Microsoft.Network vpnGateways/vpnConnections 2018-04-01
- Latest
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-12-01
- 2018-11-01
- 2018-10-01
- 2018-08-01
- 2018-07-01
- 2018-06-01
- 2018-04-01
Bicep resource definition
The vpnGateways/vpnConnections resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/vpnGateways/vpnConnections resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/vpnGateways/vpnConnections@2018-04-01' = {
name: 'string'
properties: {
enableBgp: bool
ipsecPolicies: [
{
dhGroup: 'string'
ikeEncryption: 'string'
ikeIntegrity: 'string'
ipsecEncryption: 'string'
ipsecIntegrity: 'string'
pfsGroup: 'string'
saDataSizeKilobytes: int
saLifeTimeSeconds: int
}
]
provisioningState: 'string'
remoteVpnSite: {
id: 'string'
}
routingWeight: int
sharedKey: 'string'
}
}
Property values
IpsecPolicy
| Name | Description | Value |
|---|---|---|
| dhGroup | The DH Groups used in IKE Phase 1 for initial SA. | 'DHGroup1' 'DHGroup14' 'DHGroup2' 'DHGroup2048' 'DHGroup24' 'ECP256' 'ECP384' 'None' (required) |
| ikeEncryption | The IKE encryption algorithm (IKE phase 2). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES256' (required) |
| ikeIntegrity | The IKE integrity algorithm (IKE phase 2). | 'GCMAES128' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' 'SHA384' (required) |
| ipsecEncryption | The IPSec encryption algorithm (IKE phase 1). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES192' 'GCMAES256' 'None' (required) |
| ipsecIntegrity | The IPSec integrity algorithm (IKE phase 1). | 'GCMAES128' 'GCMAES192' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' (required) |
| pfsGroup | The Pfs Groups used in IKE Phase 2 for new child SA. | 'ECP256' 'ECP384' 'None' 'PFS1' 'PFS14' 'PFS2' 'PFS2048' 'PFS24' 'PFSMM' (required) |
| saDataSizeKilobytes | The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. | int (required) |
| saLifeTimeSeconds | The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. | int (required) |
Microsoft.Network/vpnGateways/vpnConnections
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: vpnGateways |
| properties | Parameters for VpnConnection | VpnConnectionProperties |
SubResource
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
VpnConnectionProperties
| Name | Description | Value |
|---|---|---|
| enableBgp | EnableBgp flag | bool |
| ipsecPolicies | The IPSec Policies to be considered by this connection. | IpsecPolicy[] |
| provisioningState | The provisioning state of the resource. | 'Deleting' 'Failed' 'Succeeded' 'Updating' |
| remoteVpnSite | Id of the connected vpn site. | SubResource |
| routingWeight | routing weight for vpn connection. | int |
| sharedKey | SharedKey for the vpn connection. | string |
ARM template resource definition
The vpnGateways/vpnConnections resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/vpnGateways/vpnConnections resource, add the following JSON to your template.
{
"type": "Microsoft.Network/vpnGateways/vpnConnections",
"apiVersion": "2018-04-01",
"name": "string",
"properties": {
"enableBgp": "bool",
"ipsecPolicies": [
{
"dhGroup": "string",
"ikeEncryption": "string",
"ikeIntegrity": "string",
"ipsecEncryption": "string",
"ipsecIntegrity": "string",
"pfsGroup": "string",
"saDataSizeKilobytes": "int",
"saLifeTimeSeconds": "int"
}
],
"provisioningState": "string",
"remoteVpnSite": {
"id": "string"
},
"routingWeight": "int",
"sharedKey": "string"
}
}
Property values
IpsecPolicy
| Name | Description | Value |
|---|---|---|
| dhGroup | The DH Groups used in IKE Phase 1 for initial SA. | 'DHGroup1' 'DHGroup14' 'DHGroup2' 'DHGroup2048' 'DHGroup24' 'ECP256' 'ECP384' 'None' (required) |
| ikeEncryption | The IKE encryption algorithm (IKE phase 2). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES256' (required) |
| ikeIntegrity | The IKE integrity algorithm (IKE phase 2). | 'GCMAES128' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' 'SHA384' (required) |
| ipsecEncryption | The IPSec encryption algorithm (IKE phase 1). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES192' 'GCMAES256' 'None' (required) |
| ipsecIntegrity | The IPSec integrity algorithm (IKE phase 1). | 'GCMAES128' 'GCMAES192' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' (required) |
| pfsGroup | The Pfs Groups used in IKE Phase 2 for new child SA. | 'ECP256' 'ECP384' 'None' 'PFS1' 'PFS14' 'PFS2' 'PFS2048' 'PFS24' 'PFSMM' (required) |
| saDataSizeKilobytes | The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. | int (required) |
| saLifeTimeSeconds | The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. | int (required) |
Microsoft.Network/vpnGateways/vpnConnections
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2018-04-01' |
| name | The resource name | string (required) |
| properties | Parameters for VpnConnection | VpnConnectionProperties |
| type | The resource type | 'Microsoft.Network/vpnGateways/vpnConnections' |
SubResource
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
VpnConnectionProperties
| Name | Description | Value |
|---|---|---|
| enableBgp | EnableBgp flag | bool |
| ipsecPolicies | The IPSec Policies to be considered by this connection. | IpsecPolicy[] |
| provisioningState | The provisioning state of the resource. | 'Deleting' 'Failed' 'Succeeded' 'Updating' |
| remoteVpnSite | Id of the connected vpn site. | SubResource |
| routingWeight | routing weight for vpn connection. | int |
| sharedKey | SharedKey for the vpn connection. | string |
Terraform (AzAPI provider) resource definition
The vpnGateways/vpnConnections resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/vpnGateways/vpnConnections resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/vpnGateways/vpnConnections@2018-04-01"
name = "string"
body = jsonencode({
properties = {
enableBgp = bool
ipsecPolicies = [
{
dhGroup = "string"
ikeEncryption = "string"
ikeIntegrity = "string"
ipsecEncryption = "string"
ipsecIntegrity = "string"
pfsGroup = "string"
saDataSizeKilobytes = int
saLifeTimeSeconds = int
}
]
provisioningState = "string"
remoteVpnSite = {
id = "string"
}
routingWeight = int
sharedKey = "string"
}
})
}
Property values
IpsecPolicy
| Name | Description | Value |
|---|---|---|
| dhGroup | The DH Groups used in IKE Phase 1 for initial SA. | 'DHGroup1' 'DHGroup14' 'DHGroup2' 'DHGroup2048' 'DHGroup24' 'ECP256' 'ECP384' 'None' (required) |
| ikeEncryption | The IKE encryption algorithm (IKE phase 2). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES256' (required) |
| ikeIntegrity | The IKE integrity algorithm (IKE phase 2). | 'GCMAES128' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' 'SHA384' (required) |
| ipsecEncryption | The IPSec encryption algorithm (IKE phase 1). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES192' 'GCMAES256' 'None' (required) |
| ipsecIntegrity | The IPSec integrity algorithm (IKE phase 1). | 'GCMAES128' 'GCMAES192' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' (required) |
| pfsGroup | The Pfs Groups used in IKE Phase 2 for new child SA. | 'ECP256' 'ECP384' 'None' 'PFS1' 'PFS14' 'PFS2' 'PFS2048' 'PFS24' 'PFSMM' (required) |
| saDataSizeKilobytes | The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. | int (required) |
| saLifeTimeSeconds | The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. | int (required) |
Microsoft.Network/vpnGateways/vpnConnections
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: vpnGateways |
| properties | Parameters for VpnConnection | VpnConnectionProperties |
| type | The resource type | "Microsoft.Network/vpnGateways/vpnConnections@2018-04-01" |
SubResource
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
VpnConnectionProperties
| Name | Description | Value |
|---|---|---|
| enableBgp | EnableBgp flag | bool |
| ipsecPolicies | The IPSec Policies to be considered by this connection. | IpsecPolicy[] |
| provisioningState | The provisioning state of the resource. | 'Deleting' 'Failed' 'Succeeded' 'Updating' |
| remoteVpnSite | Id of the connected vpn site. | SubResource |
| routingWeight | routing weight for vpn connection. | int |
| sharedKey | SharedKey for the vpn connection. | string |