pulumi-azure-kotlin/com.pulumi.azure.network.kotlin/VirtualNetworkGatewayConnectionArgs

VirtualNetworkGatewayConnectionArgs

data class VirtualNetworkGatewayConnectionArgs(val authorizationKey: Output<String>? = null, val connectionMode: Output<String>? = null, val connectionProtocol: Output<String>? = null, val customBgpAddresses: Output<VirtualNetworkGatewayConnectionCustomBgpAddressesArgs>? = null, val dpdTimeoutSeconds: Output<Int>? = null, val egressNatRuleIds: Output<List<String>>? = null, val enableBgp: Output<Boolean>? = null, val expressRouteCircuitId: Output<String>? = null, val expressRouteGatewayBypass: Output<Boolean>? = null, val ingressNatRuleIds: Output<List<String>>? = null, val ipsecPolicy: Output<VirtualNetworkGatewayConnectionIpsecPolicyArgs>? = null, val localAzureIpAddressEnabled: Output<Boolean>? = null, val localNetworkGatewayId: Output<String>? = null, val location: Output<String>? = null, val name: Output<String>? = null, val peerVirtualNetworkGatewayId: Output<String>? = null, val resourceGroupName: Output<String>? = null, val routingWeight: Output<Int>? = null, val sharedKey: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val trafficSelectorPolicy: Output<VirtualNetworkGatewayConnectionTrafficSelectorPolicyArgs>? = null, val type: Output<String>? = null, val usePolicyBasedTrafficSelectors: Output<Boolean>? = null, val virtualNetworkGatewayId: Output<String>? = null) : ConvertibleToJava<VirtualNetworkGatewayConnectionArgs>

Manages a connection in an existing Virtual Network Gateway.

Example Usage

Site-to-Site connection

The following example shows a connection between an Azure virtual network and an on-premises VPN device and network.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.LocalNetworkGateway;
import com.pulumi.azure.network.LocalNetworkGatewayArgs;
import com.pulumi.azure.network.PublicIp;
import com.pulumi.azure.network.PublicIpArgs;
import com.pulumi.azure.network.VirtualNetworkGateway;
import com.pulumi.azure.network.VirtualNetworkGatewayArgs;
import com.pulumi.azure.network.inputs.VirtualNetworkGatewayIpConfigurationArgs;
import com.pulumi.azure.network.VirtualNetworkGatewayConnection;
import com.pulumi.azure.network.VirtualNetworkGatewayConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("test")
            .location("West US")
            .build());
        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .name("test")
            .location(example.location())
            .resourceGroupName(example.name())
            .addressSpaces("10.0.0.0/16")
            .build());
        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .name("GatewaySubnet")
            .resourceGroupName(example.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.1.0/24")
            .build());
        var onpremise = new LocalNetworkGateway("onpremise", LocalNetworkGatewayArgs.builder()
            .name("onpremise")
            .location(example.location())
            .resourceGroupName(example.name())
            .gatewayAddress("168.62.225.23")
            .addressSpaces("10.1.1.0/24")
            .build());
        var examplePublicIp = new PublicIp("examplePublicIp", PublicIpArgs.builder()
            .name("test")
            .location(example.location())
            .resourceGroupName(example.name())
            .allocationMethod("Dynamic")
            .build());
        var exampleVirtualNetworkGateway = new VirtualNetworkGateway("exampleVirtualNetworkGateway", VirtualNetworkGatewayArgs.builder()
            .name("test")
            .location(example.location())
            .resourceGroupName(example.name())
            .type("Vpn")
            .vpnType("RouteBased")
            .activeActive(false)
            .enableBgp(false)
            .sku("Basic")
            .ipConfigurations(VirtualNetworkGatewayIpConfigurationArgs.builder()
                .publicIpAddressId(examplePublicIp.id())
                .privateIpAddressAllocation("Dynamic")
                .subnetId(exampleSubnet.id())
                .build())
            .build());
        var onpremiseVirtualNetworkGatewayConnection = new VirtualNetworkGatewayConnection("onpremiseVirtualNetworkGatewayConnection", VirtualNetworkGatewayConnectionArgs.builder()
            .name("onpremise")
            .location(example.location())
            .resourceGroupName(example.name())
            .type("IPsec")
            .virtualNetworkGatewayId(exampleVirtualNetworkGateway.id())
            .localNetworkGatewayId(onpremise.id())
            .sharedKey("4-v3ry-53cr37-1p53c-5h4r3d-k3y")
            .build());
    }
}
Content copied to clipboard

VNet-to-VNet connection

The following example shows a connection between two Azure virtual network in different locations/regions.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.PublicIp;
import com.pulumi.azure.network.PublicIpArgs;
import com.pulumi.azure.network.VirtualNetworkGateway;
import com.pulumi.azure.network.VirtualNetworkGatewayArgs;
import com.pulumi.azure.network.inputs.VirtualNetworkGatewayIpConfigurationArgs;
import com.pulumi.azure.network.VirtualNetworkGatewayConnection;
import com.pulumi.azure.network.VirtualNetworkGatewayConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var us = new ResourceGroup("us", ResourceGroupArgs.builder()
            .name("us")
            .location("East US")
            .build());
        var usVirtualNetwork = new VirtualNetwork("usVirtualNetwork", VirtualNetworkArgs.builder()
            .name("us")
            .location(us.location())
            .resourceGroupName(us.name())
            .addressSpaces("10.0.0.0/16")
            .build());
        var usGateway = new Subnet("usGateway", SubnetArgs.builder()
            .name("GatewaySubnet")
            .resourceGroupName(us.name())
            .virtualNetworkName(usVirtualNetwork.name())
            .addressPrefixes("10.0.1.0/24")
            .build());
        var usPublicIp = new PublicIp("usPublicIp", PublicIpArgs.builder()
            .name("us")
            .location(us.location())
            .resourceGroupName(us.name())
            .allocationMethod("Dynamic")
            .build());
        var usVirtualNetworkGateway = new VirtualNetworkGateway("usVirtualNetworkGateway", VirtualNetworkGatewayArgs.builder()
            .name("us-gateway")
            .location(us.location())
            .resourceGroupName(us.name())
            .type("Vpn")
            .vpnType("RouteBased")
            .sku("Basic")
            .ipConfigurations(VirtualNetworkGatewayIpConfigurationArgs.builder()
                .publicIpAddressId(usPublicIp.id())
                .privateIpAddressAllocation("Dynamic")
                .subnetId(usGateway.id())
                .build())
            .build());
        var europe = new ResourceGroup("europe", ResourceGroupArgs.builder()
            .name("europe")
            .location("West Europe")
            .build());
        var europeVirtualNetwork = new VirtualNetwork("europeVirtualNetwork", VirtualNetworkArgs.builder()
            .name("europe")
            .location(europe.location())
            .resourceGroupName(europe.name())
            .addressSpaces("10.1.0.0/16")
            .build());
        var europeGateway = new Subnet("europeGateway", SubnetArgs.builder()
            .name("GatewaySubnet")
            .resourceGroupName(europe.name())
            .virtualNetworkName(europeVirtualNetwork.name())
            .addressPrefixes("10.1.1.0/24")
            .build());
        var europePublicIp = new PublicIp("europePublicIp", PublicIpArgs.builder()
            .name("europe")
            .location(europe.location())
            .resourceGroupName(europe.name())
            .allocationMethod("Dynamic")
            .build());
        var europeVirtualNetworkGateway = new VirtualNetworkGateway("europeVirtualNetworkGateway", VirtualNetworkGatewayArgs.builder()
            .name("europe-gateway")
            .location(europe.location())
            .resourceGroupName(europe.name())
            .type("Vpn")
            .vpnType("RouteBased")
            .sku("Basic")
            .ipConfigurations(VirtualNetworkGatewayIpConfigurationArgs.builder()
                .publicIpAddressId(europePublicIp.id())
                .privateIpAddressAllocation("Dynamic")
                .subnetId(europeGateway.id())
                .build())
            .build());
        var usToEurope = new VirtualNetworkGatewayConnection("usToEurope", VirtualNetworkGatewayConnectionArgs.builder()
            .name("us-to-europe")
            .location(us.location())
            .resourceGroupName(us.name())
            .type("Vnet2Vnet")
            .virtualNetworkGatewayId(usVirtualNetworkGateway.id())
            .peerVirtualNetworkGatewayId(europeVirtualNetworkGateway.id())
            .sharedKey("4-v3ry-53cr37-1p53c-5h4r3d-k3y")
            .build());
        var europeToUs = new VirtualNetworkGatewayConnection("europeToUs", VirtualNetworkGatewayConnectionArgs.builder()
            .name("europe-to-us")
            .location(europe.location())
            .resourceGroupName(europe.name())
            .type("Vnet2Vnet")
            .virtualNetworkGatewayId(europeVirtualNetworkGateway.id())
            .peerVirtualNetworkGatewayId(usVirtualNetworkGateway.id())
            .sharedKey("4-v3ry-53cr37-1p53c-5h4r3d-k3y")
            .build());
    }
}
Content copied to clipboard

Import

Virtual Network Gateway Connections can be imported using their resource id, e.g.

$ pulumi import azure:network/virtualNetworkGatewayConnection:VirtualNetworkGatewayConnection exampleConnection /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myGroup1/providers/Microsoft.Network/connections/myConnection1
Content copied to clipboard

Constructors

Link copied to clipboard
fun VirtualNetworkGatewayConnectionArgs(authorizationKey: Output<String>? = null, connectionMode: Output<String>? = null, connectionProtocol: Output<String>? = null, customBgpAddresses: Output<VirtualNetworkGatewayConnectionCustomBgpAddressesArgs>? = null, dpdTimeoutSeconds: Output<Int>? = null, egressNatRuleIds: Output<List<String>>? = null, enableBgp: Output<Boolean>? = null, expressRouteCircuitId: Output<String>? = null, expressRouteGatewayBypass: Output<Boolean>? = null, ingressNatRuleIds: Output<List<String>>? = null, ipsecPolicy: Output<VirtualNetworkGatewayConnectionIpsecPolicyArgs>? = null, localAzureIpAddressEnabled: Output<Boolean>? = null, localNetworkGatewayId: Output<String>? = null, location: Output<String>? = null, name: Output<String>? = null, peerVirtualNetworkGatewayId: Output<String>? = null, resourceGroupName: Output<String>? = null, routingWeight: Output<Int>? = null, sharedKey: Output<String>? = null, tags: Output<Map<String, String>>? = null, trafficSelectorPolicy: Output<VirtualNetworkGatewayConnectionTrafficSelectorPolicyArgs>? = null, type: Output<String>? = null, usePolicyBasedTrafficSelectors: Output<Boolean>? = null, virtualNetworkGatewayId: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): VirtualNetworkGatewayConnectionArgs

Properties

Link copied to clipboard
val authorizationKey: Output<String>? = null

The authorization key associated with the Express Route Circuit. This field is required only if the type is an ExpressRoute connection.

Link copied to clipboard
val connectionMode: Output<String>? = null

Connection mode to use. Possible values are Default, InitiatorOnly and ResponderOnly. Defaults to Default. Changing this value will force a resource to be created.

Link copied to clipboard
val connectionProtocol: Output<String>? = null

The IKE protocol version to use. Possible values are IKEv1 and IKEv2, values are IKEv1 and IKEv2. Defaults to IKEv2. Changing this forces a new resource to be created.

Link copied to clipboard
val customBgpAddresses: Output<VirtualNetworkGatewayConnectionCustomBgpAddressesArgs>? = null

A custom_bgp_addresses block which is documented below. The block can only be used on IPSec / activeactive connections, For details about see the relevant section in the Azure documentation.

Link copied to clipboard
val dpdTimeoutSeconds: Output<Int>? = null

The dead peer detection timeout of this connection in seconds. Changing this forces a new resource to be created.

Link copied to clipboard
val egressNatRuleIds: Output<List<String>>? = null

A list of the egress NAT Rule Ids.

Link copied to clipboard
val enableBgp: Output<Boolean>? = null

If true, BGP (Border Gateway Protocol) is enabled for this connection. Defaults to false.

Link copied to clipboard
val expressRouteCircuitId: Output<String>? = null

The ID of the Express Route Circuit when creating an ExpressRoute connection (i.e. when type is ExpressRoute). The Express Route Circuit can be in the same or in a different subscription. Changing this forces a new resource to be created.

Link copied to clipboard
val expressRouteGatewayBypass: Output<Boolean>? = null

If true, data packets will bypass ExpressRoute Gateway for data forwarding This is only valid for ExpressRoute connections.

Link copied to clipboard
val ingressNatRuleIds: Output<List<String>>? = null

A list of the ingress NAT Rule Ids.

Link copied to clipboard
val ipsecPolicy: Output<VirtualNetworkGatewayConnectionIpsecPolicyArgs>? = null

A ipsec_policy block which is documented below. Only a single policy can be defined for a connection. For details on custom policies refer to the relevant section in the Azure documentation.

Link copied to clipboard
val localAzureIpAddressEnabled: Output<Boolean>? = null

Use private local Azure IP for the connection. Changing this forces a new resource to be created.

Link copied to clipboard
val localNetworkGatewayId: Output<String>? = null

The ID of the local network gateway when creating Site-to-Site connection (i.e. when type is IPsec).

Link copied to clipboard
val location: Output<String>? = null

The location/region where the connection is located. Changing this forces a new resource to be created.

Link copied to clipboard
val name: Output<String>? = null

The name of the connection. Changing the name forces a new resource to be created.

Link copied to clipboard
val peerVirtualNetworkGatewayId: Output<String>? = null

The ID of the peer virtual network gateway when creating a VNet-to-VNet connection (i.e. when type is Vnet2Vnet). The peer Virtual Network Gateway can be in the same or in a different subscription. Changing this forces a new resource to be created.

Link copied to clipboard
val resourceGroupName: Output<String>? = null

The name of the resource group in which to create the connection Changing this forces a new resource to be created.

Link copied to clipboard
val routingWeight: Output<Int>? = null

The routing weight. Defaults to 10.

Link copied to clipboard
val sharedKey: Output<String>? = null

The shared IPSec key. A key could be provided if a Site-to-Site, VNet-to-VNet or ExpressRoute connection is created.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A mapping of tags to assign to the resource.

Link copied to clipboard
val trafficSelectorPolicy: Output<VirtualNetworkGatewayConnectionTrafficSelectorPolicyArgs>? = null

One or more traffic_selector_policy blocks which are documented below. A traffic_selector_policy allows to specify a traffic selector policy proposal to be used in a virtual network gateway connection. For details about traffic selectors refer to the relevant section in the Azure documentation.

Link copied to clipboard
val type: Output<String>? = null

The type of connection. Valid options are IPsec (Site-to-Site), ExpressRoute (ExpressRoute), and Vnet2Vnet (VNet-to-VNet). Each connection type requires different mandatory arguments (refer to the examples above). Changing this forces a new resource to be created.

Link copied to clipboard
val usePolicyBasedTrafficSelectors: Output<Boolean>? = null

If true, policy-based traffic selectors are enabled for this connection. Enabling policy-based traffic selectors requires an ipsec_policy block. Defaults to false.

Link copied to clipboard
val virtualNetworkGatewayId: Output<String>? = null

The ID of the Virtual Network Gateway in which the connection will be created. Changing this forces a new resource to be created.