Docs Home
oci.Core.Ipsec
Explore with Pulumi AI
This resource provides the Ip Sec Connection resource in Oracle Cloud Infrastructure Core service.
Creates a new IPSec connection between the specified DRG and CPE with two default static tunnels. For more information, see Site-to-Site VPN Overview.
For the purposes of access control, you must provide the OCID of the compartment where you want the IPSec connection to reside. Notice that the IPSec connection doesn’t have to be in the same compartment as the DRG, CPE, or other Networking Service components. If you’re not sure which compartment to use, put the IPSec connection in the same compartment as the DRG. For more information about compartments and access control, see Overview of the IAM Service.
You may optionally specify a display name for the IPSec connection, otherwise a default is provided. It does not have to be unique, and you can change it. Avoid entering confidential information.
After creating the IPSec connection, you need to configure your on-premises router with tunnel-specific information. For tunnel status and the required configuration information, see:
To configure tunnel-specific information, use oci.Core.IpsecConnectionTunnelManagement to update the tunnels. If
you configure at least one tunnel to use static routing, then in the oci.Core.Ipsec request you must provide
at least one valid static route (you’re allowed a maximum of 10). For example: 10.0.0.0/16.
If you configure both tunnels to use BGP dynamic routing, the static routes will be ignored. However, you must provide a
static route in oci.Core.Ipsec even if you plan to use BGP routing because it defaults to two static tunnels. For more
information, see the important note in IPSecConnection.
For each tunnel, you need the IP address of Oracle’s VPN headend and the shared secret (that is, the pre-shared key). For more information, see CPE Configuration.
To configure tunnel-specific information for private ipsec connection over fastconnect, use attribute tunnel_configuration.
You can provide configuration for maximum of 2 tunnels. You can configure each tunnel with oracle_tunnel_ip,
associated_virtual_circuits and drg_route_table_id at time of creation. These attributes cannot be updated using IPSec
connection APIs. To update drg route table id, use oci.Core.DrgAttachmentManagement resource to update.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testIpSecConnection = new oci.core.Ipsec("test_ip_sec_connection", {
compartmentId: compartmentId,
cpeId: testCpe.id,
drgId: testDrg.id,
staticRoutes: ipSecConnectionStaticRoutes,
cpeLocalIdentifier: ipSecConnectionCpeLocalIdentifier,
cpeLocalIdentifierType: ipSecConnectionCpeLocalIdentifierType,
definedTags: {
"Operations.CostCenter": "42",
},
displayName: ipSecConnectionDisplayName,
freeformTags: {
Department: "Finance",
},
});
const testIpSecConnectionOverFc = new oci.core.Ipsec("test_ip_sec_connection_over_fc", {
compartmentId: compartmentId,
cpeId: testCpe.id,
drgId: testDrg.id,
staticRoutes: ipSecConnectionStaticRoutes,
cpeLocalIdentifier: ipSecConnectionCpeLocalIdentifier,
cpeLocalIdentifierType: ipSecConnectionCpeLocalIdentifierType,
definedTags: {
"Operations.CostCenter": "42",
},
displayName: ipSecConnectionDisplayName,
freeformTags: {
Department: "Finance",
},
tunnelConfigurations: [
{
oracleTunnelIp: "10.1.5.5",
associatedVirtualCircuits: [testIpsecOverFcVirtualCircuit.id],
drgRouteTableId: testDrgIpsecOverFcRouteTable.id,
},
{
oracleTunnelIp: "10.1.7.7",
associatedVirtualCircuits: [testIpsecOverFcVirtualCircuit.id],
drgRouteTableId: testDrgIpsecOverFcRouteTable.id,
},
],
});
import pulumi
import pulumi_oci as oci
test_ip_sec_connection = oci.core.Ipsec("test_ip_sec_connection",
compartment_id=compartment_id,
cpe_id=test_cpe["id"],
drg_id=test_drg["id"],
static_routes=ip_sec_connection_static_routes,
cpe_local_identifier=ip_sec_connection_cpe_local_identifier,
cpe_local_identifier_type=ip_sec_connection_cpe_local_identifier_type,
defined_tags={
"Operations.CostCenter": "42",
},
display_name=ip_sec_connection_display_name,
freeform_tags={
"Department": "Finance",
})
test_ip_sec_connection_over_fc = oci.core.Ipsec("test_ip_sec_connection_over_fc",
compartment_id=compartment_id,
cpe_id=test_cpe["id"],
drg_id=test_drg["id"],
static_routes=ip_sec_connection_static_routes,
cpe_local_identifier=ip_sec_connection_cpe_local_identifier,
cpe_local_identifier_type=ip_sec_connection_cpe_local_identifier_type,
defined_tags={
"Operations.CostCenter": "42",
},
display_name=ip_sec_connection_display_name,
freeform_tags={
"Department": "Finance",
},
tunnel_configurations=[
{
"oracle_tunnel_ip": "10.1.5.5",
"associated_virtual_circuits": [test_ipsec_over_fc_virtual_circuit["id"]],
"drg_route_table_id": test_drg_ipsec_over_fc_route_table["id"],
},
{
"oracle_tunnel_ip": "10.1.7.7",
"associated_virtual_circuits": [test_ipsec_over_fc_virtual_circuit["id"]],
"drg_route_table_id": test_drg_ipsec_over_fc_route_table["id"],
},
])
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := Core.NewIpsec(ctx, "test_ip_sec_connection", &Core.IpsecArgs{
CompartmentId: pulumi.Any(compartmentId),
CpeId: pulumi.Any(testCpe.Id),
DrgId: pulumi.Any(testDrg.Id),
StaticRoutes: pulumi.Any(ipSecConnectionStaticRoutes),
CpeLocalIdentifier: pulumi.Any(ipSecConnectionCpeLocalIdentifier),
CpeLocalIdentifierType: pulumi.Any(ipSecConnectionCpeLocalIdentifierType),
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
DisplayName: pulumi.Any(ipSecConnectionDisplayName),
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
})
if err != nil {
return err
}
_, err = Core.NewIpsec(ctx, "test_ip_sec_connection_over_fc", &Core.IpsecArgs{
CompartmentId: pulumi.Any(compartmentId),
CpeId: pulumi.Any(testCpe.Id),
DrgId: pulumi.Any(testDrg.Id),
StaticRoutes: pulumi.Any(ipSecConnectionStaticRoutes),
CpeLocalIdentifier: pulumi.Any(ipSecConnectionCpeLocalIdentifier),
CpeLocalIdentifierType: pulumi.Any(ipSecConnectionCpeLocalIdentifierType),
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
DisplayName: pulumi.Any(ipSecConnectionDisplayName),
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
TunnelConfigurations: core.IpsecTunnelConfigurationArray{
&core.IpsecTunnelConfigurationArgs{
OracleTunnelIp: pulumi.String("10.1.5.5"),
AssociatedVirtualCircuits: pulumi.StringArray{
testIpsecOverFcVirtualCircuit.Id,
},
DrgRouteTableId: pulumi.Any(testDrgIpsecOverFcRouteTable.Id),
},
&core.IpsecTunnelConfigurationArgs{
OracleTunnelIp: pulumi.String("10.1.7.7"),
AssociatedVirtualCircuits: pulumi.StringArray{
testIpsecOverFcVirtualCircuit.Id,
},
DrgRouteTableId: pulumi.Any(testDrgIpsecOverFcRouteTable.Id),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testIpSecConnection = new Oci.Core.Ipsec("test_ip_sec_connection", new()
{
CompartmentId = compartmentId,
CpeId = testCpe.Id,
DrgId = testDrg.Id,
StaticRoutes = ipSecConnectionStaticRoutes,
CpeLocalIdentifier = ipSecConnectionCpeLocalIdentifier,
CpeLocalIdentifierType = ipSecConnectionCpeLocalIdentifierType,
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
DisplayName = ipSecConnectionDisplayName,
FreeformTags =
{
{ "Department", "Finance" },
},
});
var testIpSecConnectionOverFc = new Oci.Core.Ipsec("test_ip_sec_connection_over_fc", new()
{
CompartmentId = compartmentId,
CpeId = testCpe.Id,
DrgId = testDrg.Id,
StaticRoutes = ipSecConnectionStaticRoutes,
CpeLocalIdentifier = ipSecConnectionCpeLocalIdentifier,
CpeLocalIdentifierType = ipSecConnectionCpeLocalIdentifierType,
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
DisplayName = ipSecConnectionDisplayName,
FreeformTags =
{
{ "Department", "Finance" },
},
TunnelConfigurations = new[]
{
new Oci.Core.Inputs.IpsecTunnelConfigurationArgs
{
OracleTunnelIp = "10.1.5.5",
AssociatedVirtualCircuits = new[]
{
testIpsecOverFcVirtualCircuit.Id,
},
DrgRouteTableId = testDrgIpsecOverFcRouteTable.Id,
},
new Oci.Core.Inputs.IpsecTunnelConfigurationArgs
{
OracleTunnelIp = "10.1.7.7",
AssociatedVirtualCircuits = new[]
{
testIpsecOverFcVirtualCircuit.Id,
},
DrgRouteTableId = testDrgIpsecOverFcRouteTable.Id,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Core.Ipsec;
import com.pulumi.oci.Core.IpsecArgs;
import com.pulumi.oci.Core.inputs.IpsecTunnelConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testIpSecConnection = new Ipsec("testIpSecConnection", IpsecArgs.builder()
.compartmentId(compartmentId)
.cpeId(testCpe.id())
.drgId(testDrg.id())
.staticRoutes(ipSecConnectionStaticRoutes)
.cpeLocalIdentifier(ipSecConnectionCpeLocalIdentifier)
.cpeLocalIdentifierType(ipSecConnectionCpeLocalIdentifierType)
.definedTags(Map.of("Operations.CostCenter", "42"))
.displayName(ipSecConnectionDisplayName)
.freeformTags(Map.of("Department", "Finance"))
.build());
var testIpSecConnectionOverFc = new Ipsec("testIpSecConnectionOverFc", IpsecArgs.builder()
.compartmentId(compartmentId)
.cpeId(testCpe.id())
.drgId(testDrg.id())
.staticRoutes(ipSecConnectionStaticRoutes)
.cpeLocalIdentifier(ipSecConnectionCpeLocalIdentifier)
.cpeLocalIdentifierType(ipSecConnectionCpeLocalIdentifierType)
.definedTags(Map.of("Operations.CostCenter", "42"))
.displayName(ipSecConnectionDisplayName)
.freeformTags(Map.of("Department", "Finance"))
.tunnelConfigurations(
IpsecTunnelConfigurationArgs.builder()
.oracleTunnelIp("10.1.5.5")
.associatedVirtualCircuits(testIpsecOverFcVirtualCircuit.id())
.drgRouteTableId(testDrgIpsecOverFcRouteTable.id())
.build(),
IpsecTunnelConfigurationArgs.builder()
.oracleTunnelIp("10.1.7.7")
.associatedVirtualCircuits(testIpsecOverFcVirtualCircuit.id())
.drgRouteTableId(testDrgIpsecOverFcRouteTable.id())
.build())
.build());
}
}
resources:
testIpSecConnection:
type: oci:Core:Ipsec
name: test_ip_sec_connection
properties:
compartmentId: ${compartmentId}
cpeId: ${testCpe.id}
drgId: ${testDrg.id}
staticRoutes: ${ipSecConnectionStaticRoutes}
cpeLocalIdentifier: ${ipSecConnectionCpeLocalIdentifier}
cpeLocalIdentifierType: ${ipSecConnectionCpeLocalIdentifierType}
definedTags:
Operations.CostCenter: '42'
displayName: ${ipSecConnectionDisplayName}
freeformTags:
Department: Finance
testIpSecConnectionOverFc:
type: oci:Core:Ipsec
name: test_ip_sec_connection_over_fc
properties:
compartmentId: ${compartmentId}
cpeId: ${testCpe.id}
drgId: ${testDrg.id}
staticRoutes: ${ipSecConnectionStaticRoutes}
cpeLocalIdentifier: ${ipSecConnectionCpeLocalIdentifier}
cpeLocalIdentifierType: ${ipSecConnectionCpeLocalIdentifierType}
definedTags:
Operations.CostCenter: '42'
displayName: ${ipSecConnectionDisplayName}
freeformTags:
Department: Finance
tunnelConfigurations:
- oracleTunnelIp: 10.1.5.5
associatedVirtualCircuits:
- ${testIpsecOverFcVirtualCircuit.id}
drgRouteTableId: ${testDrgIpsecOverFcRouteTable.id}
- oracleTunnelIp: 10.1.7.7
associatedVirtualCircuits:
- ${testIpsecOverFcVirtualCircuit.id}
drgRouteTableId: ${testDrgIpsecOverFcRouteTable.id}
Create Ipsec Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Ipsec(name: string, args: IpsecArgs, opts?: CustomResourceOptions);@overload
def Ipsec(resource_name: str,
args: IpsecArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Ipsec(resource_name: str,
opts: Optional[ResourceOptions] = None,
compartment_id: Optional[str] = None,
cpe_id: Optional[str] = None,
drg_id: Optional[str] = None,
static_routes: Optional[Sequence[str]] = None,
cpe_local_identifier: Optional[str] = None,
cpe_local_identifier_type: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
display_name: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
tunnel_configurations: Optional[Sequence[_core.IpsecTunnelConfigurationArgs]] = None)func NewIpsec(ctx *Context, name string, args IpsecArgs, opts ...ResourceOption) (*Ipsec, error)public Ipsec(string name, IpsecArgs args, CustomResourceOptions? opts = null)type: oci:Core:Ipsec
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IpsecArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IpsecArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IpsecArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IpsecArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IpsecArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var ipsecResource = new Oci.Core.Ipsec("ipsecResource", new()
{
CompartmentId = "string",
CpeId = "string",
DrgId = "string",
StaticRoutes = new[]
{
"string",
},
CpeLocalIdentifier = "string",
CpeLocalIdentifierType = "string",
DefinedTags =
{
{ "string", "string" },
},
DisplayName = "string",
FreeformTags =
{
{ "string", "string" },
},
TunnelConfigurations = new[]
{
new Oci.Core.Inputs.IpsecTunnelConfigurationArgs
{
AssociatedVirtualCircuits = new[]
{
"string",
},
DrgRouteTableId = "string",
OracleTunnelIp = "string",
},
},
});
example, err := Core.NewIpsec(ctx, "ipsecResource", &Core.IpsecArgs{
CompartmentId: pulumi.String("string"),
CpeId: pulumi.String("string"),
DrgId: pulumi.String("string"),
StaticRoutes: pulumi.StringArray{
pulumi.String("string"),
},
CpeLocalIdentifier: pulumi.String("string"),
CpeLocalIdentifierType: pulumi.String("string"),
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
DisplayName: pulumi.String("string"),
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
TunnelConfigurations: core.IpsecTunnelConfigurationArray{
&core.IpsecTunnelConfigurationArgs{
AssociatedVirtualCircuits: pulumi.StringArray{
pulumi.String("string"),
},
DrgRouteTableId: pulumi.String("string"),
OracleTunnelIp: pulumi.String("string"),
},
},
})
var ipsecResource = new Ipsec("ipsecResource", IpsecArgs.builder()
.compartmentId("string")
.cpeId("string")
.drgId("string")
.staticRoutes("string")
.cpeLocalIdentifier("string")
.cpeLocalIdentifierType("string")
.definedTags(Map.of("string", "string"))
.displayName("string")
.freeformTags(Map.of("string", "string"))
.tunnelConfigurations(IpsecTunnelConfigurationArgs.builder()
.associatedVirtualCircuits("string")
.drgRouteTableId("string")
.oracleTunnelIp("string")
.build())
.build());
ipsec_resource = oci.core.Ipsec("ipsecResource",
compartment_id="string",
cpe_id="string",
drg_id="string",
static_routes=["string"],
cpe_local_identifier="string",
cpe_local_identifier_type="string",
defined_tags={
"string": "string",
},
display_name="string",
freeform_tags={
"string": "string",
},
tunnel_configurations=[{
"associated_virtual_circuits": ["string"],
"drg_route_table_id": "string",
"oracle_tunnel_ip": "string",
}])
const ipsecResource = new oci.core.Ipsec("ipsecResource", {
compartmentId: "string",
cpeId: "string",
drgId: "string",
staticRoutes: ["string"],
cpeLocalIdentifier: "string",
cpeLocalIdentifierType: "string",
definedTags: {
string: "string",
},
displayName: "string",
freeformTags: {
string: "string",
},
tunnelConfigurations: [{
associatedVirtualCircuits: ["string"],
drgRouteTableId: "string",
oracleTunnelIp: "string",
}],
});
type: oci:Core:Ipsec
properties:
compartmentId: string
cpeId: string
cpeLocalIdentifier: string
cpeLocalIdentifierType: string
definedTags:
string: string
displayName: string
drgId: string
freeformTags:
string: string
staticRoutes:
- string
tunnelConfigurations:
- associatedVirtualCircuits:
- string
drgRouteTableId: string
oracleTunnelIp: string
Ipsec Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Ipsec resource accepts the following input properties:
- Compartment
Id string - (Updatable) The OCID of the compartment to contain the IPSec connection.
- Cpe
Id string - The OCID of the Cpe object.
- Drg
Id string - The OCID of the DRG.
- Static
Routes List<string> (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- Cpe
Local stringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- Cpe
Local stringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - Display
Name string - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - Tunnel
Configurations List<IpsecTunnel Configuration> (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Compartment
Id string - (Updatable) The OCID of the compartment to contain the IPSec connection.
- Cpe
Id string - The OCID of the Cpe object.
- Drg
Id string - The OCID of the DRG.
- Static
Routes []string (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- Cpe
Local stringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- Cpe
Local stringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - Display
Name string - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - Tunnel
Configurations []IpsecTunnel Configuration Args (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe
Id String - The OCID of the Cpe object.
- drg
Id String - The OCID of the DRG.
- static
Routes List<String> (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- cpe
Local StringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe
Local StringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name String - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - tunnel
Configurations List<IpsecTunnel Configuration> (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id string - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe
Id string - The OCID of the Cpe object.
- drg
Id string - The OCID of the DRG.
- static
Routes string[] (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- cpe
Local stringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe
Local stringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name string - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - tunnel
Configurations IpsecTunnel Configuration[] (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment_
id str - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe_
id str - The OCID of the Cpe object.
- drg_
id str - The OCID of the DRG.
- static_
routes Sequence[str] (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- cpe_
local_ stridentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe_
local_ stridentifier_ type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display_
name str - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - tunnel_
configurations Sequence[core.Ipsec Tunnel Configuration Args] (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe
Id String - The OCID of the Cpe object.
- drg
Id String - The OCID of the DRG.
- static
Routes List<String> (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- cpe
Local StringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe
Local StringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name String - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - tunnel
Configurations List<Property Map> (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Outputs
All input properties are implicitly available as output properties. Additionally, the Ipsec resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- State string
- The IPSec connection's current state.
- Time
Created string - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - Transport
Type string - The transport type used for the IPSec connection.
- Id string
- The provider-assigned unique ID for this managed resource.
- State string
- The IPSec connection's current state.
- Time
Created string - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - Transport
Type string - The transport type used for the IPSec connection.
- id String
- The provider-assigned unique ID for this managed resource.
- state String
- The IPSec connection's current state.
- time
Created String - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport
Type String - The transport type used for the IPSec connection.
- id string
- The provider-assigned unique ID for this managed resource.
- state string
- The IPSec connection's current state.
- time
Created string - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport
Type string - The transport type used for the IPSec connection.
- id str
- The provider-assigned unique ID for this managed resource.
- state str
- The IPSec connection's current state.
- time_
created str - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport_
type str - The transport type used for the IPSec connection.
- id String
- The provider-assigned unique ID for this managed resource.
- state String
- The IPSec connection's current state.
- time
Created String - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport
Type String - The transport type used for the IPSec connection.
Look up Existing Ipsec Resource
Get an existing Ipsec resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IpsecState, opts?: CustomResourceOptions): Ipsec@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
compartment_id: Optional[str] = None,
cpe_id: Optional[str] = None,
cpe_local_identifier: Optional[str] = None,
cpe_local_identifier_type: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
display_name: Optional[str] = None,
drg_id: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
state: Optional[str] = None,
static_routes: Optional[Sequence[str]] = None,
time_created: Optional[str] = None,
transport_type: Optional[str] = None,
tunnel_configurations: Optional[Sequence[_core.IpsecTunnelConfigurationArgs]] = None) -> Ipsecfunc GetIpsec(ctx *Context, name string, id IDInput, state *IpsecState, opts ...ResourceOption) (*Ipsec, error)public static Ipsec Get(string name, Input<string> id, IpsecState? state, CustomResourceOptions? opts = null)public static Ipsec get(String name, Output<String> id, IpsecState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Compartment
Id string - (Updatable) The OCID of the compartment to contain the IPSec connection.
- Cpe
Id string - The OCID of the Cpe object.
- Cpe
Local stringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- Cpe
Local stringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - Display
Name string - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- Drg
Id string - The OCID of the DRG.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - State string
- The IPSec connection's current state.
- Static
Routes List<string> (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- Time
Created string - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - Transport
Type string - The transport type used for the IPSec connection.
- Tunnel
Configurations List<IpsecTunnel Configuration> (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Compartment
Id string - (Updatable) The OCID of the compartment to contain the IPSec connection.
- Cpe
Id string - The OCID of the Cpe object.
- Cpe
Local stringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- Cpe
Local stringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - Display
Name string - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- Drg
Id string - The OCID of the DRG.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - State string
- The IPSec connection's current state.
- Static
Routes []string (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- Time
Created string - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - Transport
Type string - The transport type used for the IPSec connection.
- Tunnel
Configurations []IpsecTunnel Configuration Args (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe
Id String - The OCID of the Cpe object.
- cpe
Local StringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe
Local StringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name String - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- drg
Id String - The OCID of the DRG.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - state String
- The IPSec connection's current state.
- static
Routes List<String> (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- time
Created String - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport
Type String - The transport type used for the IPSec connection.
- tunnel
Configurations List<IpsecTunnel Configuration> (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id string - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe
Id string - The OCID of the Cpe object.
- cpe
Local stringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe
Local stringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name string - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- drg
Id string - The OCID of the DRG.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - state string
- The IPSec connection's current state.
- static
Routes string[] (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- time
Created string - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport
Type string - The transport type used for the IPSec connection.
- tunnel
Configurations IpsecTunnel Configuration[] (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment_
id str - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe_
id str - The OCID of the Cpe object.
- cpe_
local_ stridentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe_
local_ stridentifier_ type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display_
name str - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- drg_
id str - The OCID of the DRG.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - state str
- The IPSec connection's current state.
- static_
routes Sequence[str] (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- time_
created str - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport_
type str - The transport type used for the IPSec connection.
- tunnel_
configurations Sequence[core.Ipsec Tunnel Configuration Args] (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment to contain the IPSec connection.
- cpe
Id String - The OCID of the Cpe object.
- cpe
Local StringIdentifier (Updatable) Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier you provide here must correspond to the value for
cpeLocalIdentifierType.If you don't provide a value, the
ipAddressattribute for the Cpe object specified bycpeIdis used as thecpeLocalIdentifier.For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.
Example IP address:
10.0.3.3Example hostname:
cpe.example.com- cpe
Local StringIdentifier Type - (Updatable) The type of identifier for your CPE device. The value you provide here must correspond to the value for
cpeLocalIdentifier. - Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name String - (Updatable) A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.
- drg
Id String - The OCID of the DRG.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - state String
- The IPSec connection's current state.
- static
Routes List<String> (Updatable) Static routes to the CPE. A static route's CIDR must not be a multicast address or class E address.
Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes on update. For more information, see the important note in IPSecConnection.
Example:
10.0.1.0/24- time
Created String - The date and time the IPSec connection was created, in the format defined by RFC3339. Example:
2016-08-25T21:10:29.600Z - transport
Type String - The transport type used for the IPSec connection.
- tunnel
Configurations List<Property Map> (Non-updatable) Tunnel configuration for private ipsec connection over fastconnect.
Example:
tunnel_configuration { oracle_tunnel_ip = "10.1.5.5" associated_virtual_circuits = [oci_core_virtual_circuit.test_ipsec_over_fc_virtual_circuit.id] drg_route_table_id = oci_core_drg_route_table.test_drg_ipsec_over_fc_route_table.id }** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Supporting Types
IpsecTunnelConfiguration, IpsecTunnelConfigurationArgs
- Associated
Virtual List<string>Circuits - Drg
Route stringTable Id - Oracle
Tunnel stringIp
- Associated
Virtual []stringCircuits - Drg
Route stringTable Id - Oracle
Tunnel stringIp
- associated
Virtual List<String>Circuits - drg
Route StringTable Id - oracle
Tunnel StringIp
- associated
Virtual string[]Circuits - drg
Route stringTable Id - oracle
Tunnel stringIp
- associated_
virtual_ Sequence[str]circuits - drg_
route_ strtable_ id - oracle_
tunnel_ strip
- associated
Virtual List<String>Circuits - drg
Route StringTable Id - oracle
Tunnel StringIp
Import
IpSecConnections can be imported using the id, e.g.
$ pulumi import oci:Core/ipsec:Ipsec test_ip_sec_connection "id"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.