pulumi-azure-kotlin/com.pulumi.azure.network.kotlin/VirtualNetworkGatewayConnection

VirtualNetworkGatewayConnection

class VirtualNetworkGatewayConnection : KotlinCustomResource

Manages a connection in an existing Virtual Network Gateway.

Example Usage

Site-to-Site connection

The following example shows a connection between an Azure virtual network and an on-premises VPN device and network.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.LocalNetworkGateway;
import com.pulumi.azure.network.LocalNetworkGatewayArgs;
import com.pulumi.azure.network.PublicIp;
import com.pulumi.azure.network.PublicIpArgs;
import com.pulumi.azure.network.VirtualNetworkGateway;
import com.pulumi.azure.network.VirtualNetworkGatewayArgs;
import com.pulumi.azure.network.inputs.VirtualNetworkGatewayIpConfigurationArgs;
import com.pulumi.azure.network.VirtualNetworkGatewayConnection;
import com.pulumi.azure.network.VirtualNetworkGatewayConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
            .location("West US")
            .build());
        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .addressSpaces("10.0.0.0/16")
            .build());
        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.1.0/24")
            .build());
        var onpremiseLocalNetworkGateway = new LocalNetworkGateway("onpremiseLocalNetworkGateway", LocalNetworkGatewayArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .gatewayAddress("168.62.225.23")
            .addressSpaces("10.1.1.0/24")
            .build());
        var examplePublicIp = new PublicIp("examplePublicIp", PublicIpArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .allocationMethod("Dynamic")
            .build());
        var exampleVirtualNetworkGateway = new VirtualNetworkGateway("exampleVirtualNetworkGateway", VirtualNetworkGatewayArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .type("Vpn")
            .vpnType("RouteBased")
            .activeActive(false)
            .enableBgp(false)
            .sku("Basic")
            .ipConfigurations(VirtualNetworkGatewayIpConfigurationArgs.builder()
                .publicIpAddressId(examplePublicIp.id())
                .privateIpAddressAllocation("Dynamic")
                .subnetId(exampleSubnet.id())
                .build())
            .build());
        var onpremiseVirtualNetworkGatewayConnection = new VirtualNetworkGatewayConnection("onpremiseVirtualNetworkGatewayConnection", VirtualNetworkGatewayConnectionArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .type("IPsec")
            .virtualNetworkGatewayId(exampleVirtualNetworkGateway.id())
            .localNetworkGatewayId(onpremiseLocalNetworkGateway.id())
            .sharedKey("4-v3ry-53cr37-1p53c-5h4r3d-k3y")
            .build());
    }
}

VNet-to-VNet connection

The following example shows a connection between two Azure virtual network in different locations/regions.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.PublicIp;
import com.pulumi.azure.network.PublicIpArgs;
import com.pulumi.azure.network.VirtualNetworkGateway;
import com.pulumi.azure.network.VirtualNetworkGatewayArgs;
import com.pulumi.azure.network.inputs.VirtualNetworkGatewayIpConfigurationArgs;
import com.pulumi.azure.network.VirtualNetworkGatewayConnection;
import com.pulumi.azure.network.VirtualNetworkGatewayConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var usResourceGroup = new ResourceGroup("usResourceGroup", ResourceGroupArgs.builder()
            .location("East US")
            .build());
        var usVirtualNetwork = new VirtualNetwork("usVirtualNetwork", VirtualNetworkArgs.builder()
            .location(usResourceGroup.location())
            .resourceGroupName(usResourceGroup.name())
            .addressSpaces("10.0.0.0/16")
            .build());
        var usGateway = new Subnet("usGateway", SubnetArgs.builder()
            .resourceGroupName(usResourceGroup.name())
            .virtualNetworkName(usVirtualNetwork.name())
            .addressPrefixes("10.0.1.0/24")
            .build());
        var usPublicIp = new PublicIp("usPublicIp", PublicIpArgs.builder()
            .location(usResourceGroup.location())
            .resourceGroupName(usResourceGroup.name())
            .allocationMethod("Dynamic")
            .build());
        var usVirtualNetworkGateway = new VirtualNetworkGateway("usVirtualNetworkGateway", VirtualNetworkGatewayArgs.builder()
            .location(usResourceGroup.location())
            .resourceGroupName(usResourceGroup.name())
            .type("Vpn")
            .vpnType("RouteBased")
            .sku("Basic")
            .ipConfigurations(VirtualNetworkGatewayIpConfigurationArgs.builder()
                .publicIpAddressId(usPublicIp.id())
                .privateIpAddressAllocation("Dynamic")
                .subnetId(usGateway.id())
                .build())
            .build());
        var europeResourceGroup = new ResourceGroup("europeResourceGroup", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var europeVirtualNetwork = new VirtualNetwork("europeVirtualNetwork", VirtualNetworkArgs.builder()
            .location(europeResourceGroup.location())
            .resourceGroupName(europeResourceGroup.name())
            .addressSpaces("10.1.0.0/16")
            .build());
        var europeGateway = new Subnet("europeGateway", SubnetArgs.builder()
            .resourceGroupName(europeResourceGroup.name())
            .virtualNetworkName(europeVirtualNetwork.name())
            .addressPrefixes("10.1.1.0/24")
            .build());
        var europePublicIp = new PublicIp("europePublicIp", PublicIpArgs.builder()
            .location(europeResourceGroup.location())
            .resourceGroupName(europeResourceGroup.name())
            .allocationMethod("Dynamic")
            .build());
        var europeVirtualNetworkGateway = new VirtualNetworkGateway("europeVirtualNetworkGateway", VirtualNetworkGatewayArgs.builder()
            .location(europeResourceGroup.location())
            .resourceGroupName(europeResourceGroup.name())
            .type("Vpn")
            .vpnType("RouteBased")
            .sku("Basic")
            .ipConfigurations(VirtualNetworkGatewayIpConfigurationArgs.builder()
                .publicIpAddressId(europePublicIp.id())
                .privateIpAddressAllocation("Dynamic")
                .subnetId(europeGateway.id())
                .build())
            .build());
        var usToEurope = new VirtualNetworkGatewayConnection("usToEurope", VirtualNetworkGatewayConnectionArgs.builder()
            .location(usResourceGroup.location())
            .resourceGroupName(usResourceGroup.name())
            .type("Vnet2Vnet")
            .virtualNetworkGatewayId(usVirtualNetworkGateway.id())
            .peerVirtualNetworkGatewayId(europeVirtualNetworkGateway.id())
            .sharedKey("4-v3ry-53cr37-1p53c-5h4r3d-k3y")
            .build());
        var europeToUs = new VirtualNetworkGatewayConnection("europeToUs", VirtualNetworkGatewayConnectionArgs.builder()
            .location(europeResourceGroup.location())
            .resourceGroupName(europeResourceGroup.name())
            .type("Vnet2Vnet")
            .virtualNetworkGatewayId(europeVirtualNetworkGateway.id())
            .peerVirtualNetworkGatewayId(usVirtualNetworkGateway.id())
            .sharedKey("4-v3ry-53cr37-1p53c-5h4r3d-k3y")
            .build());
    }
}

Import

Virtual Network Gateway Connections can be imported using their resource id, e.g.

$ pulumi import azure:network/virtualNetworkGatewayConnection:VirtualNetworkGatewayConnection exampleConnection /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myGroup1/providers/Microsoft.Network/connections/myConnection1

Properties

authorizationKey

val authorizationKey: Output<String>?

The authorization key associated with the Express Route Circuit. This field is required only if the type is an ExpressRoute connection.

connectionMode

val connectionMode: Output<String>?

Connection mode to use. Possible values are Default, InitiatorOnly and ResponderOnly. Defaults to Default. Changing this value will force a resource to be created.

connectionProtocol

val connectionProtocol: Output<String>

The IKE protocol version to use. Possible values are IKEv1 and IKEv2, values are IKEv1 and IKEv2. Defaults to IKEv2. Changing this forces a new resource to be created.

customBgpAddresses

val customBgpAddresses: Output<VirtualNetworkGatewayConnectionCustomBgpAddresses>?

A custom_bgp_addresses (Border Gateway Protocol custom IP Addresses) block which is documented below. The block can only be used on IPSec / activeactive connections, For details about see the relevant section in the Azure documentation.

dpdTimeoutSeconds

val dpdTimeoutSeconds: Output<Int>?

The dead peer detection timeout of this connection in seconds. Changing this forces a new resource to be created.

egressNatRuleIds

val egressNatRuleIds: Output<List<String>>?

A list of the egress NAT Rule Ids.

enableBgp

val enableBgp: Output<Boolean>

If true, BGP (Border Gateway Protocol) is enabled for this connection. Defaults to false.

expressRouteCircuitId

val expressRouteCircuitId: Output<String>?

The ID of the Express Route Circuit when creating an ExpressRoute connection (i.e. when type is ExpressRoute). The Express Route Circuit can be in the same or in a different subscription. Changing this forces a new resource to be created.

expressRouteGatewayBypass

val expressRouteGatewayBypass: Output<Boolean>

If true, data packets will bypass ExpressRoute Gateway for data forwarding This is only valid for ExpressRoute connections.

val id: Output<String>

ingressNatRuleIds

val ingressNatRuleIds: Output<List<String>>?

A list of the ingress NAT Rule Ids.

ipsecPolicy

val ipsecPolicy: Output<VirtualNetworkGatewayConnectionIpsecPolicy>?

A ipsec_policy block which is documented below. Only a single policy can be defined for a connection. For details on custom policies refer to the relevant section in the Azure documentation.

localAzureIpAddressEnabled

val localAzureIpAddressEnabled: Output<Boolean>?

Use private local Azure IP for the connection. Changing this forces a new resource to be created.

localNetworkGatewayId

val localNetworkGatewayId: Output<String>?

The ID of the local network gateway when creating Site-to-Site connection (i.e. when type is IPsec).

location

val location: Output<String>

The location/region where the connection is located. Changing this forces a new resource to be created.

name

val name: Output<String>

The name of the connection. Changing the name forces a new resource to be created.

peerVirtualNetworkGatewayId

val peerVirtualNetworkGatewayId: Output<String>?

The ID of the peer virtual network gateway when creating a VNet-to-VNet connection (i.e. when type is Vnet2Vnet). The peer Virtual Network Gateway can be in the same or in a different subscription. Changing this forces a new resource to be created.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

resourceGroupName

val resourceGroupName: Output<String>

The name of the resource group in which to create the connection Changing this forces a new resource to be created.

routingWeight

val routingWeight: Output<Int>

The routing weight. Defaults to 10.

sharedKey

val sharedKey: Output<String>?

The shared IPSec key. A key could be provided if a Site-to-Site, VNet-to-VNet or ExpressRoute connection is created.