Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.EC2.CreateClientVpnEndpoint

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Creates a Client VPN endpoint. A Client VPN endpoint is the resource you create and configure to enable and manage client VPN sessions. It is the destination endpoint at which all client VPN sessions are terminated.

Synopsis

Creating a Request

data CreateClientVpnEndpoint Source #

See: newCreateClientVpnEndpoint smart constructor.

Constructors

CreateClientVpnEndpoint'

Fields

clientConnectOptions :: Maybe ClientConnectOptions
The options for managing connection authorization for new client connections.
clientLoginBannerOptions :: Maybe ClientLoginBannerOptions
Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
clientToken :: Maybe Text
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
description :: Maybe Text
A brief description of the Client VPN endpoint.
dnsServers :: Maybe [Text]
Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.
dryRun :: Maybe Bool
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
securityGroupIds :: Maybe [Text]
The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.
selfServicePortal :: Maybe SelfServicePortal
Specify whether to enable the self-service portal for the Client VPN endpoint.
Default Value: enabled
sessionTimeoutHours :: Maybe Int
The maximum VPN session duration time in hours.
Valid values: 8 | 10 | 12 | 24
Default value: 24
splitTunnel :: Maybe Bool
Indicates whether split-tunnel is enabled on the Client VPN endpoint.
By default, split-tunnel on a VPN endpoint is disabled.
For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the Client VPN Administrator Guide.
tagSpecifications :: Maybe [TagSpecification]
The tags to apply to the Client VPN endpoint during creation.
transportProtocol :: Maybe TransportProtocol
The transport protocol to be used by the VPN session.
Default value: udp
vpcId :: Maybe Text
The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.
vpnPort :: Maybe Int
The port number to assign to the Client VPN endpoint for TCP and UDP traffic.
Valid Values: 443 | 1194
Default Value: 443
clientCidrBlock :: Text
The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.
serverCertificateArn :: Text
The ARN of the server certificate. For more information, see the Certificate Manager User Guide.
authenticationOptions :: [ClientVpnAuthenticationRequest]
Information about the authentication method to be used to authenticate clients.
connectionLogOptions :: ConnectionLogOptions
Information about the client connection logging options.
If you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:
- Client connection requests
- Client connection results (successful and unsuccessful)
- Reasons for unsuccessful client connection requests
- Client connection termination time

Instances

Instances details

ToHeaders CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods toHeaders :: CreateClientVpnEndpoint -> [Header] #
ToPath CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods toPath :: CreateClientVpnEndpoint -> ByteString #
ToQuery CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods toQuery :: CreateClientVpnEndpoint -> QueryString #
AWSRequest CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Associated Types type AWSResponse CreateClientVpnEndpoint # Methods request :: (Service -> Service) -> CreateClientVpnEndpoint -> Request CreateClientVpnEndpoint # response :: MonadResource m => (ByteStringLazy -> IO ByteStringLazy) -> Service -> Proxy CreateClientVpnEndpoint -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse CreateClientVpnEndpoint))) #
Generic CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Associated Types type Rep CreateClientVpnEndpoint :: Type -> Type # Methods from :: CreateClientVpnEndpoint -> Rep CreateClientVpnEndpoint x # to :: Rep CreateClientVpnEndpoint x -> CreateClientVpnEndpoint #
Read CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods readsPrec :: Int -> ReadS CreateClientVpnEndpoint # readList :: ReadS [CreateClientVpnEndpoint] # readPrec :: ReadPrec CreateClientVpnEndpoint # readListPrec :: ReadPrec [CreateClientVpnEndpoint] #
Show CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods showsPrec :: Int -> CreateClientVpnEndpoint -> ShowS # show :: CreateClientVpnEndpoint -> String # showList :: [CreateClientVpnEndpoint] -> ShowS #
NFData CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods rnf :: CreateClientVpnEndpoint -> () #
Eq CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods (==) :: CreateClientVpnEndpoint -> CreateClientVpnEndpoint -> Bool # (/=) :: CreateClientVpnEndpoint -> CreateClientVpnEndpoint -> Bool #
Hashable CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods hashWithSalt :: Int -> CreateClientVpnEndpoint -> Int # hash :: CreateClientVpnEndpoint -> Int #
type AWSResponse CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint type AWSResponse CreateClientVpnEndpoint = CreateClientVpnEndpointResponse
type Rep CreateClientVpnEndpoint Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint type Rep CreateClientVpnEndpoint = D1 ('MetaData "CreateClientVpnEndpoint" "Amazonka.EC2.CreateClientVpnEndpoint" "amazonka-ec2-2.0-48L9RAJvmvzAdBkRegqWCL" 'False) (C1 ('MetaCons "CreateClientVpnEndpoint'" 'PrefixI 'True) ((((S1 ('MetaSel ('Just "clientConnectOptions") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe ClientConnectOptions)) :: S1 ('MetaSel ('Just "clientLoginBannerOptions") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe ClientLoginBannerOptions))) :: (S1 ('MetaSel ('Just "clientToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: S1 ('MetaSel ('Just "description") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) :: ((S1 ('MetaSel ('Just "dnsServers") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [Text])) :: S1 ('MetaSel ('Just "dryRun") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool))) :: (S1 ('MetaSel ('Just "securityGroupIds") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [Text])) :: (S1 ('MetaSel ('Just "selfServicePortal") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe SelfServicePortal)) :: S1 ('MetaSel ('Just "sessionTimeoutHours") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Int)))))) :: (((S1 ('MetaSel ('Just "splitTunnel") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool)) :: S1 ('MetaSel ('Just "tagSpecifications") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [TagSpecification]))) :: (S1 ('MetaSel ('Just "transportProtocol") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe TransportProtocol)) :: S1 ('MetaSel ('Just "vpcId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) :: ((S1 ('MetaSel ('Just "vpnPort") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Int)) :: S1 ('MetaSel ('Just "clientCidrBlock") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)) :: (S1 ('MetaSel ('Just "serverCertificateArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :: (S1 ('MetaSel ('Just "authenticationOptions") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 [ClientVpnAuthenticationRequest]) :*: S1 ('MetaSel ('Just "connectionLogOptions") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 ConnectionLogOptions)))))))

newCreateClientVpnEndpoint Source #

Arguments

:: Text	`CreateClientVpnEndpoint`
-> Text	`CreateClientVpnEndpoint`
-> ConnectionLogOptions	`CreateClientVpnEndpoint`
-> CreateClientVpnEndpoint

Create a value of CreateClientVpnEndpoint with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

CreateClientVpnEndpoint, createClientVpnEndpoint_clientConnectOptions - The options for managing connection authorization for new client connections.

CreateClientVpnEndpoint, createClientVpnEndpoint_clientLoginBannerOptions - Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.

CreateClientVpnEndpoint, createClientVpnEndpoint_clientToken - Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

CreateClientVpnEndpoint, createClientVpnEndpoint_description - A brief description of the Client VPN endpoint.

CreateClientVpnEndpoint, createClientVpnEndpoint_dnsServers - Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.

$sel:dryRun:CreateClientVpnEndpoint', createClientVpnEndpoint_dryRun - Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

CreateClientVpnEndpoint, createClientVpnEndpoint_securityGroupIds - The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.

$sel:selfServicePortal:CreateClientVpnEndpoint', createClientVpnEndpoint_selfServicePortal - Specify whether to enable the self-service portal for the Client VPN endpoint.

Default Value: enabled

CreateClientVpnEndpoint, createClientVpnEndpoint_sessionTimeoutHours - The maximum VPN session duration time in hours.

Valid values: 8 | 10 | 12 | 24

Default value: 24

CreateClientVpnEndpoint, createClientVpnEndpoint_splitTunnel - Indicates whether split-tunnel is enabled on the Client VPN endpoint.

By default, split-tunnel on a VPN endpoint is disabled.

For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the Client VPN Administrator Guide.

CreateClientVpnEndpoint, createClientVpnEndpoint_tagSpecifications - The tags to apply to the Client VPN endpoint during creation.

CreateClientVpnEndpoint, createClientVpnEndpoint_transportProtocol - The transport protocol to be used by the VPN session.

Default value: udp

CreateClientVpnEndpoint, createClientVpnEndpoint_vpcId - The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.

CreateClientVpnEndpoint, createClientVpnEndpoint_vpnPort - The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

Valid Values: 443 | 1194

Default Value: 443

CreateClientVpnEndpoint, createClientVpnEndpoint_clientCidrBlock - The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

CreateClientVpnEndpoint, createClientVpnEndpoint_serverCertificateArn - The ARN of the server certificate. For more information, see the Certificate Manager User Guide.

CreateClientVpnEndpoint, createClientVpnEndpoint_authenticationOptions - Information about the authentication method to be used to authenticate clients.

CreateClientVpnEndpoint, createClientVpnEndpoint_connectionLogOptions - Information about the client connection logging options.

If you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:

Client connection requests
Client connection results (successful and unsuccessful)
Reasons for unsuccessful client connection requests
Client connection termination time

Request Lenses

createClientVpnEndpoint_clientConnectOptions :: Lens' CreateClientVpnEndpoint (Maybe ClientConnectOptions) Source #

The options for managing connection authorization for new client connections.

createClientVpnEndpoint_clientLoginBannerOptions :: Lens' CreateClientVpnEndpoint (Maybe ClientLoginBannerOptions) Source #

Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.

createClientVpnEndpoint_clientToken :: Lens' CreateClientVpnEndpoint (Maybe Text) Source #

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

createClientVpnEndpoint_description :: Lens' CreateClientVpnEndpoint (Maybe Text) Source #

A brief description of the Client VPN endpoint.

createClientVpnEndpoint_dnsServers :: Lens' CreateClientVpnEndpoint (Maybe [Text]) Source #

Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.

createClientVpnEndpoint_dryRun :: Lens' CreateClientVpnEndpoint (Maybe Bool) Source #

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

createClientVpnEndpoint_securityGroupIds :: Lens' CreateClientVpnEndpoint (Maybe [Text]) Source #

The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.

createClientVpnEndpoint_selfServicePortal :: Lens' CreateClientVpnEndpoint (Maybe SelfServicePortal) Source #

Specify whether to enable the self-service portal for the Client VPN endpoint.

Default Value: enabled

createClientVpnEndpoint_sessionTimeoutHours :: Lens' CreateClientVpnEndpoint (Maybe Int) Source #

The maximum VPN session duration time in hours.

Valid values: 8 | 10 | 12 | 24

Default value: 24

createClientVpnEndpoint_splitTunnel :: Lens' CreateClientVpnEndpoint (Maybe Bool) Source #

Indicates whether split-tunnel is enabled on the Client VPN endpoint.

By default, split-tunnel on a VPN endpoint is disabled.

For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the Client VPN Administrator Guide.

createClientVpnEndpoint_tagSpecifications :: Lens' CreateClientVpnEndpoint (Maybe [TagSpecification]) Source #

The tags to apply to the Client VPN endpoint during creation.

createClientVpnEndpoint_transportProtocol :: Lens' CreateClientVpnEndpoint (Maybe TransportProtocol) Source #

The transport protocol to be used by the VPN session.

Default value: udp

createClientVpnEndpoint_vpcId :: Lens' CreateClientVpnEndpoint (Maybe Text) Source #

The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.

createClientVpnEndpoint_vpnPort :: Lens' CreateClientVpnEndpoint (Maybe Int) Source #

The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

Valid Values: 443 | 1194

Default Value: 443

createClientVpnEndpoint_clientCidrBlock :: Lens' CreateClientVpnEndpoint Text Source #

The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

createClientVpnEndpoint_serverCertificateArn :: Lens' CreateClientVpnEndpoint Text Source #

The ARN of the server certificate. For more information, see the Certificate Manager User Guide.

createClientVpnEndpoint_authenticationOptions :: Lens' CreateClientVpnEndpoint [ClientVpnAuthenticationRequest] Source #

Information about the authentication method to be used to authenticate clients.

createClientVpnEndpoint_connectionLogOptions :: Lens' CreateClientVpnEndpoint ConnectionLogOptions Source #

Information about the client connection logging options.

If you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:

Client connection requests
Client connection results (successful and unsuccessful)
Reasons for unsuccessful client connection requests
Client connection termination time

Destructuring the Response

data CreateClientVpnEndpointResponse Source #

See: newCreateClientVpnEndpointResponse smart constructor.

Constructors

CreateClientVpnEndpointResponse'
Fields clientVpnEndpointId :: Maybe Text The ID of the Client VPN endpoint. dnsName :: Maybe Text The DNS name to be used by clients when establishing their VPN session. status :: Maybe ClientVpnEndpointStatus The current state of the Client VPN endpoint. httpStatus :: Int The response's http status code.

Instances

Instances details

Generic CreateClientVpnEndpointResponse Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Associated Types type Rep CreateClientVpnEndpointResponse :: Type -> Type # Methods from :: CreateClientVpnEndpointResponse -> Rep CreateClientVpnEndpointResponse x # to :: Rep CreateClientVpnEndpointResponse x -> CreateClientVpnEndpointResponse #
Read CreateClientVpnEndpointResponse Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods readsPrec :: Int -> ReadS CreateClientVpnEndpointResponse # readList :: ReadS [CreateClientVpnEndpointResponse] # readPrec :: ReadPrec CreateClientVpnEndpointResponse # readListPrec :: ReadPrec [CreateClientVpnEndpointResponse] #
Show CreateClientVpnEndpointResponse Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods showsPrec :: Int -> CreateClientVpnEndpointResponse -> ShowS # show :: CreateClientVpnEndpointResponse -> String # showList :: [CreateClientVpnEndpointResponse] -> ShowS #
NFData CreateClientVpnEndpointResponse Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods rnf :: CreateClientVpnEndpointResponse -> () #
Eq CreateClientVpnEndpointResponse Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint Methods (==) :: CreateClientVpnEndpointResponse -> CreateClientVpnEndpointResponse -> Bool # (/=) :: CreateClientVpnEndpointResponse -> CreateClientVpnEndpointResponse -> Bool #
type Rep CreateClientVpnEndpointResponse Source #
Instance details Defined in Amazonka.EC2.CreateClientVpnEndpoint type Rep CreateClientVpnEndpointResponse = D1 ('MetaData "CreateClientVpnEndpointResponse" "Amazonka.EC2.CreateClientVpnEndpoint" "amazonka-ec2-2.0-48L9RAJvmvzAdBkRegqWCL" 'False) (C1 ('MetaCons "CreateClientVpnEndpointResponse'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "clientVpnEndpointId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: S1 ('MetaSel ('Just "dnsName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :: (S1 ('MetaSel ('Just "status") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe ClientVpnEndpointStatus)) :*: S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))))

newCreateClientVpnEndpointResponse Source #

Arguments

:: Int	`$sel:httpStatus:CreateClientVpnEndpointResponse'`
-> CreateClientVpnEndpointResponse

Create a value of CreateClientVpnEndpointResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

CreateClientVpnEndpointResponse, createClientVpnEndpointResponse_clientVpnEndpointId - The ID of the Client VPN endpoint.

CreateClientVpnEndpointResponse, createClientVpnEndpointResponse_dnsName - The DNS name to be used by clients when establishing their VPN session.

CreateClientVpnEndpointResponse, createClientVpnEndpointResponse_status - The current state of the Client VPN endpoint.

$sel:httpStatus:CreateClientVpnEndpointResponse', createClientVpnEndpointResponse_httpStatus - The response's http status code.

Response Lenses

createClientVpnEndpointResponse_clientVpnEndpointId :: Lens' CreateClientVpnEndpointResponse (Maybe Text) Source #

The ID of the Client VPN endpoint.

createClientVpnEndpointResponse_dnsName :: Lens' CreateClientVpnEndpointResponse (Maybe Text) Source #

The DNS name to be used by clients when establishing their VPN session.

createClientVpnEndpointResponse_status :: Lens' CreateClientVpnEndpointResponse (Maybe ClientVpnEndpointStatus) Source #

The current state of the Client VPN endpoint.

createClientVpnEndpointResponse_httpStatus :: Lens' CreateClientVpnEndpointResponse Int Source #

The response's http status code.