| cgw_description |
The description of the VPN customer gateway instance. |
string |
false |
|
| cgw_id |
The customer gateway id used to connect with vpn gateway. |
string |
false |
|
| cgw_ip_address |
The IP address of the customer gateway. |
string |
false |
|
| cgw_name |
The name of the VPN customer gateway. Defaults to null. |
string |
false |
|
| ike_auth_alg |
The authentication algorithm of phase-one negotiation. Valid value: md5 |
sha1. Default value: sha1. |
string |
false |
| ike_enc_alg |
The encryption algorithm of phase-one negotiation. Valid value: aes |
aes192 |
aes256 |
des |
| ike_lifetime |
The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400. |
number |
false |
|
| ike_local_id |
The identification of the VPN gateway. |
string |
false |
|
| ike_mode |
The negotiation mode of IKE V1. Valid value: main (main mode) |
aggressive (aggressive mode). Default value: main. |
string |
false |
| ike_pfs |
The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 |
group2 |
group5 |
group14 |
| ike_remote_id |
The identification of the customer gateway. |
string |
false |
|
| ike_version |
The version of the IKE protocol. Valid value: ikev1 |
ikev2. Default value: ikev1. |
string |
false |
| ipsec_auth_alg |
The authentication algorithm of phase-two negotiation. Valid value: md5 |
sha1. Default value: sha1. |
string |
false |
| ipsec_connection_name |
The name of the IPsec connection. |
string |
false |
|
| ipsec_effect_immediately |
Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false. |
bool |
false |
|
| ipsec_enc_alg |
The encryption algorithm of phase-two negotiation. Valid value: aes |
aes192 |
aes256 |
des |
| ipsec_lifetime |
The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400. |
number |
false |
|
| ipsec_local_subnet |
The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation. |
list(string) |
false |
|
| ipsec_pfs |
The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 |
group2 |
group5 |
group14 |
| ipsec_remote_subnet |
The CIDR block of the local data center. This parameter is used for phase-two negotiation. |
list(string) |
false |
|
| psk |
Used for authentication between the IPsec VPN gateway and the customer gateway. |
string |
false |
|
| region |
(Deprecated from version 1.2.0) The region used to launch this module resources. |
string |
false |
|
| ssl_cipher |
The encryption algorithm used by the SSL-VPN server. Valid value: AES-128-CBC (default) |
AES-192-CBC |
AES-256-CBC |
none. |
| ssl_client_cert_names |
The names of the client certificates. |
list(string) |
false |
|
| ssl_client_ip_pool |
The CIDR block from which access addresses are allocated to the virtual network interface card of the client. |
string |
false |
|
| ssl_compress |
Specify whether to compress the communication. Valid value: true (default) |
false. |
bool |
false |
| ssl_local_subnet |
The CIDR block to be accessed by the client through the SSL-VPN connection. |
string |
false |
|
| ssl_port |
The port used by the SSL-VPN server. The default value is 1194.The following ports cannot be used: [22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, 4500]. |
number |
false |
|
| ssl_protocol |
The protocol used by the SSL-VPN server. Valid value: UDP(default) |
TCP. |
string |
false |
| ssl_vpn_server_name |
The name of the SSL-VPN server. |
string |
false |
|
| vpc_id |
The VPN belongs the vpc_id, the field can't be changed. |
string |
false |
|
| vpn_bandwidth |
The value should be 10, 100, 200, 500, 1000 if the user is postpaid, otherwise it can be 5, 10, 20, 50, 100, 200, 500, 1000. |
number |
false |
|
| vpn_charge_type |
The charge type for instance. Valid value: PostPaid, PrePaid. Default to PostPaid. |
string |
false |
|
| vpn_description |
The description of the VPN instance. |
string |
false |
|
| vpn_enable_ipsec |
Enable or Disable IPSec VPN. At least one type of VPN should be enabled. |
bool |
false |
|
| vpn_enable_ssl |
Enable or Disable SSL VPN. At least one type of VPN should be enabled. |
bool |
false |
|
| vpn_name |
Name of the VPN gateway. |
string |
false |
|
| vpn_period |
The filed is only required while the InstanceChargeType is prepaid. |
number |
false |
|
| vpn_ssl_connections |
The max connections of SSL VPN. Default to 5. This field is ignored when enable_ssl is false. |
number |
false |
|
| writeConnectionSecretToRef |
The secret which the cloud resource connection will be written to |
writeConnectionSecretToRef |
false |
|