aws_vpn_connection
account_id
Type: STRING
category
Type: STRING
Provider name: Category
Description: The category of the VPN connection. A value of VPN indicates an Amazon Web Services VPN connection. A value of VPN-Classic indicates an Amazon Web Services Classic VPN connection.
core_network_arn
Type: STRING
Provider name: CoreNetworkArn
Description: The ARN of the core network.
core_network_attachment_arn
Type: STRING
Provider name: CoreNetworkAttachmentArn
Description: The ARN of the core network attachment.
customer_gateway_configuration
Type: STRING
Provider name: CustomerGatewayConfiguration
Description: The configuration information for the VPN connection’s customer gateway (in the native XML format). This element is always present in the CreateVpnConnection response; however, it’s present in the DescribeVpnConnections response only if the VPN connection is in the pending or available state.
customer_gateway_id
Type: STRING
Provider name: CustomerGatewayId
Description: The ID of the customer gateway at your end of the VPN connection.
gateway_association_state
Type: STRING
Provider name: GatewayAssociationState
Description: The current state of the gateway association.
options
Type: STRUCT
Provider name: Options
Description: The VPN connection options.
enable_acceleration
Type: BOOLEAN
Provider name: EnableAcceleration
Description: Indicates whether acceleration is enabled for the VPN connection.
local_ipv4_network_cidr
Type: STRING
Provider name: LocalIpv4NetworkCidr
Description: The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.
local_ipv6_network_cidr
Type: STRING
Provider name: LocalIpv6NetworkCidr
Description: The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.
outside_ip_address_type
Type: STRING
Provider name: OutsideIpAddressType
Description: The type of IPv4 address assigned to the outside interface of the customer gateway. Valid values: PrivateIpv4 | PublicIpv4
Default: PublicIpv4remote_ipv4_network_cidr
Type: STRING
Provider name: RemoteIpv4NetworkCidr
Description: The IPv4 CIDR on the Amazon Web Services side of the VPN connection.
remote_ipv6_network_cidr
Type: STRING
Provider name: RemoteIpv6NetworkCidr
Description: The IPv6 CIDR on the Amazon Web Services side of the VPN connection.
static_routes_only
Type: BOOLEAN
Provider name: StaticRoutesOnly
Description: Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don’t support BGP.
transport_transit_gateway_attachment_id
Type: STRING
Provider name: TransportTransitGatewayAttachmentId
Description: The transit gateway attachment ID in use for the VPN tunnel.
tunnel_inside_ip_version
Type: STRING
Provider name: TunnelInsideIpVersion
Description: Indicates whether the VPN tunnels process IPv4 or IPv6 traffic.
tunnel_options
Type: UNORDERED_LIST_STRUCT
Provider name: TunnelOptions
Description: Indicates the VPN tunnel options.
dpd_timeout_action
Type: STRING
Provider name: DpdTimeoutAction
Description: The action to take after a DPD timeout occurs.
dpd_timeout_seconds
Type: INT32
Provider name: DpdTimeoutSeconds
Description: The number of seconds after which a DPD timeout occurs.
enable_tunnel_lifecycle_control
Type: BOOLEAN
Provider name: EnableTunnelLifecycleControl
Description: Status of tunnel endpoint lifecycle control feature.
ike_versions
Type: UNORDERED_LIST_STRUCT
Provider name: IkeVersions
Description: The IKE versions that are permitted for the VPN tunnel.
value
Type: STRING
Provider name: Value
Description: The IKE version.
log_options
Type: STRUCT
Provider name: LogOptions
Description: Options for logging VPN tunnel activity.
cloud_watch_log_options
Type: STRUCT
Provider name: CloudWatchLogOptions
Description: Options for sending VPN tunnel logs to CloudWatch.
log_enabled
Type: BOOLEAN
Provider name: LogEnabled
Description: Status of VPN tunnel logging feature. Default value is False. Valid values: True | False
log_group_arn
Type: STRING
Provider name: LogGroupArn
Description: The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.
log_output_format
Type: STRING
Provider name: LogOutputFormat
Description: Configured log format. Default format is json. Valid values: json | text
outside_ip_address
Type: STRING
Provider name: OutsideIpAddress
Description: The external IP address of the VPN tunnel.
phase1_dh_group_numbers
Type: UNORDERED_LIST_STRUCT
Provider name: Phase1DHGroupNumbers
Description: The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 IKE negotiations.
value
Type: INT32
Provider name: Value
Description: The Diffie-Hellmann group number.
phase1_encryption_algorithms
Type: UNORDERED_LIST_STRUCT
Provider name: Phase1EncryptionAlgorithms
Description: The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations.
value
Type: STRING
Provider name: Value
Description: The value for the encryption algorithm.
phase1_integrity_algorithms
Type: UNORDERED_LIST_STRUCT
Provider name: Phase1IntegrityAlgorithms
Description: The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations.
value
Type: STRING
Provider name: Value
Description: The value for the integrity algorithm.
phase1_lifetime_seconds
Type: INT32
Provider name: Phase1LifetimeSeconds
Description: The lifetime for phase 1 of the IKE negotiation, in seconds.
phase2_dh_group_numbers
Type: UNORDERED_LIST_STRUCT
Provider name: Phase2DHGroupNumbers
Description: The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 IKE negotiations.
value
Type: INT32
Provider name: Value
Description: The Diffie-Hellmann group number.
phase2_encryption_algorithms
Type: UNORDERED_LIST_STRUCT
Provider name: Phase2EncryptionAlgorithms
Description: The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations.
value
Type: STRING
Provider name: Value
Description: The encryption algorithm.
phase2_integrity_algorithms
Type: UNORDERED_LIST_STRUCT
Provider name: Phase2IntegrityAlgorithms
Description: The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations.
value
Type: STRING
Provider name: Value
Description: The integrity algorithm.
phase2_lifetime_seconds
Type: INT32
Provider name: Phase2LifetimeSeconds
Description: The lifetime for phase 2 of the IKE negotiation, in seconds.
pre_shared_key
Type: STRING
Provider name: PreSharedKey
Description: The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.
rekey_fuzz_percentage
Type: INT32
Provider name: RekeyFuzzPercentage
Description: The percentage of the rekey window determined by RekeyMarginTimeSeconds during which the rekey time is randomly selected.
rekey_margin_time_seconds
Type: INT32
Provider name: RekeyMarginTimeSeconds
Description: The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services side of the VPN connection performs an IKE rekey.
replay_window_size
Type: INT32
Provider name: ReplayWindowSize
Description: The number of packets in an IKE replay window.
startup_action
Type: STRING
Provider name: StartupAction
Description: The action to take when the establishing the VPN tunnels for a VPN connection.
tunnel_inside_cidr
Type: STRING
Provider name: TunnelInsideCidr
Description: The range of inside IPv4 addresses for the tunnel.
tunnel_inside_ipv6_cidr
Type: STRING
Provider name: TunnelInsideIpv6Cidr
Description: The range of inside IPv6 addresses for the tunnel.
routes
Type: UNORDERED_LIST_STRUCT
Provider name: Routes
Description: The static routes associated with the VPN connection.
destination_cidr_block
Type: STRING
Provider name: DestinationCidrBlock
Description: The CIDR block associated with the local subnet of the customer data center.
source
Type: STRING
Provider name: Source
Description: Indicates how the routes were provided.
state
Type: STRING
Provider name: State
Description: The current state of the static route.
state
Type: STRING
Provider name: State
Description: The current state of the VPN connection.
Type: UNORDERED_LIST_STRING
transit_gateway_id
Type: STRING
Provider name: TransitGatewayId
Description: The ID of the transit gateway associated with the VPN connection.
type
Type: STRING
Provider name: Type
Description: The type of VPN connection.
vgw_telemetry
Type: UNORDERED_LIST_STRUCT
Provider name: VgwTelemetry
Description: Information about the VPN tunnel.
accepted_route_count
Type: INT32
Provider name: AcceptedRouteCount
Description: The number of accepted routes.
certificate_arn
Type: STRING
Provider name: CertificateArn
Description: The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate.
last_status_change
Type: TIMESTAMP
Provider name: LastStatusChange
Description: The date and time of the last change in status. This field is updated when changes in IKE (Phase 1), IPSec (Phase 2), or BGP status are detected.
outside_ip_address
Type: STRING
Provider name: OutsideIpAddress
Description: The Internet-routable IP address of the virtual private gateway’s outside interface.
status
Type: STRING
Provider name: Status
Description: The status of the VPN tunnel.
status_message
Type: STRING
Provider name: StatusMessage
Description: If an error occurs, a description of the error.
vpn_connection_arn
Type: STRING
vpn_connection_id
Type: STRING
Provider name: VpnConnectionId
Description: The ID of the VPN connection.
vpn_gateway_id
Type: STRING
Provider name: VpnGatewayId
Description: The ID of the virtual private gateway at the Amazon Web Services side of the VPN connection.
