2015-05-01 18:23:39 +02:00
---
layout: "aws"
page_title: "AWS: aws_vpn_connection"
2015-05-04 00:40:10 +02:00
sidebar_current: "docs-aws-resource-vpn-connection"
2015-05-01 18:23:39 +02:00
description: |-
Provides a VPN connection connected to a VPC. These objects can be connected to customer gateways, and allow you to establish tunnels between your network and the VPC.
---
# aws\_vpn\_connection
Provides a VPN connection connected to a VPC. These objects can be connected to customer gateways, and allow you to establish tunnels between your network and the VPC.
## Example Usage
2017-04-17 12:17:54 +02:00
```hcl
2015-05-01 18:23:39 +02:00
resource "aws_vpc" "vpc" {
2017-02-18 23:48:50 +01:00
cidr_block = "10.0.0.0/16"
2015-05-01 18:23:39 +02:00
}
resource "aws_vpn_gateway" "vpn_gateway" {
2017-02-18 23:48:50 +01:00
vpc_id = "${aws_vpc.vpc.id}"
2015-05-01 18:23:39 +02:00
}
resource "aws_customer_gateway" "customer_gateway" {
2017-02-18 23:48:50 +01:00
bgp_asn = 65000
ip_address = "172.0.0.1"
type = "ipsec.1"
2015-05-01 18:23:39 +02:00
}
resource "aws_vpn_connection" "main" {
2017-02-18 23:48:50 +01:00
vpn_gateway_id = "${aws_vpn_gateway.vpn_gateway.id}"
customer_gateway_id = "${aws_customer_gateway.customer_gateway.id}"
type = "ipsec.1"
static_routes_only = true
2015-05-01 18:23:39 +02:00
}
```
## Argument Reference
The following arguments are supported:
* `customer_gateway_id` - (Required) The ID of the customer gateway.
2016-11-07 17:12:41 +01:00
* `static_routes_only` - (Optional, Default `false` ) Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP.
2015-05-02 02:39:42 +02:00
* `tags` - (Optional) Tags to apply to the connection.
2015-05-01 18:23:39 +02:00
* `type` - (Required) The type of VPN connection. The only type AWS supports at this time is "ipsec.1".
* `vpn_gateway_id` - (Required) The ID of the virtual private gateway.
2015-05-29 03:00:44 +02:00
## Attribute Reference
2015-05-01 18:23:39 +02:00
The following attributes are exported:
* `id` - The amazon-assigned ID of the VPN connection.
* `customer_gateway_configuration` - The configuration information for the VPN connection's customer gateway (in the native XML format).
* `customer_gateway_id` - The ID of the customer gateway to which the connection is attached.
* `static_routes_only` - Whether the VPN connection uses static routes exclusively.
* `tags` - Tags applied to the connection.
2016-02-06 21:49:55 +01:00
* `tunnel1_address` - The public IP address of the first VPN tunnel.
2017-05-31 20:03:13 +02:00
* `tunnel1_cgw_inside_address` - The RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side).
* `tunnel1_vgw_inside_address` - The RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side).
2016-02-06 21:49:55 +01:00
* `tunnel1_preshared_key` - The preshared key of the first VPN tunnel.
* `tunnel2_address` - The public IP address of the second VPN tunnel.
2017-05-31 20:03:13 +02:00
* `tunnel2_cgw_inside_address` - The RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side).
* `tunnel2_vgw_inside_address` - The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
2016-02-06 21:49:55 +01:00
* `tunnel2_preshared_key` - The preshared key of the second VPN tunnel.
2015-05-01 18:23:39 +02:00
* `type` - The type of VPN connection.
* `vpn_gateway_id` - The ID of the virtual private gateway to which the connection is attached.
2016-07-19 18:22:30 +02:00
## Import
2017-02-18 23:48:50 +01:00
VPN Connections can be imported using the `vpn connection id` , e.g.
2016-07-19 18:22:30 +02:00
```
2016-07-21 00:28:59 +02:00
$ terraform import aws_vpn_connection.testvpnconnection vpn-40f41529
2016-07-19 18:22:30 +02:00
```