Resource: awsEc2ClientVpnNetworkAssociation
Provides network associations for AWS Client VPN endpoints. For more information on usage, please see the AWS Client VPN Administrator's Guide.
\~> NOTE on Client VPN endpoint target network security groups: Terraform provides both a standalone Client VPN endpoint network association resource with a (deprecated) securityGroups
argument and a Client VPN endpoint resource with a securityGroupIds
argument. Do not specify security groups in both resources. Doing so will cause a conflict and will overwrite the target network security group association.
Example Usage
Using default security group
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.ec2ClientVpnNetworkAssociation.Ec2ClientVpnNetworkAssociation(
this,
"example",
{
clientVpnEndpointId: "${aws_ec2_client_vpn_endpoint.example.id}",
subnetId: "${aws_subnet.example.id}",
}
);
Using custom security groups
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.ec2ClientVpnNetworkAssociation.Ec2ClientVpnNetworkAssociation(
this,
"example",
{
clientVpnEndpointId: "${aws_ec2_client_vpn_endpoint.example.id}",
securityGroups: [
"${aws_security_group.example1.id}",
"${aws_security_group.example2.id}",
],
subnetId: "${aws_subnet.example.id}",
}
);
Argument Reference
The following arguments are supported:
clientVpnEndpointId
- (Required) The ID of the Client VPN endpoint.subnetId
- (Required) The ID of the subnet to associate with the Client VPN endpoint.securityGroups
- (Optional, Deprecated use thesecurityGroupIds
argument of theawsEc2ClientVpnEndpoint
resource instead) A list of up to five custom security groups to apply to the target network. If not specified, the VPC's default security group is assigned.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The unique ID of the target network association.associationId
- The unique ID of the target network association.status
- Deprecated The current state of the target network association.vpcId
- The ID of the VPC in which the target subnet is located.
Timeouts
create
- (Default30M
)delete
- (Default30M
)
Import
AWS Client VPN network associations can be imported using the endpoint ID and the association ID. Values are separated by a ,
.