string, args: GatewayVpnAttachmentArgs, opts?: CustomResourceOptions);@overload
def GatewayVpnAttachment(resource_name: str,
args: GatewayVpnAttachmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GatewayVpnAttachment(resource_name: str,
opts: Optional[ResourceOptions] = None,
customer_gateway_id: Optional[str] = None,
local_subnet: Optional[str] = None,
remote_subnet: Optional[str] = None,
bgp_config: Optional[GatewayVpnAttachmentBgpConfigArgs] = None,
effect_immediately: Optional[bool] = None,
enable_dpd: Optional[bool] = None,
enable_nat_traversal: Optional[bool] = None,
health_check_config: Optional[GatewayVpnAttachmentHealthCheckConfigArgs] = None,
ike_config: Optional[GatewayVpnAttachmentIkeConfigArgs] = None,
ipsec_config: Optional[GatewayVpnAttachmentIpsecConfigArgs] = None,
network_type: Optional[str] = None,
vpn_attachment_name: Optional[str] = None)func NewGatewayVpnAttachment(ctx *Context, name string, args GatewayVpnAttachmentArgs, opts ...ResourceOption) (*GatewayVpnAttachment, error)public GatewayVpnAttachment(string name, GatewayVpnAttachmentArgs args, CustomResourceOptions? opts = null)
public GatewayVpnAttachment(String name, GatewayVpnAttachmentArgs args)
public GatewayVpnAttachment(String name, GatewayVpnAttachmentArgs args, CustomResourceOptions options)
type: alicloud:vpn:GatewayVpnAttachment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GatewayVpnAttachmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GatewayVpnAttachmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GatewayVpnAttachmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GatewayVpnAttachmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GatewayVpnAttachmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gatewayVpnAttachmentResource = new AliCloud.Vpn.GatewayVpnAttachment("gatewayVpnAttachmentResource", new()
{
CustomerGatewayId = "string",
LocalSubnet = "string",
RemoteSubnet = "string",
BgpConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentBgpConfigArgs
{
Enable = false,
LocalAsn = 0,
LocalBgpIp = "string",
TunnelCidr = "string",
},
EffectImmediately = false,
EnableDpd = false,
EnableNatTraversal = false,
HealthCheckConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentHealthCheckConfigArgs
{
Dip = "string",
Enable = false,
Interval = 0,
Policy = "string",
Retry = 0,
Sip = "string",
},
IkeConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentIkeConfigArgs
{
IkeAuthAlg = "string",
IkeEncAlg = "string",
IkeLifetime = 0,
IkeMode = "string",
IkePfs = "string",
IkeVersion = "string",
LocalId = "string",
Psk = "string",
RemoteId = "string",
},
IpsecConfig = new AliCloud.Vpn.Inputs.GatewayVpnAttachmentIpsecConfigArgs
{
IpsecAuthAlg = "string",
IpsecEncAlg = "string",
IpsecLifetime = 0,
IpsecPfs = "string",
},
NetworkType = "string",
VpnAttachmentName = "string",
});
example, err := vpn.NewGatewayVpnAttachment(ctx, "gatewayVpnAttachmentResource", &vpn.GatewayVpnAttachmentArgs{
CustomerGatewayId: pulumi.String("string"),
LocalSubnet: pulumi.String("string"),
RemoteSubnet: pulumi.String("string"),
BgpConfig: &vpn.GatewayVpnAttachmentBgpConfigArgs{
Enable: pulumi.Bool(false),
LocalAsn: pulumi.Int(0),
LocalBgpIp: pulumi.String("string"),
TunnelCidr: pulumi.String("string"),
},
EffectImmediately: pulumi.Bool(false),
EnableDpd: pulumi.Bool(false),
EnableNatTraversal: pulumi.Bool(false),
HealthCheckConfig: &vpn.GatewayVpnAttachmentHealthCheckConfigArgs{
Dip: pulumi.String("string"),
Enable: pulumi.Bool(false),
Interval: pulumi.Int(0),
Policy: pulumi.String("string"),
Retry: pulumi.Int(0),
Sip: pulumi.String("string"),
},
IkeConfig: &vpn.GatewayVpnAttachmentIkeConfigArgs{
IkeAuthAlg: pulumi.String("string"),
IkeEncAlg: pulumi.String("string"),
IkeLifetime: pulumi.Int(0),
IkeMode: pulumi.String("string"),
IkePfs: pulumi.String("string"),
IkeVersion: pulumi.String("string"),
LocalId: pulumi.String("string"),
Psk: pulumi.String("string"),
RemoteId: pulumi.String("string"),
},
IpsecConfig: &vpn.GatewayVpnAttachmentIpsecConfigArgs{
IpsecAuthAlg: pulumi.String("string"),
IpsecEncAlg: pulumi.String("string"),
IpsecLifetime: pulumi.Int(0),
IpsecPfs: pulumi.String("string"),
},
NetworkType: pulumi.String("string"),
VpnAttachmentName: pulumi.String("string"),
})
var gatewayVpnAttachmentResource = new GatewayVpnAttachment("gatewayVpnAttachmentResource", GatewayVpnAttachmentArgs.builder()
.customerGatewayId("string")
.localSubnet("string")
.remoteSubnet("string")
.bgpConfig(GatewayVpnAttachmentBgpConfigArgs.builder()
.enable(false)
.localAsn(0)
.localBgpIp("string")
.tunnelCidr("string")
.build())
.effectImmediately(false)
.enableDpd(false)
.enableNatTraversal(false)
.healthCheckConfig(GatewayVpnAttachmentHealthCheckConfigArgs.builder()
.dip("string")
.enable(false)
.interval(0)
.policy("string")
.retry(0)
.sip("string")
.build())
.ikeConfig(GatewayVpnAttachmentIkeConfigArgs.builder()
.ikeAuthAlg("string")
.ikeEncAlg("string")
.ikeLifetime(0)
.ikeMode("string")
.ikePfs("string")
.ikeVersion("string")
.localId("string")
.psk("string")
.remoteId("string")
.build())
.ipsecConfig(GatewayVpnAttachmentIpsecConfigArgs.builder()
.ipsecAuthAlg("string")
.ipsecEncAlg("string")
.ipsecLifetime(0)
.ipsecPfs("string")
.build())
.networkType("string")
.vpnAttachmentName("string")
.build());
gateway_vpn_attachment_resource = alicloud.vpn.GatewayVpnAttachment("gatewayVpnAttachmentResource",
customer_gateway_id="string",
local_subnet="string",
remote_subnet="string",
bgp_config=alicloud.vpn.GatewayVpnAttachmentBgpConfigArgs(
enable=False,
local_asn=0,
local_bgp_ip="string",
tunnel_cidr="string",
),
effect_immediately=False,
enable_dpd=False,
enable_nat_traversal=False,
health_check_config=alicloud.vpn.GatewayVpnAttachmentHealthCheckConfigArgs(
dip="string",
enable=False,
interval=0,
policy="string",
retry=0,
sip="string",
),
ike_config=alicloud.vpn.GatewayVpnAttachmentIkeConfigArgs(
ike_auth_alg="string",
ike_enc_alg="string",
ike_lifetime=0,
ike_mode="string",
ike_pfs="string",
ike_version="string",
local_id="string",
psk="string",
remote_id="string",
),
ipsec_config=alicloud.vpn.GatewayVpnAttachmentIpsecConfigArgs(
ipsec_auth_alg="string",
ipsec_enc_alg="string",
ipsec_lifetime=0,
ipsec_pfs="string",
),
network_type="string",
vpn_attachment_name="string")
const gatewayVpnAttachmentResource = new alicloud.vpn.GatewayVpnAttachment("gatewayVpnAttachmentResource", {
customerGatewayId: "string",
localSubnet: "string",
remoteSubnet: "string",
bgpConfig: {
enable: false,
localAsn: 0,
localBgpIp: "string",
tunnelCidr: "string",
},
effectImmediately: false,
enableDpd: false,
enableNatTraversal: false,
healthCheckConfig: {
dip: "string",
enable: false,
interval: 0,
policy: "string",
retry: 0,
sip: "string",
},
ikeConfig: {
ikeAuthAlg: "string",
ikeEncAlg: "string",
ikeLifetime: 0,
ikeMode: "string",
ikePfs: "string",
ikeVersion: "string",
localId: "string",
psk: "string",
remoteId: "string",
},
ipsecConfig: {
ipsecAuthAlg: "string",
ipsecEncAlg: "string",
ipsecLifetime: 0,
ipsecPfs: "string",
},
networkType: "string",
vpnAttachmentName: "string",
});
type: alicloud:vpn:GatewayVpnAttachment
properties:
bgpConfig:
enable: false
localAsn: 0
localBgpIp: string
tunnelCidr: string
customerGatewayId: string
effectImmediately: false
enableDpd: false
enableNatTraversal: false
healthCheckConfig:
dip: string
enable: false
interval: 0
policy: string
retry: 0
sip: string
ikeConfig:
ikeAuthAlg: string
ikeEncAlg: string
ikeLifetime: 0
ikeMode: string
ikePfs: string
ikeVersion: string
localId: string
psk: string
remoteId: string
ipsecConfig:
ipsecAuthAlg: string
ipsecEncAlg: string
ipsecLifetime: 0
ipsecPfs: string
localSubnet: string
networkType: string
remoteSubnet: string
vpnAttachmentName: string
GatewayVpnAttachment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The GatewayVpnAttachment resource accepts the following input properties:
- Customer
Gateway stringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - Local
Subnet string - The CIDR block of the virtual private cloud (VPC).
- Remote
Subnet string - The CIDR block of the on-premises data center.
- Bgp
Config Pulumi.Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Bgp Config - Bgp configuration information. See
bgp_configbelow. - Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Whether to enable the DPD (peer survival detection) function.
- Enable
Nat boolTraversal - Allow NAT penetration.
- Health
Check Pulumi.Config Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Health Check Config - Health check configuration information. See
health_check_configbelow. - Ike
Config Pulumi.Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Ike Config - Configuration negotiated in the second stage. See
ike_configbelow. - Ipsec
Config Pulumi.Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Ipsec Config - Configuration negotiated in the second stage. See
ipsec_configbelow. - Network
Type string - The network type of the IPsec connection. Valid values:
public,private. - Vpn
Attachment stringName - The name of the vpn attachment.
- Customer
Gateway stringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - Local
Subnet string - The CIDR block of the virtual private cloud (VPC).
- Remote
Subnet string - The CIDR block of the on-premises data center.
- Bgp
Config GatewayVpn Attachment Bgp Config Args - Bgp configuration information. See
bgp_configbelow. - Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Whether to enable the DPD (peer survival detection) function.
- Enable
Nat boolTraversal - Allow NAT penetration.
- Health
Check GatewayConfig Vpn Attachment Health Check Config Args - Health check configuration information. See
health_check_configbelow. - Ike
Config GatewayVpn Attachment Ike Config Args - Configuration negotiated in the second stage. See
ike_configbelow. - Ipsec
Config GatewayVpn Attachment Ipsec Config Args - Configuration negotiated in the second stage. See
ipsec_configbelow. - Network
Type string - The network type of the IPsec connection. Valid values:
public,private. - Vpn
Attachment stringName - The name of the vpn attachment.
- customer
Gateway StringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - local
Subnet String - The CIDR block of the virtual private cloud (VPC).
- remote
Subnet String - The CIDR block of the on-premises data center.
- bgp
Config GatewayVpn Attachment Bgp Config - Bgp configuration information. See
bgp_configbelow. - effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Whether to enable the DPD (peer survival detection) function.
- enable
Nat BooleanTraversal - Allow NAT penetration.
- health
Check GatewayConfig Vpn Attachment Health Check Config - Health check configuration information. See
health_check_configbelow. - ike
Config GatewayVpn Attachment Ike Config - Configuration negotiated in the second stage. See
ike_configbelow. - ipsec
Config GatewayVpn Attachment Ipsec Config - Configuration negotiated in the second stage. See
ipsec_configbelow. - network
Type String - The network type of the IPsec connection. Valid values:
public,private. - vpn
Attachment StringName - The name of the vpn attachment.
- customer
Gateway stringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - local
Subnet string - The CIDR block of the virtual private cloud (VPC).
- remote
Subnet string - The CIDR block of the on-premises data center.
- bgp
Config GatewayVpn Attachment Bgp Config - Bgp configuration information. See
bgp_configbelow. - effect
Immediately boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd boolean - Whether to enable the DPD (peer survival detection) function.
- enable
Nat booleanTraversal - Allow NAT penetration.
- health
Check GatewayConfig Vpn Attachment Health Check Config - Health check configuration information. See
health_check_configbelow. - ike
Config GatewayVpn Attachment Ike Config - Configuration negotiated in the second stage. See
ike_configbelow. - ipsec
Config GatewayVpn Attachment Ipsec Config - Configuration negotiated in the second stage. See
ipsec_configbelow. - network
Type string - The network type of the IPsec connection. Valid values:
public,private. - vpn
Attachment stringName - The name of the vpn attachment.
- customer_
gateway_ strid - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - local_
subnet str - The CIDR block of the virtual private cloud (VPC).
- remote_
subnet str - The CIDR block of the on-premises data center.
- bgp_
config GatewayVpn Attachment Bgp Config Args - Bgp configuration information. See
bgp_configbelow. - effect_
immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable_
dpd bool - Whether to enable the DPD (peer survival detection) function.
- enable_
nat_ booltraversal - Allow NAT penetration.
- health_
check_ Gatewayconfig Vpn Attachment Health Check Config Args - Health check configuration information. See
health_check_configbelow. - ike_
config GatewayVpn Attachment Ike Config Args - Configuration negotiated in the second stage. See
ike_configbelow. - ipsec_
config GatewayVpn Attachment Ipsec Config Args - Configuration negotiated in the second stage. See
ipsec_configbelow. - network_
type str - The network type of the IPsec connection. Valid values:
public,private. - vpn_
attachment_ strname - The name of the vpn attachment.
- customer
Gateway StringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - local
Subnet String - The CIDR block of the virtual private cloud (VPC).
- remote
Subnet String - The CIDR block of the on-premises data center.
- bgp
Config Property Map - Bgp configuration information. See
bgp_configbelow. - effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Whether to enable the DPD (peer survival detection) function.
- enable
Nat BooleanTraversal - Allow NAT penetration.
- health
Check Property MapConfig - Health check configuration information. See
health_check_configbelow. - ike
Config Property Map - Configuration negotiated in the second stage. See
ike_configbelow. - ipsec
Config Property Map - Configuration negotiated in the second stage. See
ipsec_configbelow. - network
Type String - The network type of the IPsec connection. Valid values:
public,private. - vpn
Attachment StringName - The name of the vpn attachment.
Outputs
All input properties are implicitly available as output properties. Additionally, the GatewayVpnAttachment resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Internet
Ip string - The VPN gateway IP.
- Status string
- The status of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Internet
Ip string - The VPN gateway IP.
- Status string
- The status of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- internet
Ip String - The VPN gateway IP.
- status String
- The status of the resource.
- id string
- The provider-assigned unique ID for this managed resource.
- internet
Ip string - The VPN gateway IP.
- status string
- The status of the resource.
- id str
- The provider-assigned unique ID for this managed resource.
- internet_
ip str - The VPN gateway IP.
- status str
- The status of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- internet
Ip String - The VPN gateway IP.
- status String
- The status of the resource.
Look up Existing GatewayVpnAttachment Resource
Get an existing GatewayVpnAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GatewayVpnAttachmentState, opts?: CustomResourceOptions): GatewayVpnAttachment@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bgp_config: Optional[GatewayVpnAttachmentBgpConfigArgs] = None,
customer_gateway_id: Optional[str] = None,
effect_immediately: Optional[bool] = None,
enable_dpd: Optional[bool] = None,
enable_nat_traversal: Optional[bool] = None,
health_check_config: Optional[GatewayVpnAttachmentHealthCheckConfigArgs] = None,
ike_config: Optional[GatewayVpnAttachmentIkeConfigArgs] = None,
internet_ip: Optional[str] = None,
ipsec_config: Optional[GatewayVpnAttachmentIpsecConfigArgs] = None,
local_subnet: Optional[str] = None,
network_type: Optional[str] = None,
remote_subnet: Optional[str] = None,
status: Optional[str] = None,
vpn_attachment_name: Optional[str] = None) -> GatewayVpnAttachmentfunc GetGatewayVpnAttachment(ctx *Context, name string, id IDInput, state *GatewayVpnAttachmentState, opts ...ResourceOption) (*GatewayVpnAttachment, error)public static GatewayVpnAttachment Get(string name, Input<string> id, GatewayVpnAttachmentState? state, CustomResourceOptions? opts = null)public static GatewayVpnAttachment get(String name, Output<String> id, GatewayVpnAttachmentState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bgp
Config Pulumi.Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Bgp Config - Bgp configuration information. See
bgp_configbelow. - Customer
Gateway stringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Whether to enable the DPD (peer survival detection) function.
- Enable
Nat boolTraversal - Allow NAT penetration.
- Health
Check Pulumi.Config Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Health Check Config - Health check configuration information. See
health_check_configbelow. - Ike
Config Pulumi.Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Ike Config - Configuration negotiated in the second stage. See
ike_configbelow. - Internet
Ip string - The VPN gateway IP.
- Ipsec
Config Pulumi.Ali Cloud. Vpn. Inputs. Gateway Vpn Attachment Ipsec Config - Configuration negotiated in the second stage. See
ipsec_configbelow. - Local
Subnet string - The CIDR block of the virtual private cloud (VPC).
- Network
Type string - The network type of the IPsec connection. Valid values:
public,private. - Remote
Subnet string - The CIDR block of the on-premises data center.
- Status string
- The status of the resource.
- Vpn
Attachment stringName - The name of the vpn attachment.
- Bgp
Config GatewayVpn Attachment Bgp Config Args - Bgp configuration information. See
bgp_configbelow. - Customer
Gateway stringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - Effect
Immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- Enable
Dpd bool - Whether to enable the DPD (peer survival detection) function.
- Enable
Nat boolTraversal - Allow NAT penetration.
- Health
Check GatewayConfig Vpn Attachment Health Check Config Args - Health check configuration information. See
health_check_configbelow. - Ike
Config GatewayVpn Attachment Ike Config Args - Configuration negotiated in the second stage. See
ike_configbelow. - Internet
Ip string - The VPN gateway IP.
- Ipsec
Config GatewayVpn Attachment Ipsec Config Args - Configuration negotiated in the second stage. See
ipsec_configbelow. - Local
Subnet string - The CIDR block of the virtual private cloud (VPC).
- Network
Type string - The network type of the IPsec connection. Valid values:
public,private. - Remote
Subnet string - The CIDR block of the on-premises data center.
- Status string
- The status of the resource.
- Vpn
Attachment stringName - The name of the vpn attachment.
- bgp
Config GatewayVpn Attachment Bgp Config - Bgp configuration information. See
bgp_configbelow. - customer
Gateway StringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Whether to enable the DPD (peer survival detection) function.
- enable
Nat BooleanTraversal - Allow NAT penetration.
- health
Check GatewayConfig Vpn Attachment Health Check Config - Health check configuration information. See
health_check_configbelow. - ike
Config GatewayVpn Attachment Ike Config - Configuration negotiated in the second stage. See
ike_configbelow. - internet
Ip String - The VPN gateway IP.
- ipsec
Config GatewayVpn Attachment Ipsec Config - Configuration negotiated in the second stage. See
ipsec_configbelow. - local
Subnet String - The CIDR block of the virtual private cloud (VPC).
- network
Type String - The network type of the IPsec connection. Valid values:
public,private. - remote
Subnet String - The CIDR block of the on-premises data center.
- status String
- The status of the resource.
- vpn
Attachment StringName - The name of the vpn attachment.
- bgp
Config GatewayVpn Attachment Bgp Config - Bgp configuration information. See
bgp_configbelow. - customer
Gateway stringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - effect
Immediately boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd boolean - Whether to enable the DPD (peer survival detection) function.
- enable
Nat booleanTraversal - Allow NAT penetration.
- health
Check GatewayConfig Vpn Attachment Health Check Config - Health check configuration information. See
health_check_configbelow. - ike
Config GatewayVpn Attachment Ike Config - Configuration negotiated in the second stage. See
ike_configbelow. - internet
Ip string - The VPN gateway IP.
- ipsec
Config GatewayVpn Attachment Ipsec Config - Configuration negotiated in the second stage. See
ipsec_configbelow. - local
Subnet string - The CIDR block of the virtual private cloud (VPC).
- network
Type string - The network type of the IPsec connection. Valid values:
public,private. - remote
Subnet string - The CIDR block of the on-premises data center.
- status string
- The status of the resource.
- vpn
Attachment stringName - The name of the vpn attachment.
- bgp_
config GatewayVpn Attachment Bgp Config Args - Bgp configuration information. See
bgp_configbelow. - customer_
gateway_ strid - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - effect_
immediately bool - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable_
dpd bool - Whether to enable the DPD (peer survival detection) function.
- enable_
nat_ booltraversal - Allow NAT penetration.
- health_
check_ Gatewayconfig Vpn Attachment Health Check Config Args - Health check configuration information. See
health_check_configbelow. - ike_
config GatewayVpn Attachment Ike Config Args - Configuration negotiated in the second stage. See
ike_configbelow. - internet_
ip str - The VPN gateway IP.
- ipsec_
config GatewayVpn Attachment Ipsec Config Args - Configuration negotiated in the second stage. See
ipsec_configbelow. - local_
subnet str - The CIDR block of the virtual private cloud (VPC).
- network_
type str - The network type of the IPsec connection. Valid values:
public,private. - remote_
subnet str - The CIDR block of the on-premises data center.
- status str
- The status of the resource.
- vpn_
attachment_ strname - The name of the vpn attachment.
- bgp
Config Property Map - Bgp configuration information. See
bgp_configbelow. - customer
Gateway StringId - The ID of the customer gateway. From version 1.196.0,
customer_gateway_idcan be modified. - effect
Immediately Boolean - Indicates whether IPsec-VPN negotiations are initiated immediately. Valid values.
- enable
Dpd Boolean - Whether to enable the DPD (peer survival detection) function.
- enable
Nat BooleanTraversal - Allow NAT penetration.
- health
Check Property MapConfig - Health check configuration information. See
health_check_configbelow. - ike
Config Property Map - Configuration negotiated in the second stage. See
ike_configbelow. - internet
Ip String - The VPN gateway IP.
- ipsec
Config Property Map - Configuration negotiated in the second stage. See
ipsec_configbelow. - local
Subnet String - The CIDR block of the virtual private cloud (VPC).
- network
Type String - The network type of the IPsec connection. Valid values:
public,private. - remote
Subnet String - The CIDR block of the on-premises data center.
- status String
- The status of the resource.
- vpn
Attachment StringName - The name of the vpn attachment.
Supporting Types
GatewayVpnAttachmentBgpConfig, GatewayVpnAttachmentBgpConfigArgs
- Enable bool
- Whether to enable BGP.
- Local
Asn int - The ASN on the Alibaba Cloud side.
- Local
Bgp stringIp - The BGP IP address on the Alibaba Cloud side.
- Tunnel
Cidr string - The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- Enable bool
- Whether to enable BGP.
- Local
Asn int - The ASN on the Alibaba Cloud side.
- Local
Bgp stringIp - The BGP IP address on the Alibaba Cloud side.
- Tunnel
Cidr string - The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable Boolean
- Whether to enable BGP.
- local
Asn Integer - The ASN on the Alibaba Cloud side.
- local
Bgp StringIp - The BGP IP address on the Alibaba Cloud side.
- tunnel
Cidr String - The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable boolean
- Whether to enable BGP.
- local
Asn number - The ASN on the Alibaba Cloud side.
- local
Bgp stringIp - The BGP IP address on the Alibaba Cloud side.
- tunnel
Cidr string - The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable bool
- Whether to enable BGP.
- local_
asn int - The ASN on the Alibaba Cloud side.
- local_
bgp_ strip - The BGP IP address on the Alibaba Cloud side.
- tunnel_
cidr str - The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
- enable Boolean
- Whether to enable BGP.
- local
Asn Number - The ASN on the Alibaba Cloud side.
- local
Bgp StringIp - The BGP IP address on the Alibaba Cloud side.
- tunnel
Cidr String - The CIDR block of the IPsec tunnel. The CIDR block belongs to 169.254.0.0/16. The mask of the CIDR block is 30 bits in length.
GatewayVpnAttachmentHealthCheckConfig, GatewayVpnAttachmentHealthCheckConfigArgs
- Dip string
- The destination IP address that is used for health checks.
- Enable bool
- Specifies whether to enable health checks.
- Interval int
- The interval between two consecutive health checks. Unit: seconds.
- Policy string
- Whether to revoke the published route when the health check fails. Valid values:
revoke_routeorreserve_route. - Retry int
- The maximum number of health check retries.
- Sip string
- The source IP address that is used for health checks.
- Dip string
- The destination IP address that is used for health checks.
- Enable bool
- Specifies whether to enable health checks.
- Interval int
- The interval between two consecutive health checks. Unit: seconds.
- Policy string
- Whether to revoke the published route when the health check fails. Valid values:
revoke_routeorreserve_route. - Retry int
- The maximum number of health check retries.
- Sip string
- The source IP address that is used for health checks.
- dip String
- The destination IP address that is used for health checks.
- enable Boolean
- Specifies whether to enable health checks.
- interval Integer
- The interval between two consecutive health checks. Unit: seconds.
- policy String
- Whether to revoke the published route when the health check fails. Valid values:
revoke_routeorreserve_route. - retry Integer
- The maximum number of health check retries.
- sip String
- The source IP address that is used for health checks.
- dip string
- The destination IP address that is used for health checks.
- enable boolean
- Specifies whether to enable health checks.
- interval number
- The interval between two consecutive health checks. Unit: seconds.
- policy string
- Whether to revoke the published route when the health check fails. Valid values:
revoke_routeorreserve_route. - retry number
- The maximum number of health check retries.
- sip string
- The source IP address that is used for health checks.
- dip str
- The destination IP address that is used for health checks.
- enable bool
- Specifies whether to enable health checks.
- interval int
- The interval between two consecutive health checks. Unit: seconds.
- policy str
- Whether to revoke the published route when the health check fails. Valid values:
revoke_routeorreserve_route. - retry int
- The maximum number of health check retries.
- sip str
- The source IP address that is used for health checks.
- dip String
- The destination IP address that is used for health checks.
- enable Boolean
- Specifies whether to enable health checks.
- interval Number
- The interval between two consecutive health checks. Unit: seconds.
- policy String
- Whether to revoke the published route when the health check fails. Valid values:
revoke_routeorreserve_route. - retry Number
- The maximum number of health check retries.
- sip String
- The source IP address that is used for health checks.
GatewayVpnAttachmentIkeConfig, GatewayVpnAttachmentIkeConfigArgs
- Ike
Auth stringAlg - IKE authentication algorithm supports sha1 and MD5.
- Ike
Enc stringAlg - The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes.
- Ike
Lifetime int - The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- Ike
Mode string - The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value:
main. - Ike
Pfs string - The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- Ike
Version string - The version of the IKE protocol. Valid value:
ikev1,ikev2. Default value:ikev1. - Local
Id string - The local ID, which supports the FQDN and IP formats. The current VPN gateway IP address is selected by default.
- Psk string
- Used for authentication between the IPsec VPN gateway and the customer gateway.
- Remote
Id string - The peer ID, which supports FQDN and IP formats. By default, the IP address of the currently selected user gateway.
- Ike
Auth stringAlg - IKE authentication algorithm supports sha1 and MD5.
- Ike
Enc stringAlg - The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes.
- Ike
Lifetime int - The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- Ike
Mode string - The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value:
main. - Ike
Pfs string - The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- Ike
Version string - The version of the IKE protocol. Valid value:
ikev1,ikev2. Default value:ikev1. - Local
Id string - The local ID, which supports the FQDN and IP formats. The current VPN gateway IP address is selected by default.
- Psk string
- Used for authentication between the IPsec VPN gateway and the customer gateway.
- Remote
Id string - The peer ID, which supports FQDN and IP formats. By default, the IP address of the currently selected user gateway.
- ike
Auth StringAlg - IKE authentication algorithm supports sha1 and MD5.
- ike
Enc StringAlg - The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes.
- ike
Lifetime Integer - The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike
Mode String - The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value:
main. - ike
Pfs String - The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike
Version String - The version of the IKE protocol. Valid value:
ikev1,ikev2. Default value:ikev1. - local
Id String - The local ID, which supports the FQDN and IP formats. The current VPN gateway IP address is selected by default.
- psk String
- Used for authentication between the IPsec VPN gateway and the customer gateway.
- remote
Id String - The peer ID, which supports FQDN and IP formats. By default, the IP address of the currently selected user gateway.
- ike
Auth stringAlg - IKE authentication algorithm supports sha1 and MD5.
- ike
Enc stringAlg - The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes.
- ike
Lifetime number - The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike
Mode string - The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value:
main. - ike
Pfs string - The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike
Version string - The version of the IKE protocol. Valid value:
ikev1,ikev2. Default value:ikev1. - local
Id string - The local ID, which supports the FQDN and IP formats. The current VPN gateway IP address is selected by default.
- psk string
- Used for authentication between the IPsec VPN gateway and the customer gateway.
- remote
Id string - The peer ID, which supports FQDN and IP formats. By default, the IP address of the currently selected user gateway.
- ike_
auth_ stralg - IKE authentication algorithm supports sha1 and MD5.
- ike_
enc_ stralg - The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes.
- ike_
lifetime int - The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike_
mode str - The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value:
main. - ike_
pfs str - The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike_
version str - The version of the IKE protocol. Valid value:
ikev1,ikev2. Default value:ikev1. - local_
id str - The local ID, which supports the FQDN and IP formats. The current VPN gateway IP address is selected by default.
- psk str
- Used for authentication between the IPsec VPN gateway and the customer gateway.
- remote_
id str - The peer ID, which supports FQDN and IP formats. By default, the IP address of the currently selected user gateway.
- ike
Auth StringAlg - IKE authentication algorithm supports sha1 and MD5.
- ike
Enc StringAlg - The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes.
- ike
Lifetime Number - The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400.
- ike
Mode String - The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value:
main. - ike
Pfs String - The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2
- ike
Version String - The version of the IKE protocol. Valid value:
ikev1,ikev2. Default value:ikev1. - local
Id String - The local ID, which supports the FQDN and IP formats. The current VPN gateway IP address is selected by default.
- psk String
- Used for authentication between the IPsec VPN gateway and the customer gateway.
- remote
Id String - The peer ID, which supports FQDN and IP formats. By default, the IP address of the currently selected user gateway.
GatewayVpnAttachmentIpsecConfig, GatewayVpnAttachmentIpsecConfigArgs
- Ipsec
Auth stringAlg - The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- Ipsec
Enc stringAlg - The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- Ipsec
Lifetime int - The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- Ipsec
Pfs string - The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- Ipsec
Auth stringAlg - The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- Ipsec
Enc stringAlg - The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- Ipsec
Lifetime int - The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- Ipsec
Pfs string - The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec
Auth StringAlg - The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec
Enc StringAlg - The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec
Lifetime Integer - The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec
Pfs String - The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec
Auth stringAlg - The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec
Enc stringAlg - The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec
Lifetime number - The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec
Pfs string - The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec_
auth_ stralg - The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec_
enc_ stralg - The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec_
lifetime int - The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec_
pfs str - The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
- ipsec
Auth StringAlg - The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1 | sha256 | sha384 | sha512 |. Default value: sha1
- ipsec
Enc StringAlg - The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes
- ipsec
Lifetime Number - The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400.
- ipsec
Pfs String - The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24| disabled. Default value: group2
Import
VPN Gateway Vpn Attachment can be imported using the id, e.g.
$ pulumi import alicloud:vpn/gatewayVpnAttachment:GatewayVpnAttachment example <id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.