This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

aws_ec2_client_vpn_endpoint

account_id

Type: STRING

associated_target_networks

Type: UNORDERED_LIST_STRUCT
Provider name: AssociatedTargetNetworks
Description: Information about the associated target networks. A target network is a subnet in a VPC.

  • network_id
    Type: STRING
    Provider name: NetworkId
    Description: The ID of the subnet.
  • network_type
    Type: STRING
    Provider name: NetworkType
    Description: The target network type.

authentication_options

Type: UNORDERED_LIST_STRUCT
Provider name: AuthenticationOptions
Description: Information about the authentication method used by the Client VPN endpoint.

  • active_directory
    Type: STRUCT
    Provider name: ActiveDirectory
    Description: Information about the Active Directory, if applicable.
    • directory_id
      Type: STRING
      Provider name: DirectoryId
      Description: The ID of the Active Directory used for authentication.
  • federated_authentication
    Type: STRUCT
    Provider name: FederatedAuthentication
    Description: Information about the IAM SAML identity provider, if applicable.
    • saml_provider_arn
      Type: STRING
      Provider name: SamlProviderArn
      Description: The Amazon Resource Name (ARN) of the IAM SAML identity provider.
    • self_service_saml_provider_arn
      Type: STRING
      Provider name: SelfServiceSamlProviderArn
      Description: The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.
  • mutual_authentication
    Type: STRUCT
    Provider name: MutualAuthentication
    Description: Information about the authentication certificates, if applicable.
    • client_root_certificate_chain
      Type: STRING
      Provider name: ClientRootCertificateChain
      Description: The ARN of the client certificate.
  • type
    Type: STRING
    Provider name: Type
    Description: The authentication type used.

client_cidr_block

Type: STRING
Provider name: ClientCidrBlock
Description: The IPv4 address range, in CIDR notation, from which client IP addresses are assigned.

client_connect_options

Type: STRUCT
Provider name: ClientConnectOptions
Description: The options for managing connection authorization for new client connections.

  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: Indicates whether client connect options are enabled.
  • lambda_function_arn
    Type: STRING
    Provider name: LambdaFunctionArn
    Description: The Amazon Resource Name (ARN) of the Lambda function used for connection authorization.
  • status
    Type: STRUCT
    Provider name: Status
    Description: The status of any updates to the client connect options.
    • code
      Type: STRING
      Provider name: Code
      Description: The status code.
    • message
      Type: STRING
      Provider name: Message
      Description: The status message.

client_login_banner_options

Type: STRUCT
Provider name: ClientLoginBannerOptions
Description: Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.

  • banner_text
    Type: STRING
    Provider name: BannerText
    Description: Customizable text that will be displayed in a banner on Amazon Web Services provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.
  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: Current state of text banner feature. Valid values: true | false

client_vpn_endpoint_arn

Type: STRING

client_vpn_endpoint_id

Type: STRING
Provider name: ClientVpnEndpointId
Description: The ID of the Client VPN endpoint.

connection_log_options

Type: STRUCT
Provider name: ConnectionLogOptions
Description: Information about the client connection logging options for the Client VPN endpoint.

  • cloudwatch_log_group
    Type: STRING
    Provider name: CloudwatchLogGroup
    Description: The name of the Amazon CloudWatch Logs log group to which connection logging data is published.
  • cloudwatch_log_stream
    Type: STRING
    Provider name: CloudwatchLogStream
    Description: The name of the Amazon CloudWatch Logs log stream to which connection logging data is published.
  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: Indicates whether client connection logging is enabled for the Client VPN endpoint.

creation_time

Type: STRING
Provider name: CreationTime
Description: The date and time the Client VPN endpoint was created.

deletion_time

Type: STRING
Provider name: DeletionTime
Description: The date and time the Client VPN endpoint was deleted, if applicable.

description

Type: STRING
Provider name: Description
Description: A brief description of the endpoint.

dns_name

Type: STRING
Provider name: DnsName
Description: The DNS name to be used by clients when connecting to the Client VPN endpoint.

dns_servers

Type: UNORDERED_LIST_STRING
Provider name: DnsServers
Description: Information about the DNS servers to be used for DNS resolution.

security_group_ids

Type: UNORDERED_LIST_STRING
Provider name: SecurityGroupIds
Description: The IDs of the security groups for the target network.

self_service_portal_url

Type: STRING
Provider name: SelfServicePortalUrl
Description: The URL of the self-service portal.

server_certificate_arn

Type: STRING
Provider name: ServerCertificateArn
Description: The ARN of the server certificate.

session_timeout_hours

Type: INT32
Provider name: SessionTimeoutHours
Description: The maximum VPN session duration time in hours. Valid values: 8 | 10 | 12 | 24 Default value: 24

split_tunnel

Type: BOOLEAN
Provider name: SplitTunnel
Description: Indicates whether split-tunnel is enabled in the Client VPN endpoint. For information about split-tunnel VPN endpoints, see Split-Tunnel Client VPN endpoint in the Client VPN Administrator Guide.

status

Type: STRUCT
Provider name: Status
Description: The current state of the Client VPN endpoint.

  • code
    Type: STRING
    Provider name: Code
    Description: The state of the Client VPN endpoint. Possible states include:
    • pending-associate - The Client VPN endpoint has been created but no target networks have been associated. The Client VPN endpoint cannot accept connections.
    • available - The Client VPN endpoint has been created and a target network has been associated. The Client VPN endpoint can accept connections.
    • deleting - The Client VPN endpoint is being deleted. The Client VPN endpoint cannot accept connections.
    • deleted - The Client VPN endpoint has been deleted. The Client VPN endpoint cannot accept connections.
  • message
    Type: STRING
    Provider name: Message
    Description: A message about the status of the Client VPN endpoint.

tags

Type: UNORDERED_LIST_STRING

transport_protocol

Type: STRING
Provider name: TransportProtocol
Description: The transport protocol used by the Client VPN endpoint.

vpc_id

Type: STRING
Provider name: VpcId
Description: The ID of the VPC.

vpn_port

Type: INT32
Provider name: VpnPort
Description: The port number for the Client VPN endpoint.

vpn_protocol

Type: STRING
Provider name: VpnProtocol
Description: The protocol used by the VPN session.