Skip to content

Commit

Permalink
feat(client-ec2): This release adds support for Private IP VPNs, a ne…
Browse files Browse the repository at this point in the history 
…w feature allowing S2S VPN connections to use private ip addresses as the tunnel outside ip address over Direct Connect as transport.
  • Loading branch information
awstools committed Jun 21, 2022
1 parent 8997986 commit 8f2eb0c
Show file tree
Hide file tree
Showing 7 changed files with 103 additions and 18 deletions.
7 changes: 3 additions & 4 deletions clients/client-ec2/src/EC2.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4536,10 +4536,9 @@ export class EC2 extends EC2Client {
}

/**
* <p>Provides information to Amazon Web Services about your VPN customer gateway device. The
* customer gateway is the appliance at your end of the VPN connection. (The device on the
* Amazon Web Services side of the VPN connection is the virtual private gateway.) You
* must provide the internet-routable IP address of the customer gateway's external
* <p>Provides information to Amazon Web Services about your customer gateway device. The
* customer gateway device is the appliance at your end of the VPN connection. You
* must provide the IP address of the customer gateway device’s external
* interface. The IP address must be static and can be behind a device performing network
* address translation (NAT).</p>
* <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's
Expand Down
7 changes: 3 additions & 4 deletions clients/client-ec2/src/commands/CreateCustomerGatewayCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,9 @@ export interface CreateCustomerGatewayCommandInput extends CreateCustomerGateway
export interface CreateCustomerGatewayCommandOutput extends CreateCustomerGatewayResult, __MetadataBearer {}

/**
* <p>Provides information to Amazon Web Services about your VPN customer gateway device. The
* customer gateway is the appliance at your end of the VPN connection. (The device on the
* Amazon Web Services side of the VPN connection is the virtual private gateway.) You
* must provide the internet-routable IP address of the customer gateway's external
* <p>Provides information to Amazon Web Services about your customer gateway device. The
* customer gateway device is the appliance at your end of the VPN connection. You
* must provide the IP address of the customer gateway device’s external
* interface. The IP address must be static and can be behind a device performing network
* address translation (NAT).</p>
* <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's
Expand Down
12 changes: 10 additions & 2 deletions clients/client-ec2/src/models/models_0.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8112,7 +8112,8 @@ export interface CreateCustomerGatewayRequest {
BgpAsn: number | undefined;

/**
* <p>The Internet-routable IP address for the customer gateway's outside interface. The
* <p>
* <i>This member has been deprecated.</i> The Internet-routable IP address for the customer gateway's outside interface. The
* address must be static.</p>
*/
PublicIp?: string;
Expand All @@ -8139,6 +8140,13 @@ export interface CreateCustomerGatewayRequest {
*/
DeviceName?: string;

/**
* <p>
* IPv4 address for the customer gateway device's outside interface. The address must be static.
* </p>
*/
IpAddress?: string;

/**
* <p>Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
Expand Down Expand Up @@ -8173,7 +8181,7 @@ export interface CustomerGateway {
CustomerGatewayId?: string;

/**
* <p>The Internet-routable IP address of the customer gateway's outside interface.</p>
* <p>The IP address of the customer gateway device's outside interface.</p>
*/
IpAddress?: string;

Expand Down
29 changes: 29 additions & 0 deletions clients/client-ec2/src/models/models_2.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2675,6 +2675,21 @@ export interface VpnConnectionOptionsSpecification {
* </p>
*/
RemoteIpv6NetworkCidr?: string;

/**
* <p>The type of IPv4 address assigned to the outside interface of the customer gateway device.</p>
* <p>Valid values: <code>PrivateIpv4</code> | <code>PublicIpv4</code>
* </p>
* <p>Default: <code>PublicIpv4</code>
* </p>
*/
OutsideIpAddressType?: string;

/**
* <p>The transit gateway attachment ID to use for the VPN tunnel.</p>
* <p>Required if <code>OutsideIpAddressType</code> is set to <code>PrivateIpv4</code>.</p>
*/
TransportTransitGatewayAttachmentId?: string;
}

export namespace VpnConnectionOptionsSpecification {
Expand Down Expand Up @@ -3033,6 +3048,20 @@ export interface VpnConnectionOptions {
*/
RemoteIpv6NetworkCidr?: string;

/**
* <p>The type of IPv4 address assigned to the outside interface of the customer gateway.</p>
* <p>Valid values: <code>PrivateIpv4</code> | <code>PublicIpv4</code>
* </p>
* <p>Default: <code>PublicIpv4</code>
* </p>
*/
OutsideIpAddressType?: string;

/**
* <p>The transit gateway attachment ID in use for the VPN tunnel.</p>
*/
TransportTransitGatewayAttachmentId?: string;

/**
* <p>Indicates whether the VPN tunnels process IPv4 or IPv6 traffic.</p>
*/
Expand Down
4 changes: 2 additions & 2 deletions clients/client-ec2/src/models/models_3.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -675,8 +675,8 @@ export interface DescribeCustomerGatewaysRequest {
* </li>
* <li>
* <p>
* <code>ip-address</code> - The IP address of the customer gateway's
* Internet-routable external interface.</p>
* <code>ip-address</code> - The IP address of the customer gateway
* device's external interface.</p>
* </li>
* <li>
* <p>
Expand Down
19 changes: 18 additions & 1 deletion clients/client-ec2/src/protocols/Aws_ec2.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34642,7 +34642,7 @@ const serializeAws_ec2CreateCustomerGatewayRequest = (
entries["BgpAsn"] = input.BgpAsn;
}
if (input.PublicIp !== undefined && input.PublicIp !== null) {
entries["IpAddress"] = input.PublicIp;
entries["PublicIp"] = input.PublicIp;
}
if (input.CertificateArn !== undefined && input.CertificateArn !== null) {
entries["CertificateArn"] = input.CertificateArn;
Expand All @@ -34660,6 +34660,9 @@ const serializeAws_ec2CreateCustomerGatewayRequest = (
if (input.DeviceName !== undefined && input.DeviceName !== null) {
entries["DeviceName"] = input.DeviceName;
}
if (input.IpAddress !== undefined && input.IpAddress !== null) {
entries["IpAddress"] = input.IpAddress;
}
if (input.DryRun !== undefined && input.DryRun !== null) {
entries["DryRun"] = input.DryRun;
}
Expand Down Expand Up @@ -53501,6 +53504,12 @@ const serializeAws_ec2VpnConnectionOptionsSpecification = (
if (input.RemoteIpv6NetworkCidr !== undefined && input.RemoteIpv6NetworkCidr !== null) {
entries["RemoteIpv6NetworkCidr"] = input.RemoteIpv6NetworkCidr;
}
if (input.OutsideIpAddressType !== undefined && input.OutsideIpAddressType !== null) {
entries["OutsideIpAddressType"] = input.OutsideIpAddressType;
}
if (input.TransportTransitGatewayAttachmentId !== undefined && input.TransportTransitGatewayAttachmentId !== null) {
entries["TransportTransitGatewayAttachmentId"] = input.TransportTransitGatewayAttachmentId;
}
return entries;
};

Expand Down Expand Up @@ -81457,6 +81466,8 @@ const deserializeAws_ec2VpnConnectionOptions = (output: any, context: __SerdeCon
RemoteIpv4NetworkCidr: undefined,
LocalIpv6NetworkCidr: undefined,
RemoteIpv6NetworkCidr: undefined,
OutsideIpAddressType: undefined,
TransportTransitGatewayAttachmentId: undefined,
TunnelInsideIpVersion: undefined,
TunnelOptions: undefined,
};
Expand All @@ -81478,6 +81489,12 @@ const deserializeAws_ec2VpnConnectionOptions = (output: any, context: __SerdeCon
if (output["remoteIpv6NetworkCidr"] !== undefined) {
contents.RemoteIpv6NetworkCidr = __expectString(output["remoteIpv6NetworkCidr"]);
}
if (output["outsideIpAddressType"] !== undefined) {
contents.OutsideIpAddressType = __expectString(output["outsideIpAddressType"]);
}
if (output["transportTransitGatewayAttachmentId"] !== undefined) {
contents.TransportTransitGatewayAttachmentId = __expectString(output["transportTransitGatewayAttachmentId"]);
}
if (output["tunnelInsideIpVersion"] !== undefined) {
contents.TunnelInsideIpVersion = __expectString(output["tunnelInsideIpVersion"]);
}
Expand Down
43 changes: 38 additions & 5 deletions codegen/sdk-codegen/aws-models/ec2.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10506,7 +10506,7 @@
"target": "com.amazonaws.ec2#CreateCustomerGatewayResult"
},
"traits": {
"smithy.api#documentation": "<p>Provides information to Amazon Web Services about your VPN customer gateway device. The\n customer gateway is the appliance at your end of the VPN connection. (The device on the\n Amazon Web Services side of the VPN connection is the virtual private gateway.) You\n must provide the internet-routable IP address of the customer gateway's external\n interface. The IP address must be static and can be behind a device performing network\n address translation (NAT).</p>\n <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's\n BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network.\n If you don't have an ASN already, you can use a private ASN. For more information, see \n <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/cgw-options.html\">Customer gateway \n options for your Site-to-Site VPN connection</a> in the <i>Amazon Web Services Site-to-Site VPN User Guide</i>.</p>\n <p>To create more than one customer gateway with the same VPN type, IP address, and\n BGP ASN, specify a unique device name for each customer gateway. An identical request\n returns information about the existing customer gateway; it doesn't create a new customer\n gateway.</p>"
"smithy.api#documentation": "<p>Provides information to Amazon Web Services about your customer gateway device. The\n customer gateway device is the appliance at your end of the VPN connection. You\n must provide the IP address of the customer gateway device’s external\n interface. The IP address must be static and can be behind a device performing network\n address translation (NAT).</p>\n <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's\n BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network.\n If you don't have an ASN already, you can use a private ASN. For more information, see \n <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/cgw-options.html\">Customer gateway \n options for your Site-to-Site VPN connection</a> in the <i>Amazon Web Services Site-to-Site VPN User Guide</i>.</p>\n <p>To create more than one customer gateway with the same VPN type, IP address, and\n BGP ASN, specify a unique device name for each customer gateway. An identical request\n returns information about the existing customer gateway; it doesn't create a new customer\n gateway.</p>"
}
},
"com.amazonaws.ec2#CreateCustomerGatewayRequest": {
Expand All @@ -10522,8 +10522,7 @@
"PublicIp": {
"target": "com.amazonaws.ec2#String",
"traits": {
"smithy.api#documentation": "<p>The Internet-routable IP address for the customer gateway's outside interface. The\n address must be static.</p>",
"smithy.api#xmlName": "IpAddress"
"smithy.api#documentation": "<p>\n <i>This member has been deprecated.</i> The Internet-routable IP address for the customer gateway's outside interface. The\n address must be static.</p>"
}
},
"CertificateArn": {
Expand Down Expand Up @@ -10552,6 +10551,12 @@
"smithy.api#documentation": "<p>A name for the customer gateway device.</p>\n <p>Length Constraints: Up to 255 characters.</p>"
}
},
"IpAddress": {
"target": "com.amazonaws.ec2#String",
"traits": {
"smithy.api#documentation": "<p>\n IPv4 address for the customer gateway device's outside interface. The address must be static.\n </p>"
}
},
"DryRun": {
"target": "com.amazonaws.ec2#Boolean",
"traits": {
Expand Down Expand Up @@ -15679,7 +15684,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "IpAddress",
"smithy.api#documentation": "<p>The Internet-routable IP address of the customer gateway's outside interface.</p>",
"smithy.api#documentation": "<p>The IP address of the customer gateway device's outside interface.</p>",
"smithy.api#xmlName": "ipAddress"
}
},
Expand Down Expand Up @@ -20616,7 +20621,7 @@
"Filters": {
"target": "com.amazonaws.ec2#FilterList",
"traits": {
"smithy.api#documentation": "<p>One or more filters.</p>\n <ul>\n <li>\n <p>\n <code>bgp-asn</code> - The customer gateway's Border Gateway Protocol (BGP)\n Autonomous System Number (ASN).</p>\n </li>\n <li>\n <p>\n <code>customer-gateway-id</code> - The ID of the customer gateway.</p>\n </li>\n <li>\n <p>\n <code>ip-address</code> - The IP address of the customer gateway's\n Internet-routable external interface.</p>\n </li>\n <li>\n <p>\n <code>state</code> - The state of the customer gateway (<code>pending</code> |\n <code>available</code> | <code>deleting</code> |\n <code>deleted</code>).</p>\n </li>\n <li>\n <p>\n <code>type</code> - The type of customer gateway. Currently, the only\n supported type is <code>ipsec.1</code>.</p>\n </li>\n <li> \n <p>\n <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> \n </li>\n <li> \n <p>\n <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> \n </li>\n </ul>",
"smithy.api#documentation": "<p>One or more filters.</p>\n <ul>\n <li>\n <p>\n <code>bgp-asn</code> - The customer gateway's Border Gateway Protocol (BGP)\n Autonomous System Number (ASN).</p>\n </li>\n <li>\n <p>\n <code>customer-gateway-id</code> - The ID of the customer gateway.</p>\n </li>\n <li>\n <p>\n <code>ip-address</code> - The IP address of the customer gateway\n device's external interface.</p>\n </li>\n <li>\n <p>\n <code>state</code> - The state of the customer gateway (<code>pending</code> |\n <code>available</code> | <code>deleting</code> |\n <code>deleted</code>).</p>\n </li>\n <li>\n <p>\n <code>type</code> - The type of customer gateway. Currently, the only\n supported type is <code>ipsec.1</code>.</p>\n </li>\n <li> \n <p>\n <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value.\n For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> \n </li>\n <li> \n <p>\n <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> \n </li>\n </ul>",
"smithy.api#xmlName": "Filter"
}
},
Expand Down Expand Up @@ -80085,6 +80090,22 @@
"smithy.api#xmlName": "remoteIpv6NetworkCidr"
}
},
"OutsideIpAddressType": {
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "OutsideIpAddressType",
"smithy.api#documentation": "<p>The type of IPv4 address assigned to the outside interface of the customer gateway.</p>\n <p>Valid values: <code>PrivateIpv4</code> | <code>PublicIpv4</code>\n </p>\n <p>Default: <code>PublicIpv4</code>\n </p>",
"smithy.api#xmlName": "outsideIpAddressType"
}
},
"TransportTransitGatewayAttachmentId": {
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "TransportTransitGatewayAttachmentId",
"smithy.api#documentation": "<p>The transit gateway attachment ID in use for the VPN tunnel.</p>",
"smithy.api#xmlName": "transportTransitGatewayAttachmentId"
}
},
"TunnelInsideIpVersion": {
"target": "com.amazonaws.ec2#TunnelInsideIpVersion",
"traits": {
Expand Down Expand Up @@ -80158,6 +80179,18 @@
"traits": {
"smithy.api#documentation": "<p>The IPv6 CIDR on the Amazon Web Services side of the VPN connection.</p>\n <p>Default: <code>::/0</code>\n </p>"
}
},
"OutsideIpAddressType": {
"target": "com.amazonaws.ec2#String",
"traits": {
"smithy.api#documentation": "<p>The type of IPv4 address assigned to the outside interface of the customer gateway device.</p>\n <p>Valid values: <code>PrivateIpv4</code> | <code>PublicIpv4</code>\n </p>\n <p>Default: <code>PublicIpv4</code>\n </p>"
}
},
"TransportTransitGatewayAttachmentId": {
"target": "com.amazonaws.ec2#TransitGatewayAttachmentId",
"traits": {
"smithy.api#documentation": "<p>The transit gateway attachment ID to use for the VPN tunnel.</p>\n <p>Required if <code>OutsideIpAddressType</code> is set to <code>PrivateIpv4</code>.</p>"
}
}
},
"traits": {
Expand Down

0 comments on commit 8f2eb0c

Please sign in to comment.