Skip to content

Resource: awsEc2ClientVpnAuthorizationRule

Provides authorization rules for AWS Client VPN endpoints. For more information on usage, please see the AWS Client VPN Administrator's Guide.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.ec2ClientVpnAuthorizationRule.Ec2ClientVpnAuthorizationRule(
  this,
  "example",
  {
    authorizeAllGroups: true,
    clientVpnEndpointId: "${aws_ec2_client_vpn_endpoint.example.id}",
    targetNetworkCidr: "${aws_subnet.example.cidr_block}",
  }
);

Argument Reference

The following arguments are supported:

  • clientVpnEndpointId - (Required) The ID of the Client VPN endpoint.
  • targetNetworkCidr - (Required) The IPv4 address range, in CIDR notation, of the network to which the authorization rule applies.
  • accessGroupId - (Optional) The ID of the group to which the authorization rule grants access. One of accessGroupId or authorizeAllGroups must be set.
  • authorizeAllGroups - (Optional) Indicates whether the authorization rule grants access to all clients. One of accessGroupId or authorizeAllGroups must be set.
  • description - (Optional) A brief description of the authorization rule.

Attributes Reference

No additional attributes are exported.

Timeouts

Configuration options:

  • create - (Default 10M)
  • delete - (Default 10M)

Import

AWS Client VPN authorization rules can be imported using the endpoint ID and target network CIDR. If there is a specific group name that is included as well. All values are separated by a ,.

$ terraform import aws_ec2_client_vpn_authorization_rule.example cvpn-endpoint-0ac3a1abbccddd666,10.1.0.0/24

$ terraform import aws_ec2_client_vpn_authorization_rule.example cvpn-endpoint-0ac3a1abbccddd666,10.1.0.0/24,team-a