/AWS1/CL_EC2CLIENTVPNENDPOINT¶
Describes a Client VPN endpoint.
CONSTRUCTOR¶
IMPORTING¶
Optional arguments:¶
iv_clientvpnendpointid TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The ID of the Client VPN endpoint.
iv_description TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
A brief description of the endpoint.
io_status TYPE REF TO /AWS1/CL_EC2CLIVPNENDPTSTATUS /AWS1/CL_EC2CLIVPNENDPTSTATUS¶
The current state of the Client VPN endpoint.
iv_creationtime TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The date and time the Client VPN endpoint was created.
iv_deletiontime TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The date and time the Client VPN endpoint was deleted, if applicable.
iv_dnsname TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The DNS name to be used by clients when connecting to the Client VPN endpoint.
iv_clientcidrblock TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The IPv4 address range, in CIDR notation, from which client IP addresses are assigned.
it_dnsservers TYPE /AWS1/CL_EC2VALUESTRINGLIST_W=>TT_VALUESTRINGLIST TT_VALUESTRINGLIST¶
Information about the DNS servers to be used for DNS resolution.
iv_splittunnel TYPE /AWS1/EC2BOOLEAN /AWS1/EC2BOOLEAN¶
Indicates whether split-tunnel is enabled in the Client VPN endpoint.
For information about split-tunnel VPN endpoints, see Split-Tunnel Client VPN endpoint in the Client VPN Administrator Guide.
iv_vpnprotocol TYPE /AWS1/EC2VPNPROTOCOL /AWS1/EC2VPNPROTOCOL¶
The protocol used by the VPN session.
iv_transportprotocol TYPE /AWS1/EC2TRANSPORTPROTOCOL /AWS1/EC2TRANSPORTPROTOCOL¶
The transport protocol used by the Client VPN endpoint.
iv_vpnport TYPE /AWS1/EC2INTEGER /AWS1/EC2INTEGER¶
The port number for the Client VPN endpoint.
it_associatedtargetnetworks TYPE /AWS1/CL_EC2ASSOCDTGTNETWORK=>TT_ASSOCIATEDTARGETNETWORKSET TT_ASSOCIATEDTARGETNETWORKSET¶
Information about the associated target networks. A target network is a subnet in a VPC.
iv_servercertificatearn TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The ARN of the server certificate.
it_authenticationoptions TYPE /AWS1/CL_EC2CLIENTVPNAUTHNTCTN=>TT_CLIENTVPNAUTHENTICATIONLIST TT_CLIENTVPNAUTHENTICATIONLIST¶
Information about the authentication method used by the Client VPN endpoint.
io_connectionlogoptions TYPE REF TO /AWS1/CL_EC2CONNLOGRSPOPTIONS /AWS1/CL_EC2CONNLOGRSPOPTIONS¶
Information about the client connection logging options for the Client VPN endpoint.
it_tags TYPE /AWS1/CL_EC2TAG=>TT_TAGLIST TT_TAGLIST¶
Any tags assigned to the Client VPN endpoint.
it_securitygroupids TYPE /AWS1/CL_EC2CLIVPNSECGRIDSET_W=>TT_CLIENTVPNSECURITYGROUPIDSET TT_CLIENTVPNSECURITYGROUPIDSET¶
The IDs of the security groups for the target network.
iv_vpcid TYPE /AWS1/EC2VPCID /AWS1/EC2VPCID¶
The ID of the VPC.
iv_selfserviceportalurl TYPE /AWS1/EC2STRING /AWS1/EC2STRING¶
The URL of the self-service portal.
io_clientconnectoptions TYPE REF TO /AWS1/CL_EC2CLIENTCNCTRSPOPTS /AWS1/CL_EC2CLIENTCNCTRSPOPTS¶
The options for managing connection authorization for new client connections.
iv_sessiontimeouthours TYPE /AWS1/EC2INTEGER /AWS1/EC2INTEGER¶
The maximum VPN session duration time in hours.
Valid values:
8 | 10 | 12 | 24Default value:
24
io_clientloginbanneroptions TYPE REF TO /AWS1/CL_EC2CLILOGINBANNERRS00 /AWS1/CL_EC2CLILOGINBANNERRS00¶
Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
io_clirouteenforcementopts TYPE REF TO /AWS1/CL_EC2CLIROUTEENFORCEM01 /AWS1/CL_EC2CLIROUTEENFORCEM01¶
Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.
Client route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, reverting it back to the expected route configurations.
iv_discnctonsessiontimeout TYPE /AWS1/EC2BOOLEAN /AWS1/EC2BOOLEAN¶
Indicates whether the client VPN session is disconnected after the maximum
sessionTimeoutHoursis reached. Iftrue, users are prompted to reconnect client VPN. Iffalse, client VPN attempts to reconnect automatically. The default value istrue.
iv_endpointipaddresstype TYPE /AWS1/EC2ENDPOINTIPADDRESSTYPE /AWS1/EC2ENDPOINTIPADDRESSTYPE¶
The IP address type of the Client VPN endpoint. Possible values are
ipv4for IPv4 addressing only,ipv6for IPv6 addressing only, ordual-stackfor both IPv4 and IPv6 addressing.
iv_trafficipaddresstype TYPE /AWS1/EC2TRAFFICIPADDRESSTYPE /AWS1/EC2TRAFFICIPADDRESSTYPE¶
The IP address type of the Client VPN endpoint. Possible values are either
ipv4for IPv4 addressing only,ipv6for IPv6 addressing only, ordual-stackfor both IPv4 and IPv6 addressing.
Queryable Attributes¶
ClientVpnEndpointId¶
The ID of the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CLIENTVPNENDPOINTID() |
Getter for CLIENTVPNENDPOINTID, with configurable default |
ASK_CLIENTVPNENDPOINTID() |
Getter for CLIENTVPNENDPOINTID w/ exceptions if field has no |
HAS_CLIENTVPNENDPOINTID() |
Determine if CLIENTVPNENDPOINTID has a value |
Description¶
A brief description of the endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DESCRIPTION() |
Getter for DESCRIPTION, with configurable default |
ASK_DESCRIPTION() |
Getter for DESCRIPTION w/ exceptions if field has no value |
HAS_DESCRIPTION() |
Determine if DESCRIPTION has a value |
Status¶
The current state of the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_STATUS() |
Getter for STATUS |
CreationTime¶
The date and time the Client VPN endpoint was created.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CREATIONTIME() |
Getter for CREATIONTIME, with configurable default |
ASK_CREATIONTIME() |
Getter for CREATIONTIME w/ exceptions if field has no value |
HAS_CREATIONTIME() |
Determine if CREATIONTIME has a value |
DeletionTime¶
The date and time the Client VPN endpoint was deleted, if applicable.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DELETIONTIME() |
Getter for DELETIONTIME, with configurable default |
ASK_DELETIONTIME() |
Getter for DELETIONTIME w/ exceptions if field has no value |
HAS_DELETIONTIME() |
Determine if DELETIONTIME has a value |
DnsName¶
The DNS name to be used by clients when connecting to the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DNSNAME() |
Getter for DNSNAME, with configurable default |
ASK_DNSNAME() |
Getter for DNSNAME w/ exceptions if field has no value |
HAS_DNSNAME() |
Determine if DNSNAME has a value |
ClientCidrBlock¶
The IPv4 address range, in CIDR notation, from which client IP addresses are assigned.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CLIENTCIDRBLOCK() |
Getter for CLIENTCIDRBLOCK, with configurable default |
ASK_CLIENTCIDRBLOCK() |
Getter for CLIENTCIDRBLOCK w/ exceptions if field has no val |
HAS_CLIENTCIDRBLOCK() |
Determine if CLIENTCIDRBLOCK has a value |
DnsServers¶
Information about the DNS servers to be used for DNS resolution.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DNSSERVERS() |
Getter for DNSSERVERS, with configurable default |
ASK_DNSSERVERS() |
Getter for DNSSERVERS w/ exceptions if field has no value |
HAS_DNSSERVERS() |
Determine if DNSSERVERS has a value |
SplitTunnel¶
Indicates whether split-tunnel is enabled in the Client VPN endpoint.
For information about split-tunnel VPN endpoints, see Split-Tunnel Client VPN endpoint in the Client VPN Administrator Guide.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_SPLITTUNNEL() |
Getter for SPLITTUNNEL, with configurable default |
ASK_SPLITTUNNEL() |
Getter for SPLITTUNNEL w/ exceptions if field has no value |
HAS_SPLITTUNNEL() |
Determine if SPLITTUNNEL has a value |
VpnProtocol¶
The protocol used by the VPN session.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_VPNPROTOCOL() |
Getter for VPNPROTOCOL, with configurable default |
ASK_VPNPROTOCOL() |
Getter for VPNPROTOCOL w/ exceptions if field has no value |
HAS_VPNPROTOCOL() |
Determine if VPNPROTOCOL has a value |
TransportProtocol¶
The transport protocol used by the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_TRANSPORTPROTOCOL() |
Getter for TRANSPORTPROTOCOL, with configurable default |
ASK_TRANSPORTPROTOCOL() |
Getter for TRANSPORTPROTOCOL w/ exceptions if field has no v |
HAS_TRANSPORTPROTOCOL() |
Determine if TRANSPORTPROTOCOL has a value |
VpnPort¶
The port number for the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_VPNPORT() |
Getter for VPNPORT, with configurable default |
ASK_VPNPORT() |
Getter for VPNPORT w/ exceptions if field has no value |
HAS_VPNPORT() |
Determine if VPNPORT has a value |
AssociatedTargetNetworks¶
Information about the associated target networks. A target network is a subnet in a VPC.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_ASSOCIATEDTARGETNETWORKS() |
Getter for ASSOCIATEDTARGETNETWORKS, with configurable defau |
ASK_ASSOCIATEDTARGETNETWORKS() |
Getter for ASSOCIATEDTARGETNETWORKS w/ exceptions if field h |
HAS_ASSOCIATEDTARGETNETWORKS() |
Determine if ASSOCIATEDTARGETNETWORKS has a value |
ServerCertificateArn¶
The ARN of the server certificate.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_SERVERCERTIFICATEARN() |
Getter for SERVERCERTIFICATEARN, with configurable default |
ASK_SERVERCERTIFICATEARN() |
Getter for SERVERCERTIFICATEARN w/ exceptions if field has n |
HAS_SERVERCERTIFICATEARN() |
Determine if SERVERCERTIFICATEARN has a value |
AuthenticationOptions¶
Information about the authentication method used by the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_AUTHENTICATIONOPTIONS() |
Getter for AUTHENTICATIONOPTIONS, with configurable default |
ASK_AUTHENTICATIONOPTIONS() |
Getter for AUTHENTICATIONOPTIONS w/ exceptions if field has |
HAS_AUTHENTICATIONOPTIONS() |
Determine if AUTHENTICATIONOPTIONS has a value |
ConnectionLogOptions¶
Information about the client connection logging options for the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CONNECTIONLOGOPTIONS() |
Getter for CONNECTIONLOGOPTIONS |
Tags¶
Any tags assigned to the Client VPN endpoint.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_TAGS() |
Getter for TAGS, with configurable default |
ASK_TAGS() |
Getter for TAGS w/ exceptions if field has no value |
HAS_TAGS() |
Determine if TAGS has a value |
SecurityGroupIds¶
The IDs of the security groups for the target network.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_SECURITYGROUPIDS() |
Getter for SECURITYGROUPIDS, with configurable default |
ASK_SECURITYGROUPIDS() |
Getter for SECURITYGROUPIDS w/ exceptions if field has no va |
HAS_SECURITYGROUPIDS() |
Determine if SECURITYGROUPIDS has a value |
VpcId¶
The ID of the VPC.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_VPCID() |
Getter for VPCID, with configurable default |
ASK_VPCID() |
Getter for VPCID w/ exceptions if field has no value |
HAS_VPCID() |
Determine if VPCID has a value |
SelfServicePortalUrl¶
The URL of the self-service portal.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_SELFSERVICEPORTALURL() |
Getter for SELFSERVICEPORTALURL, with configurable default |
ASK_SELFSERVICEPORTALURL() |
Getter for SELFSERVICEPORTALURL w/ exceptions if field has n |
HAS_SELFSERVICEPORTALURL() |
Determine if SELFSERVICEPORTALURL has a value |
ClientConnectOptions¶
The options for managing connection authorization for new client connections.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CLIENTCONNECTOPTIONS() |
Getter for CLIENTCONNECTOPTIONS |
SessionTimeoutHours¶
The maximum VPN session duration time in hours.
Valid values:
8 | 10 | 12 | 24Default value:
24
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_SESSIONTIMEOUTHOURS() |
Getter for SESSIONTIMEOUTHOURS, with configurable default |
ASK_SESSIONTIMEOUTHOURS() |
Getter for SESSIONTIMEOUTHOURS w/ exceptions if field has no |
HAS_SESSIONTIMEOUTHOURS() |
Determine if SESSIONTIMEOUTHOURS has a value |
ClientLoginBannerOptions¶
Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CLIENTLOGINBANNEROPTIONS() |
Getter for CLIENTLOGINBANNEROPTIONS |
ClientRouteEnforcementOptions¶
Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.
Client route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, reverting it back to the expected route configurations.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CLIROUTEENFORCEMENTOPTS() |
Getter for CLIENTROUTEENFORCEMENTOPTS |
DisconnectOnSessionTimeout¶
Indicates whether the client VPN session is disconnected after the maximum
sessionTimeoutHoursis reached. Iftrue, users are prompted to reconnect client VPN. Iffalse, client VPN attempts to reconnect automatically. The default value istrue.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DISCNCTONSESSIONTIMEOUT() |
Getter for DISCONNECTONSESSIONTIMEOUT, with configurable def |
ASK_DISCNCTONSESSIONTIMEOUT() |
Getter for DISCONNECTONSESSIONTIMEOUT w/ exceptions if field |
HAS_DISCNCTONSESSIONTIMEOUT() |
Determine if DISCONNECTONSESSIONTIMEOUT has a value |
EndpointIpAddressType¶
The IP address type of the Client VPN endpoint. Possible values are
ipv4for IPv4 addressing only,ipv6for IPv6 addressing only, ordual-stackfor both IPv4 and IPv6 addressing.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_ENDPOINTIPADDRESSTYPE() |
Getter for ENDPOINTIPADDRESSTYPE, with configurable default |
ASK_ENDPOINTIPADDRESSTYPE() |
Getter for ENDPOINTIPADDRESSTYPE w/ exceptions if field has |
HAS_ENDPOINTIPADDRESSTYPE() |
Determine if ENDPOINTIPADDRESSTYPE has a value |
TrafficIpAddressType¶
The IP address type of the Client VPN endpoint. Possible values are either
ipv4for IPv4 addressing only,ipv6for IPv6 addressing only, ordual-stackfor both IPv4 and IPv6 addressing.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_TRAFFICIPADDRESSTYPE() |
Getter for TRAFFICIPADDRESSTYPE, with configurable default |
ASK_TRAFFICIPADDRESSTYPE() |
Getter for TRAFFICIPADDRESSTYPE w/ exceptions if field has n |
HAS_TRAFFICIPADDRESSTYPE() |
Determine if TRAFFICIPADDRESSTYPE has a value |
Public Local Types In This Class¶
Internal table types, representing arrays and maps of this class, are defined as local types:
TT_ENDPOINTSET¶
TYPES TT_ENDPOINTSET TYPE STANDARD TABLE OF REF TO /AWS1/CL_EC2CLIENTVPNENDPOINT WITH DEFAULT KEY
.