Sign In to the Console
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS Documentation » AWS CloudFormation » User Guide » Template Reference » AWS Resource and Property Types Reference » Amazon EC2 Resource Types Reference » AWS::EC2::VPNConnection

AWS::EC2::VPNConnection

Creates a new VPN connection between an existing virtual private gateway and a VPN customer gateway.

For more information, see CreateVpnConnection in the Amazon EC2 API Reference.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
   "Type" : "AWS::EC2::VPNConnection",
   "Properties" : {
      "Type" : String,
      "CustomerGatewayId" : GatewayID,
      "StaticRoutesOnly" : Boolean,
      "Tags" :  [ Resource Tag, ... ],
      "VpnGatewayId" : GatewayID,
      "VpnTunnelOptionsSpecifications" : [ VpnTunnelOptionsSpecification, ... ]
   }
}

YAML

Type: AWS::EC2::VPNConnection
Properties: 
  Type: String
  CustomerGatewayId:
    GatewayID
  StaticRoutesOnly: Boolean
  Tags:
    - Resource Tag
  VpnGatewayId:
    GatewayID
  VpnTunnelOptionsSpecifications: 
    - VpnTunnelOptionsSpecification

Properties

Type

The type of VPN connection this virtual private gateway supports.

Example: "ipsec.1"

Required: Yes

Type: String

Update requires: Replacement

CustomerGatewayId

The ID of the customer gateway. This can either be an embedded JSON object or a reference to a Gateway ID.

Required: Yes

Type: String

Update requires: Replacement

StaticRoutesOnly

Indicates whether the VPN connection requires static routes.

Required: Conditional. If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify true.

Type: Boolean

Update requires: Replacement

Tags

The tags that you want to attach to the resource.

Required: No

Type: Resource Tag.

Update requires: No interruption

VpnGatewayId

The ID of the virtual private gateway. This can either be an embedded JSON object or a reference to a Gateway ID.

Required: Yes

Type: String

Update requires: Replacement

VpnTunnelOptionsSpecifications

The tunnel options for the VPN connection. Duplicates not allowed.

Required: No

Type: List of VpnTunnelOptionsSpecification

Update requires: Replacement

Return Value

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the resource name. For example: 

{ "Ref": "MyVPNConnection" }

For the VPNConnection with the logical ID "MyVPNConnection", Ref will return the VPN connection's resource name.

For more information about using the Ref function, see Ref.

Template Example

JSON

{
   "AWSTemplateFormatVersion" : "2010-09-09",
   "Resources" : {
      "myVPNConnection" : {
         "Type" : "AWS::EC2::VPNConnection",
         "Properties" : {
            "Type" : "ipsec.1",
    	    "StaticRoutesOnly" : "true",
            "CustomerGatewayId" : {"Ref" : "myCustomerGateway"},
            "VpnGatewayId" : {"Ref" : "myVPNGateway"}
         }
      }
   }
}

YAML

AWSTemplateFormatVersion: "2010-09-09"
Resources:
  myVPNConnection: 
    Type: AWS::EC2::VPNConnection
    Properties: 
      Type: ipsec.1
      StaticRoutesOnly: true
      CustomerGatewayId: 
        !Ref myCustomerGateway
      VpnGatewayId: 
        !Ref myVPNGateway

See Also