This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

aws_vpn_connection

account_id

Type: STRING

category

Type: STRING
Provider name: Category
Description: The category of the VPN connection. A value of VPN indicates an Amazon Web Services VPN connection. A value of VPN-Classic indicates an Amazon Web Services Classic VPN connection.

core_network_arn

Type: STRING
Provider name: CoreNetworkArn
Description: The ARN of the core network.

core_network_attachment_arn

Type: STRING
Provider name: CoreNetworkAttachmentArn
Description: The ARN of the core network attachment.

customer_gateway_configuration

Type: STRING
Provider name: CustomerGatewayConfiguration
Description: The configuration information for the VPN connection’s customer gateway (in the native XML format). This element is always present in the CreateVpnConnection response; however, it’s present in the DescribeVpnConnections response only if the VPN connection is in the pending or available state.

customer_gateway_id

Type: STRING
Provider name: CustomerGatewayId
Description: The ID of the customer gateway at your end of the VPN connection.

gateway_association_state

Type: STRING
Provider name: GatewayAssociationState
Description: The current state of the gateway association.

options

Type: STRUCT
Provider name: Options
Description: The VPN connection options.

  • enable_acceleration
    Type: BOOLEAN
    Provider name: EnableAcceleration
    Description: Indicates whether acceleration is enabled for the VPN connection.
  • local_ipv4_network_cidr
    Type: STRING
    Provider name: LocalIpv4NetworkCidr
    Description: The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.
  • local_ipv6_network_cidr
    Type: STRING
    Provider name: LocalIpv6NetworkCidr
    Description: The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.
  • outside_ip_address_type
    Type: STRING
    Provider name: OutsideIpAddressType
    Description: The type of IPv4 address assigned to the outside interface of the customer gateway. Valid values: PrivateIpv4 | PublicIpv4
    Default: PublicIpv4
  • remote_ipv4_network_cidr
    Type: STRING
    Provider name: RemoteIpv4NetworkCidr
    Description: The IPv4 CIDR on the Amazon Web Services side of the VPN connection.
  • remote_ipv6_network_cidr
    Type: STRING
    Provider name: RemoteIpv6NetworkCidr
    Description: The IPv6 CIDR on the Amazon Web Services side of the VPN connection.
  • static_routes_only
    Type: BOOLEAN
    Provider name: StaticRoutesOnly
    Description: Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don’t support BGP.
  • transport_transit_gateway_attachment_id
    Type: STRING
    Provider name: TransportTransitGatewayAttachmentId
    Description: The transit gateway attachment ID in use for the VPN tunnel.
  • tunnel_inside_ip_version
    Type: STRING
    Provider name: TunnelInsideIpVersion
    Description: Indicates whether the VPN tunnels process IPv4 or IPv6 traffic.
  • tunnel_options
    Type: UNORDERED_LIST_STRUCT
    Provider name: TunnelOptions
    Description: Indicates the VPN tunnel options.
    • dpd_timeout_action
      Type: STRING
      Provider name: DpdTimeoutAction
      Description: The action to take after a DPD timeout occurs.
    • dpd_timeout_seconds
      Type: INT32
      Provider name: DpdTimeoutSeconds
      Description: The number of seconds after which a DPD timeout occurs.
    • enable_tunnel_lifecycle_control
      Type: BOOLEAN
      Provider name: EnableTunnelLifecycleControl
      Description: Status of tunnel endpoint lifecycle control feature.
    • ike_versions
      Type: UNORDERED_LIST_STRUCT
      Provider name: IkeVersions
      Description: The IKE versions that are permitted for the VPN tunnel.
      • value
        Type: STRING
        Provider name: Value
        Description: The IKE version.
    • log_options
      Type: STRUCT
      Provider name: LogOptions
      Description: Options for logging VPN tunnel activity.
      • cloud_watch_log_options
        Type: STRUCT
        Provider name: CloudWatchLogOptions
        Description: Options for sending VPN tunnel logs to CloudWatch.
        • log_enabled
          Type: BOOLEAN
          Provider name: LogEnabled
          Description: Status of VPN tunnel logging feature. Default value is False. Valid values: True | False
        • log_group_arn
          Type: STRING
          Provider name: LogGroupArn
          Description: The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to.
        • log_output_format
          Type: STRING
          Provider name: LogOutputFormat
          Description: Configured log format. Default format is json. Valid values: json | text
    • outside_ip_address
      Type: STRING
      Provider name: OutsideIpAddress
      Description: The external IP address of the VPN tunnel.
    • phase1_dh_group_numbers
      Type: UNORDERED_LIST_STRUCT
      Provider name: Phase1DHGroupNumbers
      Description: The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 IKE negotiations.
      • value
        Type: INT32
        Provider name: Value
        Description: The Diffie-Hellmann group number.
    • phase1_encryption_algorithms
      Type: UNORDERED_LIST_STRUCT
      Provider name: Phase1EncryptionAlgorithms
      Description: The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations.
      • value
        Type: STRING
        Provider name: Value
        Description: The value for the encryption algorithm.
    • phase1_integrity_algorithms
      Type: UNORDERED_LIST_STRUCT
      Provider name: Phase1IntegrityAlgorithms
      Description: The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations.
      • value
        Type: STRING
        Provider name: Value
        Description: The value for the integrity algorithm.
    • phase1_lifetime_seconds
      Type: INT32
      Provider name: Phase1LifetimeSeconds
      Description: The lifetime for phase 1 of the IKE negotiation, in seconds.
    • phase2_dh_group_numbers
      Type: UNORDERED_LIST_STRUCT
      Provider name: Phase2DHGroupNumbers
      Description: The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 IKE negotiations.
      • value
        Type: INT32
        Provider name: Value
        Description: The Diffie-Hellmann group number.
    • phase2_encryption_algorithms
      Type: UNORDERED_LIST_STRUCT
      Provider name: Phase2EncryptionAlgorithms
      Description: The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations.
      • value
        Type: STRING
        Provider name: Value
        Description: The encryption algorithm.
    • phase2_integrity_algorithms
      Type: UNORDERED_LIST_STRUCT
      Provider name: Phase2IntegrityAlgorithms
      Description: The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations.
      • value
        Type: STRING
        Provider name: Value
        Description: The integrity algorithm.
    • phase2_lifetime_seconds
      Type: INT32
      Provider name: Phase2LifetimeSeconds
      Description: The lifetime for phase 2 of the IKE negotiation, in seconds.
    • pre_shared_key
      Type: STRING
      Provider name: PreSharedKey
      Description: The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.
    • rekey_fuzz_percentage
      Type: INT32
      Provider name: RekeyFuzzPercentage
      Description: The percentage of the rekey window determined by RekeyMarginTimeSeconds during which the rekey time is randomly selected.
    • rekey_margin_time_seconds
      Type: INT32
      Provider name: RekeyMarginTimeSeconds
      Description: The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services side of the VPN connection performs an IKE rekey.
    • replay_window_size
      Type: INT32
      Provider name: ReplayWindowSize
      Description: The number of packets in an IKE replay window.
    • startup_action
      Type: STRING
      Provider name: StartupAction
      Description: The action to take when the establishing the VPN tunnels for a VPN connection.
    • tunnel_inside_cidr
      Type: STRING
      Provider name: TunnelInsideCidr
      Description: The range of inside IPv4 addresses for the tunnel.
    • tunnel_inside_ipv6_cidr
      Type: STRING
      Provider name: TunnelInsideIpv6Cidr
      Description: The range of inside IPv6 addresses for the tunnel.

routes

Type: UNORDERED_LIST_STRUCT
Provider name: Routes
Description: The static routes associated with the VPN connection.

  • destination_cidr_block
    Type: STRING
    Provider name: DestinationCidrBlock
    Description: The CIDR block associated with the local subnet of the customer data center.
  • source
    Type: STRING
    Provider name: Source
    Description: Indicates how the routes were provided.
  • state
    Type: STRING
    Provider name: State
    Description: The current state of the static route.

state

Type: STRING
Provider name: State
Description: The current state of the VPN connection.

tags

Type: UNORDERED_LIST_STRING

transit_gateway_id

Type: STRING
Provider name: TransitGatewayId
Description: The ID of the transit gateway associated with the VPN connection.

type

Type: STRING
Provider name: Type
Description: The type of VPN connection.

vgw_telemetry

Type: UNORDERED_LIST_STRUCT
Provider name: VgwTelemetry
Description: Information about the VPN tunnel.

  • accepted_route_count
    Type: INT32
    Provider name: AcceptedRouteCount
    Description: The number of accepted routes.
  • certificate_arn
    Type: STRING
    Provider name: CertificateArn
    Description: The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate.
  • last_status_change
    Type: TIMESTAMP
    Provider name: LastStatusChange
    Description: The date and time of the last change in status. This field is updated when changes in IKE (Phase 1), IPSec (Phase 2), or BGP status are detected.
  • outside_ip_address
    Type: STRING
    Provider name: OutsideIpAddress
    Description: The Internet-routable IP address of the virtual private gateway’s outside interface.
  • status
    Type: STRING
    Provider name: Status
    Description: The status of the VPN tunnel.
  • status_message
    Type: STRING
    Provider name: StatusMessage
    Description: If an error occurs, a description of the error.

vpn_connection_arn

Type: STRING

vpn_connection_id

Type: STRING
Provider name: VpnConnectionId
Description: The ID of the VPN connection.

vpn_gateway_id

Type: STRING
Provider name: VpnGatewayId
Description: The ID of the virtual private gateway at the Amazon Web Services side of the VPN connection.