Ipsec
data class IpsecServerArgs(val clientIpPool: Output<String>? = null, val dryRun: Output<Boolean>? = null, val effectImmediately: Output<Boolean>? = null, val ikeConfigs: Output<List<IpsecServerIkeConfigArgs>>? = null, val ipsecConfigs: Output<List<IpsecServerIpsecConfigArgs>>? = null, val ipsecServerName: Output<String>? = null, val localSubnet: Output<String>? = null, val psk: Output<String>? = null, val pskEnabled: Output<Boolean>? = null, val vpnGatewayId: Output<String>? = null) : ConvertibleToJava<IpsecServerArgs>
Provides a VPN Ipsec Server resource. For information about VPN Ipsec Server and how to use it, see What is Ipsec Server.
NOTE: Available since v1.161.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = alicloud.getZones({
availableResourceCreation: "VSwitch",
});
const defaultGetNetworks = alicloud.vpc.getNetworks({
nameRegex: "^default-NODELETING$",
cidrBlock: "172.16.0.0/16",
});
const default0 = Promise.all([defaultGetNetworks, _default]).then(([defaultGetNetworks, _default]) => alicloud.vpc.getSwitches({
vpcId: defaultGetNetworks.ids?.[0],
zoneId: _default.ids?.[0],
}));
const default1 = Promise.all([defaultGetNetworks, _default]).then(([defaultGetNetworks, _default]) => alicloud.vpc.getSwitches({
vpcId: defaultGetNetworks.ids?.[0],
zoneId: _default.ids?.[1],
}));
const defaultGateway = new alicloud.vpn.Gateway("default", {
vpnGatewayName: name,
vpcId: defaultGetNetworks.then(defaultGetNetworks => defaultGetNetworks.ids?.[0]),
bandwidth: 10,
enableSsl: true,
description: name,
paymentType: "Subscription",
vswitchId: default0.then(default0 => default0.ids?.[0]),
disasterRecoveryVswitchId: default1.then(default1 => default1.ids?.[0]),
});
const foo = new alicloud.vpn.IpsecServer("foo", {
clientIpPool: "10.0.0.0/24",
ipsecServerName: name,
localSubnet: "192.168.0.0/24",
vpnGatewayId: defaultGateway.id,
pskEnabled: true,
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = alicloud.get_zones(available_resource_creation="VSwitch")
default_get_networks = alicloud.vpc.get_networks(name_regex="^default-NODELETING$",
cidr_block="172.16.0.0/16")
default0 = alicloud.vpc.get_switches(vpc_id=default_get_networks.ids[0],
zone_id=default.ids[0])
default1 = alicloud.vpc.get_switches(vpc_id=default_get_networks.ids[0],
zone_id=default.ids[1])
default_gateway = alicloud.vpn.Gateway("default",
vpn_gateway_name=name,
vpc_id=default_get_networks.ids[0],
bandwidth=10,
enable_ssl=True,
description=name,
payment_type="Subscription",
vswitch_id=default0.ids[0],
disaster_recovery_vswitch_id=default1.ids[0])
foo = alicloud.vpn.IpsecServer("foo",
client_ip_pool="10.0.0.0/24",
ipsec_server_name=name,
local_subnet="192.168.0.0/24",
vpn_gateway_id=default_gateway.id,
psk_enabled=True)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = AliCloud.GetZones.Invoke(new()
{
AvailableResourceCreation = "VSwitch",
});
var defaultGetNetworks = AliCloud.Vpc.GetNetworks.Invoke(new()
{
NameRegex = "^default-NODELETING$",
CidrBlock = "172.16.0.0/16",
});
var default0 = AliCloud.Vpc.GetSwitches.Invoke(new()
{
VpcId = defaultGetNetworks.Apply(getNetworksResult => getNetworksResult.Ids[0]),
ZoneId = @default.Apply(getZonesResult => getZonesResult.Ids[0]),
});
var default1 = AliCloud.Vpc.GetSwitches.Invoke(new()
{
VpcId = defaultGetNetworks.Apply(getNetworksResult => getNetworksResult.Ids[0]),
ZoneId = @default.Apply(getZonesResult => getZonesResult.Ids[1]),
});
var defaultGateway = new AliCloud.Vpn.Gateway("default", new()
{
VpnGatewayName = name,
VpcId = defaultGetNetworks.Apply(getNetworksResult => getNetworksResult.Ids[0]),
Bandwidth = 10,
EnableSsl = true,
Description = name,
PaymentType = "Subscription",
VswitchId = default0.Apply(getSwitchesResult => getSwitchesResult.Ids[0]),
DisasterRecoveryVswitchId = default1.Apply(getSwitchesResult => getSwitchesResult.Ids[0]),
});
var foo = new AliCloud.Vpn.IpsecServer("foo", new()
{
ClientIpPool = "10.0.0.0/24",
IpsecServerName = name,
LocalSubnet = "192.168.0.0/24",
VpnGatewayId = defaultGateway.Id,
PskEnabled = true,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpn"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := alicloud.GetZones(ctx, &alicloud.GetZonesArgs{
AvailableResourceCreation: pulumi.StringRef("VSwitch"),
}, nil)
if err != nil {
return err
}
defaultGetNetworks, err := vpc.GetNetworks(ctx, &vpc.GetNetworksArgs{
NameRegex: pulumi.StringRef("^default-NODELETING$"),
CidrBlock: pulumi.StringRef("172.16.0.0/16"),
}, nil)
if err != nil {
return err
}
default0, err := vpc.GetSwitches(ctx, &vpc.GetSwitchesArgs{
VpcId: pulumi.StringRef(defaultGetNetworks.Ids[0]),
ZoneId: pulumi.StringRef(_default.Ids[0]),
}, nil)
if err != nil {
return err
}
default1, err := vpc.GetSwitches(ctx, &vpc.GetSwitchesArgs{
VpcId: pulumi.StringRef(defaultGetNetworks.Ids[0]),
ZoneId: pulumi.StringRef(_default.Ids[1]),
}, nil)
if err != nil {
return err
}
defaultGateway, err := vpn.NewGateway(ctx, "default", &vpn.GatewayArgs{
VpnGatewayName: pulumi.String(name),
VpcId: pulumi.String(defaultGetNetworks.Ids[0]),
Bandwidth: pulumi.Int(10),
EnableSsl: pulumi.Bool(true),
Description: pulumi.String(name),
PaymentType: pulumi.String("Subscription"),
VswitchId: pulumi.String(default0.Ids[0]),
DisasterRecoveryVswitchId: pulumi.String(default1.Ids[0]),
})
if err != nil {
return err
}
_, err = vpn.NewIpsecServer(ctx, "foo", &vpn.IpsecServerArgs{
ClientIpPool: pulumi.String("10.0.0.0/24"),
IpsecServerName: pulumi.String(name),
LocalSubnet: pulumi.String("192.168.0.0/24"),
VpnGatewayId: defaultGateway.ID(),
PskEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetZonesArgs;
import com.pulumi.alicloud.vpc.VpcFunctions;
import com.pulumi.alicloud.vpc.inputs.GetNetworksArgs;
import com.pulumi.alicloud.vpc.inputs.GetSwitchesArgs;
import com.pulumi.alicloud.vpn.Gateway;
import com.pulumi.alicloud.vpn.GatewayArgs;
import com.pulumi.alicloud.vpn.IpsecServer;
import com.pulumi.alicloud.vpn.IpsecServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
final var default = AlicloudFunctions.getZones(GetZonesArgs.builder()
.availableResourceCreation("VSwitch")
.build());
final var defaultGetNetworks = VpcFunctions.getNetworks(GetNetworksArgs.builder()
.nameRegex("^default-NODELETING$")
.cidrBlock("172.16.0.0/16")
.build());
final var default0 = VpcFunctions.getSwitches(GetSwitchesArgs.builder()
.vpcId(defaultGetNetworks.ids()[0])
.zoneId(default_.ids()[0])
.build());
final var default1 = VpcFunctions.getSwitches(GetSwitchesArgs.builder()
.vpcId(defaultGetNetworks.ids()[0])
.zoneId(default_.ids()[1])
.build());
var defaultGateway = new Gateway("defaultGateway", GatewayArgs.builder()
.vpnGatewayName(name)
.vpcId(defaultGetNetworks.ids()[0])
.bandwidth(10)
.enableSsl(true)
.description(name)
.paymentType("Subscription")
.vswitchId(default0.ids()[0])
.disasterRecoveryVswitchId(default1.ids()[0])
.build());
var foo = new IpsecServer("foo", IpsecServerArgs.builder()
.clientIpPool("10.0.0.0/24")
.ipsecServerName(name)
.localSubnet("192.168.0.0/24")
.vpnGatewayId(defaultGateway.id())
.pskEnabled(true)
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: terraform-example
resources:
defaultGateway:
type: alicloud:vpn:Gateway
name: default
properties:
vpnGatewayName: ${name}
vpcId: ${defaultGetNetworks.ids[0]}
bandwidth: '10'
enableSsl: true
description: ${name}
paymentType: Subscription
vswitchId: ${default0.ids[0]}
disasterRecoveryVswitchId: ${default1.ids[0]}
foo:
type: alicloud:vpn:IpsecServer
properties:
clientIpPool: 10.0.0.0/24
ipsecServerName: ${name}
localSubnet: 192.168.0.0/24
vpnGatewayId: ${defaultGateway.id}
pskEnabled: true
variables:
default:
fn::invoke:
function: alicloud:getZones
arguments:
availableResourceCreation: VSwitch
defaultGetNetworks:
fn::invoke:
function: alicloud:vpc:getNetworks
arguments:
nameRegex: ^default-NODELETING$
cidrBlock: 172.16.0.0/16
default0:
fn::invoke:
function: alicloud:vpc:getSwitches
arguments:
vpcId: ${defaultGetNetworks.ids[0]}
zoneId: ${default.ids[0]}
default1:
fn::invoke:
function: alicloud:vpc:getSwitches
arguments:
vpcId: ${defaultGetNetworks.ids[0]}
zoneId: ${default.ids[1]}Content copied to clipboard
Import
VPN Ipsec Server can be imported using the id, e.g.
$ pulumi import alicloud:vpn/ipsecServer:IpsecServer example <id>Content copied to clipboard
Constructors
Link copied to clipboard
constructor(clientIpPool: Output<String>? = null, dryRun: Output<Boolean>? = null, effectImmediately: Output<Boolean>? = null, ikeConfigs: Output<List<IpsecServerIkeConfigArgs>>? = null, ipsecConfigs: Output<List<IpsecServerIpsecConfigArgs>>? = null, ipsecServerName: Output<String>? = null, localSubnet: Output<String>? = null, psk: Output<String>? = null, pskEnabled: Output<Boolean>? = null, vpnGatewayId: Output<String>? = null)
Properties
Link copied to clipboard
The client CIDR block. It refers to the CIDR block that is allocated to the virtual interface of the client.
Link copied to clipboard
Specifies whether you want the configuration to immediately take effect.
Link copied to clipboard
The configuration of Phase 1 negotiations. See ike_config below.
Link copied to clipboard
The configuration of Phase 2 negotiations. See ipsec_config below.
Link copied to clipboard
The name of the IPsec server. The name must be 2 to 128 characters in length, and can contain digits, hyphens (-), and underscores (_). It must start with a letter.
Link copied to clipboard
The local CIDR block. It refers to the CIDR block of the virtual private cloud (VPC) that is used to connect with the client. Separate multiple CIDR blocks with commas (,). Example: 192.168.1.0/24,192.168.2.0/24.
Link copied to clipboard
Link copied to clipboard
Whether to enable the pre-shared key authentication method. The value is only true, which indicates that the pre-shared key authentication method is enabled.
Link copied to clipboard
The ID of the VPN gateway.