Hardware VPN

Amazon provide a hardware VPN facility for connecting your VPC to your corporate datacenter over industry standard ipsec encryption. This is a dial-in service. You connect to it, it does not connect to you.

VPN Connections

class VpnConnection

You can create a VPN Connection in any VPC:

vpn = vpn.add_vpn_connection(
    name='my-vpn-connection',
)

By default you can only create 10 VPN connections within an Amazon account.

name

The name of the vpn connection. This field is required.

customer_gateway

A CustomerGateway. This field is required.

vpn_gateway

A VpnGateway. This field is required.

type

The type of VpnConnection to create. The default is ipsec.1. This is also the only currently supported value.

static_routes_only

Set to True to only consider the routes defined in static_routes.

static_routes

A list of ip ranges in CIDR form.

tags

A dictionary of tags to associate with this VPC. A common use of tags is to group components by environment (e.g. “dev1”, “staging”, etc) or to map components to cost centres for billing purposes.

Customer Gateway

class CustomerGateway

A CustomerGateway represents the non-Amazon end of a VpnConnection.

You can create an customer gateway in any VPC:

customer_gateway = vpc.add_customer_gateway(
    name='my-customer-gateway',
)
name

The name of the customer gateway. This field is required.

type

The type of CustomerGateway to create. The default is ipsec.1. This is also the only currently supported value.

public_ip

The internet-routable IP address for the customer gateway’s outside interface.

bgp_asn

For devices that support BGP, the gateway’s BGP ASN.

tags

A dictionary of tags to associate with this VPC. A common use of tags is to group components by environment (e.g. “dev1”, “staging”, etc) or to map components to cost centres for billing purposes.

VPN Gateway

class VpnGateway

A VpnGateway represents the Amazon end of a VpnConnection.

You can create an vpn gateway in any VPC:

vpn_gateway = vpc.add_vpn_gateway(
    name='my-vpn-gateway',
)
name

The name of the vpn gateway. This field is required.

type

The type of CustomerGateway to create. The default is ipsec.1. This is also the only currently supported value.

availability_zone

The availability zone to place the Vpn Gateway in.

tags

A dictionary of tags to associate with this VPC. A common use of tags is to group components by environment (e.g. “dev1”, “staging”, etc) or to map components to cost centres for billing purposes.