| additional_routes |
A list of additional routes that should be attached to the Client VPN endpoint |
list(object({
destination_cidr_block = string
description = string
target_vpc_subnet_id = string
})) |
[] |
no |
| additional_security_groups |
List of security groups to attach to the client vpn network associations |
list(string) |
[] |
no |
| associated_subnets |
List of subnets to associate with the VPN endpoint |
list(string) |
n/a |
yes |
| authorization_rules |
List of objects describing the authorization rules for the client vpn |
list(object({
name = string
access_group_id = string
authorize_all_groups = bool
description = string
target_network_cidr = string
})) |
n/a |
yes |
| client_cidr_block |
VPN CIDR Block |
string |
n/a |
yes |
| cloudwatch_log_retention_days |
How long to keep VPN logs. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0. If you select 0, the events in the log group are always retained and never expire. |
number |
30 |
no |
| description |
Resource description |
string |
n/a |
yes |
| dns_servers |
List of DNS Server for VPN |
list(string) |
[] |
no |
| domain_name |
Domain Name to associate with ACM common name |
string |
n/a |
yes |
| name |
Name to associate with various resources |
string |
n/a |
yes |
| saml_metadata_document |
Optional SAML metadata document. Must include this or saml_provider_arn |
string |
null |
no |
| saml_provider_arn |
Optional SAML ARN. Must include this or saml_metadata_document |
string |
null |
no |
| self_service_portal |
Specify whether the VPC Client self-service portal is enabled or disabled |
string |
disabled |
no |
| split_tunnel_enabled |
Whether to enable split tunnelling |
bool |
true |
no |
| tags |
Map of strings containing tags for AWS resources |
map(string) |
{} |
no |
| vpc_id |
ID of VPC to attach VPN to |
string |
n/a |
yes |