Docs
PackagesAviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix
aviatrix.AviatrixSite2Cloud
Explore with Pulumi AI
Import
site2cloud can be imported using the connection_name and vpc_id, e.g.
$ pulumi import aviatrix:index/aviatrixSite2Cloud:AviatrixSite2Cloud test connection_name~vpc_id
Create AviatrixSite2Cloud Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AviatrixSite2Cloud(name: string, args: AviatrixSite2CloudArgs, opts?: CustomResourceOptions);@overload
def AviatrixSite2Cloud(resource_name: str,
args: AviatrixSite2CloudArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AviatrixSite2Cloud(resource_name: str,
opts: Optional[ResourceOptions] = None,
connection_name: Optional[str] = None,
vpc_id: Optional[str] = None,
tunnel_type: Optional[str] = None,
remote_gateway_type: Optional[str] = None,
remote_gateway_ip: Optional[str] = None,
primary_cloud_gateway_name: Optional[str] = None,
connection_type: Optional[str] = None,
local_subnet_virtual: Optional[str] = None,
phase1_encryption: Optional[str] = None,
ca_cert_tag_name: Optional[str] = None,
backup_remote_identifier: Optional[str] = None,
backup_remote_gateway_longitude: Optional[float] = None,
custom_algorithms: Optional[bool] = None,
custom_mapped: Optional[bool] = None,
enable_active_active: Optional[bool] = None,
enable_dead_peer_detection: Optional[bool] = None,
enable_event_triggered_ha: Optional[bool] = None,
enable_ikev2: Optional[bool] = None,
enable_single_ip_ha: Optional[bool] = None,
forward_traffic_to_transit: Optional[bool] = None,
ha_enabled: Optional[bool] = None,
local_destination_real_cidrs: Optional[Sequence[str]] = None,
local_destination_virtual_cidrs: Optional[Sequence[str]] = None,
local_source_real_cidrs: Optional[Sequence[str]] = None,
local_source_virtual_cidrs: Optional[Sequence[str]] = None,
local_subnet_cidr: Optional[str] = None,
auth_type: Optional[str] = None,
local_tunnel_ip: Optional[str] = None,
phase1_authentication: Optional[str] = None,
phase1_dh_groups: Optional[str] = None,
backup_remote_tunnel_ip: Optional[str] = None,
phase1_remote_identifiers: Optional[Sequence[str]] = None,
phase2_authentication: Optional[str] = None,
phase2_dh_groups: Optional[str] = None,
phase2_encryption: Optional[str] = None,
pre_shared_key: Optional[str] = None,
backup_remote_gateway_latitude: Optional[float] = None,
private_route_encryption: Optional[bool] = None,
remote_destination_real_cidrs: Optional[Sequence[str]] = None,
remote_destination_virtual_cidrs: Optional[Sequence[str]] = None,
backup_remote_gateway_ip: Optional[str] = None,
remote_gateway_latitude: Optional[float] = None,
remote_gateway_longitude: Optional[float] = None,
backup_pre_shared_key: Optional[str] = None,
remote_identifier: Optional[str] = None,
remote_source_real_cidrs: Optional[Sequence[str]] = None,
remote_source_virtual_cidrs: Optional[Sequence[str]] = None,
remote_subnet_cidr: Optional[str] = None,
remote_subnet_virtual: Optional[str] = None,
remote_tunnel_ip: Optional[str] = None,
route_table_lists: Optional[Sequence[str]] = None,
ssl_server_pool: Optional[str] = None,
backup_local_tunnel_ip: Optional[str] = None,
backup_gateway_name: Optional[str] = None)func NewAviatrixSite2Cloud(ctx *Context, name string, args AviatrixSite2CloudArgs, opts ...ResourceOption) (*AviatrixSite2Cloud, error)public AviatrixSite2Cloud(string name, AviatrixSite2CloudArgs args, CustomResourceOptions? opts = null)
public AviatrixSite2Cloud(String name, AviatrixSite2CloudArgs args)
public AviatrixSite2Cloud(String name, AviatrixSite2CloudArgs args, CustomResourceOptions options)
type: aviatrix:AviatrixSite2Cloud
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AviatrixSite2CloudArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AviatrixSite2CloudArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AviatrixSite2CloudArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AviatrixSite2CloudArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AviatrixSite2CloudArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var aviatrixSite2CloudResource = new Aviatrix.AviatrixSite2Cloud("aviatrixSite2CloudResource", new()
{
ConnectionName = "string",
VpcId = "string",
TunnelType = "string",
RemoteGatewayType = "string",
RemoteGatewayIp = "string",
PrimaryCloudGatewayName = "string",
ConnectionType = "string",
LocalSubnetVirtual = "string",
Phase1Encryption = "string",
CaCertTagName = "string",
BackupRemoteIdentifier = "string",
BackupRemoteGatewayLongitude = 0,
CustomAlgorithms = false,
CustomMapped = false,
EnableActiveActive = false,
EnableDeadPeerDetection = false,
EnableEventTriggeredHa = false,
EnableIkev2 = false,
EnableSingleIpHa = false,
ForwardTrafficToTransit = false,
HaEnabled = false,
LocalDestinationRealCidrs = new[]
{
"string",
},
LocalDestinationVirtualCidrs = new[]
{
"string",
},
LocalSourceRealCidrs = new[]
{
"string",
},
LocalSourceVirtualCidrs = new[]
{
"string",
},
LocalSubnetCidr = "string",
AuthType = "string",
LocalTunnelIp = "string",
Phase1Authentication = "string",
Phase1DhGroups = "string",
BackupRemoteTunnelIp = "string",
Phase1RemoteIdentifiers = new[]
{
"string",
},
Phase2Authentication = "string",
Phase2DhGroups = "string",
Phase2Encryption = "string",
PreSharedKey = "string",
BackupRemoteGatewayLatitude = 0,
PrivateRouteEncryption = false,
RemoteDestinationRealCidrs = new[]
{
"string",
},
RemoteDestinationVirtualCidrs = new[]
{
"string",
},
BackupRemoteGatewayIp = "string",
RemoteGatewayLatitude = 0,
RemoteGatewayLongitude = 0,
BackupPreSharedKey = "string",
RemoteIdentifier = "string",
RemoteSourceRealCidrs = new[]
{
"string",
},
RemoteSourceVirtualCidrs = new[]
{
"string",
},
RemoteSubnetCidr = "string",
RemoteSubnetVirtual = "string",
RemoteTunnelIp = "string",
RouteTableLists = new[]
{
"string",
},
SslServerPool = "string",
BackupLocalTunnelIp = "string",
BackupGatewayName = "string",
});
example, err := aviatrix.NewAviatrixSite2Cloud(ctx, "aviatrixSite2CloudResource", &aviatrix.AviatrixSite2CloudArgs{
ConnectionName: pulumi.String("string"),
VpcId: pulumi.String("string"),
TunnelType: pulumi.String("string"),
RemoteGatewayType: pulumi.String("string"),
RemoteGatewayIp: pulumi.String("string"),
PrimaryCloudGatewayName: pulumi.String("string"),
ConnectionType: pulumi.String("string"),
LocalSubnetVirtual: pulumi.String("string"),
Phase1Encryption: pulumi.String("string"),
CaCertTagName: pulumi.String("string"),
BackupRemoteIdentifier: pulumi.String("string"),
BackupRemoteGatewayLongitude: pulumi.Float64(0),
CustomAlgorithms: pulumi.Bool(false),
CustomMapped: pulumi.Bool(false),
EnableActiveActive: pulumi.Bool(false),
EnableDeadPeerDetection: pulumi.Bool(false),
EnableEventTriggeredHa: pulumi.Bool(false),
EnableIkev2: pulumi.Bool(false),
EnableSingleIpHa: pulumi.Bool(false),
ForwardTrafficToTransit: pulumi.Bool(false),
HaEnabled: pulumi.Bool(false),
LocalDestinationRealCidrs: pulumi.StringArray{
pulumi.String("string"),
},
LocalDestinationVirtualCidrs: pulumi.StringArray{
pulumi.String("string"),
},
LocalSourceRealCidrs: pulumi.StringArray{
pulumi.String("string"),
},
LocalSourceVirtualCidrs: pulumi.StringArray{
pulumi.String("string"),
},
LocalSubnetCidr: pulumi.String("string"),
AuthType: pulumi.String("string"),
LocalTunnelIp: pulumi.String("string"),
Phase1Authentication: pulumi.String("string"),
Phase1DhGroups: pulumi.String("string"),
BackupRemoteTunnelIp: pulumi.String("string"),
Phase1RemoteIdentifiers: pulumi.StringArray{
pulumi.String("string"),
},
Phase2Authentication: pulumi.String("string"),
Phase2DhGroups: pulumi.String("string"),
Phase2Encryption: pulumi.String("string"),
PreSharedKey: pulumi.String("string"),
BackupRemoteGatewayLatitude: pulumi.Float64(0),
PrivateRouteEncryption: pulumi.Bool(false),
RemoteDestinationRealCidrs: pulumi.StringArray{
pulumi.String("string"),
},
RemoteDestinationVirtualCidrs: pulumi.StringArray{
pulumi.String("string"),
},
BackupRemoteGatewayIp: pulumi.String("string"),
RemoteGatewayLatitude: pulumi.Float64(0),
RemoteGatewayLongitude: pulumi.Float64(0),
BackupPreSharedKey: pulumi.String("string"),
RemoteIdentifier: pulumi.String("string"),
RemoteSourceRealCidrs: pulumi.StringArray{
pulumi.String("string"),
},
RemoteSourceVirtualCidrs: pulumi.StringArray{
pulumi.String("string"),
},
RemoteSubnetCidr: pulumi.String("string"),
RemoteSubnetVirtual: pulumi.String("string"),
RemoteTunnelIp: pulumi.String("string"),
RouteTableLists: pulumi.StringArray{
pulumi.String("string"),
},
SslServerPool: pulumi.String("string"),
BackupLocalTunnelIp: pulumi.String("string"),
BackupGatewayName: pulumi.String("string"),
})
var aviatrixSite2CloudResource = new AviatrixSite2Cloud("aviatrixSite2CloudResource", AviatrixSite2CloudArgs.builder()
.connectionName("string")
.vpcId("string")
.tunnelType("string")
.remoteGatewayType("string")
.remoteGatewayIp("string")
.primaryCloudGatewayName("string")
.connectionType("string")
.localSubnetVirtual("string")
.phase1Encryption("string")
.caCertTagName("string")
.backupRemoteIdentifier("string")
.backupRemoteGatewayLongitude(0)
.customAlgorithms(false)
.customMapped(false)
.enableActiveActive(false)
.enableDeadPeerDetection(false)
.enableEventTriggeredHa(false)
.enableIkev2(false)
.enableSingleIpHa(false)
.forwardTrafficToTransit(false)
.haEnabled(false)
.localDestinationRealCidrs("string")
.localDestinationVirtualCidrs("string")
.localSourceRealCidrs("string")
.localSourceVirtualCidrs("string")
.localSubnetCidr("string")
.authType("string")
.localTunnelIp("string")
.phase1Authentication("string")
.phase1DhGroups("string")
.backupRemoteTunnelIp("string")
.phase1RemoteIdentifiers("string")
.phase2Authentication("string")
.phase2DhGroups("string")
.phase2Encryption("string")
.preSharedKey("string")
.backupRemoteGatewayLatitude(0)
.privateRouteEncryption(false)
.remoteDestinationRealCidrs("string")
.remoteDestinationVirtualCidrs("string")
.backupRemoteGatewayIp("string")
.remoteGatewayLatitude(0)
.remoteGatewayLongitude(0)
.backupPreSharedKey("string")
.remoteIdentifier("string")
.remoteSourceRealCidrs("string")
.remoteSourceVirtualCidrs("string")
.remoteSubnetCidr("string")
.remoteSubnetVirtual("string")
.remoteTunnelIp("string")
.routeTableLists("string")
.sslServerPool("string")
.backupLocalTunnelIp("string")
.backupGatewayName("string")
.build());
aviatrix_site2_cloud_resource = aviatrix.AviatrixSite2Cloud("aviatrixSite2CloudResource",
connection_name="string",
vpc_id="string",
tunnel_type="string",
remote_gateway_type="string",
remote_gateway_ip="string",
primary_cloud_gateway_name="string",
connection_type="string",
local_subnet_virtual="string",
phase1_encryption="string",
ca_cert_tag_name="string",
backup_remote_identifier="string",
backup_remote_gateway_longitude=0,
custom_algorithms=False,
custom_mapped=False,
enable_active_active=False,
enable_dead_peer_detection=False,
enable_event_triggered_ha=False,
enable_ikev2=False,
enable_single_ip_ha=False,
forward_traffic_to_transit=False,
ha_enabled=False,
local_destination_real_cidrs=["string"],
local_destination_virtual_cidrs=["string"],
local_source_real_cidrs=["string"],
local_source_virtual_cidrs=["string"],
local_subnet_cidr="string",
auth_type="string",
local_tunnel_ip="string",
phase1_authentication="string",
phase1_dh_groups="string",
backup_remote_tunnel_ip="string",
phase1_remote_identifiers=["string"],
phase2_authentication="string",
phase2_dh_groups="string",
phase2_encryption="string",
pre_shared_key="string",
backup_remote_gateway_latitude=0,
private_route_encryption=False,
remote_destination_real_cidrs=["string"],
remote_destination_virtual_cidrs=["string"],
backup_remote_gateway_ip="string",
remote_gateway_latitude=0,
remote_gateway_longitude=0,
backup_pre_shared_key="string",
remote_identifier="string",
remote_source_real_cidrs=["string"],
remote_source_virtual_cidrs=["string"],
remote_subnet_cidr="string",
remote_subnet_virtual="string",
remote_tunnel_ip="string",
route_table_lists=["string"],
ssl_server_pool="string",
backup_local_tunnel_ip="string",
backup_gateway_name="string")
const aviatrixSite2CloudResource = new aviatrix.AviatrixSite2Cloud("aviatrixSite2CloudResource", {
connectionName: "string",
vpcId: "string",
tunnelType: "string",
remoteGatewayType: "string",
remoteGatewayIp: "string",
primaryCloudGatewayName: "string",
connectionType: "string",
localSubnetVirtual: "string",
phase1Encryption: "string",
caCertTagName: "string",
backupRemoteIdentifier: "string",
backupRemoteGatewayLongitude: 0,
customAlgorithms: false,
customMapped: false,
enableActiveActive: false,
enableDeadPeerDetection: false,
enableEventTriggeredHa: false,
enableIkev2: false,
enableSingleIpHa: false,
forwardTrafficToTransit: false,
haEnabled: false,
localDestinationRealCidrs: ["string"],
localDestinationVirtualCidrs: ["string"],
localSourceRealCidrs: ["string"],
localSourceVirtualCidrs: ["string"],
localSubnetCidr: "string",
authType: "string",
localTunnelIp: "string",
phase1Authentication: "string",
phase1DhGroups: "string",
backupRemoteTunnelIp: "string",
phase1RemoteIdentifiers: ["string"],
phase2Authentication: "string",
phase2DhGroups: "string",
phase2Encryption: "string",
preSharedKey: "string",
backupRemoteGatewayLatitude: 0,
privateRouteEncryption: false,
remoteDestinationRealCidrs: ["string"],
remoteDestinationVirtualCidrs: ["string"],
backupRemoteGatewayIp: "string",
remoteGatewayLatitude: 0,
remoteGatewayLongitude: 0,
backupPreSharedKey: "string",
remoteIdentifier: "string",
remoteSourceRealCidrs: ["string"],
remoteSourceVirtualCidrs: ["string"],
remoteSubnetCidr: "string",
remoteSubnetVirtual: "string",
remoteTunnelIp: "string",
routeTableLists: ["string"],
sslServerPool: "string",
backupLocalTunnelIp: "string",
backupGatewayName: "string",
});
type: aviatrix:AviatrixSite2Cloud
properties:
authType: string
backupGatewayName: string
backupLocalTunnelIp: string
backupPreSharedKey: string
backupRemoteGatewayIp: string
backupRemoteGatewayLatitude: 0
backupRemoteGatewayLongitude: 0
backupRemoteIdentifier: string
backupRemoteTunnelIp: string
caCertTagName: string
connectionName: string
connectionType: string
customAlgorithms: false
customMapped: false
enableActiveActive: false
enableDeadPeerDetection: false
enableEventTriggeredHa: false
enableIkev2: false
enableSingleIpHa: false
forwardTrafficToTransit: false
haEnabled: false
localDestinationRealCidrs:
- string
localDestinationVirtualCidrs:
- string
localSourceRealCidrs:
- string
localSourceVirtualCidrs:
- string
localSubnetCidr: string
localSubnetVirtual: string
localTunnelIp: string
phase1Authentication: string
phase1DhGroups: string
phase1Encryption: string
phase1RemoteIdentifiers:
- string
phase2Authentication: string
phase2DhGroups: string
phase2Encryption: string
preSharedKey: string
primaryCloudGatewayName: string
privateRouteEncryption: false
remoteDestinationRealCidrs:
- string
remoteDestinationVirtualCidrs:
- string
remoteGatewayIp: string
remoteGatewayLatitude: 0
remoteGatewayLongitude: 0
remoteGatewayType: string
remoteIdentifier: string
remoteSourceRealCidrs:
- string
remoteSourceVirtualCidrs:
- string
remoteSubnetCidr: string
remoteSubnetVirtual: string
remoteTunnelIp: string
routeTableLists:
- string
sslServerPool: string
tunnelType: string
vpcId: string
AviatrixSite2Cloud Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AviatrixSite2Cloud resource accepts the following input properties:
- Connection
Name string - Site2Cloud connection name.
- Connection
Type string - Connection type. Valid Values: "mapped", "unmapped".
- Primary
Cloud stringGateway Name - Primary cloud gateway name.
- Remote
Gateway stringIp - Remote gateway IP.
- Remote
Gateway stringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- Tunnel
Type string - Site2Cloud tunnel type. Valid Values: "policy", "route".
- Vpc
Id string - VPC ID of the cloud gateway.
- Auth
Type string - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- Backup
Gateway stringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- Backup
Local stringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- string
- Backup Pre-Shared Key.
- Backup
Remote stringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- Backup
Remote doubleGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- Backup
Remote doubleGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- Backup
Remote stringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- Backup
Remote stringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- Ca
Cert stringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- Custom
Algorithms bool - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Custom
Mapped bool - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- Enable
Active boolActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- Enable
Dead boolPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- Enable
Ikev2 bool - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- Enable
Single boolIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- Forward
Traffic boolTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- Ha
Enabled bool - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- Local
Destination List<string>Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- Local
Destination List<string>Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- Local
Source List<string>Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- Local
Source List<string>Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- Local
Subnet stringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - Local
Subnet stringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Local
Tunnel stringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Phase1Authentication string
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- Phase1Dh
Groups string - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase1Encryption string
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers List<string> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- Phase2Authentication string
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- Phase2Dh
Groups string - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase2Encryption string
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- string
- Pre-Shared Key.
- Private
Route boolEncryption - Private route encryption switch. Valid values: true, false.
- Remote
Destination List<string>Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- Remote
Destination List<string>Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- Remote
Gateway doubleLatitude - Latitude of remote gateway. Does not support refresh.
- Remote
Gateway doubleLongitude - Longitude of remote gateway. Does not support refresh.
- Remote
Identifier string - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- Remote
Source List<string>Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- Remote
Source List<string>Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- Remote
Subnet stringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- Remote
Subnet stringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Remote
Tunnel stringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Route
Table List<string>Lists - Route tables to modify.
- Ssl
Server stringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- Connection
Name string - Site2Cloud connection name.
- Connection
Type string - Connection type. Valid Values: "mapped", "unmapped".
- Primary
Cloud stringGateway Name - Primary cloud gateway name.
- Remote
Gateway stringIp - Remote gateway IP.
- Remote
Gateway stringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- Tunnel
Type string - Site2Cloud tunnel type. Valid Values: "policy", "route".
- Vpc
Id string - VPC ID of the cloud gateway.
- Auth
Type string - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- Backup
Gateway stringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- Backup
Local stringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- string
- Backup Pre-Shared Key.
- Backup
Remote stringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- Backup
Remote float64Gateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- Backup
Remote float64Gateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- Backup
Remote stringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- Backup
Remote stringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- Ca
Cert stringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- Custom
Algorithms bool - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Custom
Mapped bool - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- Enable
Active boolActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- Enable
Dead boolPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- Enable
Ikev2 bool - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- Enable
Single boolIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- Forward
Traffic boolTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- Ha
Enabled bool - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- Local
Destination []stringReal Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- Local
Destination []stringVirtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- Local
Source []stringReal Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- Local
Source []stringVirtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- Local
Subnet stringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - Local
Subnet stringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Local
Tunnel stringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Phase1Authentication string
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- Phase1Dh
Groups string - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase1Encryption string
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers []string - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- Phase2Authentication string
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- Phase2Dh
Groups string - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase2Encryption string
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- string
- Pre-Shared Key.
- Private
Route boolEncryption - Private route encryption switch. Valid values: true, false.
- Remote
Destination []stringReal Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- Remote
Destination []stringVirtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- Remote
Gateway float64Latitude - Latitude of remote gateway. Does not support refresh.
- Remote
Gateway float64Longitude - Longitude of remote gateway. Does not support refresh.
- Remote
Identifier string - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- Remote
Source []stringReal Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- Remote
Source []stringVirtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- Remote
Subnet stringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- Remote
Subnet stringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Remote
Tunnel stringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Route
Table []stringLists - Route tables to modify.
- Ssl
Server stringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- connection
Name String - Site2Cloud connection name.
- connection
Type String - Connection type. Valid Values: "mapped", "unmapped".
- primary
Cloud StringGateway Name - Primary cloud gateway name.
- remote
Gateway StringIp - Remote gateway IP.
- remote
Gateway StringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- tunnel
Type String - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc
Id String - VPC ID of the cloud gateway.
- auth
Type String - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup
Gateway StringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup
Local StringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- String
- Backup Pre-Shared Key.
- backup
Remote StringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup
Remote DoubleGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- backup
Remote DoubleGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- backup
Remote StringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup
Remote StringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca
Cert StringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- custom
Algorithms Boolean - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom
Mapped Boolean - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable
Active BooleanActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable
Dead BooleanPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable
Ikev2 Boolean - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable
Single BooleanIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward
Traffic BooleanTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha
Enabled Boolean - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local
Destination List<String>Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local
Destination List<String>Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local
Source List<String>Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local
Source List<String>Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local
Subnet StringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local
Subnet StringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local
Tunnel StringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1Authentication String
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1Dh
Groups String - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1Encryption String
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2Authentication String
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2Dh
Groups String - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2Encryption String
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- String
- Pre-Shared Key.
- private
Route BooleanEncryption - Private route encryption switch. Valid values: true, false.
- remote
Destination List<String>Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote
Destination List<String>Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote
Gateway DoubleLatitude - Latitude of remote gateway. Does not support refresh.
- remote
Gateway DoubleLongitude - Longitude of remote gateway. Does not support refresh.
- remote
Identifier String - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote
Source List<String>Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote
Source List<String>Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote
Subnet StringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote
Subnet StringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote
Tunnel StringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route
Table List<String>Lists - Route tables to modify.
- ssl
Server StringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- connection
Name string - Site2Cloud connection name.
- connection
Type string - Connection type. Valid Values: "mapped", "unmapped".
- primary
Cloud stringGateway Name - Primary cloud gateway name.
- remote
Gateway stringIp - Remote gateway IP.
- remote
Gateway stringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- tunnel
Type string - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc
Id string - VPC ID of the cloud gateway.
- auth
Type string - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup
Gateway stringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup
Local stringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- string
- Backup Pre-Shared Key.
- backup
Remote stringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup
Remote numberGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- backup
Remote numberGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- backup
Remote stringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup
Remote stringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca
Cert stringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- custom
Algorithms boolean - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom
Mapped boolean - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable
Active booleanActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable
Dead booleanPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable
Event booleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable
Ikev2 boolean - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable
Single booleanIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward
Traffic booleanTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha
Enabled boolean - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local
Destination string[]Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local
Destination string[]Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local
Source string[]Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local
Source string[]Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local
Subnet stringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local
Subnet stringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local
Tunnel stringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1Authentication string
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1Dh
Groups string - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1Encryption string
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers string[] - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2Authentication string
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2Dh
Groups string - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2Encryption string
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- string
- Pre-Shared Key.
- private
Route booleanEncryption - Private route encryption switch. Valid values: true, false.
- remote
Destination string[]Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote
Destination string[]Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote
Gateway numberLatitude - Latitude of remote gateway. Does not support refresh.
- remote
Gateway numberLongitude - Longitude of remote gateway. Does not support refresh.
- remote
Identifier string - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote
Source string[]Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote
Source string[]Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote
Subnet stringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote
Subnet stringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote
Tunnel stringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route
Table string[]Lists - Route tables to modify.
- ssl
Server stringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- connection_
name str - Site2Cloud connection name.
- connection_
type str - Connection type. Valid Values: "mapped", "unmapped".
- primary_
cloud_ strgateway_ name - Primary cloud gateway name.
- remote_
gateway_ strip - Remote gateway IP.
- remote_
gateway_ strtype - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- tunnel_
type str - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc_
id str - VPC ID of the cloud gateway.
- auth_
type str - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup_
gateway_ strname - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup_
local_ strtunnel_ ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- str
- Backup Pre-Shared Key.
- backup_
remote_ strgateway_ ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup_
remote_ floatgateway_ latitude - Latitude of backup remote gateway. Does not support refresh.
- backup_
remote_ floatgateway_ longitude - Longitude of backup remote gateway. Does not support refresh.
- backup_
remote_ stridentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup_
remote_ strtunnel_ ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca_
cert_ strtag_ name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- custom_
algorithms bool - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom_
mapped bool - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable_
active_ boolactive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable_
dead_ boolpeer_ detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable_
event_ booltriggered_ ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable_
ikev2 bool - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable_
single_ boolip_ ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward_
traffic_ boolto_ transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha_
enabled bool - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local_
destination_ Sequence[str]real_ cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local_
destination_ Sequence[str]virtual_ cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local_
source_ Sequence[str]real_ cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local_
source_ Sequence[str]virtual_ cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local_
subnet_ strcidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local_
subnet_ strvirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local_
tunnel_ strip - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1_
authentication str - Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1_
dh_ strgroups - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1_
encryption str - Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1_
remote_ Sequence[str]identifiers - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2_
authentication str - Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2_
dh_ strgroups - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2_
encryption str - Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- str
- Pre-Shared Key.
- private_
route_ boolencryption - Private route encryption switch. Valid values: true, false.
- remote_
destination_ Sequence[str]real_ cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote_
destination_ Sequence[str]virtual_ cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote_
gateway_ floatlatitude - Latitude of remote gateway. Does not support refresh.
- remote_
gateway_ floatlongitude - Longitude of remote gateway. Does not support refresh.
- remote_
identifier str - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote_
source_ Sequence[str]real_ cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote_
source_ Sequence[str]virtual_ cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote_
subnet_ strcidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote_
subnet_ strvirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote_
tunnel_ strip - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route_
table_ Sequence[str]lists - Route tables to modify.
- ssl_
server_ strpool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- connection
Name String - Site2Cloud connection name.
- connection
Type String - Connection type. Valid Values: "mapped", "unmapped".
- primary
Cloud StringGateway Name - Primary cloud gateway name.
- remote
Gateway StringIp - Remote gateway IP.
- remote
Gateway StringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- tunnel
Type String - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc
Id String - VPC ID of the cloud gateway.
- auth
Type String - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup
Gateway StringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup
Local StringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- String
- Backup Pre-Shared Key.
- backup
Remote StringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup
Remote NumberGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- backup
Remote NumberGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- backup
Remote StringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup
Remote StringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca
Cert StringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- custom
Algorithms Boolean - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom
Mapped Boolean - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable
Active BooleanActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable
Dead BooleanPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable
Ikev2 Boolean - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable
Single BooleanIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward
Traffic BooleanTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha
Enabled Boolean - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local
Destination List<String>Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local
Destination List<String>Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local
Source List<String>Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local
Source List<String>Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local
Subnet StringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local
Subnet StringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local
Tunnel StringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1Authentication String
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1Dh
Groups String - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1Encryption String
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2Authentication String
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2Dh
Groups String - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2Encryption String
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- String
- Pre-Shared Key.
- private
Route BooleanEncryption - Private route encryption switch. Valid values: true, false.
- remote
Destination List<String>Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote
Destination List<String>Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote
Gateway NumberLatitude - Latitude of remote gateway. Does not support refresh.
- remote
Gateway NumberLongitude - Longitude of remote gateway. Does not support refresh.
- remote
Identifier String - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote
Source List<String>Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote
Source List<String>Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote
Subnet StringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote
Subnet StringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote
Tunnel StringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route
Table List<String>Lists - Route tables to modify.
- ssl
Server StringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
Outputs
All input properties are implicitly available as output properties. Additionally, the AviatrixSite2Cloud resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AviatrixSite2Cloud Resource
Get an existing AviatrixSite2Cloud resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AviatrixSite2CloudState, opts?: CustomResourceOptions): AviatrixSite2Cloud@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auth_type: Optional[str] = None,
backup_gateway_name: Optional[str] = None,
backup_local_tunnel_ip: Optional[str] = None,
backup_pre_shared_key: Optional[str] = None,
backup_remote_gateway_ip: Optional[str] = None,
backup_remote_gateway_latitude: Optional[float] = None,
backup_remote_gateway_longitude: Optional[float] = None,
backup_remote_identifier: Optional[str] = None,
backup_remote_tunnel_ip: Optional[str] = None,
ca_cert_tag_name: Optional[str] = None,
connection_name: Optional[str] = None,
connection_type: Optional[str] = None,
custom_algorithms: Optional[bool] = None,
custom_mapped: Optional[bool] = None,
enable_active_active: Optional[bool] = None,
enable_dead_peer_detection: Optional[bool] = None,
enable_event_triggered_ha: Optional[bool] = None,
enable_ikev2: Optional[bool] = None,
enable_single_ip_ha: Optional[bool] = None,
forward_traffic_to_transit: Optional[bool] = None,
ha_enabled: Optional[bool] = None,
local_destination_real_cidrs: Optional[Sequence[str]] = None,
local_destination_virtual_cidrs: Optional[Sequence[str]] = None,
local_source_real_cidrs: Optional[Sequence[str]] = None,
local_source_virtual_cidrs: Optional[Sequence[str]] = None,
local_subnet_cidr: Optional[str] = None,
local_subnet_virtual: Optional[str] = None,
local_tunnel_ip: Optional[str] = None,
phase1_authentication: Optional[str] = None,
phase1_dh_groups: Optional[str] = None,
phase1_encryption: Optional[str] = None,
phase1_remote_identifiers: Optional[Sequence[str]] = None,
phase2_authentication: Optional[str] = None,
phase2_dh_groups: Optional[str] = None,
phase2_encryption: Optional[str] = None,
pre_shared_key: Optional[str] = None,
primary_cloud_gateway_name: Optional[str] = None,
private_route_encryption: Optional[bool] = None,
remote_destination_real_cidrs: Optional[Sequence[str]] = None,
remote_destination_virtual_cidrs: Optional[Sequence[str]] = None,
remote_gateway_ip: Optional[str] = None,
remote_gateway_latitude: Optional[float] = None,
remote_gateway_longitude: Optional[float] = None,
remote_gateway_type: Optional[str] = None,
remote_identifier: Optional[str] = None,
remote_source_real_cidrs: Optional[Sequence[str]] = None,
remote_source_virtual_cidrs: Optional[Sequence[str]] = None,
remote_subnet_cidr: Optional[str] = None,
remote_subnet_virtual: Optional[str] = None,
remote_tunnel_ip: Optional[str] = None,
route_table_lists: Optional[Sequence[str]] = None,
ssl_server_pool: Optional[str] = None,
tunnel_type: Optional[str] = None,
vpc_id: Optional[str] = None) -> AviatrixSite2Cloudfunc GetAviatrixSite2Cloud(ctx *Context, name string, id IDInput, state *AviatrixSite2CloudState, opts ...ResourceOption) (*AviatrixSite2Cloud, error)public static AviatrixSite2Cloud Get(string name, Input<string> id, AviatrixSite2CloudState? state, CustomResourceOptions? opts = null)public static AviatrixSite2Cloud get(String name, Output<String> id, AviatrixSite2CloudState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auth
Type string - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- Backup
Gateway stringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- Backup
Local stringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- string
- Backup Pre-Shared Key.
- Backup
Remote stringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- Backup
Remote doubleGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- Backup
Remote doubleGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- Backup
Remote stringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- Backup
Remote stringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- Ca
Cert stringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- Connection
Name string - Site2Cloud connection name.
- Connection
Type string - Connection type. Valid Values: "mapped", "unmapped".
- Custom
Algorithms bool - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Custom
Mapped bool - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- Enable
Active boolActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- Enable
Dead boolPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- Enable
Ikev2 bool - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- Enable
Single boolIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- Forward
Traffic boolTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- Ha
Enabled bool - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- Local
Destination List<string>Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- Local
Destination List<string>Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- Local
Source List<string>Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- Local
Source List<string>Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- Local
Subnet stringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - Local
Subnet stringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Local
Tunnel stringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Phase1Authentication string
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- Phase1Dh
Groups string - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase1Encryption string
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers List<string> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- Phase2Authentication string
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- Phase2Dh
Groups string - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase2Encryption string
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- string
- Pre-Shared Key.
- Primary
Cloud stringGateway Name - Primary cloud gateway name.
- Private
Route boolEncryption - Private route encryption switch. Valid values: true, false.
- Remote
Destination List<string>Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- Remote
Destination List<string>Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- Remote
Gateway stringIp - Remote gateway IP.
- Remote
Gateway doubleLatitude - Latitude of remote gateway. Does not support refresh.
- Remote
Gateway doubleLongitude - Longitude of remote gateway. Does not support refresh.
- Remote
Gateway stringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- Remote
Identifier string - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- Remote
Source List<string>Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- Remote
Source List<string>Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- Remote
Subnet stringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- Remote
Subnet stringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Remote
Tunnel stringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Route
Table List<string>Lists - Route tables to modify.
- Ssl
Server stringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- Tunnel
Type string - Site2Cloud tunnel type. Valid Values: "policy", "route".
- Vpc
Id string - VPC ID of the cloud gateway.
- Auth
Type string - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- Backup
Gateway stringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- Backup
Local stringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- string
- Backup Pre-Shared Key.
- Backup
Remote stringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- Backup
Remote float64Gateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- Backup
Remote float64Gateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- Backup
Remote stringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- Backup
Remote stringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- Ca
Cert stringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- Connection
Name string - Site2Cloud connection name.
- Connection
Type string - Connection type. Valid Values: "mapped", "unmapped".
- Custom
Algorithms bool - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- Custom
Mapped bool - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- Enable
Active boolActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- Enable
Dead boolPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- Enable
Event boolTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- Enable
Ikev2 bool - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- Enable
Single boolIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- Forward
Traffic boolTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- Ha
Enabled bool - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- Local
Destination []stringReal Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- Local
Destination []stringVirtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- Local
Source []stringReal Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- Local
Source []stringVirtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- Local
Subnet stringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - Local
Subnet stringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Local
Tunnel stringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Phase1Authentication string
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- Phase1Dh
Groups string - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase1Encryption string
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- Phase1Remote
Identifiers []string - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- Phase2Authentication string
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- Phase2Dh
Groups string - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- Phase2Encryption string
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- string
- Pre-Shared Key.
- Primary
Cloud stringGateway Name - Primary cloud gateway name.
- Private
Route boolEncryption - Private route encryption switch. Valid values: true, false.
- Remote
Destination []stringReal Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- Remote
Destination []stringVirtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- Remote
Gateway stringIp - Remote gateway IP.
- Remote
Gateway float64Latitude - Latitude of remote gateway. Does not support refresh.
- Remote
Gateway float64Longitude - Longitude of remote gateway. Does not support refresh.
- Remote
Gateway stringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- Remote
Identifier string - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- Remote
Source []stringReal Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- Remote
Source []stringVirtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- Remote
Subnet stringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- Remote
Subnet stringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - Remote
Tunnel stringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- Route
Table []stringLists - Route tables to modify.
- Ssl
Server stringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- Tunnel
Type string - Site2Cloud tunnel type. Valid Values: "policy", "route".
- Vpc
Id string - VPC ID of the cloud gateway.
- auth
Type String - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup
Gateway StringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup
Local StringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- String
- Backup Pre-Shared Key.
- backup
Remote StringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup
Remote DoubleGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- backup
Remote DoubleGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- backup
Remote StringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup
Remote StringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca
Cert StringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- connection
Name String - Site2Cloud connection name.
- connection
Type String - Connection type. Valid Values: "mapped", "unmapped".
- custom
Algorithms Boolean - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom
Mapped Boolean - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable
Active BooleanActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable
Dead BooleanPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable
Ikev2 Boolean - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable
Single BooleanIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward
Traffic BooleanTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha
Enabled Boolean - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local
Destination List<String>Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local
Destination List<String>Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local
Source List<String>Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local
Source List<String>Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local
Subnet StringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local
Subnet StringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local
Tunnel StringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1Authentication String
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1Dh
Groups String - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1Encryption String
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2Authentication String
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2Dh
Groups String - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2Encryption String
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- String
- Pre-Shared Key.
- primary
Cloud StringGateway Name - Primary cloud gateway name.
- private
Route BooleanEncryption - Private route encryption switch. Valid values: true, false.
- remote
Destination List<String>Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote
Destination List<String>Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote
Gateway StringIp - Remote gateway IP.
- remote
Gateway DoubleLatitude - Latitude of remote gateway. Does not support refresh.
- remote
Gateway DoubleLongitude - Longitude of remote gateway. Does not support refresh.
- remote
Gateway StringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- remote
Identifier String - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote
Source List<String>Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote
Source List<String>Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote
Subnet StringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote
Subnet StringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote
Tunnel StringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route
Table List<String>Lists - Route tables to modify.
- ssl
Server StringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- tunnel
Type String - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc
Id String - VPC ID of the cloud gateway.
- auth
Type string - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup
Gateway stringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup
Local stringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- string
- Backup Pre-Shared Key.
- backup
Remote stringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup
Remote numberGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- backup
Remote numberGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- backup
Remote stringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup
Remote stringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca
Cert stringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- connection
Name string - Site2Cloud connection name.
- connection
Type string - Connection type. Valid Values: "mapped", "unmapped".
- custom
Algorithms boolean - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom
Mapped boolean - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable
Active booleanActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable
Dead booleanPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable
Event booleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable
Ikev2 boolean - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable
Single booleanIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward
Traffic booleanTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha
Enabled boolean - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local
Destination string[]Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local
Destination string[]Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local
Source string[]Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local
Source string[]Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local
Subnet stringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local
Subnet stringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local
Tunnel stringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1Authentication string
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1Dh
Groups string - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1Encryption string
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers string[] - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2Authentication string
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2Dh
Groups string - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2Encryption string
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- string
- Pre-Shared Key.
- primary
Cloud stringGateway Name - Primary cloud gateway name.
- private
Route booleanEncryption - Private route encryption switch. Valid values: true, false.
- remote
Destination string[]Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote
Destination string[]Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote
Gateway stringIp - Remote gateway IP.
- remote
Gateway numberLatitude - Latitude of remote gateway. Does not support refresh.
- remote
Gateway numberLongitude - Longitude of remote gateway. Does not support refresh.
- remote
Gateway stringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- remote
Identifier string - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote
Source string[]Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote
Source string[]Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote
Subnet stringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote
Subnet stringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote
Tunnel stringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route
Table string[]Lists - Route tables to modify.
- ssl
Server stringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- tunnel
Type string - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc
Id string - VPC ID of the cloud gateway.
- auth_
type str - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup_
gateway_ strname - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup_
local_ strtunnel_ ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- str
- Backup Pre-Shared Key.
- backup_
remote_ strgateway_ ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup_
remote_ floatgateway_ latitude - Latitude of backup remote gateway. Does not support refresh.
- backup_
remote_ floatgateway_ longitude - Longitude of backup remote gateway. Does not support refresh.
- backup_
remote_ stridentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup_
remote_ strtunnel_ ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca_
cert_ strtag_ name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- connection_
name str - Site2Cloud connection name.
- connection_
type str - Connection type. Valid Values: "mapped", "unmapped".
- custom_
algorithms bool - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom_
mapped bool - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable_
active_ boolactive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable_
dead_ boolpeer_ detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable_
event_ booltriggered_ ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable_
ikev2 bool - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable_
single_ boolip_ ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward_
traffic_ boolto_ transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha_
enabled bool - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local_
destination_ Sequence[str]real_ cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local_
destination_ Sequence[str]virtual_ cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local_
source_ Sequence[str]real_ cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local_
source_ Sequence[str]virtual_ cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local_
subnet_ strcidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local_
subnet_ strvirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local_
tunnel_ strip - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1_
authentication str - Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1_
dh_ strgroups - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1_
encryption str - Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1_
remote_ Sequence[str]identifiers - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2_
authentication str - Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2_
dh_ strgroups - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2_
encryption str - Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- str
- Pre-Shared Key.
- primary_
cloud_ strgateway_ name - Primary cloud gateway name.
- private_
route_ boolencryption - Private route encryption switch. Valid values: true, false.
- remote_
destination_ Sequence[str]real_ cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote_
destination_ Sequence[str]virtual_ cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote_
gateway_ strip - Remote gateway IP.
- remote_
gateway_ floatlatitude - Latitude of remote gateway. Does not support refresh.
- remote_
gateway_ floatlongitude - Longitude of remote gateway. Does not support refresh.
- remote_
gateway_ strtype - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- remote_
identifier str - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote_
source_ Sequence[str]real_ cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote_
source_ Sequence[str]virtual_ cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote_
subnet_ strcidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote_
subnet_ strvirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote_
tunnel_ strip - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route_
table_ Sequence[str]lists - Route tables to modify.
- ssl_
server_ strpool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- tunnel_
type str - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc_
id str - VPC ID of the cloud gateway.
- auth
Type String - Authentication Type. Valid values: 'PSK' and 'Cert'. Default value: 'PSK'.
- backup
Gateway StringName - Backup gateway name. NOTE: Please see notes here regarding HA requirements.
- backup
Local StringTunnel Ip - Backup local tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- String
- Backup Pre-Shared Key.
- backup
Remote StringGateway Ip - Backup Remote Gateway IP. NOTE: Please see notes here regarding HA requirements.
- backup
Remote NumberGateway Latitude - Latitude of backup remote gateway. Does not support refresh.
- backup
Remote NumberGateway Longitude - Longitude of backup remote gateway. Does not support refresh.
- backup
Remote StringIdentifier - Backup remote identifier. Required for Cert based authentication type with HA enabled. Example: "gw-10-10-0-116".
- backup
Remote StringTunnel Ip - Backup remote tunnel IP address. Only valid when HA enabled route based connection. Available as of provider version R2.19+.
- ca
Cert StringTag Name - Name of Remote CA Certificate Tag for creating Site2Cloud tunnels. Required for Cert based authentication type.
- connection
Name String - Site2Cloud connection name.
- connection
Type String - Connection type. Valid Values: "mapped", "unmapped".
- custom
Algorithms Boolean - Switch to enable custom/non-default algorithms for IPSec Authentication/Encryption. Valid values: true, false. NOTE: Please see notes here for more information.
- custom
Mapped Boolean - Enable custom mapped connection. Default value: false. Valid values: true/false. Available in provider version R2.17.1+.
- enable
Active BooleanActive - Enable/disable active active HA for an existing site2cloud connection. Valid values: true, false. Default value: false.
- enable
Dead BooleanPeer Detection - Enable/disable Deed Peer Detection for an existing site2cloud connection. Default value: true. NOTE: Please see notes here in regards to any deltas found in your state with the addition of this argument in R1.9
- enable
Event BooleanTriggered Ha - Enable Event Triggered HA. Default value: false. Valid values: true or false. Available as of provider version R2.19+.
- enable
Ikev2 Boolean - Switch to enable IKEv2. Valid values: true, false. Default value: false.
- enable
Single BooleanIp Ha - Enable single IP HA feature. Available as of provider version 2.19+.
- forward
Traffic BooleanTo Transit - Enable spoke gateway with mapped site2cloud configurations to forward traffic from site2cloud connection to Aviatrix Transit Gateway. Default value: false. Valid values: true or false. Available in provider version 2.17.2+.
- ha
Enabled Boolean - Specify whether or not to enable HA. Valid Values: true, false. NOTE: Please see notes here regarding HA requirements.
- local
Destination List<String>Real Cidrs - List of Local Initiated Traffic Destination Real CIDRs.
- local
Destination List<String>Virtual Cidrs - List of Local Initiated Traffic Destination Virtual CIDRs.
- local
Source List<String>Real Cidrs - List of Local Initiated Traffic Source Real CIDRs.
- local
Source List<String>Virtual Cidrs - List of Local Initiated Traffic Source Virtual CIDRs.
- local
Subnet StringCidr - Local subnet CIDR. Required for connection type "mapped", except for
custom_mappedconnection. - local
Subnet StringVirtual - Local subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - local
Tunnel StringIp - Local tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- phase1Authentication String
- Phase one Authentication. Valid values: "SHA-1", "SHA-256", "SHA-384" and "SHA-512". Default value: "SHA-256".
- phase1Dh
Groups String - Phase one DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase1Encryption String
- Phase one Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", and "AES-256-GCM-128". Default value: "AES-256-CBC".
- phase1Remote
Identifiers List<String> - Phase 1 remote identifier of the IPsec tunnel. This can be configured to be either the public IP address or the private IP address of the peer terminating the IPsec tunnel. Example: ["1.2.3.4"] when HA is disabled, ["1.2.3.4", "5.6.7.8"] when HA is enabled. Available as of provider version R2.19+.
- phase2Authentication String
- Phase two Authentication. Valid values: "NO-AUTH", "HMAC-SHA-1", "HMAC-SHA-256", "HMAC-SHA-384" and "HMAC-SHA-512". Default value: "HMAC-SHA-256".
- phase2Dh
Groups String - Phase two DH Groups. Valid values: "1", "2", "5", "14", "15", "16", "17", "18", "19", "20" and "21". Default value: "14".
- phase2Encryption String
- Phase two Encryption. Valid values: "3DES", "AES-128-CBC", "AES-192-CBC", "AES-256-CBC", "AES-128-GCM-64", "AES-128-GCM-96", "AES-128-GCM-128", "AES-256-GCM-64", "AES-256-GCM-96", "AES-256-GCM-128" and "NULL-ENCR". Default value: "AES-256-CBC".
- String
- Pre-Shared Key.
- primary
Cloud StringGateway Name - Primary cloud gateway name.
- private
Route BooleanEncryption - Private route encryption switch. Valid values: true, false.
- remote
Destination List<String>Real Cidrs - List of Remote Initiated Traffic Destination Real CIDRs.
- remote
Destination List<String>Virtual Cidrs - List of Remote Initiated Traffic Destination Virtual CIDRs.
- remote
Gateway StringIp - Remote gateway IP.
- remote
Gateway NumberLatitude - Latitude of remote gateway. Does not support refresh.
- remote
Gateway NumberLongitude - Longitude of remote gateway. Does not support refresh.
- remote
Gateway StringType - Remote gateway type. Valid Values: "generic", "avx", "aws", "azure", "sonicwall", "oracle".
- remote
Identifier String - Remote identifier. Required for Cert based authentication type. Example: "gw-10-10-0-115".
- remote
Source List<String>Real Cidrs - List of Remote Initiated Traffic Source Real CIDRs.
- remote
Source List<String>Virtual Cidrs - List of Remote Initiated Traffic Source Virtual CIDRs.
- remote
Subnet StringCidr - Remote subnet CIDR. Not required for custom_mapped connection.
- remote
Subnet StringVirtual - Remote subnet CIDR (Virtual). Required for connection type "mapped", except for
custom_mappedconnection. - remote
Tunnel StringIp - Remote tunnel IP address. Only valid for route based connection. Available as of provider version R2.19+.
- route
Table List<String>Lists - Route tables to modify.
- ssl
Server StringPool - Specify ssl_server_pool. Default value: "192.168.44.0/24". NOTE: Please see notes here for more information.
- tunnel
Type String - Site2Cloud tunnel type. Valid Values: "policy", "route".
- vpc
Id String - VPC ID of the cloud gateway.
Package Details
- Repository
- aviatrix astipkovits/pulumi-aviatrix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aviatrixTerraform Provider.