software.amazon.awssdk.services.ec2.model

Class VpnTunnelOptionsSpecification

java.lang.Object

software.amazon.awssdk.services.ec2.model.VpnTunnelOptionsSpecification

All Implemented Interfaces:

Serializable, SdkPojo, ToCopyableBuilder<VpnTunnelOptionsSpecification.Builder,VpnTunnelOptionsSpecification>

@Generated(value="software.amazon.awssdk:codegen")
public final class VpnTunnelOptionsSpecification
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<VpnTunnelOptionsSpecification.Builder,VpnTunnelOptionsSpecification>

The tunnel options for a VPN connection.

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static interface	VpnTunnelOptionsSpecification.Builder

Method Summary

Modifier and Type	Method and Description
static VpnTunnelOptionsSpecification.Builder	builder()
Integer	dpdTimeoutSeconds() The number of seconds after which a DPD timeout occurs.
boolean	equals(Object obj)
boolean	equalsBySdkFields(Object obj)
<T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
int	hashCode()
boolean	hasIkeVersions() Returns true if the IKEVersions property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasPhase1DHGroupNumbers() Returns true if the Phase1DHGroupNumbers property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasPhase1EncryptionAlgorithms() Returns true if the Phase1EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasPhase1IntegrityAlgorithms() Returns true if the Phase1IntegrityAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasPhase2DHGroupNumbers() Returns true if the Phase2DHGroupNumbers property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasPhase2EncryptionAlgorithms() Returns true if the Phase2EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
boolean	hasPhase2IntegrityAlgorithms() Returns true if the Phase2IntegrityAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty).
List<IKEVersionsRequestListValue>	ikeVersions() The IKE versions that are permitted for the VPN tunnel.
List<Phase1DHGroupNumbersRequestListValue>	phase1DHGroupNumbers() One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.
List<Phase1EncryptionAlgorithmsRequestListValue>	phase1EncryptionAlgorithms() One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.
List<Phase1IntegrityAlgorithmsRequestListValue>	phase1IntegrityAlgorithms() One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.
Integer	phase1LifetimeSeconds() The lifetime for phase 1 of the IKE negotiation, in seconds.
List<Phase2DHGroupNumbersRequestListValue>	phase2DHGroupNumbers() One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.
List<Phase2EncryptionAlgorithmsRequestListValue>	phase2EncryptionAlgorithms() One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.
List<Phase2IntegrityAlgorithmsRequestListValue>	phase2IntegrityAlgorithms() One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.
Integer	phase2LifetimeSeconds() The lifetime for phase 2 of the IKE negotiation, in seconds.
String	preSharedKey() The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
Integer	rekeyFuzzPercentage() The percentage of the rekey window (determined by RekeyMarginTimeSeconds) during which the rekey time is randomly selected.
Integer	rekeyMarginTimeSeconds() The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey.
Integer	replayWindowSize() The number of packets in an IKE replay window.
List<SdkField<?>>	sdkFields()
static Class<? extends VpnTunnelOptionsSpecification.Builder>	serializableBuilderClass()
VpnTunnelOptionsSpecification.Builder	toBuilder()
String	toString() Returns a string representation of this object.
String	tunnelInsideCidr() The range of inside IP addresses for the tunnel.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Detail

tunnelInsideCidr

public String tunnelInsideCidr()

The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.

Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

• 169.254.0.0/30

• 169.254.1.0/30

• 169.254.2.0/30

• 169.254.3.0/30

• 169.254.4.0/30

• 169.254.5.0/30

• 169.254.169.252/30

Returns:

The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.

Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following CIDR blocks are reserved and cannot be used:

• 169.254.0.0/30

• 169.254.1.0/30

• 169.254.2.0/30

• 169.254.3.0/30

• 169.254.4.0/30

• 169.254.5.0/30

• 169.254.169.252/30

preSharedKey

public String preSharedKey()

The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.

Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).

Returns:

The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.

Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).

phase1LifetimeSeconds

public Integer phase1LifetimeSeconds()

The lifetime for phase 1 of the IKE negotiation, in seconds.

Constraints: A value between 900 and 28,800.

Default: 28800

Returns:

The lifetime for phase 1 of the IKE negotiation, in seconds.

Constraints: A value between 900 and 28,800.

Default: 28800

phase2LifetimeSeconds

public Integer phase2LifetimeSeconds()

The lifetime for phase 2 of the IKE negotiation, in seconds.

Constraints: A value between 900 and 3,600. The value must be less than the value for Phase1LifetimeSeconds.

Default: 3600

Returns:

The lifetime for phase 2 of the IKE negotiation, in seconds.

Constraints: A value between 900 and 3,600. The value must be less than the value for Phase1LifetimeSeconds.

Default: 3600

rekeyMarginTimeSeconds

public Integer rekeyMarginTimeSeconds()

The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for RekeyFuzzPercentage.

Constraints: A value between 60 and half of Phase2LifetimeSeconds.

Default: 540

Returns:

The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for RekeyFuzzPercentage.

Constraints: A value between 60 and half of Phase2LifetimeSeconds.

Default: 540

rekeyFuzzPercentage

public Integer rekeyFuzzPercentage()

The percentage of the rekey window (determined by RekeyMarginTimeSeconds) during which the rekey time is randomly selected.

Constraints: A value between 0 and 100.

Default: 100

Returns:

The percentage of the rekey window (determined by RekeyMarginTimeSeconds) during which the rekey time is randomly selected.

Constraints: A value between 0 and 100.

Default: 100

replayWindowSize

public Integer replayWindowSize()

The number of packets in an IKE replay window.

Constraints: A value between 64 and 2048.

Default: 1024

Returns:

The number of packets in an IKE replay window.

Constraints: A value between 64 and 2048.

Default: 1024

dpdTimeoutSeconds

public Integer dpdTimeoutSeconds()

The number of seconds after which a DPD timeout occurs.

Constraints: A value between 0 and 30.

Default: 30

Returns:

The number of seconds after which a DPD timeout occurs.

Constraints: A value between 0 and 30.

Default: 30

hasPhase1EncryptionAlgorithms

public boolean hasPhase1EncryptionAlgorithms()

Returns true if the Phase1EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

phase1EncryptionAlgorithms

public List<Phase1EncryptionAlgorithmsRequestListValue> phase1EncryptionAlgorithms()

One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

Valid values: AES128 | AES256

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasPhase1EncryptionAlgorithms() to see if a value was sent in this field.

Returns:

One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

Valid values: AES128 | AES256

hasPhase2EncryptionAlgorithms

public boolean hasPhase2EncryptionAlgorithms()

Returns true if the Phase2EncryptionAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

phase2EncryptionAlgorithms

public List<Phase2EncryptionAlgorithmsRequestListValue> phase2EncryptionAlgorithms()

One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

Valid values: AES128 | AES256

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasPhase2EncryptionAlgorithms() to see if a value was sent in this field.

Returns:

One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

Valid values: AES128 | AES256

hasPhase1IntegrityAlgorithms

public boolean hasPhase1IntegrityAlgorithms()

Returns true if the Phase1IntegrityAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

phase1IntegrityAlgorithms

public List<Phase1IntegrityAlgorithmsRequestListValue> phase1IntegrityAlgorithms()

One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

Valid values: SHA1 | SHA2-256

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasPhase1IntegrityAlgorithms() to see if a value was sent in this field.

Returns:

One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations.

Valid values: SHA1 | SHA2-256

hasPhase2IntegrityAlgorithms

public boolean hasPhase2IntegrityAlgorithms()

Returns true if the Phase2IntegrityAlgorithms property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

phase2IntegrityAlgorithms

public List<Phase2IntegrityAlgorithmsRequestListValue> phase2IntegrityAlgorithms()

One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

Valid values: SHA1 | SHA2-256

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasPhase2IntegrityAlgorithms() to see if a value was sent in this field.

Returns:

One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations.

Valid values: SHA1 | SHA2-256

hasPhase1DHGroupNumbers

public boolean hasPhase1DHGroupNumbers()

Returns true if the Phase1DHGroupNumbers property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

phase1DHGroupNumbers

public List<Phase1DHGroupNumbersRequestListValue> phase1DHGroupNumbers()

One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.

Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasPhase1DHGroupNumbers() to see if a value was sent in this field.

Returns:

One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations.

Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24

hasPhase2DHGroupNumbers

public boolean hasPhase2DHGroupNumbers()

Returns true if the Phase2DHGroupNumbers property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

phase2DHGroupNumbers

public List<Phase2DHGroupNumbersRequestListValue> phase2DHGroupNumbers()

One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.

Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasPhase2DHGroupNumbers() to see if a value was sent in this field.

Returns:

One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations.

Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24

hasIkeVersions

public boolean hasIkeVersions()

Returns true if the IKEVersions property was specified by the sender (it may be empty), or false if the sender did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.

ikeVersions

public List<IKEVersionsRequestListValue> ikeVersions()

The IKE versions that are permitted for the VPN tunnel.

Valid values: ikev1 | ikev2

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

You can use hasIkeVersions() to see if a value was sent in this field.

Returns:

The IKE versions that are permitted for the VPN tunnel.

Valid values: ikev1 | ikev2

toBuilder

public VpnTunnelOptionsSpecification.Builder toBuilder()

Specified by:

toBuilder in interface ToCopyableBuilder<VpnTunnelOptionsSpecification.Builder,VpnTunnelOptionsSpecification>

builder

public static VpnTunnelOptionsSpecification.Builder builder()

serializableBuilderClass

public static Class<? extends VpnTunnelOptionsSpecification.Builder> serializableBuilderClass()

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

equalsBySdkFields

public boolean equalsBySdkFields(Object obj)

Specified by:

equalsBySdkFields in interface SdkPojo

toString

public String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public <T> Optional<T> getValueForField(String fieldName,
                                        Class<T> clazz)

sdkFields

public List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo