aviatrix.Aviatrix_spoke_external_device_conn
Explore with Pulumi AI
The aviatrix_spoke_external_device_conn resource creates and manages the connection between the Aviatrix BGP enabled spoke gateway and an External Device for purposes of Transit Network.
Notes
custom_algorithms
If set to true, the six algorithm arguments cannot all be default value. If set to false, default values will be used for all six algorithm arguments.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Aviatrix = Pulumi.Aviatrix;
return await Deployment.RunAsync(() =>
{
// Create an Aviatrix Spoke External Device Connection
var test = new Aviatrix.Aviatrix_spoke_external_device_conn("test", new()
{
BgpLocalAsNum = "123",
BgpRemoteAsNum = "345",
ConnectionName = "my_conn",
ConnectionType = "bgp",
GwName = "spokeGw",
RemoteGatewayIp = "172.12.13.14",
VpcId = "vpc-abcd1234",
});
});
package main
import (
"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := aviatrix.Newaviatrix_spoke_external_device_conn(ctx, "test", &aviatrix.aviatrix_spoke_external_device_connArgs{
BgpLocalAsNum: pulumi.String("123"),
BgpRemoteAsNum: pulumi.String("345"),
ConnectionName: pulumi.String("my_conn"),
ConnectionType: pulumi.String("bgp"),
GwName: pulumi.String("spokeGw"),
RemoteGatewayIp: pulumi.String("172.12.13.14"),
VpcId: pulumi.String("vpc-abcd1234"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.aviatrix_spoke_external_device_conn;
import com.pulumi.aviatrix.Aviatrix_spoke_external_device_connArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Aviatrix_spoke_external_device_conn("test", Aviatrix_spoke_external_device_connArgs.builder()
.bgpLocalAsNum("123")
.bgpRemoteAsNum("345")
.connectionName("my_conn")
.connectionType("bgp")
.gwName("spokeGw")
.remoteGatewayIp("172.12.13.14")
.vpcId("vpc-abcd1234")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";
// Create an Aviatrix Spoke External Device Connection
const test = new aviatrix.aviatrix_spoke_external_device_conn("test", {
bgpLocalAsNum: "123",
bgpRemoteAsNum: "345",
connectionName: "my_conn",
connectionType: "bgp",
gwName: "spokeGw",
remoteGatewayIp: "172.12.13.14",
vpcId: "vpc-abcd1234",
});
import pulumi
import pulumi_aviatrix as aviatrix
# Create an Aviatrix Spoke External Device Connection
test = aviatrix.Aviatrix_spoke_external_device_conn("test",
bgp_local_as_num="123",
bgp_remote_as_num="345",
connection_name="my_conn",
connection_type="bgp",
gw_name="spokeGw",
remote_gateway_ip="172.12.13.14",
vpc_id="vpc-abcd1234")
resources:
# Create an Aviatrix Spoke External Device Connection
test:
type: aviatrix:aviatrix_spoke_external_device_conn
properties:
bgpLocalAsNum: '123'
bgpRemoteAsNum: '345'
connectionName: my_conn
connectionType: bgp
gwName: spokeGw
remoteGatewayIp: 172.12.13.14
vpcId: vpc-abcd1234
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.aviatrix_spoke_external_device_conn;
import com.pulumi.aviatrix.Aviatrix_spoke_external_device_connArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Aviatrix_spoke_external_device_conn("test", Aviatrix_spoke_external_device_connArgs.builder()
.backupRemoteGatewayIp("172.12.13.15")
.connectionName("my_conn")
.connectionType("static")
.enableHa(true)
.gwName("spokeGw")
.remoteGatewayIp("172.12.13.14")
.remoteSubnet("12.0.0.0/24")
.vpcId("vpc-abcd1234")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";
// Create an Aviatrix Spoke External Device Connection with HA enabled
const test = new aviatrix.aviatrix_spoke_external_device_conn("test", {
backupRemoteGatewayIp: "172.12.13.15",
connectionName: "my_conn",
connectionType: "static",
enableHa: true,
gwName: "spokeGw",
remoteGatewayIp: "172.12.13.14",
remoteSubnet: "12.0.0.0/24",
vpcId: "vpc-abcd1234",
});
Coming soon!
resources:
# Create an Aviatrix Spoke External Device Connection with HA enabled
test:
type: aviatrix:aviatrix_spoke_external_device_conn
properties:
backupRemoteGatewayIp: 172.12.13.15
connectionName: my_conn
connectionType: static
enableHa: true
gwName: spokeGw
remoteGatewayIp: 172.12.13.14
remoteSubnet: 12.0.0.0/24
vpcId: vpc-abcd1234
using System.Collections.Generic;
using Pulumi;
using Aviatrix = Pulumi.Aviatrix;
return await Deployment.RunAsync(() =>
{
// Create an Aviatrix Spoke External Device Connection with Connection AS Path Prepend set
var test = new Aviatrix.Aviatrix_spoke_external_device_conn("test", new()
{
BgpLocalAsNum = "123",
BgpRemoteAsNum = "345",
ConnectionName = "my_conn",
ConnectionType = "bgp",
GwName = "spokeGw",
PrependAsPaths = new[]
{
"123",
"123",
},
RemoteGatewayIp = "172.12.13.14",
VpcId = "vpc-abcd1234",
});
});
package main
import (
"github.com/astipkovits/pulumi-aviatrix/sdk/go/aviatrix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := aviatrix.Newaviatrix_spoke_external_device_conn(ctx, "test", &aviatrix.aviatrix_spoke_external_device_connArgs{
BgpLocalAsNum: pulumi.String("123"),
BgpRemoteAsNum: pulumi.String("345"),
ConnectionName: pulumi.String("my_conn"),
ConnectionType: pulumi.String("bgp"),
GwName: pulumi.String("spokeGw"),
PrependAsPaths: pulumi.StringArray{
pulumi.String("123"),
pulumi.String("123"),
},
RemoteGatewayIp: pulumi.String("172.12.13.14"),
VpcId: pulumi.String("vpc-abcd1234"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aviatrix.aviatrix_spoke_external_device_conn;
import com.pulumi.aviatrix.Aviatrix_spoke_external_device_connArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Aviatrix_spoke_external_device_conn("test", Aviatrix_spoke_external_device_connArgs.builder()
.bgpLocalAsNum("123")
.bgpRemoteAsNum("345")
.connectionName("my_conn")
.connectionType("bgp")
.gwName("spokeGw")
.prependAsPaths(
"123",
"123")
.remoteGatewayIp("172.12.13.14")
.vpcId("vpc-abcd1234")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aviatrix from "@pulumi/aviatrix";
// Create an Aviatrix Spoke External Device Connection with Connection AS Path Prepend set
const test = new aviatrix.aviatrix_spoke_external_device_conn("test", {
bgpLocalAsNum: "123",
bgpRemoteAsNum: "345",
connectionName: "my_conn",
connectionType: "bgp",
gwName: "spokeGw",
prependAsPaths: [
"123",
"123",
],
remoteGatewayIp: "172.12.13.14",
vpcId: "vpc-abcd1234",
});
import pulumi
import pulumi_aviatrix as aviatrix
# Create an Aviatrix Spoke External Device Connection with Connection AS Path Prepend set
test = aviatrix.Aviatrix_spoke_external_device_conn("test",
bgp_local_as_num="123",
bgp_remote_as_num="345",
connection_name="my_conn",
connection_type="bgp",
gw_name="spokeGw",
prepend_as_paths=[
"123",
"123",
],
remote_gateway_ip="172.12.13.14",
vpc_id="vpc-abcd1234")
resources:
# Create an Aviatrix Spoke External Device Connection with Connection AS Path Prepend set
test:
type: aviatrix:aviatrix_spoke_external_device_conn
properties:
bgpLocalAsNum: '123'
bgpRemoteAsNum: '345'
connectionName: my_conn
connectionType: bgp
gwName: spokeGw
prependAsPaths:
- '123'
- '123'
remoteGatewayIp: 172.12.13.14
vpcId: vpc-abcd1234
Create Aviatrix_spoke_external_device_conn Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Aviatrix_spoke_external_device_conn(name: string, args: Aviatrix_spoke_external_device_connArgs, opts?: CustomResourceOptions);
@overload
def Aviatrix_spoke_external_device_conn(resource_name: str,
args: Aviatrix_spoke_external_device_connArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Aviatrix_spoke_external_device_conn(resource_name: str,
opts: Optional[ResourceOptions] = None,
connection_name: Optional[str] = None,
vpc_id: Optional[str] = None,
remote_gateway_ip: Optional[str] = None,
gw_name: Optional[str] = None,
bgp_md5_key: Optional[str] = None,
ha_enabled: Optional[bool] = None,
backup_remote_gateway_ip: Optional[str] = None,
backup_remote_tunnel_cidr: Optional[str] = None,
bgp_local_as_num: Optional[str] = None,
approved_cidrs: Optional[Sequence[str]] = None,
bgp_remote_as_num: Optional[str] = None,
backup_local_tunnel_cidr: Optional[str] = None,
connection_type: Optional[str] = None,
custom_algorithms: Optional[bool] = None,
direct_connect: Optional[bool] = None,
enable_event_triggered_ha: Optional[bool] = None,
enable_ikev2: Optional[bool] = None,
enable_learned_cidrs_approval: Optional[bool] = None,
backup_direct_connect: Optional[bool] = None,
backup_pre_shared_key: Optional[str] = None,
local_tunnel_cidr: Optional[str] = None,
manual_bgp_advertised_cidrs: Optional[Sequence[str]] = None,
phase1_authentication: Optional[str] = None,
phase1_dh_groups: Optional[str] = None,
phase1_encryption: Optional[str] = None,
phase1_remote_identifiers: Optional[Sequence[str]] = None,
phase2_authentication: Optional[str] = None,
phase2_dh_groups: Optional[str] = None,
phase2_encryption: Optional[str] = None,
pre_shared_key: Optional[str] = None,
prepend_as_paths: Optional[Sequence[str]] = None,
backup_bgp_remote_as_num: Optional[str] = None,
remote_subnet: Optional[str] = None,
remote_tunnel_cidr: Optional[str] = None,
tunnel_protocol: Optional[str] = None,
backup_bgp_md5_key: Optional[str] = None)
func NewAviatrix_spoke_external_device_conn(ctx *Context, name string, args Aviatrix_spoke_external_device_connArgs, opts ...ResourceOption) (*Aviatrix_spoke_external_device_conn, error)
public Aviatrix_spoke_external_device_conn(string name, Aviatrix_spoke_external_device_connArgs args, CustomResourceOptions? opts = null)
public Aviatrix_spoke_external_device_conn(String name, Aviatrix_spoke_external_device_connArgs args)
public Aviatrix_spoke_external_device_conn(String name, Aviatrix_spoke_external_device_connArgs args, CustomResourceOptions options)
type: aviatrix:index/aviatrix_spoke_external_device_conn:aviatrix_spoke_external_device_conn
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. Aviatrix_spoke_external_device_connArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. Aviatrix_spoke_external_device_connArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. Aviatrix_spoke_external_device_connArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. Aviatrix_spoke_external_device_connArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. Aviatrix_spoke_external_device_connArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Aviatrix_spoke_external_device_conn Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Aviatrix_spoke_external_device_conn resource accepts the following input properties:
- Connection
Name This property is required. Changes to this property will trigger replacement.
- Spoke external device connection name.
- Gw
Name This property is required. Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- Remote
Gateway Ip This property is required. Changes to this property will trigger replacement.
- Remote gateway IP.
- Vpc
Id This property is required. Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- Approved
Cidrs List<string> - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - Backup
Bgp stringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- Backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- Backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- Backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- Backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- Backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- Bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Bgp
Md5Key string - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- Bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- Custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- Enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- Enable
Learned boolCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - Ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- Local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- Manual
Bgp List<string>Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - Phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- Phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers List<string> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- Phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- Phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- Prepend
As List<string>Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- Remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- Remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- Tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive.
- Connection
Name This property is required. Changes to this property will trigger replacement.
- Spoke external device connection name.
- Gw
Name This property is required. Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- Remote
Gateway Ip This property is required. Changes to this property will trigger replacement.
- Remote gateway IP.
- Vpc
Id This property is required. Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- Approved
Cidrs []string - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - Backup
Bgp stringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- Backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- Backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- Backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- Backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- Backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- Bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Bgp
Md5Key string - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- Bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- Custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- Enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- Enable
Learned boolCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - Ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- Local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- Manual
Bgp []stringAdvertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - Phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- Phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers []string - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- Phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- Phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- Prepend
As []stringPaths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- Remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- Remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- Tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive.
- connection
Name This property is required. Changes to this property will trigger replacement.
- Spoke external device connection name.
- gw
Name This property is required. Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- remote
Gateway Ip This property is required. Changes to this property will trigger replacement.
- Remote gateway IP.
- vpc
Id This property is required. Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved
Cidrs List<String> - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup
Bgp StringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp
Md5Key String - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable
Learned BooleanCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual
Bgp List<String>Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend
As List<String>Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive.
- connection
Name This property is required. Changes to this property will trigger replacement.
- Spoke external device connection name.
- gw
Name This property is required. Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- remote
Gateway Ip This property is required. Changes to this property will trigger replacement.
- Remote gateway IP.
- vpc
Id This property is required. Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved
Cidrs string[] - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup
Bgp stringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp
Md5Key string - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable
Event booleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable
Learned booleanCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual
Bgp string[]Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers string[] - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend
As string[]Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive.
- connection_
name This property is required. Changes to this property will trigger replacement.
- Spoke external device connection name.
- gw_
name This property is required. Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- remote_
gateway_ ip This property is required. Changes to this property will trigger replacement.
- Remote gateway IP.
- vpc_
id This property is required. Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved_
cidrs Sequence[str] - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup_
bgp_ strmd5_ key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup_
bgp_ remote_ as_ num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup_
direct_ connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup_
local_ tunnel_ cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup_
remote_ gateway_ ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup_
remote_ tunnel_ cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp_
local_ as_ num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp_
md5_ strkey - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp_
remote_ as_ num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection_
type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom_
algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct_
connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable_
event_ booltriggered_ ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable_
ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable_
learned_ boolcidrs_ approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - ha_
enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local_
tunnel_ cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual_
bgp_ Sequence[str]advertised_ cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1_
authentication Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1_
dh_ groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1_
encryption Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1_
remote_ Sequence[str]identifiers - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2_
authentication Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2_
dh_ groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2_
encryption Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend_
as_ Sequence[str]paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote_
subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote_
tunnel_ cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel_
protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive.
- connection
Name This property is required. Changes to this property will trigger replacement.
- Spoke external device connection name.
- gw
Name This property is required. Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- remote
Gateway Ip This property is required. Changes to this property will trigger replacement.
- Remote gateway IP.
- vpc
Id This property is required. Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved
Cidrs List<String> - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup
Bgp StringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp
Md5Key String - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable
Learned BooleanCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual
Bgp List<String>Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend
As List<String>Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive.
Outputs
All input properties are implicitly available as output properties. Additionally, the Aviatrix_spoke_external_device_conn resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Aviatrix_spoke_external_device_conn Resource
Get an existing Aviatrix_spoke_external_device_conn resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: Aviatrix_spoke_external_device_connState, opts?: CustomResourceOptions): Aviatrix_spoke_external_device_conn
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
approved_cidrs: Optional[Sequence[str]] = None,
backup_bgp_md5_key: Optional[str] = None,
backup_bgp_remote_as_num: Optional[str] = None,
backup_direct_connect: Optional[bool] = None,
backup_local_tunnel_cidr: Optional[str] = None,
backup_pre_shared_key: Optional[str] = None,
backup_remote_gateway_ip: Optional[str] = None,
backup_remote_tunnel_cidr: Optional[str] = None,
bgp_local_as_num: Optional[str] = None,
bgp_md5_key: Optional[str] = None,
bgp_remote_as_num: Optional[str] = None,
connection_name: Optional[str] = None,
connection_type: Optional[str] = None,
custom_algorithms: Optional[bool] = None,
direct_connect: Optional[bool] = None,
enable_event_triggered_ha: Optional[bool] = None,
enable_ikev2: Optional[bool] = None,
enable_learned_cidrs_approval: Optional[bool] = None,
gw_name: Optional[str] = None,
ha_enabled: Optional[bool] = None,
local_tunnel_cidr: Optional[str] = None,
manual_bgp_advertised_cidrs: Optional[Sequence[str]] = None,
phase1_authentication: Optional[str] = None,
phase1_dh_groups: Optional[str] = None,
phase1_encryption: Optional[str] = None,
phase1_remote_identifiers: Optional[Sequence[str]] = None,
phase2_authentication: Optional[str] = None,
phase2_dh_groups: Optional[str] = None,
phase2_encryption: Optional[str] = None,
pre_shared_key: Optional[str] = None,
prepend_as_paths: Optional[Sequence[str]] = None,
remote_gateway_ip: Optional[str] = None,
remote_subnet: Optional[str] = None,
remote_tunnel_cidr: Optional[str] = None,
tunnel_protocol: Optional[str] = None,
vpc_id: Optional[str] = None) -> Aviatrix_spoke_external_device_conn
func GetAviatrix_spoke_external_device_conn(ctx *Context, name string, id IDInput, state *Aviatrix_spoke_external_device_connState, opts ...ResourceOption) (*Aviatrix_spoke_external_device_conn, error)
public static Aviatrix_spoke_external_device_conn Get(string name, Input<string> id, Aviatrix_spoke_external_device_connState? state, CustomResourceOptions? opts = null)
public static Aviatrix_spoke_external_device_conn get(String name, Output<String> id, Aviatrix_spoke_external_device_connState state, CustomResourceOptions options)
resources: _: type: aviatrix:index/aviatrix_spoke_external_device_conn:aviatrix_spoke_external_device_conn get: id: ${id}
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Approved
Cidrs List<string> - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - Backup
Bgp stringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- Backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- Backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- Backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- Backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- Backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- Bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Bgp
Md5Key string - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- Bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Connection
Name Changes to this property will trigger replacement.
- Spoke external device connection name.
- Connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- Custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- Enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- Enable
Learned boolCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - Gw
Name Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- Ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- Local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- Manual
Bgp List<string>Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - Phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- Phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers List<string> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- Phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- Phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- Prepend
As List<string>Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- Remote
Gateway Ip Changes to this property will trigger replacement.
- Remote gateway IP.
- Remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- Remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- Tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive. - Vpc
Id Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- Approved
Cidrs []string - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - Backup
Bgp stringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- Backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- Backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- Backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- Backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- Backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- Bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Bgp
Md5Key string - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- Bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- Connection
Name Changes to this property will trigger replacement.
- Spoke external device connection name.
- Connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- Custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- Enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- Enable
Learned boolCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - Gw
Name Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- Ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- Local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- Manual
Bgp []stringAdvertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - Phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- Phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers []string - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- Phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- Phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- Phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- Prepend
As []stringPaths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- Remote
Gateway Ip Changes to this property will trigger replacement.
- Remote gateway IP.
- Remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- Remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- Tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive. - Vpc
Id Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved
Cidrs List<String> - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup
Bgp StringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp
Md5Key String - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection
Name Changes to this property will trigger replacement.
- Spoke external device connection name.
- connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable
Learned BooleanCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - gw
Name Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual
Bgp List<String>Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend
As List<String>Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote
Gateway Ip Changes to this property will trigger replacement.
- Remote gateway IP.
- remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive. - vpc
Id Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved
Cidrs string[] - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup
Bgp stringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp
Md5Key string - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection
Name Changes to this property will trigger replacement.
- Spoke external device connection name.
- connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable
Event booleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable
Learned booleanCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - gw
Name Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual
Bgp string[]Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers string[] - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend
As string[]Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote
Gateway Ip Changes to this property will trigger replacement.
- Remote gateway IP.
- remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive. - vpc
Id Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved_
cidrs Sequence[str] - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup_
bgp_ strmd5_ key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup_
bgp_ remote_ as_ num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup_
direct_ connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup_
local_ tunnel_ cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup_
remote_ gateway_ ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup_
remote_ tunnel_ cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp_
local_ as_ num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp_
md5_ strkey - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp_
remote_ as_ num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection_
name Changes to this property will trigger replacement.
- Spoke external device connection name.
- connection_
type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom_
algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct_
connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable_
event_ booltriggered_ ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable_
ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable_
learned_ boolcidrs_ approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - gw_
name Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- ha_
enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local_
tunnel_ cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual_
bgp_ Sequence[str]advertised_ cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1_
authentication Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1_
dh_ groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1_
encryption Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1_
remote_ Sequence[str]identifiers - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2_
authentication Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2_
dh_ groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2_
encryption Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend_
as_ Sequence[str]paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote_
gateway_ ip Changes to this property will trigger replacement.
- Remote gateway IP.
- remote_
subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote_
tunnel_ cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel_
protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive. - vpc_
id Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
- approved
Cidrs List<String> - Set of approved CIDRs. Requires
enable_learned_cidrs_approval
to be true. Type: Set(String). - backup
Bgp StringMd5Key - Backup BGP MD5 Authentication Key. Valid with HA enabled for connection. Example: 'avx03,avx04'.
- backup
Bgp Remote As Num Changes to this property will trigger replacement.
- Backup BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required if HA enabled for 'bgp' connection.
- backup
Direct Connect Changes to this property will trigger replacement.
- Backup direct connect for backup external device.
- backup
Local Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the backup Aviatrix spoke gateway.
Changes to this property will trigger replacement.
- Backup Pre-Shared Key.
- backup
Remote Gateway Ip Changes to this property will trigger replacement.
- Backup remote gateway IP.
- backup
Remote Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the backup external device.
- bgp
Local As Num Changes to this property will trigger replacement.
- BGP local ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- bgp
Md5Key String - BGP MD5 Authentication Key. Example: 'avx01,avx02'.
- bgp
Remote As Num Changes to this property will trigger replacement.
- BGP remote ASN (Autonomous System Number). Integer between 1-4294967294. Required for 'bgp' connection.
- connection
Name Changes to this property will trigger replacement.
- Spoke external device connection name.
- connection
Type Changes to this property will trigger replacement.
- Connection type. Valid values: 'bgp', 'static'. Default value: 'bgp'.
- custom
Algorithms Changes to this property will trigger replacement.
- Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- direct
Connect Changes to this property will trigger replacement.
- Set true for private network infrastructure.
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false.
- enable
Ikev2 Changes to this property will trigger replacement.
- Set as true to enable IKEv2 protocol.
- enable
Learned BooleanCidrs Approval - Enable learned CIDRs approval for the connection. Only valid with
connection_type
= 'bgp'. Requires the spoke_gateway'slearned_cidrs_approval_mode
attribute be set to 'connection'. Valid values: true, false. Default value: false. - gw
Name Changes to this property will trigger replacement.
- Aviatrix spoke gateway name.
- ha
Enabled Changes to this property will trigger replacement.
- Set as true if there are two external devices.
backup_remote_gateway_ip
- (Optional) Backup remote gateway IP. Required if HA enabled.
- local
Tunnel Cidr Changes to this property will trigger replacement.
- Source CIDR for the tunnel from the Aviatrix spoke gateway.
- manual
Bgp List<String>Advertised Cidrs - Configure manual BGP advertised CIDRs for this connection. Only valid with
connection_type
= 'bgp'. - phase1Authentication
Changes to this property will trigger replacement.
- Phase one Authentication. Valid values: 'SHA-1', 'SHA-256', 'SHA-384' and 'SHA-512'. Default value: 'SHA-256'.
- phase1Dh
Groups Changes to this property will trigger replacement.
- Phase one DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase1Encryption
Changes to this property will trigger replacement.
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled.
- phase2Authentication
Changes to this property will trigger replacement.
- Phase two Authentication. Valid values: 'NO-AUTH', 'HMAC-SHA-1', 'HMAC-SHA-256', 'HMAC-SHA-384' and 'HMAC-SHA-512'. Default value: 'HMAC-SHA-256'.
- phase2Dh
Groups Changes to this property will trigger replacement.
- Phase two DH Groups. Valid values: '1', '2', '5', '14', '15', '16', '17', '18', '19', '20' and '21'. Default value: '14'.
- phase2Encryption
Changes to this property will trigger replacement.
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
Changes to this property will trigger replacement.
- Pre-Shared Key.
- prepend
As List<String>Paths - Connection AS Path Prepend customized by specifying AS PATH for a BGP connection.
- remote
Gateway Ip Changes to this property will trigger replacement.
- Remote gateway IP.
- remote
Subnet Changes to this property will trigger replacement.
- Remote CIDRs joined as a string with ','. Required for a 'static' type connection.
- remote
Tunnel Cidr Changes to this property will trigger replacement.
- Destination CIDR for the tunnel to the external device.
- tunnel
Protocol Changes to this property will trigger replacement.
- Tunnel protocol, only valid with
connection_type
= 'bgp'. Valid values: 'IPsec'. Default value: 'IPsec'. Case insensitive. - vpc
Id Changes to this property will trigger replacement.
- VPC ID of the Aviatrix spoke gateway.
Import
spoke_external_device_conn can be imported using the connection_name
and vpc_id
, e.g.
$ pulumi import aviatrix:index/aviatrix_spoke_external_device_conn:aviatrix_spoke_external_device_conn test connection_name~vpc_id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- aviatrix astipkovits/pulumi-aviatrix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aviatrix
Terraform Provider.