Docs Home
ionoscloud 6.7.6 published on Monday, Apr 14, 2025 by ionos-cloud
ionoscloud.VpnIpsecTunnel
Explore with Pulumi AI
ionoscloud 6.7.6 published on Monday, Apr 14, 2025 by ionos-cloud
An IPSec Gateway Tunnel resource manages the creation, management, and deletion of VPN IPSec Gateway Tunnels within the IONOS Cloud infrastructure. This resource facilitates the creation of VPN IPSec Gateway Tunnels, enabling secure connections between your network resources.
Usage example
import * as pulumi from "@pulumi/pulumi";
import * as ionoscloud from "@pulumi/ionoscloud";
// Basic example
const testDatacenter = new ionoscloud.Datacenter("testDatacenter", {location: "de/fra"});
const testLan = new ionoscloud.Lan("testLan", {
"public": false,
datacenterId: testDatacenter.datacenterId,
});
const testIpblock = new ionoscloud.Ipblock("testIpblock", {
location: "de/fra",
size: 1,
});
const exampleVpnIpsecGateway = new ionoscloud.VpnIpsecGateway("exampleVpnIpsecGateway", {
location: "de/fra",
gatewayIp: testIpblock.ips[0],
version: "IKEv2",
description: "This gateway connects site A to VDC X.",
connections: [{
datacenterId: testDatacenter.datacenterId,
lanId: testLan.lanId,
ipv4Cidr: "192.168.100.10/24",
}],
});
const exampleVpnIpsecTunnel = new ionoscloud.VpnIpsecTunnel("exampleVpnIpsecTunnel", {
location: "de/fra",
gatewayId: exampleVpnIpsecGateway.vpnIpsecGatewayId,
remoteHost: "vpn.mycompany.com",
description: "Allows local subnet X to connect to virtual network Y.",
auth: {
method: "PSK",
pskKey: "X2wosbaw74M8hQGbK3jCCaEusR6CCFRa",
},
ike: {
diffieHellmanGroup: "16-MODP4096",
encryptionAlgorithm: "AES256",
integrityAlgorithm: "SHA256",
lifetime: 86400,
},
esps: [{
diffieHellmanGroup: "16-MODP4096",
encryptionAlgorithm: "AES256",
integrityAlgorithm: "SHA256",
lifetime: 3600,
}],
cloudNetworkCidrs: ["0.0.0.0/0"],
peerNetworkCidrs: ["1.2.3.4/32"],
});
import pulumi
import pulumi_ionoscloud as ionoscloud
# Basic example
test_datacenter = ionoscloud.Datacenter("testDatacenter", location="de/fra")
test_lan = ionoscloud.Lan("testLan",
public=False,
datacenter_id=test_datacenter.datacenter_id)
test_ipblock = ionoscloud.Ipblock("testIpblock",
location="de/fra",
size=1)
example_vpn_ipsec_gateway = ionoscloud.VpnIpsecGateway("exampleVpnIpsecGateway",
location="de/fra",
gateway_ip=test_ipblock.ips[0],
version="IKEv2",
description="This gateway connects site A to VDC X.",
connections=[{
"datacenter_id": test_datacenter.datacenter_id,
"lan_id": test_lan.lan_id,
"ipv4_cidr": "192.168.100.10/24",
}])
example_vpn_ipsec_tunnel = ionoscloud.VpnIpsecTunnel("exampleVpnIpsecTunnel",
location="de/fra",
gateway_id=example_vpn_ipsec_gateway.vpn_ipsec_gateway_id,
remote_host="vpn.mycompany.com",
description="Allows local subnet X to connect to virtual network Y.",
auth={
"method": "PSK",
"psk_key": "X2wosbaw74M8hQGbK3jCCaEusR6CCFRa",
},
ike={
"diffie_hellman_group": "16-MODP4096",
"encryption_algorithm": "AES256",
"integrity_algorithm": "SHA256",
"lifetime": 86400,
},
esps=[{
"diffie_hellman_group": "16-MODP4096",
"encryption_algorithm": "AES256",
"integrity_algorithm": "SHA256",
"lifetime": 3600,
}],
cloud_network_cidrs=["0.0.0.0/0"],
peer_network_cidrs=["1.2.3.4/32"])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ionoscloud/v6/ionoscloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Basic example
testDatacenter, err := ionoscloud.NewDatacenter(ctx, "testDatacenter", &ionoscloud.DatacenterArgs{
Location: pulumi.String("de/fra"),
})
if err != nil {
return err
}
testLan, err := ionoscloud.NewLan(ctx, "testLan", &ionoscloud.LanArgs{
Public: pulumi.Bool(false),
DatacenterId: testDatacenter.DatacenterId,
})
if err != nil {
return err
}
testIpblock, err := ionoscloud.NewIpblock(ctx, "testIpblock", &ionoscloud.IpblockArgs{
Location: pulumi.String("de/fra"),
Size: pulumi.Float64(1),
})
if err != nil {
return err
}
exampleVpnIpsecGateway, err := ionoscloud.NewVpnIpsecGateway(ctx, "exampleVpnIpsecGateway", &ionoscloud.VpnIpsecGatewayArgs{
Location: pulumi.String("de/fra"),
GatewayIp: testIpblock.Ips.ApplyT(func(ips []string) (string, error) {
return ips[0], nil
}).(pulumi.StringOutput),
Version: pulumi.String("IKEv2"),
Description: pulumi.String("This gateway connects site A to VDC X."),
Connections: ionoscloud.VpnIpsecGatewayConnectionArray{
&ionoscloud.VpnIpsecGatewayConnectionArgs{
DatacenterId: testDatacenter.DatacenterId,
LanId: testLan.LanId,
Ipv4Cidr: pulumi.String("192.168.100.10/24"),
},
},
})
if err != nil {
return err
}
_, err = ionoscloud.NewVpnIpsecTunnel(ctx, "exampleVpnIpsecTunnel", &ionoscloud.VpnIpsecTunnelArgs{
Location: pulumi.String("de/fra"),
GatewayId: exampleVpnIpsecGateway.VpnIpsecGatewayId,
RemoteHost: pulumi.String("vpn.mycompany.com"),
Description: pulumi.String("Allows local subnet X to connect to virtual network Y."),
Auth: &ionoscloud.VpnIpsecTunnelAuthArgs{
Method: pulumi.String("PSK"),
PskKey: pulumi.String("X2wosbaw74M8hQGbK3jCCaEusR6CCFRa"),
},
Ike: &ionoscloud.VpnIpsecTunnelIkeArgs{
DiffieHellmanGroup: pulumi.String("16-MODP4096"),
EncryptionAlgorithm: pulumi.String("AES256"),
IntegrityAlgorithm: pulumi.String("SHA256"),
Lifetime: pulumi.Float64(86400),
},
Esps: ionoscloud.VpnIpsecTunnelEspArray{
&ionoscloud.VpnIpsecTunnelEspArgs{
DiffieHellmanGroup: pulumi.String("16-MODP4096"),
EncryptionAlgorithm: pulumi.String("AES256"),
IntegrityAlgorithm: pulumi.String("SHA256"),
Lifetime: pulumi.Float64(3600),
},
},
CloudNetworkCidrs: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
PeerNetworkCidrs: pulumi.StringArray{
pulumi.String("1.2.3.4/32"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ionoscloud = Pulumi.Ionoscloud;
return await Deployment.RunAsync(() =>
{
// Basic example
var testDatacenter = new Ionoscloud.Datacenter("testDatacenter", new()
{
Location = "de/fra",
});
var testLan = new Ionoscloud.Lan("testLan", new()
{
Public = false,
DatacenterId = testDatacenter.DatacenterId,
});
var testIpblock = new Ionoscloud.Ipblock("testIpblock", new()
{
Location = "de/fra",
Size = 1,
});
var exampleVpnIpsecGateway = new Ionoscloud.VpnIpsecGateway("exampleVpnIpsecGateway", new()
{
Location = "de/fra",
GatewayIp = testIpblock.Ips.Apply(ips => ips[0]),
Version = "IKEv2",
Description = "This gateway connects site A to VDC X.",
Connections = new[]
{
new Ionoscloud.Inputs.VpnIpsecGatewayConnectionArgs
{
DatacenterId = testDatacenter.DatacenterId,
LanId = testLan.LanId,
Ipv4Cidr = "192.168.100.10/24",
},
},
});
var exampleVpnIpsecTunnel = new Ionoscloud.VpnIpsecTunnel("exampleVpnIpsecTunnel", new()
{
Location = "de/fra",
GatewayId = exampleVpnIpsecGateway.VpnIpsecGatewayId,
RemoteHost = "vpn.mycompany.com",
Description = "Allows local subnet X to connect to virtual network Y.",
Auth = new Ionoscloud.Inputs.VpnIpsecTunnelAuthArgs
{
Method = "PSK",
PskKey = "X2wosbaw74M8hQGbK3jCCaEusR6CCFRa",
},
Ike = new Ionoscloud.Inputs.VpnIpsecTunnelIkeArgs
{
DiffieHellmanGroup = "16-MODP4096",
EncryptionAlgorithm = "AES256",
IntegrityAlgorithm = "SHA256",
Lifetime = 86400,
},
Esps = new[]
{
new Ionoscloud.Inputs.VpnIpsecTunnelEspArgs
{
DiffieHellmanGroup = "16-MODP4096",
EncryptionAlgorithm = "AES256",
IntegrityAlgorithm = "SHA256",
Lifetime = 3600,
},
},
CloudNetworkCidrs = new[]
{
"0.0.0.0/0",
},
PeerNetworkCidrs = new[]
{
"1.2.3.4/32",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ionoscloud.Datacenter;
import com.pulumi.ionoscloud.DatacenterArgs;
import com.pulumi.ionoscloud.Lan;
import com.pulumi.ionoscloud.LanArgs;
import com.pulumi.ionoscloud.Ipblock;
import com.pulumi.ionoscloud.IpblockArgs;
import com.pulumi.ionoscloud.VpnIpsecGateway;
import com.pulumi.ionoscloud.VpnIpsecGatewayArgs;
import com.pulumi.ionoscloud.inputs.VpnIpsecGatewayConnectionArgs;
import com.pulumi.ionoscloud.VpnIpsecTunnel;
import com.pulumi.ionoscloud.VpnIpsecTunnelArgs;
import com.pulumi.ionoscloud.inputs.VpnIpsecTunnelAuthArgs;
import com.pulumi.ionoscloud.inputs.VpnIpsecTunnelIkeArgs;
import com.pulumi.ionoscloud.inputs.VpnIpsecTunnelEspArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Basic example
var testDatacenter = new Datacenter("testDatacenter", DatacenterArgs.builder()
.location("de/fra")
.build());
var testLan = new Lan("testLan", LanArgs.builder()
.public_(false)
.datacenterId(testDatacenter.datacenterId())
.build());
var testIpblock = new Ipblock("testIpblock", IpblockArgs.builder()
.location("de/fra")
.size(1)
.build());
var exampleVpnIpsecGateway = new VpnIpsecGateway("exampleVpnIpsecGateway", VpnIpsecGatewayArgs.builder()
.location("de/fra")
.gatewayIp(testIpblock.ips().applyValue(ips -> ips[0]))
.version("IKEv2")
.description("This gateway connects site A to VDC X.")
.connections(VpnIpsecGatewayConnectionArgs.builder()
.datacenterId(testDatacenter.datacenterId())
.lanId(testLan.lanId())
.ipv4Cidr("192.168.100.10/24")
.build())
.build());
var exampleVpnIpsecTunnel = new VpnIpsecTunnel("exampleVpnIpsecTunnel", VpnIpsecTunnelArgs.builder()
.location("de/fra")
.gatewayId(exampleVpnIpsecGateway.vpnIpsecGatewayId())
.remoteHost("vpn.mycompany.com")
.description("Allows local subnet X to connect to virtual network Y.")
.auth(VpnIpsecTunnelAuthArgs.builder()
.method("PSK")
.pskKey("X2wosbaw74M8hQGbK3jCCaEusR6CCFRa")
.build())
.ike(VpnIpsecTunnelIkeArgs.builder()
.diffieHellmanGroup("16-MODP4096")
.encryptionAlgorithm("AES256")
.integrityAlgorithm("SHA256")
.lifetime(86400)
.build())
.esps(VpnIpsecTunnelEspArgs.builder()
.diffieHellmanGroup("16-MODP4096")
.encryptionAlgorithm("AES256")
.integrityAlgorithm("SHA256")
.lifetime(3600)
.build())
.cloudNetworkCidrs("0.0.0.0/0")
.peerNetworkCidrs("1.2.3.4/32")
.build());
}
}
resources:
# Basic example
testDatacenter:
type: ionoscloud:Datacenter
properties:
location: de/fra
testLan:
type: ionoscloud:Lan
properties:
public: false
datacenterId: ${testDatacenter.datacenterId}
testIpblock:
type: ionoscloud:Ipblock
properties:
location: de/fra
size: 1
exampleVpnIpsecGateway:
type: ionoscloud:VpnIpsecGateway
properties:
location: de/fra
gatewayIp: ${testIpblock.ips[0]}
version: IKEv2
description: This gateway connects site A to VDC X.
connections:
- datacenterId: ${testDatacenter.datacenterId}
lanId: ${testLan.lanId}
ipv4Cidr: 192.168.100.10/24
exampleVpnIpsecTunnel:
type: ionoscloud:VpnIpsecTunnel
properties:
location: de/fra
gatewayId: ${exampleVpnIpsecGateway.vpnIpsecGatewayId}
remoteHost: vpn.mycompany.com
description: Allows local subnet X to connect to virtual network Y.
auth:
method: PSK
pskKey: X2wosbaw74M8hQGbK3jCCaEusR6CCFRa
ike:
diffieHellmanGroup: 16-MODP4096
encryptionAlgorithm: AES256
integrityAlgorithm: SHA256
lifetime: 86400
esps:
- diffieHellmanGroup: 16-MODP4096
encryptionAlgorithm: AES256
integrityAlgorithm: SHA256
lifetime: 3600
cloudNetworkCidrs:
- 0.0.0.0/0
peerNetworkCidrs:
- 1.2.3.4/32
Create VpnIpsecTunnel Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpnIpsecTunnel(name: string, args: VpnIpsecTunnelArgs, opts?: CustomResourceOptions);@overload
def VpnIpsecTunnel(resource_name: str,
args: VpnIpsecTunnelArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpnIpsecTunnel(resource_name: str,
opts: Optional[ResourceOptions] = None,
auth: Optional[VpnIpsecTunnelAuthArgs] = None,
cloud_network_cidrs: Optional[Sequence[str]] = None,
esps: Optional[Sequence[VpnIpsecTunnelEspArgs]] = None,
gateway_id: Optional[str] = None,
ike: Optional[VpnIpsecTunnelIkeArgs] = None,
peer_network_cidrs: Optional[Sequence[str]] = None,
remote_host: Optional[str] = None,
description: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
timeouts: Optional[VpnIpsecTunnelTimeoutsArgs] = None,
vpn_ipsec_tunnel_id: Optional[str] = None)func NewVpnIpsecTunnel(ctx *Context, name string, args VpnIpsecTunnelArgs, opts ...ResourceOption) (*VpnIpsecTunnel, error)public VpnIpsecTunnel(string name, VpnIpsecTunnelArgs args, CustomResourceOptions? opts = null)public VpnIpsecTunnel(String name, VpnIpsecTunnelArgs args)
public VpnIpsecTunnel(String name, VpnIpsecTunnelArgs args, CustomResourceOptions options)
type: ionoscloud:VpnIpsecTunnel
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VpnIpsecTunnelArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. VpnIpsecTunnelArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VpnIpsecTunnelArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VpnIpsecTunnelArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. VpnIpsecTunnelArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpnIpsecTunnelResource = new Ionoscloud.VpnIpsecTunnel("vpnIpsecTunnelResource", new()
{
Auth = new Ionoscloud.Inputs.VpnIpsecTunnelAuthArgs
{
Method = "string",
PskKey = "string",
},
CloudNetworkCidrs = new[]
{
"string",
},
Esps = new[]
{
new Ionoscloud.Inputs.VpnIpsecTunnelEspArgs
{
DiffieHellmanGroup = "string",
EncryptionAlgorithm = "string",
IntegrityAlgorithm = "string",
Lifetime = 0,
},
},
GatewayId = "string",
Ike = new Ionoscloud.Inputs.VpnIpsecTunnelIkeArgs
{
DiffieHellmanGroup = "string",
EncryptionAlgorithm = "string",
IntegrityAlgorithm = "string",
Lifetime = 0,
},
PeerNetworkCidrs = new[]
{
"string",
},
RemoteHost = "string",
Description = "string",
Location = "string",
Name = "string",
Timeouts = new Ionoscloud.Inputs.VpnIpsecTunnelTimeoutsArgs
{
Create = "string",
Default = "string",
Delete = "string",
Update = "string",
},
VpnIpsecTunnelId = "string",
});
example, err := ionoscloud.NewVpnIpsecTunnel(ctx, "vpnIpsecTunnelResource", &ionoscloud.VpnIpsecTunnelArgs{
Auth: &.VpnIpsecTunnelAuthArgs{
Method: pulumi.String("string"),
PskKey: pulumi.String("string"),
},
CloudNetworkCidrs: pulumi.StringArray{
pulumi.String("string"),
},
Esps: .VpnIpsecTunnelEspArray{
&.VpnIpsecTunnelEspArgs{
DiffieHellmanGroup: pulumi.String("string"),
EncryptionAlgorithm: pulumi.String("string"),
IntegrityAlgorithm: pulumi.String("string"),
Lifetime: pulumi.Float64(0),
},
},
GatewayId: pulumi.String("string"),
Ike: &.VpnIpsecTunnelIkeArgs{
DiffieHellmanGroup: pulumi.String("string"),
EncryptionAlgorithm: pulumi.String("string"),
IntegrityAlgorithm: pulumi.String("string"),
Lifetime: pulumi.Float64(0),
},
PeerNetworkCidrs: pulumi.StringArray{
pulumi.String("string"),
},
RemoteHost: pulumi.String("string"),
Description: pulumi.String("string"),
Location: pulumi.String("string"),
Name: pulumi.String("string"),
Timeouts: &.VpnIpsecTunnelTimeoutsArgs{
Create: pulumi.String("string"),
Default: pulumi.String("string"),
Delete: pulumi.String("string"),
Update: pulumi.String("string"),
},
VpnIpsecTunnelId: pulumi.String("string"),
})
var vpnIpsecTunnelResource = new VpnIpsecTunnel("vpnIpsecTunnelResource", VpnIpsecTunnelArgs.builder()
.auth(VpnIpsecTunnelAuthArgs.builder()
.method("string")
.pskKey("string")
.build())
.cloudNetworkCidrs("string")
.esps(VpnIpsecTunnelEspArgs.builder()
.diffieHellmanGroup("string")
.encryptionAlgorithm("string")
.integrityAlgorithm("string")
.lifetime(0)
.build())
.gatewayId("string")
.ike(VpnIpsecTunnelIkeArgs.builder()
.diffieHellmanGroup("string")
.encryptionAlgorithm("string")
.integrityAlgorithm("string")
.lifetime(0)
.build())
.peerNetworkCidrs("string")
.remoteHost("string")
.description("string")
.location("string")
.name("string")
.timeouts(VpnIpsecTunnelTimeoutsArgs.builder()
.create("string")
.default_("string")
.delete("string")
.update("string")
.build())
.vpnIpsecTunnelId("string")
.build());
vpn_ipsec_tunnel_resource = ionoscloud.VpnIpsecTunnel("vpnIpsecTunnelResource",
auth={
"method": "string",
"psk_key": "string",
},
cloud_network_cidrs=["string"],
esps=[{
"diffie_hellman_group": "string",
"encryption_algorithm": "string",
"integrity_algorithm": "string",
"lifetime": 0,
}],
gateway_id="string",
ike={
"diffie_hellman_group": "string",
"encryption_algorithm": "string",
"integrity_algorithm": "string",
"lifetime": 0,
},
peer_network_cidrs=["string"],
remote_host="string",
description="string",
location="string",
name="string",
timeouts={
"create": "string",
"default": "string",
"delete": "string",
"update": "string",
},
vpn_ipsec_tunnel_id="string")
const vpnIpsecTunnelResource = new ionoscloud.VpnIpsecTunnel("vpnIpsecTunnelResource", {
auth: {
method: "string",
pskKey: "string",
},
cloudNetworkCidrs: ["string"],
esps: [{
diffieHellmanGroup: "string",
encryptionAlgorithm: "string",
integrityAlgorithm: "string",
lifetime: 0,
}],
gatewayId: "string",
ike: {
diffieHellmanGroup: "string",
encryptionAlgorithm: "string",
integrityAlgorithm: "string",
lifetime: 0,
},
peerNetworkCidrs: ["string"],
remoteHost: "string",
description: "string",
location: "string",
name: "string",
timeouts: {
create: "string",
"default": "string",
"delete": "string",
update: "string",
},
vpnIpsecTunnelId: "string",
});
type: ionoscloud:VpnIpsecTunnel
properties:
auth:
method: string
pskKey: string
cloudNetworkCidrs:
- string
description: string
esps:
- diffieHellmanGroup: string
encryptionAlgorithm: string
integrityAlgorithm: string
lifetime: 0
gatewayId: string
ike:
diffieHellmanGroup: string
encryptionAlgorithm: string
integrityAlgorithm: string
lifetime: 0
location: string
name: string
peerNetworkCidrs:
- string
remoteHost: string
timeouts:
create: string
default: string
delete: string
update: string
vpnIpsecTunnelId: string
VpnIpsecTunnel Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VpnIpsecTunnel resource accepts the following input properties:
- Auth
This property is required. VpnIpsec Tunnel Auth - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- Cloud
Network Cidrs This property is required. List<string> - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Esps
This property is required. List<VpnIpsec Tunnel Esp> - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- Gateway
Id This property is required. string - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- Ike
This property is required. VpnIpsec Tunnel Ike - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- Peer
Network Cidrs This property is required. List<string> - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Remote
Host This property is required. string - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- Description string
- [string] The human-readable description of your IPSec Gateway Tunnel.
- Location string
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- Name string
- [string] The name of the IPSec Gateway Tunnel.
- Timeouts
Vpn
Ipsec Tunnel Timeouts - Vpn
Ipsec stringTunnel Id
- Auth
This property is required. VpnIpsec Tunnel Auth Args - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- Cloud
Network Cidrs This property is required. []string - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Esps
This property is required. []VpnIpsec Tunnel Esp Args - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- Gateway
Id This property is required. string - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- Ike
This property is required. VpnIpsec Tunnel Ike Args - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- Peer
Network Cidrs This property is required. []string - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Remote
Host This property is required. string - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- Description string
- [string] The human-readable description of your IPSec Gateway Tunnel.
- Location string
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- Name string
- [string] The name of the IPSec Gateway Tunnel.
- Timeouts
Vpn
Ipsec Tunnel Timeouts Args - Vpn
Ipsec stringTunnel Id
- auth
This property is required. VpnIpsec Tunnel Auth - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud
Network Cidrs This property is required. List<String> - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- esps
This property is required. List<VpnIpsec Tunnel Esp> - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway
Id This property is required. String - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
This property is required. VpnIpsec Tunnel Ike - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- peer
Network Cidrs This property is required. List<String> - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote
Host This property is required. String - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- description String
- [string] The human-readable description of your IPSec Gateway Tunnel.
- location String
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name String
- [string] The name of the IPSec Gateway Tunnel.
- timeouts
Vpn
Ipsec Tunnel Timeouts - vpn
Ipsec StringTunnel Id
- auth
This property is required. VpnIpsec Tunnel Auth - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud
Network Cidrs This property is required. string[] - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- esps
This property is required. VpnIpsec Tunnel Esp[] - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway
Id This property is required. string - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
This property is required. VpnIpsec Tunnel Ike - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- peer
Network Cidrs This property is required. string[] - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote
Host This property is required. string - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- description string
- [string] The human-readable description of your IPSec Gateway Tunnel.
- location string
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name string
- [string] The name of the IPSec Gateway Tunnel.
- timeouts
Vpn
Ipsec Tunnel Timeouts - vpn
Ipsec stringTunnel Id
- auth
This property is required. VpnIpsec Tunnel Auth Args - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud_
network_ cidrs This property is required. Sequence[str] - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- esps
This property is required. Sequence[VpnIpsec Tunnel Esp Args] - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway_
id This property is required. str - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
This property is required. VpnIpsec Tunnel Ike Args - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- peer_
network_ cidrs This property is required. Sequence[str] - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote_
host This property is required. str - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- description str
- [string] The human-readable description of your IPSec Gateway Tunnel.
- location str
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name str
- [string] The name of the IPSec Gateway Tunnel.
- timeouts
Vpn
Ipsec Tunnel Timeouts Args - vpn_
ipsec_ strtunnel_ id
- auth
This property is required. Property Map - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud
Network Cidrs This property is required. List<String> - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- esps
This property is required. List<Property Map> - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway
Id This property is required. String - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
This property is required. Property Map - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- peer
Network Cidrs This property is required. List<String> - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote
Host This property is required. String - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- description String
- [string] The human-readable description of your IPSec Gateway Tunnel.
- location String
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name String
- [string] The name of the IPSec Gateway Tunnel.
- timeouts Property Map
- vpn
Ipsec StringTunnel Id
Outputs
All input properties are implicitly available as output properties. Additionally, the VpnIpsecTunnel resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing VpnIpsecTunnel Resource
Get an existing VpnIpsecTunnel resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpnIpsecTunnelState, opts?: CustomResourceOptions): VpnIpsecTunnel@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auth: Optional[VpnIpsecTunnelAuthArgs] = None,
cloud_network_cidrs: Optional[Sequence[str]] = None,
description: Optional[str] = None,
esps: Optional[Sequence[VpnIpsecTunnelEspArgs]] = None,
gateway_id: Optional[str] = None,
ike: Optional[VpnIpsecTunnelIkeArgs] = None,
location: Optional[str] = None,
name: Optional[str] = None,
peer_network_cidrs: Optional[Sequence[str]] = None,
remote_host: Optional[str] = None,
timeouts: Optional[VpnIpsecTunnelTimeoutsArgs] = None,
vpn_ipsec_tunnel_id: Optional[str] = None) -> VpnIpsecTunnelfunc GetVpnIpsecTunnel(ctx *Context, name string, id IDInput, state *VpnIpsecTunnelState, opts ...ResourceOption) (*VpnIpsecTunnel, error)public static VpnIpsecTunnel Get(string name, Input<string> id, VpnIpsecTunnelState? state, CustomResourceOptions? opts = null)public static VpnIpsecTunnel get(String name, Output<String> id, VpnIpsecTunnelState state, CustomResourceOptions options)resources: _: type: ionoscloud:VpnIpsecTunnel get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Auth
Vpn
Ipsec Tunnel Auth - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- Cloud
Network List<string>Cidrs - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Description string
- [string] The human-readable description of your IPSec Gateway Tunnel.
- Esps
List<Vpn
Ipsec Tunnel Esp> - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- Gateway
Id string - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- Ike
Vpn
Ipsec Tunnel Ike - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- Location string
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- Name string
- [string] The name of the IPSec Gateway Tunnel.
- Peer
Network List<string>Cidrs - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Remote
Host string - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- Timeouts
Vpn
Ipsec Tunnel Timeouts - Vpn
Ipsec stringTunnel Id
- Auth
Vpn
Ipsec Tunnel Auth Args - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- Cloud
Network []stringCidrs - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Description string
- [string] The human-readable description of your IPSec Gateway Tunnel.
- Esps
[]Vpn
Ipsec Tunnel Esp Args - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- Gateway
Id string - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- Ike
Vpn
Ipsec Tunnel Ike Args - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- Location string
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- Name string
- [string] The name of the IPSec Gateway Tunnel.
- Peer
Network []stringCidrs - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- Remote
Host string - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- Timeouts
Vpn
Ipsec Tunnel Timeouts Args - Vpn
Ipsec stringTunnel Id
- auth
Vpn
Ipsec Tunnel Auth - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud
Network List<String>Cidrs - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- description String
- [string] The human-readable description of your IPSec Gateway Tunnel.
- esps
List<Vpn
Ipsec Tunnel Esp> - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway
Id String - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
Vpn
Ipsec Tunnel Ike - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- location String
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name String
- [string] The name of the IPSec Gateway Tunnel.
- peer
Network List<String>Cidrs - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote
Host String - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- timeouts
Vpn
Ipsec Tunnel Timeouts - vpn
Ipsec StringTunnel Id
- auth
Vpn
Ipsec Tunnel Auth - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud
Network string[]Cidrs - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- description string
- [string] The human-readable description of your IPSec Gateway Tunnel.
- esps
Vpn
Ipsec Tunnel Esp[] - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway
Id string - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
Vpn
Ipsec Tunnel Ike - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- location string
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name string
- [string] The name of the IPSec Gateway Tunnel.
- peer
Network string[]Cidrs - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote
Host string - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- timeouts
Vpn
Ipsec Tunnel Timeouts - vpn
Ipsec stringTunnel Id
- auth
Vpn
Ipsec Tunnel Auth Args - [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud_
network_ Sequence[str]cidrs - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- description str
- [string] The human-readable description of your IPSec Gateway Tunnel.
- esps
Sequence[Vpn
Ipsec Tunnel Esp Args] - [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway_
id str - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike
Vpn
Ipsec Tunnel Ike Args - [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- location str
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name str
- [string] The name of the IPSec Gateway Tunnel.
- peer_
network_ Sequence[str]cidrs - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote_
host str - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- timeouts
Vpn
Ipsec Tunnel Timeouts Args - vpn_
ipsec_ strtunnel_ id
- auth Property Map
- [string] Properties with all data needed to define IPSec Authentication. Minimum items: 1. Maximum items: 1.
- cloud
Network List<String>Cidrs - [list] The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- description String
- [string] The human-readable description of your IPSec Gateway Tunnel.
- esps List<Property Map>
- [list] Settings for the IPSec SA (ESP) phase. Minimum items: 1. Maximum items: 1.
- gateway
Id String - [string] The ID of the IPSec Gateway that the tunnel belongs to.
- ike Property Map
- [list] Settings for the initial security exchange phase. Minimum items: 1. Maximum items: 1.
- location String
- [string] The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par
- name String
- [string] The name of the IPSec Gateway Tunnel.
- peer
Network List<String>Cidrs - [list] The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses. Minimum items: 1. Maximum items: 20.
- remote
Host String - [string] The remote peer host fully qualified domain name or public IPV4 IP to connect to.
- timeouts Property Map
- vpn
Ipsec StringTunnel Id
Supporting Types
VpnIpsecTunnelAuth, VpnIpsecTunnelAuthArgs
, VpnIpsecTunnelAuthArgs
VpnIpsecTunnelEsp, VpnIpsecTunnelEspArgs
, VpnIpsecTunnelEspArgs
- Diffie
Hellman stringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - Encryption
Algorithm string - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - Integrity
Algorithm string - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - Lifetime double
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- Diffie
Hellman stringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - Encryption
Algorithm string - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - Integrity
Algorithm string - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - Lifetime float64
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie
Hellman StringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption
Algorithm String - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity
Algorithm String - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime Double
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie
Hellman stringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption
Algorithm string - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity
Algorithm string - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime number
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie_
hellman_ strgroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption_
algorithm str - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity_
algorithm str - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime float
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie
Hellman StringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption
Algorithm String - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity
Algorithm String - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime Number
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
VpnIpsecTunnelIke, VpnIpsecTunnelIkeArgs
, VpnIpsecTunnelIkeArgs
- Diffie
Hellman stringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - Encryption
Algorithm string - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - Integrity
Algorithm string - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - Lifetime double
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- Diffie
Hellman stringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - Encryption
Algorithm string - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - Integrity
Algorithm string - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - Lifetime float64
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie
Hellman StringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption
Algorithm String - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity
Algorithm String - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime Double
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie
Hellman stringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption
Algorithm string - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity
Algorithm string - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime number
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie_
hellman_ strgroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption_
algorithm str - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity_
algorithm str - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime float
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
- diffie
Hellman StringGroup - [string] The Diffie-Hellman Group to use for IPSec Encryption. Possible
values:
15-MODP3072,16-MODP4096,19-ECP256,20-ECP384,21-ECP521,28-ECP256BP,29-ECP384BP,30-ECP512BP. Default value:16-MODP4096. - encryption
Algorithm String - [string] The encryption algorithm to use for IPSec Encryption. Possible
values:
AES128,AES256,AES128-CTR,AES256-CTR,AES128-GCM-16,AES256-GCM-16,AES128-GCM-12,AES256-GCM-12,AES128-CCM-12,AES256-CCM-12. Default value:AES256. - integrity
Algorithm String - [string] The integrity algorithm to use for IPSec Encryption. Possible
values:
SHA256,SHA384,SHA512,AES-XCBC. Default value:SHA256. - lifetime Number
- [string] The phase lifetime in seconds. Minimum value:
3600. Maximum value:86400. Default value:86400.
VpnIpsecTunnelTimeouts, VpnIpsecTunnelTimeoutsArgs
, VpnIpsecTunnelTimeoutsArgs
Import
The resource can be imported using the location, gateway_id and tunnel_id, for example:
$ pulumi import ionoscloud:index/vpnIpsecTunnel:VpnIpsecTunnel example location:gateway_id:tunnel_id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ionoscloud ionos-cloud/terraform-provider-ionoscloud
- License
- Notes
- This Pulumi package is based on the
ionoscloudTerraform Provider.
ionoscloud 6.7.6 published on Monday, Apr 14, 2025 by ionos-cloud