L1 ConstructAWS::EC2::ClientVpnAuthorizationRule

CfnClientVpnAuthorizationRule

Specifies an ingress authorization rule to add to a Client VPN endpoint. Ingress authorization rules act as firewall rules that grant access to networks. You must configure ingress authorization rules to enable clients to access resources in AWS or on-premises networks.

Import

import { CfnClientVpnAuthorizationRule } from 'aws-cdk-lib/aws-ec2';

Or use the module namespace:

import * as ec2 from 'aws-cdk-lib/aws-ec2';
// ec2.CfnClientVpnAuthorizationRule

Properties

Configuration passed to the constructor as CfnClientVpnAuthorizationRuleProps.

clientVpnEndpointIdRequired

string

The ID of the Client VPN endpoint.

targetNetworkCidrRequired

string

The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

accessGroupIdOptional

string

The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.

authorizeAllGroupsOptional

boolean | IResolvable

Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.

descriptionOptional

string

A brief description of the authorization rule.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::EC2::ClientVpnAuthorizationRuleView in CloudFormation Explorer

Get the Amazon EC2 Cheat Sheet

Everything you need to know about Amazon EC2 on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

LevelL1 (CloudFormation)

Moduleaws-ec2

CFN TypeAWS::EC2::ClientVpnAuthorizationRule

Properties5

Related Constructs

Explore This Service

External Links

CDK API Documentation