Class ModifyVpnTunnelOptionsSpecification
- All Implemented Interfaces:
Serializable
,SdkPojo
,ToCopyableBuilder<ModifyVpnTunnelOptionsSpecification.Builder,
ModifyVpnTunnelOptionsSpecification>
The Amazon Web Services Site-to-Site VPN tunnel options to modify.
- See Also:
-
Nested Class Summary
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
final String
The action to take after DPD timeout occurs.final Integer
The number of seconds after which a DPD timeout occurs.final Boolean
Turn on or off tunnel endpoint lifecycle control feature.final boolean
final boolean
equalsBySdkFields
(Object obj) Indicates whether some other object is "equal to" this one by SDK fields.final <T> Optional
<T> getValueForField
(String fieldName, Class<T> clazz) final int
hashCode()
final boolean
For responses, this returns true if the service returned a value for the IKEVersions property.final boolean
For responses, this returns true if the service returned a value for the Phase1DHGroupNumbers property.final boolean
For responses, this returns true if the service returned a value for the Phase1EncryptionAlgorithms property.final boolean
For responses, this returns true if the service returned a value for the Phase1IntegrityAlgorithms property.final boolean
For responses, this returns true if the service returned a value for the Phase2DHGroupNumbers property.final boolean
For responses, this returns true if the service returned a value for the Phase2EncryptionAlgorithms property.final boolean
For responses, this returns true if the service returned a value for the Phase2IntegrityAlgorithms property.final List
<IKEVersionsRequestListValue> The IKE versions that are permitted for the VPN tunnel.Options for logging VPN tunnel activity.One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.final Integer
The lifetime for phase 1 of the IKE negotiation, in seconds.One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.final Integer
The lifetime for phase 2 of the IKE negotiation, in seconds.final String
The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.final Integer
The percentage of the rekey window (determined byRekeyMarginTimeSeconds
) during which the rekey time is randomly selected.final Integer
The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services side of the VPN connection performs an IKE rekey.final Integer
The number of packets in an IKE replay window.static Class
<? extends ModifyVpnTunnelOptionsSpecification.Builder> final String
The action to take when the establishing the tunnel for the VPN connection.Take this object and create a builder that contains all of the current property values of this object.final String
toString()
Returns a string representation of this object.final String
The range of inside IPv4 addresses for the tunnel.final String
The range of inside IPv6 addresses for the tunnel.Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy
-
Method Details
-
tunnelInsideCidr
The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.
Constraints: A size /30 CIDR block from the
169.254.0.0/16
range. The following CIDR blocks are reserved and cannot be used:-
169.254.0.0/30
-
169.254.1.0/30
-
169.254.2.0/30
-
169.254.3.0/30
-
169.254.4.0/30
-
169.254.5.0/30
-
169.254.169.252/30
- Returns:
- The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be unique across all
VPN connections that use the same virtual private gateway.
Constraints: A size /30 CIDR block from the
169.254.0.0/16
range. The following CIDR blocks are reserved and cannot be used:-
169.254.0.0/30
-
169.254.1.0/30
-
169.254.2.0/30
-
169.254.3.0/30
-
169.254.4.0/30
-
169.254.5.0/30
-
169.254.169.252/30
-
-
-
tunnelInsideIpv6Cidr
The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.
Constraints: A size /126 CIDR block from the local
fd00::/8
range.- Returns:
- The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all
VPN connections that use the same transit gateway.
Constraints: A size /126 CIDR block from the local
fd00::/8
range.
-
phase1LifetimeSeconds
The lifetime for phase 1 of the IKE negotiation, in seconds.
Constraints: A value between 900 and 28,800.
Default:
28800
- Returns:
- The lifetime for phase 1 of the IKE negotiation, in seconds.
Constraints: A value between 900 and 28,800.
Default:
28800
-
phase2LifetimeSeconds
The lifetime for phase 2 of the IKE negotiation, in seconds.
Constraints: A value between 900 and 3,600. The value must be less than the value for
Phase1LifetimeSeconds
.Default:
3600
- Returns:
- The lifetime for phase 2 of the IKE negotiation, in seconds.
Constraints: A value between 900 and 3,600. The value must be less than the value for
Phase1LifetimeSeconds
.Default:
3600
-
rekeyMarginTimeSeconds
The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for
RekeyFuzzPercentage
.Constraints: A value between 60 and half of
Phase2LifetimeSeconds
.Default:
270
- Returns:
- The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services
side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based
on the value for
RekeyFuzzPercentage
.Constraints: A value between 60 and half of
Phase2LifetimeSeconds
.Default:
270
-
rekeyFuzzPercentage
The percentage of the rekey window (determined by
RekeyMarginTimeSeconds
) during which the rekey time is randomly selected.Constraints: A value between 0 and 100.
Default:
100
- Returns:
- The percentage of the rekey window (determined by
RekeyMarginTimeSeconds
) during which the rekey time is randomly selected.Constraints: A value between 0 and 100.
Default:
100
-
replayWindowSize
The number of packets in an IKE replay window.
Constraints: A value between 64 and 2048.
Default:
1024
- Returns:
- The number of packets in an IKE replay window.
Constraints: A value between 64 and 2048.
Default:
1024
-
dpdTimeoutSeconds
The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds after the first failed keep-alive.
Constraints: A value greater than or equal to 30.
Default:
40
- Returns:
- The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN
endpoint will consider the peer dead 30 seconds after the first failed keep-alive.
Constraints: A value greater than or equal to 30.
Default:
40
-
dpdTimeoutAction
The action to take after DPD timeout occurs. Specify
restart
to restart the IKE initiation. Specifyclear
to end the IKE session.Valid Values:
clear
|none
|restart
Default:
clear
- Returns:
- The action to take after DPD timeout occurs. Specify
restart
to restart the IKE initiation. Specifyclear
to end the IKE session.Valid Values:
clear
|none
|restart
Default:
clear
-
hasPhase1EncryptionAlgorithms
public final boolean hasPhase1EncryptionAlgorithms()For responses, this returns true if the service returned a value for the Phase1EncryptionAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
phase1EncryptionAlgorithms
One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.
Valid values:
AES128
|AES256
|AES128-GCM-16
|AES256-GCM-16
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasPhase1EncryptionAlgorithms()
method.- Returns:
- One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.
Valid values:
AES128
|AES256
|AES128-GCM-16
|AES256-GCM-16
-
hasPhase2EncryptionAlgorithms
public final boolean hasPhase2EncryptionAlgorithms()For responses, this returns true if the service returned a value for the Phase2EncryptionAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
phase2EncryptionAlgorithms
One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.
Valid values:
AES128
|AES256
|AES128-GCM-16
|AES256-GCM-16
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasPhase2EncryptionAlgorithms()
method.- Returns:
- One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.
Valid values:
AES128
|AES256
|AES128-GCM-16
|AES256-GCM-16
-
hasPhase1IntegrityAlgorithms
public final boolean hasPhase1IntegrityAlgorithms()For responses, this returns true if the service returned a value for the Phase1IntegrityAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
phase1IntegrityAlgorithms
One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.
Valid values:
SHA1
|SHA2-256
|SHA2-384
|SHA2-512
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasPhase1IntegrityAlgorithms()
method.- Returns:
- One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.
Valid values:
SHA1
|SHA2-256
|SHA2-384
|SHA2-512
-
hasPhase2IntegrityAlgorithms
public final boolean hasPhase2IntegrityAlgorithms()For responses, this returns true if the service returned a value for the Phase2IntegrityAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
phase2IntegrityAlgorithms
One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.
Valid values:
SHA1
|SHA2-256
|SHA2-384
|SHA2-512
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasPhase2IntegrityAlgorithms()
method.- Returns:
- One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.
Valid values:
SHA1
|SHA2-256
|SHA2-384
|SHA2-512
-
hasPhase1DHGroupNumbers
public final boolean hasPhase1DHGroupNumbers()For responses, this returns true if the service returned a value for the Phase1DHGroupNumbers property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
phase1DHGroupNumbers
One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.
Valid values:
2
|14
|15
|16
|17
|18
|19
|20
|21
|22
|23
|24
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasPhase1DHGroupNumbers()
method.- Returns:
- One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE
negotiations.
Valid values:
2
|14
|15
|16
|17
|18
|19
|20
|21
|22
|23
|24
-
hasPhase2DHGroupNumbers
public final boolean hasPhase2DHGroupNumbers()For responses, this returns true if the service returned a value for the Phase2DHGroupNumbers property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
phase2DHGroupNumbers
One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.
Valid values:
2
|5
|14
|15
|16
|17
|18
|19
|20
|21
|22
|23
|24
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasPhase2DHGroupNumbers()
method.- Returns:
- One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE
negotiations.
Valid values:
2
|5
|14
|15
|16
|17
|18
|19
|20
|21
|22
|23
|24
-
hasIkeVersions
public final boolean hasIkeVersions()For responses, this returns true if the service returned a value for the IKEVersions property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
ikeVersions
The IKE versions that are permitted for the VPN tunnel.
Valid values:
ikev1
|ikev2
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasIkeVersions()
method.- Returns:
- The IKE versions that are permitted for the VPN tunnel.
Valid values:
ikev1
|ikev2
-
startupAction
The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify
start
for Amazon Web Services to initiate the IKE negotiation.Valid Values:
add
|start
Default:
add
- Returns:
- The action to take when the establishing the tunnel for the VPN connection. By default, your customer
gateway device must initiate the IKE negotiation and bring up the tunnel. Specify
start
for Amazon Web Services to initiate the IKE negotiation.Valid Values:
add
|start
Default:
add
-
logOptions
Options for logging VPN tunnel activity.
- Returns:
- Options for logging VPN tunnel activity.
-
enableTunnelLifecycleControl
Turn on or off tunnel endpoint lifecycle control feature.
- Returns:
- Turn on or off tunnel endpoint lifecycle control feature.
-
toBuilder
Description copied from interface:ToCopyableBuilder
Take this object and create a builder that contains all of the current property values of this object.- Specified by:
toBuilder
in interfaceToCopyableBuilder<ModifyVpnTunnelOptionsSpecification.Builder,
ModifyVpnTunnelOptionsSpecification> - Returns:
- a builder for type T
-
builder
-
serializableBuilderClass
public static Class<? extends ModifyVpnTunnelOptionsSpecification.Builder> serializableBuilderClass() -
hashCode
public final int hashCode() -
equals
-
equalsBySdkFields
Description copied from interface:SdkPojo
Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in anSdkPojo
class, and is generated based on a service model.If an
SdkPojo
class does not have any inherited fields,equalsBySdkFields
andequals
are essentially the same.- Specified by:
equalsBySdkFields
in interfaceSdkPojo
- Parameters:
obj
- the object to be compared with- Returns:
- true if the other object equals to this object by sdk fields, false otherwise.
-
toString
Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value. -
getValueForField
-
sdkFields
-