Skip to content

Resource: awsDxConnection

Provides a Connection of Direct Connect.

Example Usage

Create a connection

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dxConnection.DxConnection(this, "hoge", {
  bandwidth: "1Gbps",
  location: "EqDC2",
  name: "tf-dx-connection",
});

Request a MACsec-capable connection

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dxConnection.DxConnection(this, "example", {
  bandwidth: "10Gbps",
  location: "EqDA2",
  name: "tf-dx-connection",
  requestMacsec: true,
});

Configure encryption mode for MACsec-capable connections

-> NOTE: You can only specify the encryptionMode argument once the connection is in an available state.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dxConnection.DxConnection(this, "example", {
  bandwidth: "10Gbps",
  encryptionMode: "must_encrypt",
  location: "EqDC2",
  name: "tf-dx-connection",
  requestMacsec: true,
});

Argument Reference

The following arguments are supported:

  • bandwidth - (Required) The bandwidth of the connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive.
  • encryptionMode - (Optional) The connection MAC Security (MACsec) encryption mode. MAC Security (MACsec) is only available on dedicated connections. Valid values are noEncrypt, shouldEncrypt, and mustEncrypt.
  • location - (Required) The AWS Direct Connect location where the connection is located. See DescribeLocations for the list of AWS Direct Connect locations. Use locationCode.
  • name - (Required) The name of the connection.
  • providerName - (Optional) The name of the service provider associated with the connection.
  • requestMacsec - (Optional) Boolean value indicating whether you want the connection to support MAC Security (MACsec). MAC Security (MACsec) is only available on dedicated connections. See MACsec prerequisites for more information about MAC Security (MACsec) prerequisites. Default value: false.

\~> NOTE: Changing the value of requestMacsec will cause the resource to be destroyed and re-created.

  • skipDestroy - (Optional) Set to true if you do not wish the connection to be deleted at destroy time, and instead just removed from the Terraform state.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - The ARN of the connection.
  • awsDevice - The Direct Connect endpoint on which the physical connection terminates.
  • hasLogicalRedundancy - Indicates whether the connection supports a secondary BGP peer in the same address family (IPv4/IPv6).
  • id - The ID of the connection.
  • jumboFrameCapable - Boolean value representing if jumbo frames have been enabled for this connection.
  • macsecCapable - Boolean value indicating whether the connection supports MAC Security (MACsec).
  • ownerAccountId - The ID of the AWS account that owns the connection.
  • portEncryptionStatus - The MAC Security (MACsec) port link status of the connection.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.
  • vlanId - The VLAN ID.

Import

Direct Connect connections can be imported using the connectionId, e.g.,

$ terraform import aws_dx_connection.test_connection dxcon-ffre0ec3