Parameter |
Choices/Defaults |
Comments |
aws_access_key
|
|
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
aliases: ec2_access_key, access_key
|
aws_secret_key
|
|
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aliases: ec2_secret_key, secret_key
|
connection_type
|
|
The type of VPN connection.
|
customer_gateway_id
|
|
The ID of the customer gateway.
|
ec2_url
|
|
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
|
filters
|
|
An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
|
|
cgw-config
|
|
The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
|
|
static-routes-only
|
|
The type of routing; true or false.
|
|
cidr
|
|
The destination cidr of the VPN's route as a string or a list of those strings.
|
|
bgp
|
|
The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
|
|
vpn
|
|
The VPN connection id as a string or a list of those strings.
|
|
vgw
|
|
The virtual private gateway as a string or a list of those strings.
|
|
tag-keys
|
|
The key of a tag as a string or a list of those strings.
|
|
tag-values
|
|
The value of a tag as a string or a list of those strings.
|
|
tags
|
|
A dict of key value pairs.
|
|
cgw
|
|
The customer gateway id as a string or a list of those strings.
|
profile
(added in 1.6) |
|
Uses a boto profile. Only works with boto >= 2.24.0.
|
purge_routes
|
|
Whether or not to delete VPN connections routes that are not specified in the task.
|
purge_tags
bool |
|
Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
|
region
|
|
aliases: aws_region, ec2_region
|
routes
|
|
Routes to add to the connection.
|
security_token
(added in 1.6) |
|
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
aliases: access_token
|
state
|
Choices:
present ←
- absent
|
The desired state of the VPN connection.
|
static_only
|
Default:
no
|
Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
|
tags
|
|
Tags to attach to the VPN connection.
|
tunnel_options
(added in 2.5) |
|
An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
|
validate_certs
bool
(added in 1.5) |
|
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
|
vpn_connection_id
|
|
The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
|
vpn_gateway_id
|
|
The ID of the virtual private gateway.
|