AWS::EC2::VPNConnectionCfnVPNConnection
Specifies a VPN connection between a virtual private gateway and a VPN customer gateway or a transit gateway and a VPN customer gateway. To specify a VPN connection between a transit gateway and customer gateway, use the `TransitGatewayId` and `CustomerGatewayId` properties. To specify a VPN connection between a virtual private gateway and customer gateway, use the `VpnGatewayId` and `CustomerGatewayId` properties. For more information, see [AWS Site-to-Site VPN](https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) in the *AWS Site-to-Site VPN User Guide* .
Import
import { CfnVPNConnection } from 'aws-cdk-lib/aws-ec2';Or use the module namespace:
import * as ec2 from 'aws-cdk-lib/aws-ec2';
// ec2.CfnVPNConnectionProperties
Configuration passed to the constructor as CfnVPNConnectionProps.
customerGatewayIdRequiredstring | ICustomerGatewayRefThe ID of the customer gateway at your end of the VPN connection.
typeRequiredstringThe type of VPN connection.
enableAccelerationOptionalboolean | IResolvableIndicate whether to enable acceleration for the VPN connection. Default: `false`
localIpv4NetworkCidrOptionalstringThe IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection. Default: `0.0.0.0/0`
localIpv6NetworkCidrOptionalstringThe IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection. Default: `::/0`
outsideIpAddressTypeOptionalstringThe type of IP address assigned to the outside interface of the customer gateway device. Valid values: `PrivateIpv4` | `PublicIpv4` | `Ipv6` Default: `PublicIpv4`
preSharedKeyStorageOptionalstringDescribes the storage location for an instance store-backed AMI.
remoteIpv4NetworkCidrOptionalstringThe IPv4 CIDR on the AWS side of the VPN connection. Default: `0.0.0.0/0`
remoteIpv6NetworkCidrOptionalstringThe IPv6 CIDR on the AWS side of the VPN connection. Default: `::/0`
staticRoutesOnlyOptionalboolean | IResolvableIndicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .
tagsOptionalCfnTag[]Any tags assigned to the VPN connection.
transitGatewayIdOptionalstring | ITransitGatewayRefThe ID of the transit gateway associated with the VPN connection. You must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.
transportTransitGatewayAttachmentIdOptionalstringThe transit gateway attachment ID to use for the VPN tunnel. Required if `OutsideIpAddressType` is set to `PrivateIpv4` .
tunnelBandwidthOptionalstringThe desired bandwidth specification for the VPN tunnel, used when creating or modifying VPN connection options to set the tunnel's throughput capacity. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. The default value is `standard` . Existing VPN connections without a bandwidth setting will automatically default to `standard` .
Default: - "standard"
tunnelInsideIpVersionOptionalstringIndicate whether the VPN tunnels process IPv4 or IPv6 traffic. Default: `ipv4`
vpnConcentratorIdOptionalstringThe ID of the VPN concentrator to associate with the VPN connection.
vpnGatewayIdOptionalstring | IVPNGatewayRefThe ID of the virtual private gateway at the AWS side of the VPN connection. You must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.
vpnTunnelOptionsSpecificationsOptionalIResolvable | IResolvable | VpnTunnelOptionsSpecificationProperty[]The tunnel options for the VPN connection.
CloudFormation Resource
This L1 construct maps directly to the following CloudFormation resource type.
Get the Amazon EC2 Cheat Sheet
Everything you need to know about Amazon EC2 on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
aws-ec2AWS::EC2::VPNConnection