1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. VPNTunnel
Google Cloud v8.25.1 published on Wednesday, Apr 9, 2025 by Pulumi

gcp.compute.VPNTunnel

Explore with Pulumi AI

VPN tunnel resource.

To get more information about VpnTunnel, see:

Example Usage

Vpn Tunnel Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const network1 = new gcp.compute.Network("network1", {name: "network-1"});
const targetGateway = new gcp.compute.VPNGateway("target_gateway", {
    name: "vpn-1",
    network: network1.id,
});
const vpnStaticIp = new gcp.compute.Address("vpn_static_ip", {name: "vpn-static-ip"});
const frEsp = new gcp.compute.ForwardingRule("fr_esp", {
    name: "fr-esp",
    ipProtocol: "ESP",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp500 = new gcp.compute.ForwardingRule("fr_udp500", {
    name: "fr-udp500",
    ipProtocol: "UDP",
    portRange: "500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const frUdp4500 = new gcp.compute.ForwardingRule("fr_udp4500", {
    name: "fr-udp4500",
    ipProtocol: "UDP",
    portRange: "4500",
    ipAddress: vpnStaticIp.address,
    target: targetGateway.id,
});
const tunnel1 = new gcp.compute.VPNTunnel("tunnel1", {
    name: "tunnel-1",
    peerIp: "15.0.0.120",
    sharedSecret: "a secret message",
    targetVpnGateway: targetGateway.id,
    labels: {
        foo: "bar",
    },
}, {
    dependsOn: [
        frEsp,
        frUdp500,
        frUdp4500,
    ],
});
const route1 = new gcp.compute.Route("route1", {
    name: "route1",
    network: network1.name,
    destRange: "15.0.0.0/24",
    priority: 1000,
    nextHopVpnTunnel: tunnel1.id,
});
Copy
import pulumi
import pulumi_gcp as gcp

network1 = gcp.compute.Network("network1", name="network-1")
target_gateway = gcp.compute.VPNGateway("target_gateway",
    name="vpn-1",
    network=network1.id)
vpn_static_ip = gcp.compute.Address("vpn_static_ip", name="vpn-static-ip")
fr_esp = gcp.compute.ForwardingRule("fr_esp",
    name="fr-esp",
    ip_protocol="ESP",
    ip_address=vpn_static_ip.address,
    target=target_gateway.id)
fr_udp500 = gcp.compute.ForwardingRule("fr_udp500",
    name="fr-udp500",
    ip_protocol="UDP",
    port_range="500",
    ip_address=vpn_static_ip.address,
    target=target_gateway.id)
fr_udp4500 = gcp.compute.ForwardingRule("fr_udp4500",
    name="fr-udp4500",
    ip_protocol="UDP",
    port_range="4500",
    ip_address=vpn_static_ip.address,
    target=target_gateway.id)
tunnel1 = gcp.compute.VPNTunnel("tunnel1",
    name="tunnel-1",
    peer_ip="15.0.0.120",
    shared_secret="a secret message",
    target_vpn_gateway=target_gateway.id,
    labels={
        "foo": "bar",
    },
    opts = pulumi.ResourceOptions(depends_on=[
            fr_esp,
            fr_udp500,
            fr_udp4500,
        ]))
route1 = gcp.compute.Route("route1",
    name="route1",
    network=network1.name,
    dest_range="15.0.0.0/24",
    priority=1000,
    next_hop_vpn_tunnel=tunnel1.id)
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		network1, err := compute.NewNetwork(ctx, "network1", &compute.NetworkArgs{
			Name: pulumi.String("network-1"),
		})
		if err != nil {
			return err
		}
		targetGateway, err := compute.NewVPNGateway(ctx, "target_gateway", &compute.VPNGatewayArgs{
			Name:    pulumi.String("vpn-1"),
			Network: network1.ID(),
		})
		if err != nil {
			return err
		}
		vpnStaticIp, err := compute.NewAddress(ctx, "vpn_static_ip", &compute.AddressArgs{
			Name: pulumi.String("vpn-static-ip"),
		})
		if err != nil {
			return err
		}
		frEsp, err := compute.NewForwardingRule(ctx, "fr_esp", &compute.ForwardingRuleArgs{
			Name:       pulumi.String("fr-esp"),
			IpProtocol: pulumi.String("ESP"),
			IpAddress:  vpnStaticIp.Address,
			Target:     targetGateway.ID(),
		})
		if err != nil {
			return err
		}
		frUdp500, err := compute.NewForwardingRule(ctx, "fr_udp500", &compute.ForwardingRuleArgs{
			Name:       pulumi.String("fr-udp500"),
			IpProtocol: pulumi.String("UDP"),
			PortRange:  pulumi.String("500"),
			IpAddress:  vpnStaticIp.Address,
			Target:     targetGateway.ID(),
		})
		if err != nil {
			return err
		}
		frUdp4500, err := compute.NewForwardingRule(ctx, "fr_udp4500", &compute.ForwardingRuleArgs{
			Name:       pulumi.String("fr-udp4500"),
			IpProtocol: pulumi.String("UDP"),
			PortRange:  pulumi.String("4500"),
			IpAddress:  vpnStaticIp.Address,
			Target:     targetGateway.ID(),
		})
		if err != nil {
			return err
		}
		tunnel1, err := compute.NewVPNTunnel(ctx, "tunnel1", &compute.VPNTunnelArgs{
			Name:             pulumi.String("tunnel-1"),
			PeerIp:           pulumi.String("15.0.0.120"),
			SharedSecret:     pulumi.String("a secret message"),
			TargetVpnGateway: targetGateway.ID(),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			frEsp,
			frUdp500,
			frUdp4500,
		}))
		if err != nil {
			return err
		}
		_, err = compute.NewRoute(ctx, "route1", &compute.RouteArgs{
			Name:             pulumi.String("route1"),
			Network:          network1.Name,
			DestRange:        pulumi.String("15.0.0.0/24"),
			Priority:         pulumi.Int(1000),
			NextHopVpnTunnel: tunnel1.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var network1 = new Gcp.Compute.Network("network1", new()
    {
        Name = "network-1",
    });

    var targetGateway = new Gcp.Compute.VPNGateway("target_gateway", new()
    {
        Name = "vpn-1",
        Network = network1.Id,
    });

    var vpnStaticIp = new Gcp.Compute.Address("vpn_static_ip", new()
    {
        Name = "vpn-static-ip",
    });

    var frEsp = new Gcp.Compute.ForwardingRule("fr_esp", new()
    {
        Name = "fr-esp",
        IpProtocol = "ESP",
        IpAddress = vpnStaticIp.IPAddress,
        Target = targetGateway.Id,
    });

    var frUdp500 = new Gcp.Compute.ForwardingRule("fr_udp500", new()
    {
        Name = "fr-udp500",
        IpProtocol = "UDP",
        PortRange = "500",
        IpAddress = vpnStaticIp.IPAddress,
        Target = targetGateway.Id,
    });

    var frUdp4500 = new Gcp.Compute.ForwardingRule("fr_udp4500", new()
    {
        Name = "fr-udp4500",
        IpProtocol = "UDP",
        PortRange = "4500",
        IpAddress = vpnStaticIp.IPAddress,
        Target = targetGateway.Id,
    });

    var tunnel1 = new Gcp.Compute.VPNTunnel("tunnel1", new()
    {
        Name = "tunnel-1",
        PeerIp = "15.0.0.120",
        SharedSecret = "a secret message",
        TargetVpnGateway = targetGateway.Id,
        Labels = 
        {
            { "foo", "bar" },
        },
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            frEsp,
            frUdp500,
            frUdp4500,
        },
    });

    var route1 = new Gcp.Compute.Route("route1", new()
    {
        Name = "route1",
        Network = network1.Name,
        DestRange = "15.0.0.0/24",
        Priority = 1000,
        NextHopVpnTunnel = tunnel1.Id,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.VPNGateway;
import com.pulumi.gcp.compute.VPNGatewayArgs;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.ForwardingRule;
import com.pulumi.gcp.compute.ForwardingRuleArgs;
import com.pulumi.gcp.compute.VPNTunnel;
import com.pulumi.gcp.compute.VPNTunnelArgs;
import com.pulumi.gcp.compute.Route;
import com.pulumi.gcp.compute.RouteArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var network1 = new Network("network1", NetworkArgs.builder()
            .name("network-1")
            .build());

        var targetGateway = new VPNGateway("targetGateway", VPNGatewayArgs.builder()
            .name("vpn-1")
            .network(network1.id())
            .build());

        var vpnStaticIp = new Address("vpnStaticIp", AddressArgs.builder()
            .name("vpn-static-ip")
            .build());

        var frEsp = new ForwardingRule("frEsp", ForwardingRuleArgs.builder()
            .name("fr-esp")
            .ipProtocol("ESP")
            .ipAddress(vpnStaticIp.address())
            .target(targetGateway.id())
            .build());

        var frUdp500 = new ForwardingRule("frUdp500", ForwardingRuleArgs.builder()
            .name("fr-udp500")
            .ipProtocol("UDP")
            .portRange("500")
            .ipAddress(vpnStaticIp.address())
            .target(targetGateway.id())
            .build());

        var frUdp4500 = new ForwardingRule("frUdp4500", ForwardingRuleArgs.builder()
            .name("fr-udp4500")
            .ipProtocol("UDP")
            .portRange("4500")
            .ipAddress(vpnStaticIp.address())
            .target(targetGateway.id())
            .build());

        var tunnel1 = new VPNTunnel("tunnel1", VPNTunnelArgs.builder()
            .name("tunnel-1")
            .peerIp("15.0.0.120")
            .sharedSecret("a secret message")
            .targetVpnGateway(targetGateway.id())
            .labels(Map.of("foo", "bar"))
            .build(), CustomResourceOptions.builder()
                .dependsOn(                
                    frEsp,
                    frUdp500,
                    frUdp4500)
                .build());

        var route1 = new Route("route1", RouteArgs.builder()
            .name("route1")
            .network(network1.name())
            .destRange("15.0.0.0/24")
            .priority(1000)
            .nextHopVpnTunnel(tunnel1.id())
            .build());

    }
}
Copy
resources:
  tunnel1:
    type: gcp:compute:VPNTunnel
    properties:
      name: tunnel-1
      peerIp: 15.0.0.120
      sharedSecret: a secret message
      targetVpnGateway: ${targetGateway.id}
      labels:
        foo: bar
    options:
      dependsOn:
        - ${frEsp}
        - ${frUdp500}
        - ${frUdp4500}
  targetGateway:
    type: gcp:compute:VPNGateway
    name: target_gateway
    properties:
      name: vpn-1
      network: ${network1.id}
  network1:
    type: gcp:compute:Network
    properties:
      name: network-1
  vpnStaticIp:
    type: gcp:compute:Address
    name: vpn_static_ip
    properties:
      name: vpn-static-ip
  frEsp:
    type: gcp:compute:ForwardingRule
    name: fr_esp
    properties:
      name: fr-esp
      ipProtocol: ESP
      ipAddress: ${vpnStaticIp.address}
      target: ${targetGateway.id}
  frUdp500:
    type: gcp:compute:ForwardingRule
    name: fr_udp500
    properties:
      name: fr-udp500
      ipProtocol: UDP
      portRange: '500'
      ipAddress: ${vpnStaticIp.address}
      target: ${targetGateway.id}
  frUdp4500:
    type: gcp:compute:ForwardingRule
    name: fr_udp4500
    properties:
      name: fr-udp4500
      ipProtocol: UDP
      portRange: '4500'
      ipAddress: ${vpnStaticIp.address}
      target: ${targetGateway.id}
  route1:
    type: gcp:compute:Route
    properties:
      name: route1
      network: ${network1.name}
      destRange: 15.0.0.0/24
      priority: 1000
      nextHopVpnTunnel: ${tunnel1.id}
Copy

Create VPNTunnel Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new VPNTunnel(name: string, args: VPNTunnelArgs, opts?: CustomResourceOptions);
@overload
def VPNTunnel(resource_name: str,
              args: VPNTunnelArgs,
              opts: Optional[ResourceOptions] = None)

@overload
def VPNTunnel(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              shared_secret: Optional[str] = None,
              peer_ip: Optional[str] = None,
              peer_gcp_gateway: Optional[str] = None,
              local_traffic_selectors: Optional[Sequence[str]] = None,
              name: Optional[str] = None,
              project: Optional[str] = None,
              peer_external_gateway_interface: Optional[int] = None,
              labels: Optional[Mapping[str, str]] = None,
              description: Optional[str] = None,
              peer_external_gateway: Optional[str] = None,
              region: Optional[str] = None,
              remote_traffic_selectors: Optional[Sequence[str]] = None,
              router: Optional[str] = None,
              ike_version: Optional[int] = None,
              target_vpn_gateway: Optional[str] = None,
              vpn_gateway: Optional[str] = None,
              vpn_gateway_interface: Optional[int] = None)
func NewVPNTunnel(ctx *Context, name string, args VPNTunnelArgs, opts ...ResourceOption) (*VPNTunnel, error)
public VPNTunnel(string name, VPNTunnelArgs args, CustomResourceOptions? opts = null)
public VPNTunnel(String name, VPNTunnelArgs args)
public VPNTunnel(String name, VPNTunnelArgs args, CustomResourceOptions options)
type: gcp:compute:VPNTunnel
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. VPNTunnelArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. VPNTunnelArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. VPNTunnelArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. VPNTunnelArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. VPNTunnelArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var vpntunnelResource = new Gcp.Compute.VPNTunnel("vpntunnelResource", new()
{
    SharedSecret = "string",
    PeerIp = "string",
    PeerGcpGateway = "string",
    LocalTrafficSelectors = new[]
    {
        "string",
    },
    Name = "string",
    Project = "string",
    PeerExternalGatewayInterface = 0,
    Labels = 
    {
        { "string", "string" },
    },
    Description = "string",
    PeerExternalGateway = "string",
    Region = "string",
    RemoteTrafficSelectors = new[]
    {
        "string",
    },
    Router = "string",
    IkeVersion = 0,
    TargetVpnGateway = "string",
    VpnGateway = "string",
    VpnGatewayInterface = 0,
});
Copy
example, err := compute.NewVPNTunnel(ctx, "vpntunnelResource", &compute.VPNTunnelArgs{
	SharedSecret:   pulumi.String("string"),
	PeerIp:         pulumi.String("string"),
	PeerGcpGateway: pulumi.String("string"),
	LocalTrafficSelectors: pulumi.StringArray{
		pulumi.String("string"),
	},
	Name:                         pulumi.String("string"),
	Project:                      pulumi.String("string"),
	PeerExternalGatewayInterface: pulumi.Int(0),
	Labels: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Description:         pulumi.String("string"),
	PeerExternalGateway: pulumi.String("string"),
	Region:              pulumi.String("string"),
	RemoteTrafficSelectors: pulumi.StringArray{
		pulumi.String("string"),
	},
	Router:              pulumi.String("string"),
	IkeVersion:          pulumi.Int(0),
	TargetVpnGateway:    pulumi.String("string"),
	VpnGateway:          pulumi.String("string"),
	VpnGatewayInterface: pulumi.Int(0),
})
Copy
var vpntunnelResource = new VPNTunnel("vpntunnelResource", VPNTunnelArgs.builder()
    .sharedSecret("string")
    .peerIp("string")
    .peerGcpGateway("string")
    .localTrafficSelectors("string")
    .name("string")
    .project("string")
    .peerExternalGatewayInterface(0)
    .labels(Map.of("string", "string"))
    .description("string")
    .peerExternalGateway("string")
    .region("string")
    .remoteTrafficSelectors("string")
    .router("string")
    .ikeVersion(0)
    .targetVpnGateway("string")
    .vpnGateway("string")
    .vpnGatewayInterface(0)
    .build());
Copy
vpntunnel_resource = gcp.compute.VPNTunnel("vpntunnelResource",
    shared_secret="string",
    peer_ip="string",
    peer_gcp_gateway="string",
    local_traffic_selectors=["string"],
    name="string",
    project="string",
    peer_external_gateway_interface=0,
    labels={
        "string": "string",
    },
    description="string",
    peer_external_gateway="string",
    region="string",
    remote_traffic_selectors=["string"],
    router="string",
    ike_version=0,
    target_vpn_gateway="string",
    vpn_gateway="string",
    vpn_gateway_interface=0)
Copy
const vpntunnelResource = new gcp.compute.VPNTunnel("vpntunnelResource", {
    sharedSecret: "string",
    peerIp: "string",
    peerGcpGateway: "string",
    localTrafficSelectors: ["string"],
    name: "string",
    project: "string",
    peerExternalGatewayInterface: 0,
    labels: {
        string: "string",
    },
    description: "string",
    peerExternalGateway: "string",
    region: "string",
    remoteTrafficSelectors: ["string"],
    router: "string",
    ikeVersion: 0,
    targetVpnGateway: "string",
    vpnGateway: "string",
    vpnGatewayInterface: 0,
});
Copy
type: gcp:compute:VPNTunnel
properties:
    description: string
    ikeVersion: 0
    labels:
        string: string
    localTrafficSelectors:
        - string
    name: string
    peerExternalGateway: string
    peerExternalGatewayInterface: 0
    peerGcpGateway: string
    peerIp: string
    project: string
    region: string
    remoteTrafficSelectors:
        - string
    router: string
    sharedSecret: string
    targetVpnGateway: string
    vpnGateway: string
    vpnGatewayInterface: 0
Copy

VPNTunnel Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The VPNTunnel resource accepts the following input properties:

SharedSecret
This property is required.
Changes to this property will trigger replacement.
string
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


Description Changes to this property will trigger replacement. string
An optional description of this resource.
IkeVersion Changes to this property will trigger replacement. int
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
Labels Dictionary<string, string>
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
LocalTrafficSelectors Changes to this property will trigger replacement. List<string>
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
PeerExternalGateway Changes to this property will trigger replacement. string
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
PeerExternalGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
PeerGcpGateway Changes to this property will trigger replacement. string
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
PeerIp Changes to this property will trigger replacement. string
IP address of the peer VPN gateway. Only IPv4 is supported.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
Region Changes to this property will trigger replacement. string
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
RemoteTrafficSelectors Changes to this property will trigger replacement. List<string>
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Router Changes to this property will trigger replacement. string
URL of router resource to be used for dynamic routing.
TargetVpnGateway Changes to this property will trigger replacement. string
URL of the Target VPN gateway with which this VPN tunnel is associated.
VpnGateway Changes to this property will trigger replacement. string
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
VpnGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the VPN gateway with which this VPN tunnel is associated.
SharedSecret
This property is required.
Changes to this property will trigger replacement.
string
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


Description Changes to this property will trigger replacement. string
An optional description of this resource.
IkeVersion Changes to this property will trigger replacement. int
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
Labels map[string]string
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
LocalTrafficSelectors Changes to this property will trigger replacement. []string
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
PeerExternalGateway Changes to this property will trigger replacement. string
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
PeerExternalGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
PeerGcpGateway Changes to this property will trigger replacement. string
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
PeerIp Changes to this property will trigger replacement. string
IP address of the peer VPN gateway. Only IPv4 is supported.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
Region Changes to this property will trigger replacement. string
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
RemoteTrafficSelectors Changes to this property will trigger replacement. []string
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Router Changes to this property will trigger replacement. string
URL of router resource to be used for dynamic routing.
TargetVpnGateway Changes to this property will trigger replacement. string
URL of the Target VPN gateway with which this VPN tunnel is associated.
VpnGateway Changes to this property will trigger replacement. string
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
VpnGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the VPN gateway with which this VPN tunnel is associated.
sharedSecret
This property is required.
Changes to this property will trigger replacement.
String
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


description Changes to this property will trigger replacement. String
An optional description of this resource.
ikeVersion Changes to this property will trigger replacement. Integer
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labels Map<String,String>
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
localTrafficSelectors Changes to this property will trigger replacement. List<String>
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peerExternalGateway Changes to this property will trigger replacement. String
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peerExternalGatewayInterface Changes to this property will trigger replacement. Integer
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peerGcpGateway Changes to this property will trigger replacement. String
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peerIp Changes to this property will trigger replacement. String
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
region Changes to this property will trigger replacement. String
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remoteTrafficSelectors Changes to this property will trigger replacement. List<String>
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. String
URL of router resource to be used for dynamic routing.
targetVpnGateway Changes to this property will trigger replacement. String
URL of the Target VPN gateway with which this VPN tunnel is associated.
vpnGateway Changes to this property will trigger replacement. String
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpnGatewayInterface Changes to this property will trigger replacement. Integer
The interface ID of the VPN gateway with which this VPN tunnel is associated.
sharedSecret
This property is required.
Changes to this property will trigger replacement.
string
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


description Changes to this property will trigger replacement. string
An optional description of this resource.
ikeVersion Changes to this property will trigger replacement. number
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labels {[key: string]: string}
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
localTrafficSelectors Changes to this property will trigger replacement. string[]
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peerExternalGateway Changes to this property will trigger replacement. string
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peerExternalGatewayInterface Changes to this property will trigger replacement. number
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peerGcpGateway Changes to this property will trigger replacement. string
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peerIp Changes to this property will trigger replacement. string
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
region Changes to this property will trigger replacement. string
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remoteTrafficSelectors Changes to this property will trigger replacement. string[]
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. string
URL of router resource to be used for dynamic routing.
targetVpnGateway Changes to this property will trigger replacement. string
URL of the Target VPN gateway with which this VPN tunnel is associated.
vpnGateway Changes to this property will trigger replacement. string
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpnGatewayInterface Changes to this property will trigger replacement. number
The interface ID of the VPN gateway with which this VPN tunnel is associated.
shared_secret
This property is required.
Changes to this property will trigger replacement.
str
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


description Changes to this property will trigger replacement. str
An optional description of this resource.
ike_version Changes to this property will trigger replacement. int
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labels Mapping[str, str]
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
local_traffic_selectors Changes to this property will trigger replacement. Sequence[str]
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. str
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peer_external_gateway Changes to this property will trigger replacement. str
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peer_external_gateway_interface Changes to this property will trigger replacement. int
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peer_gcp_gateway Changes to this property will trigger replacement. str
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peer_ip Changes to this property will trigger replacement. str
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
region Changes to this property will trigger replacement. str
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remote_traffic_selectors Changes to this property will trigger replacement. Sequence[str]
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. str
URL of router resource to be used for dynamic routing.
target_vpn_gateway Changes to this property will trigger replacement. str
URL of the Target VPN gateway with which this VPN tunnel is associated.
vpn_gateway Changes to this property will trigger replacement. str
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpn_gateway_interface Changes to this property will trigger replacement. int
The interface ID of the VPN gateway with which this VPN tunnel is associated.
sharedSecret
This property is required.
Changes to this property will trigger replacement.
String
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


description Changes to this property will trigger replacement. String
An optional description of this resource.
ikeVersion Changes to this property will trigger replacement. Number
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labels Map<String>
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
localTrafficSelectors Changes to this property will trigger replacement. List<String>
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peerExternalGateway Changes to this property will trigger replacement. String
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peerExternalGatewayInterface Changes to this property will trigger replacement. Number
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peerGcpGateway Changes to this property will trigger replacement. String
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peerIp Changes to this property will trigger replacement. String
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
region Changes to this property will trigger replacement. String
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remoteTrafficSelectors Changes to this property will trigger replacement. List<String>
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. String
URL of router resource to be used for dynamic routing.
targetVpnGateway Changes to this property will trigger replacement. String
URL of the Target VPN gateway with which this VPN tunnel is associated.
vpnGateway Changes to this property will trigger replacement. String
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpnGatewayInterface Changes to this property will trigger replacement. Number
The interface ID of the VPN gateway with which this VPN tunnel is associated.

Outputs

All input properties are implicitly available as output properties. Additionally, the VPNTunnel resource produces the following output properties:

CreationTimestamp string
Creation timestamp in RFC3339 text format.
DetailedStatus string
Detailed status message for the VPN tunnel.
EffectiveLabels Dictionary<string, string>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Id string
The provider-assigned unique ID for this managed resource.
LabelFingerprint string
The fingerprint used for optimistic locking of this resource. Used internally during updates.
PulumiLabels Dictionary<string, string>
The combination of labels configured directly on the resource and default labels configured on the provider.
SelfLink string
The URI of the created resource.
SharedSecretHash string
Hash of the shared secret.
TunnelId string
The unique identifier for the resource. This identifier is defined by the server.
CreationTimestamp string
Creation timestamp in RFC3339 text format.
DetailedStatus string
Detailed status message for the VPN tunnel.
EffectiveLabels map[string]string
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Id string
The provider-assigned unique ID for this managed resource.
LabelFingerprint string
The fingerprint used for optimistic locking of this resource. Used internally during updates.
PulumiLabels map[string]string
The combination of labels configured directly on the resource and default labels configured on the provider.
SelfLink string
The URI of the created resource.
SharedSecretHash string
Hash of the shared secret.
TunnelId string
The unique identifier for the resource. This identifier is defined by the server.
creationTimestamp String
Creation timestamp in RFC3339 text format.
detailedStatus String
Detailed status message for the VPN tunnel.
effectiveLabels Map<String,String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id String
The provider-assigned unique ID for this managed resource.
labelFingerprint String
The fingerprint used for optimistic locking of this resource. Used internally during updates.
pulumiLabels Map<String,String>
The combination of labels configured directly on the resource and default labels configured on the provider.
selfLink String
The URI of the created resource.
sharedSecretHash String
Hash of the shared secret.
tunnelId String
The unique identifier for the resource. This identifier is defined by the server.
creationTimestamp string
Creation timestamp in RFC3339 text format.
detailedStatus string
Detailed status message for the VPN tunnel.
effectiveLabels {[key: string]: string}
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id string
The provider-assigned unique ID for this managed resource.
labelFingerprint string
The fingerprint used for optimistic locking of this resource. Used internally during updates.
pulumiLabels {[key: string]: string}
The combination of labels configured directly on the resource and default labels configured on the provider.
selfLink string
The URI of the created resource.
sharedSecretHash string
Hash of the shared secret.
tunnelId string
The unique identifier for the resource. This identifier is defined by the server.
creation_timestamp str
Creation timestamp in RFC3339 text format.
detailed_status str
Detailed status message for the VPN tunnel.
effective_labels Mapping[str, str]
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id str
The provider-assigned unique ID for this managed resource.
label_fingerprint str
The fingerprint used for optimistic locking of this resource. Used internally during updates.
pulumi_labels Mapping[str, str]
The combination of labels configured directly on the resource and default labels configured on the provider.
self_link str
The URI of the created resource.
shared_secret_hash str
Hash of the shared secret.
tunnel_id str
The unique identifier for the resource. This identifier is defined by the server.
creationTimestamp String
Creation timestamp in RFC3339 text format.
detailedStatus String
Detailed status message for the VPN tunnel.
effectiveLabels Map<String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id String
The provider-assigned unique ID for this managed resource.
labelFingerprint String
The fingerprint used for optimistic locking of this resource. Used internally during updates.
pulumiLabels Map<String>
The combination of labels configured directly on the resource and default labels configured on the provider.
selfLink String
The URI of the created resource.
sharedSecretHash String
Hash of the shared secret.
tunnelId String
The unique identifier for the resource. This identifier is defined by the server.

Look up Existing VPNTunnel Resource

Get an existing VPNTunnel resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VPNTunnelState, opts?: CustomResourceOptions): VPNTunnel
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        creation_timestamp: Optional[str] = None,
        description: Optional[str] = None,
        detailed_status: Optional[str] = None,
        effective_labels: Optional[Mapping[str, str]] = None,
        ike_version: Optional[int] = None,
        label_fingerprint: Optional[str] = None,
        labels: Optional[Mapping[str, str]] = None,
        local_traffic_selectors: Optional[Sequence[str]] = None,
        name: Optional[str] = None,
        peer_external_gateway: Optional[str] = None,
        peer_external_gateway_interface: Optional[int] = None,
        peer_gcp_gateway: Optional[str] = None,
        peer_ip: Optional[str] = None,
        project: Optional[str] = None,
        pulumi_labels: Optional[Mapping[str, str]] = None,
        region: Optional[str] = None,
        remote_traffic_selectors: Optional[Sequence[str]] = None,
        router: Optional[str] = None,
        self_link: Optional[str] = None,
        shared_secret: Optional[str] = None,
        shared_secret_hash: Optional[str] = None,
        target_vpn_gateway: Optional[str] = None,
        tunnel_id: Optional[str] = None,
        vpn_gateway: Optional[str] = None,
        vpn_gateway_interface: Optional[int] = None) -> VPNTunnel
func GetVPNTunnel(ctx *Context, name string, id IDInput, state *VPNTunnelState, opts ...ResourceOption) (*VPNTunnel, error)
public static VPNTunnel Get(string name, Input<string> id, VPNTunnelState? state, CustomResourceOptions? opts = null)
public static VPNTunnel get(String name, Output<String> id, VPNTunnelState state, CustomResourceOptions options)
resources:  _:    type: gcp:compute:VPNTunnel    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
CreationTimestamp string
Creation timestamp in RFC3339 text format.
Description Changes to this property will trigger replacement. string
An optional description of this resource.
DetailedStatus string
Detailed status message for the VPN tunnel.
EffectiveLabels Dictionary<string, string>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
IkeVersion Changes to this property will trigger replacement. int
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
LabelFingerprint string
The fingerprint used for optimistic locking of this resource. Used internally during updates.
Labels Dictionary<string, string>
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
LocalTrafficSelectors Changes to this property will trigger replacement. List<string>
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
PeerExternalGateway Changes to this property will trigger replacement. string
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
PeerExternalGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
PeerGcpGateway Changes to this property will trigger replacement. string
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
PeerIp Changes to this property will trigger replacement. string
IP address of the peer VPN gateway. Only IPv4 is supported.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
PulumiLabels Dictionary<string, string>
The combination of labels configured directly on the resource and default labels configured on the provider.
Region Changes to this property will trigger replacement. string
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
RemoteTrafficSelectors Changes to this property will trigger replacement. List<string>
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Router Changes to this property will trigger replacement. string
URL of router resource to be used for dynamic routing.
SelfLink string
The URI of the created resource.
SharedSecret Changes to this property will trigger replacement. string
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


SharedSecretHash string
Hash of the shared secret.
TargetVpnGateway Changes to this property will trigger replacement. string
URL of the Target VPN gateway with which this VPN tunnel is associated.
TunnelId string
The unique identifier for the resource. This identifier is defined by the server.
VpnGateway Changes to this property will trigger replacement. string
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
VpnGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the VPN gateway with which this VPN tunnel is associated.
CreationTimestamp string
Creation timestamp in RFC3339 text format.
Description Changes to this property will trigger replacement. string
An optional description of this resource.
DetailedStatus string
Detailed status message for the VPN tunnel.
EffectiveLabels map[string]string
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
IkeVersion Changes to this property will trigger replacement. int
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
LabelFingerprint string
The fingerprint used for optimistic locking of this resource. Used internally during updates.
Labels map[string]string
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
LocalTrafficSelectors Changes to this property will trigger replacement. []string
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
PeerExternalGateway Changes to this property will trigger replacement. string
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
PeerExternalGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
PeerGcpGateway Changes to this property will trigger replacement. string
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
PeerIp Changes to this property will trigger replacement. string
IP address of the peer VPN gateway. Only IPv4 is supported.
Project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
PulumiLabels map[string]string
The combination of labels configured directly on the resource and default labels configured on the provider.
Region Changes to this property will trigger replacement. string
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
RemoteTrafficSelectors Changes to this property will trigger replacement. []string
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
Router Changes to this property will trigger replacement. string
URL of router resource to be used for dynamic routing.
SelfLink string
The URI of the created resource.
SharedSecret Changes to this property will trigger replacement. string
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


SharedSecretHash string
Hash of the shared secret.
TargetVpnGateway Changes to this property will trigger replacement. string
URL of the Target VPN gateway with which this VPN tunnel is associated.
TunnelId string
The unique identifier for the resource. This identifier is defined by the server.
VpnGateway Changes to this property will trigger replacement. string
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
VpnGatewayInterface Changes to this property will trigger replacement. int
The interface ID of the VPN gateway with which this VPN tunnel is associated.
creationTimestamp String
Creation timestamp in RFC3339 text format.
description Changes to this property will trigger replacement. String
An optional description of this resource.
detailedStatus String
Detailed status message for the VPN tunnel.
effectiveLabels Map<String,String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ikeVersion Changes to this property will trigger replacement. Integer
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labelFingerprint String
The fingerprint used for optimistic locking of this resource. Used internally during updates.
labels Map<String,String>
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
localTrafficSelectors Changes to this property will trigger replacement. List<String>
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peerExternalGateway Changes to this property will trigger replacement. String
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peerExternalGatewayInterface Changes to this property will trigger replacement. Integer
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peerGcpGateway Changes to this property will trigger replacement. String
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peerIp Changes to this property will trigger replacement. String
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
pulumiLabels Map<String,String>
The combination of labels configured directly on the resource and default labels configured on the provider.
region Changes to this property will trigger replacement. String
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remoteTrafficSelectors Changes to this property will trigger replacement. List<String>
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. String
URL of router resource to be used for dynamic routing.
selfLink String
The URI of the created resource.
sharedSecret Changes to this property will trigger replacement. String
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


sharedSecretHash String
Hash of the shared secret.
targetVpnGateway Changes to this property will trigger replacement. String
URL of the Target VPN gateway with which this VPN tunnel is associated.
tunnelId String
The unique identifier for the resource. This identifier is defined by the server.
vpnGateway Changes to this property will trigger replacement. String
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpnGatewayInterface Changes to this property will trigger replacement. Integer
The interface ID of the VPN gateway with which this VPN tunnel is associated.
creationTimestamp string
Creation timestamp in RFC3339 text format.
description Changes to this property will trigger replacement. string
An optional description of this resource.
detailedStatus string
Detailed status message for the VPN tunnel.
effectiveLabels {[key: string]: string}
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ikeVersion Changes to this property will trigger replacement. number
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labelFingerprint string
The fingerprint used for optimistic locking of this resource. Used internally during updates.
labels {[key: string]: string}
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
localTrafficSelectors Changes to this property will trigger replacement. string[]
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. string
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peerExternalGateway Changes to this property will trigger replacement. string
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peerExternalGatewayInterface Changes to this property will trigger replacement. number
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peerGcpGateway Changes to this property will trigger replacement. string
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peerIp Changes to this property will trigger replacement. string
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. string
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
pulumiLabels {[key: string]: string}
The combination of labels configured directly on the resource and default labels configured on the provider.
region Changes to this property will trigger replacement. string
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remoteTrafficSelectors Changes to this property will trigger replacement. string[]
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. string
URL of router resource to be used for dynamic routing.
selfLink string
The URI of the created resource.
sharedSecret Changes to this property will trigger replacement. string
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


sharedSecretHash string
Hash of the shared secret.
targetVpnGateway Changes to this property will trigger replacement. string
URL of the Target VPN gateway with which this VPN tunnel is associated.
tunnelId string
The unique identifier for the resource. This identifier is defined by the server.
vpnGateway Changes to this property will trigger replacement. string
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpnGatewayInterface Changes to this property will trigger replacement. number
The interface ID of the VPN gateway with which this VPN tunnel is associated.
creation_timestamp str
Creation timestamp in RFC3339 text format.
description Changes to this property will trigger replacement. str
An optional description of this resource.
detailed_status str
Detailed status message for the VPN tunnel.
effective_labels Mapping[str, str]
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ike_version Changes to this property will trigger replacement. int
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
label_fingerprint str
The fingerprint used for optimistic locking of this resource. Used internally during updates.
labels Mapping[str, str]
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
local_traffic_selectors Changes to this property will trigger replacement. Sequence[str]
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. str
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peer_external_gateway Changes to this property will trigger replacement. str
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peer_external_gateway_interface Changes to this property will trigger replacement. int
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peer_gcp_gateway Changes to this property will trigger replacement. str
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peer_ip Changes to this property will trigger replacement. str
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. str
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
pulumi_labels Mapping[str, str]
The combination of labels configured directly on the resource and default labels configured on the provider.
region Changes to this property will trigger replacement. str
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remote_traffic_selectors Changes to this property will trigger replacement. Sequence[str]
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. str
URL of router resource to be used for dynamic routing.
self_link str
The URI of the created resource.
shared_secret Changes to this property will trigger replacement. str
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


shared_secret_hash str
Hash of the shared secret.
target_vpn_gateway Changes to this property will trigger replacement. str
URL of the Target VPN gateway with which this VPN tunnel is associated.
tunnel_id str
The unique identifier for the resource. This identifier is defined by the server.
vpn_gateway Changes to this property will trigger replacement. str
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpn_gateway_interface Changes to this property will trigger replacement. int
The interface ID of the VPN gateway with which this VPN tunnel is associated.
creationTimestamp String
Creation timestamp in RFC3339 text format.
description Changes to this property will trigger replacement. String
An optional description of this resource.
detailedStatus String
Detailed status message for the VPN tunnel.
effectiveLabels Map<String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ikeVersion Changes to this property will trigger replacement. Number
IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.
labelFingerprint String
The fingerprint used for optimistic locking of this resource. Used internally during updates.
labels Map<String>
Labels to apply to this VpnTunnel. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.
localTrafficSelectors Changes to this property will trigger replacement. List<String>
Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
name Changes to this property will trigger replacement. String
Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
peerExternalGateway Changes to this property will trigger replacement. String
URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peerExternalGatewayInterface Changes to this property will trigger replacement. Number
The interface ID of the external VPN gateway to which this VPN tunnel is connected.
peerGcpGateway Changes to this property will trigger replacement. String
URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected. If provided, the VPN tunnel will automatically use the same vpn_gateway_interface ID in the peer GCP VPN gateway. This field must reference a gcp.compute.HaVpnGateway resource.
peerIp Changes to this property will trigger replacement. String
IP address of the peer VPN gateway. Only IPv4 is supported.
project Changes to this property will trigger replacement. String
The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
pulumiLabels Map<String>
The combination of labels configured directly on the resource and default labels configured on the provider.
region Changes to this property will trigger replacement. String
The region where the tunnel is located. If unset, is set to the region of target_vpn_gateway.
remoteTrafficSelectors Changes to this property will trigger replacement. List<String>
Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.
router Changes to this property will trigger replacement. String
URL of router resource to be used for dynamic routing.
selfLink String
The URI of the created resource.
sharedSecret Changes to this property will trigger replacement. String
Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway. Note: This property is sensitive and will not be displayed in the plan.


sharedSecretHash String
Hash of the shared secret.
targetVpnGateway Changes to this property will trigger replacement. String
URL of the Target VPN gateway with which this VPN tunnel is associated.
tunnelId String
The unique identifier for the resource. This identifier is defined by the server.
vpnGateway Changes to this property will trigger replacement. String
URL of the VPN gateway with which this VPN tunnel is associated. This must be used if a High Availability VPN gateway resource is created. This field must reference a gcp.compute.HaVpnGateway resource.
vpnGatewayInterface Changes to this property will trigger replacement. Number
The interface ID of the VPN gateway with which this VPN tunnel is associated.

Import

VpnTunnel can be imported using any of these accepted formats:

  • projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}

  • {{project}}/{{region}}/{{name}}

  • {{region}}/{{name}}

  • {{name}}

When using the pulumi import command, VpnTunnel can be imported using one of the formats above. For example:

$ pulumi import gcp:compute/vPNTunnel:VPNTunnel default projects/{{project}}/regions/{{region}}/vpnTunnels/{{name}}
Copy
$ pulumi import gcp:compute/vPNTunnel:VPNTunnel default {{project}}/{{region}}/{{name}}
Copy
$ pulumi import gcp:compute/vPNTunnel:VPNTunnel default {{region}}/{{name}}
Copy
$ pulumi import gcp:compute/vPNTunnel:VPNTunnel default {{name}}
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
Google Cloud (GCP) Classic pulumi/pulumi-gcp
License
Apache-2.0
Notes
This Pulumi package is based on the google-beta Terraform Provider.