Package software.amazon.awscdk.services.ec2

Class ClientVpnEndpoint.Builder

java.lang.Object
software.amazon.awscdk.services.ec2.ClientVpnEndpoint.Builder
All Implemented Interfaces:
software.amazon.jsii.Builder<ClientVpnEndpoint>
Enclosing class:
ClientVpnEndpoint
@Stability(Stable) public static final class ClientVpnEndpoint.Builder extends Object implements software.amazon.jsii.Builder<ClientVpnEndpoint>
A fluent builder for ClientVpnEndpoint.

  • Method Details

    • create

      @Stability(Stable) public static ClientVpnEndpoint.Builder create(software.constructs.Construct scope, String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      Returns:
      a new instance of ClientVpnEndpoint.Builder.

    • cidr

      @Stability(Stable) public ClientVpnEndpoint.Builder cidr(String cidr)
      The IPv4 address range, in CIDR notation, from which to assign client IP addresses.

      The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually.

      Changing the address range will replace the Client VPN endpoint.

      The CIDR block should be /22 or greater.

      Parameters:
      cidr - The IPv4 address range, in CIDR notation, from which to assign client IP addresses. This parameter is required.
      Returns:
      this

    • serverCertificateArn

      @Stability(Stable) public ClientVpnEndpoint.Builder serverCertificateArn(String serverCertificateArn)
      The ARN of the server certificate.

      Parameters:
      serverCertificateArn - The ARN of the server certificate. This parameter is required.
      Returns:
      this

    • authorizeAllUsersToVpcCidr

      @Stability(Stable) public ClientVpnEndpoint.Builder authorizeAllUsersToVpcCidr(Boolean authorizeAllUsersToVpcCidr)
      Whether to authorize all users to the VPC CIDR.

      This automatically creates an authorization rule. Set this to false and use addAuthorizationRule() to create your own rules instead.

      Default: true

      Parameters:
      authorizeAllUsersToVpcCidr - Whether to authorize all users to the VPC CIDR. This parameter is required.
      Returns:
      this

    • clientCertificateArn

      @Stability(Stable) public ClientVpnEndpoint.Builder clientCertificateArn(String clientCertificateArn)
      The ARN of the client certificate for mutual authentication.

      The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).

      Default: - use user-based authentication

      Parameters:
      clientCertificateArn - The ARN of the client certificate for mutual authentication. This parameter is required.
      Returns:
      this

    • clientConnectionHandler

      @Stability(Stable) public ClientVpnEndpoint.Builder clientConnectionHandler(IClientVpnConnectionHandler clientConnectionHandler)
      The AWS Lambda function used for connection authorization.

      The name of the Lambda function must begin with the AWSClientVPN- prefix

      Default: - no connection handler

      Parameters:
      clientConnectionHandler - The AWS Lambda function used for connection authorization. This parameter is required.
      Returns:
      this

    • clientLoginBanner

      @Stability(Stable) public ClientVpnEndpoint.Builder clientLoginBanner(String clientLoginBanner)
      Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established.

      UTF-8 encoded characters only. Maximum of 1400 characters.

      Default: - no banner is presented to the client

      Parameters:
      clientLoginBanner - Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. This parameter is required.
      Returns:
      this

    • description

      @Stability(Stable) public ClientVpnEndpoint.Builder description(String description)
      A brief description of the Client VPN endpoint.

      Default: - no description

      Parameters:
      description - A brief description of the Client VPN endpoint. This parameter is required.
      Returns:
      this

    • dnsServers

      @Stability(Stable) public ClientVpnEndpoint.Builder dnsServers(List<String> dnsServers)
      Information about the DNS servers to be used for DNS resolution.

      A Client VPN endpoint can have up to two DNS servers.

      Default: - use the DNS address configured on the device

      Parameters:
      dnsServers - Information about the DNS servers to be used for DNS resolution. This parameter is required.
      Returns:
      this

    • logging

      @Stability(Stable) public ClientVpnEndpoint.Builder logging(Boolean logging)
      Whether to enable connections logging.

      Default: true

      Parameters:
      logging - Whether to enable connections logging. This parameter is required.
      Returns:
      this

    • logGroup

      @Stability(Stable) public ClientVpnEndpoint.Builder logGroup(ILogGroup logGroup)
      A CloudWatch Logs log group for connection logging.

      Default: - a new group is created

      Parameters:
      logGroup - A CloudWatch Logs log group for connection logging. This parameter is required.
      Returns:
      this

    • logStream

      @Stability(Stable) public ClientVpnEndpoint.Builder logStream(ILogStream logStream)
      A CloudWatch Logs log stream for connection logging.

      Default: - a new stream is created

      Parameters:
      logStream - A CloudWatch Logs log stream for connection logging. This parameter is required.
      Returns:
      this

    • port

      @Stability(Stable) public ClientVpnEndpoint.Builder port(VpnPort port)
      The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

      Default: VpnPort.HTTPS

      Parameters:
      port - The port number to assign to the Client VPN endpoint for TCP and UDP traffic. This parameter is required.
      Returns:
      this

    • securityGroups

      @Stability(Stable) public ClientVpnEndpoint.Builder securityGroups(List<? extends ISecurityGroup> securityGroups)
      The security groups to apply to the target network.

      Default: - a new security group is created

      Parameters:
      securityGroups - The security groups to apply to the target network. This parameter is required.
      Returns:
      this

    • selfServicePortal

      @Stability(Stable) public ClientVpnEndpoint.Builder selfServicePortal(Boolean selfServicePortal)
      Specify whether to enable the self-service portal for the Client VPN endpoint.

      Default: true

      Parameters:
      selfServicePortal - Specify whether to enable the self-service portal for the Client VPN endpoint. This parameter is required.
      Returns:
      this

    • sessionTimeout

      @Stability(Stable) public ClientVpnEndpoint.Builder sessionTimeout(ClientVpnSessionTimeout sessionTimeout)
      The maximum VPN session duration time.

      Default: ClientVpnSessionTimeout.TWENTY_FOUR_HOURS

      Parameters:
      sessionTimeout - The maximum VPN session duration time. This parameter is required.
      Returns:
      this

    • splitTunnel

      @Stability(Stable) public ClientVpnEndpoint.Builder splitTunnel(Boolean splitTunnel)
      Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.

      Default: false

      Parameters:
      splitTunnel - Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint. This parameter is required.
      Returns:
      this
      See Also:

    • transportProtocol

      @Stability(Stable) public ClientVpnEndpoint.Builder transportProtocol(TransportProtocol transportProtocol)
      The transport protocol to be used by the VPN session.

      Default: TransportProtocol.UDP

      Parameters:
      transportProtocol - The transport protocol to be used by the VPN session. This parameter is required.
      Returns:
      this

    • userBasedAuthentication

      @Stability(Stable) public ClientVpnEndpoint.Builder userBasedAuthentication(ClientVpnUserBasedAuthentication userBasedAuthentication)
      The type of user-based authentication to use.

      Default: - use mutual authentication

      Parameters:
      userBasedAuthentication - The type of user-based authentication to use. This parameter is required.
      Returns:
      this
      See Also:

    • vpcSubnets

      @Stability(Stable) public ClientVpnEndpoint.Builder vpcSubnets(SubnetSelection vpcSubnets)
      Subnets to associate to the client VPN endpoint.

      Default: - the VPC default strategy

      Parameters:
      vpcSubnets - Subnets to associate to the client VPN endpoint. This parameter is required.
      Returns:
      this

    • vpc

      @Stability(Stable) public ClientVpnEndpoint.Builder vpc(IVpc vpc)
      The VPC to connect to.

      Parameters:
      vpc - The VPC to connect to. This parameter is required.
      Returns:
      this

    • build

      @Stability(Stable) public ClientVpnEndpoint build()
      Specified by:
      build in interface software.amazon.jsii.Builder<ClientVpnEndpoint>
      Returns:
      a newly built instance of ClientVpnEndpoint.