AWS::EC2::VPNConnection VpnTunnelOptionsSpecification - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::EC2::VPNConnection VpnTunnelOptionsSpecification

The tunnel options for a single VPN tunnel.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "PreSharedKey" : String, "TunnelInsideCidr" : String }

YAML

PreSharedKey: String TunnelInsideCidr: String

Properties

PreSharedKey

The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.

Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).

Required: No

Type: String

Update requires: Replacement

TunnelInsideCidr

The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.

Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

  • 169.254.0.0/30

  • 169.254.1.0/30

  • 169.254.2.0/30

  • 169.254.3.0/30

  • 169.254.4.0/30

  • 169.254.5.0/30

  • 169.254.169.252/30

Required: No

Type: String

Update requires: Replacement