Module ec2clientvpn

@pulumi/aws > ec2clientvpn

class Endpoint

extends CustomResource

Provides an AWS Client VPN endpoint for OpenVPN clients. For more information on usage, please see the AWS Client VPN Administrator’s Guide.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2clientvpn.Endpoint("example", {
    authenticationOptions: {
        rootCertificateChainArn: aws_acm_certificate_root_cert.arn,
        type: "certificate-authentication",
    },
    clientCidrBlock: "10.0.0.0/16",
    connectionLogOptions: {
        cloudwatchLogGroup: aws_cloudwatch_log_group_lg.name,
        cloudwatchLogStream: aws_cloudwatch_log_stream_ls.name,
        enabled: true,
    },
    description: "terraform-clientvpn-example",
    serverCertificateArn: aws_acm_certificate_cert.arn,
});

constructor

new Endpoint(name: string, args: EndpointArgs, opts?: pulumi.CustomResourceOptions)

Create a Endpoint resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EndpointState, opts?: pulumi.CustomResourceOptions): Endpoint

Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property authenticationOptions

public authenticationOptions: pulumi.Output<{
    activeDirectoryId: undefined | string;
    rootCertificateChainArn: undefined | string;
    type: string;
}>;

Information about the authentication method to be used to authenticate clients.

property clientCidrBlock

public clientCidrBlock: pulumi.Output<string>;

The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

property connectionLogOptions

public connectionLogOptions: pulumi.Output<{
    cloudwatchLogGroup: undefined | string;
    cloudwatchLogStream: undefined | string;
    enabled: boolean;
}>;

Information about the client connection logging options.

property description

public description: pulumi.Output<string | undefined>;

Name of the repository.

property dnsName

public dnsName: pulumi.Output<string>;

The DNS name to be used by clients when establishing their VPN session.

property dnsServers

public dnsServers: pulumi.Output<string[] | undefined>;

Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property serverCertificateArn

public serverCertificateArn: pulumi.Output<string>;

The ARN of the ACM server certificate.

property status

public status: pulumi.Output<string>;

The current state of the Client VPN endpoint.

property tags

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property transportProtocol

public transportProtocol: pulumi.Output<string | undefined>;

The transport protocol to be used by the VPN session. Default value is udp.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class NetworkAssociation

extends CustomResource

Provides network associations for AWS Client VPN endpoints. For more information on usage, please see the AWS Client VPN Administrator’s Guide.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2clientvpn.NetworkAssociation("example", {
    clientVpnEndpointId: aws_ec2_client_vpn_endpoint_example.id,
    subnetId: aws_subnet_example.id,
});

constructor

new NetworkAssociation(name: string, args: NetworkAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkAssociationState, opts?: pulumi.CustomResourceOptions): NetworkAssociation

Get an existing NetworkAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property clientVpnEndpointId

public clientVpnEndpointId: pulumi.Output<string>;

The ID of the Client VPN endpoint.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property securityGroups

public securityGroups: pulumi.Output<string[]>;

The IDs of the security groups applied to the target network association.

property status

public status: pulumi.Output<string>;

The current state of the target network association.

property subnetId

public subnetId: pulumi.Output<string>;

The ID of the subnet to associate with the Client VPN endpoint.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId

public vpcId: pulumi.Output<string>;

The ID of the VPC in which the target network (subnet) is located.

interface EndpointArgs

The set of arguments for constructing a Endpoint resource.

property authenticationOptions

authenticationOptions: pulumi.Input<{
    activeDirectoryId: pulumi.Input<string>;
    rootCertificateChainArn: pulumi.Input<string>;
    type: pulumi.Input<string>;
}>;

Information about the authentication method to be used to authenticate clients.

property clientCidrBlock

clientCidrBlock: pulumi.Input<string>;

The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

property connectionLogOptions

connectionLogOptions: pulumi.Input<{
    cloudwatchLogGroup: pulumi.Input<string>;
    cloudwatchLogStream: pulumi.Input<string>;
    enabled: pulumi.Input<boolean>;
}>;

Information about the client connection logging options.

property description

description?: pulumi.Input<string>;

Name of the repository.

property dnsServers

dnsServers?: pulumi.Input<pulumi.Input<string>[]>;

Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.

property serverCertificateArn

serverCertificateArn: pulumi.Input<string>;

The ARN of the ACM server certificate.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property transportProtocol

transportProtocol?: pulumi.Input<string>;

The transport protocol to be used by the VPN session. Default value is udp.

interface EndpointState

Input properties used for looking up and filtering Endpoint resources.

property authenticationOptions

authenticationOptions?: pulumi.Input<{
    activeDirectoryId: pulumi.Input<string>;
    rootCertificateChainArn: pulumi.Input<string>;
    type: pulumi.Input<string>;
}>;

Information about the authentication method to be used to authenticate clients.

property clientCidrBlock

clientCidrBlock?: pulumi.Input<string>;

The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

property connectionLogOptions

connectionLogOptions?: pulumi.Input<{
    cloudwatchLogGroup: pulumi.Input<string>;
    cloudwatchLogStream: pulumi.Input<string>;
    enabled: pulumi.Input<boolean>;
}>;

Information about the client connection logging options.

property description

description?: pulumi.Input<string>;

Name of the repository.

property dnsName

dnsName?: pulumi.Input<string>;

The DNS name to be used by clients when establishing their VPN session.

property dnsServers

dnsServers?: pulumi.Input<pulumi.Input<string>[]>;

Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.

property serverCertificateArn

serverCertificateArn?: pulumi.Input<string>;

The ARN of the ACM server certificate.

property status

status?: pulumi.Input<string>;

The current state of the Client VPN endpoint.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property transportProtocol

transportProtocol?: pulumi.Input<string>;

The transport protocol to be used by the VPN session. Default value is udp.

interface NetworkAssociationArgs

The set of arguments for constructing a NetworkAssociation resource.

property clientVpnEndpointId

clientVpnEndpointId: pulumi.Input<string>;

The ID of the Client VPN endpoint.

property subnetId

subnetId: pulumi.Input<string>;

The ID of the subnet to associate with the Client VPN endpoint.

interface NetworkAssociationState

Input properties used for looking up and filtering NetworkAssociation resources.

property clientVpnEndpointId

clientVpnEndpointId?: pulumi.Input<string>;

The ID of the Client VPN endpoint.

property securityGroups

securityGroups?: pulumi.Input<pulumi.Input<string>[]>;

The IDs of the security groups applied to the target network association.

property status

status?: pulumi.Input<string>;

The current state of the target network association.

property subnetId

subnetId?: pulumi.Input<string>;

The ID of the subnet to associate with the Client VPN endpoint.

property vpcId

vpcId?: pulumi.Input<string>;

The ID of the VPC in which the target network (subnet) is located.