Package software.amazon.awssdk.services.ec2.model

Class ModifyVpnTunnelOptionsSpecification

java.lang.Object
software.amazon.awssdk.services.ec2.model.ModifyVpnTunnelOptionsSpecification
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<ModifyVpnTunnelOptionsSpecification.Builder,ModifyVpnTunnelOptionsSpecification>
@Generated("software.amazon.awssdk:codegen") public final class ModifyVpnTunnelOptionsSpecification extends Object implements SdkPojo, Serializable, ToCopyableBuilder<ModifyVpnTunnelOptionsSpecification.Builder,ModifyVpnTunnelOptionsSpecification>

The Amazon Web Services Site-to-Site VPN tunnel options to modify.

See Also:

  • Method Details

    • tunnelInsideCidr

      public final String tunnelInsideCidr()

      The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.

      Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

      • 169.254.0.0/30

      • 169.254.1.0/30

      • 169.254.2.0/30

      • 169.254.3.0/30

      • 169.254.4.0/30

      • 169.254.5.0/30

      • 169.254.169.252/30

      Returns:
      The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.

      Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

      • 169.254.0.0/30

      • 169.254.1.0/30

      • 169.254.2.0/30

      • 169.254.3.0/30

      • 169.254.4.0/30

      • 169.254.5.0/30

      • 169.254.169.252/30

    • tunnelInsideIpv6Cidr

      public final String tunnelInsideIpv6Cidr()

      The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.

      Constraints: A size /126 CIDR block from the local fd00::/8 range.

      Returns:
      The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway.

      Constraints: A size /126 CIDR block from the local fd00::/8 range.

    • preSharedKey

      public final String preSharedKey()

      The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.

      Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).

      Returns:
      The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.

      Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).

    • phase1LifetimeSeconds

      public final Integer phase1LifetimeSeconds()

      The lifetime for phase 1 of the IKE negotiation, in seconds.

      Constraints: A value between 900 and 28,800.

      Default: 28800

      Returns:
      The lifetime for phase 1 of the IKE negotiation, in seconds.

      Constraints: A value between 900 and 28,800.

      Default: 28800

    • phase2LifetimeSeconds

      public final Integer phase2LifetimeSeconds()

      The lifetime for phase 2 of the IKE negotiation, in seconds.

      Constraints: A value between 900 and 3,600. The value must be less than the value for Phase1LifetimeSeconds.

      Default: 3600

      Returns:
      The lifetime for phase 2 of the IKE negotiation, in seconds.

      Constraints: A value between 900 and 3,600. The value must be less than the value for Phase1LifetimeSeconds.

      Default: 3600

    • rekeyMarginTimeSeconds

      public final Integer rekeyMarginTimeSeconds()

      The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for RekeyFuzzPercentage.

      Constraints: A value between 60 and half of Phase2LifetimeSeconds.

      Default: 270

      Returns:
      The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon Web Services side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for RekeyFuzzPercentage.

      Constraints: A value between 60 and half of Phase2LifetimeSeconds.

      Default: 270

    • rekeyFuzzPercentage

      public final Integer rekeyFuzzPercentage()

      The percentage of the rekey window (determined by RekeyMarginTimeSeconds) during which the rekey time is randomly selected.

      Constraints: A value between 0 and 100.

      Default: 100

      Returns:
      The percentage of the rekey window (determined by RekeyMarginTimeSeconds) during which the rekey time is randomly selected.

      Constraints: A value between 0 and 100.

      Default: 100

    • replayWindowSize

      public final Integer replayWindowSize()

      The number of packets in an IKE replay window.

      Constraints: A value between 64 and 2048.

      Default: 1024

      Returns:
      The number of packets in an IKE replay window.

      Constraints: A value between 64 and 2048.

      Default: 1024

    • dpdTimeoutSeconds

      public final Integer dpdTimeoutSeconds()

      The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds after the first failed keep-alive.

      Constraints: A value greater than or equal to 30.

      Default: 40

      Returns:
      The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds after the first failed keep-alive.

      Constraints: A value greater than or equal to 30.

      Default: 40

    • dpdTimeoutAction

      public final String dpdTimeoutAction()

      The action to take after DPD timeout occurs. Specify restart to restart the IKE initiation. Specify clear to end the IKE session.

      Valid Values: clear | none | restart

      Default: clear

      Returns:
      The action to take after DPD timeout occurs. Specify restart to restart the IKE initiation. Specify clear to end the IKE session.

      Valid Values: clear | none | restart

      Default: clear

    • hasPhase1EncryptionAlgorithms

      public final boolean hasPhase1EncryptionAlgorithms()
      For responses, this returns true if the service returned a value for the Phase1EncryptionAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • phase1EncryptionAlgorithms

      public final List<Phase1EncryptionAlgorithmsRequestListValue> phase1EncryptionAlgorithms()

      One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

      Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasPhase1EncryptionAlgorithms() method.

      Returns:
      One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

      Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16

    • hasPhase2EncryptionAlgorithms

      public final boolean hasPhase2EncryptionAlgorithms()
      For responses, this returns true if the service returned a value for the Phase2EncryptionAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • phase2EncryptionAlgorithms

      public final List<Phase2EncryptionAlgorithmsRequestListValue> phase2EncryptionAlgorithms()

      One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

      Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasPhase2EncryptionAlgorithms() method.

      Returns:
      One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

      Valid values: AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16

    • hasPhase1IntegrityAlgorithms

      public final boolean hasPhase1IntegrityAlgorithms()
      For responses, this returns true if the service returned a value for the Phase1IntegrityAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • phase1IntegrityAlgorithms

      public final List<Phase1IntegrityAlgorithmsRequestListValue> phase1IntegrityAlgorithms()

      One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

      Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasPhase1IntegrityAlgorithms() method.

      Returns:
      One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

      Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512

    • hasPhase2IntegrityAlgorithms

      public final boolean hasPhase2IntegrityAlgorithms()
      For responses, this returns true if the service returned a value for the Phase2IntegrityAlgorithms property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • phase2IntegrityAlgorithms

      public final List<Phase2IntegrityAlgorithmsRequestListValue> phase2IntegrityAlgorithms()

      One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

      Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasPhase2IntegrityAlgorithms() method.

      Returns:
      One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

      Valid values: SHA1 | SHA2-256 | SHA2-384 | SHA2-512

    • hasPhase1DHGroupNumbers

      public final boolean hasPhase1DHGroupNumbers()
      For responses, this returns true if the service returned a value for the Phase1DHGroupNumbers property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • phase1DHGroupNumbers

      public final List<Phase1DHGroupNumbersRequestListValue> phase1DHGroupNumbers()

      One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.

      Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasPhase1DHGroupNumbers() method.

      Returns:
      One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.

      Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24

    • hasPhase2DHGroupNumbers

      public final boolean hasPhase2DHGroupNumbers()
      For responses, this returns true if the service returned a value for the Phase2DHGroupNumbers property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • phase2DHGroupNumbers

      public final List<Phase2DHGroupNumbersRequestListValue> phase2DHGroupNumbers()

      One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.

      Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasPhase2DHGroupNumbers() method.

      Returns:
      One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.

      Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24

    • hasIkeVersions

      public final boolean hasIkeVersions()
      For responses, this returns true if the service returned a value for the IKEVersions property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • ikeVersions

      public final List<IKEVersionsRequestListValue> ikeVersions()

      The IKE versions that are permitted for the VPN tunnel.

      Valid values: ikev1 | ikev2

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasIkeVersions() method.

      Returns:
      The IKE versions that are permitted for the VPN tunnel.

      Valid values: ikev1 | ikev2

    • startupAction

      public final String startupAction()

      The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for Amazon Web Services to initiate the IKE negotiation.

      Valid Values: add | start

      Default: add

      Returns:
      The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for Amazon Web Services to initiate the IKE negotiation.

      Valid Values: add | start

      Default: add

    • logOptions

      public final VpnTunnelLogOptionsSpecification logOptions()

      Options for logging VPN tunnel activity.

      Returns:
      Options for logging VPN tunnel activity.

    • enableTunnelLifecycleControl

      public final Boolean enableTunnelLifecycleControl()

      Turn on or off tunnel endpoint lifecycle control feature.

      Returns:
      Turn on or off tunnel endpoint lifecycle control feature.

    • toBuilder

      public ModifyVpnTunnelOptionsSpecification.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<ModifyVpnTunnelOptionsSpecification.Builder,ModifyVpnTunnelOptionsSpecification>
      Returns:
      a builder for type T

    • builder

      public static ModifyVpnTunnelOptionsSpecification.Builder builder()

    • serializableBuilderClass

      public static Class<? extends ModifyVpnTunnelOptionsSpecification.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.