/
ip_sec_connection.go
153 lines (128 loc) · 8.52 KB
/
ip_sec_connection.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
// Copyright (c) 2016, 2018, 2021, Oracle and/or its affiliates. All rights reserved.
// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
// Code generated. DO NOT EDIT.
// Core Services API
//
// Use the Core Services API to manage resources such as virtual cloud networks (VCNs),
// compute instances, and block storage volumes. For more information, see the console
// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm),
// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and
// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services.
//
package core
import (
"github.com/oracle/oci-go-sdk/v53/common"
)
// IpSecConnection A connection between a DRG and CPE. This connection consists of multiple IPSec
// tunnels. Creating this connection is one of the steps required when setting up
// a Site-to-Site VPN.
// **Important:** Each tunnel in an IPSec connection can use either static routing or BGP dynamic
// routing (see the IPSecConnectionTunnel object's
// `routing` attribute). Originally only static routing was supported and
// every IPSec connection was required to have at least one static route configured.
// To maintain backward compatibility in the API when support for BPG dynamic routing was introduced,
// the API accepts an empty list of static routes if you configure both of the IPSec tunnels to use
// BGP dynamic routing. If you switch a tunnel's routing from `BGP` to `STATIC`, you must first
// ensure that the IPSec connection is configured with at least one valid CIDR block static route.
// Oracle uses the IPSec connection's static routes when routing a tunnel's traffic *only*
// if that tunnel's `routing` attribute = `STATIC`. Otherwise the static routes are ignored.
// For more information about the workflow for setting up an IPSec connection, see
// Site-to-Site VPN Overview (https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/overviewIPsec.htm).
// To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized,
// talk to an administrator. If you're an administrator who needs to write policies to give users access, see
// Getting Started with Policies (https://docs.cloud.oracle.com/iaas/Content/Identity/Concepts/policygetstarted.htm).
type IpSecConnection struct {
// The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment containing the IPSec connection.
CompartmentId *string `mandatory:"true" json:"compartmentId"`
// The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the Cpe object.
CpeId *string `mandatory:"true" json:"cpeId"`
// The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the DRG.
DrgId *string `mandatory:"true" json:"drgId"`
// The IPSec connection's Oracle ID (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)).
Id *string `mandatory:"true" json:"id"`
// The IPSec connection's current state.
LifecycleState IpSecConnectionLifecycleStateEnum `mandatory:"true" json:"lifecycleState"`
// Static routes to the CPE. The CIDR must not be a
// multicast address or class E address.
// Used for routing a given IPSec tunnel's traffic only if the tunnel
// is using static routing. If you configure at least one tunnel to use static routing, then
// you must provide at least one valid static route. If you configure both
// tunnels to use BGP dynamic routing, you can provide an empty list for the static routes.
// The CIDR can be either IPv4 or IPv6. IPv6 addressing is supported for all commercial and government regions.
// See IPv6 Addresses (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/ipv6.htm).
// Example: `10.0.1.0/24`
// Example: `2001:db8::/32`
StaticRoutes []string `mandatory:"true" json:"staticRoutes"`
// Defined tags for this resource. Each key is predefined and scoped to a
// namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).
// Example: `{"Operations": {"CostCenter": "42"}}`
DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"`
// A user-friendly name. Does not have to be unique, and it's changeable.
// Avoid entering confidential information.
DisplayName *string `mandatory:"false" json:"displayName"`
// Free-form tags for this resource. Each tag is a simple key-value pair with no
// predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).
// Example: `{"Department": "Finance"}`
FreeformTags map[string]string `mandatory:"false" json:"freeformTags"`
// Your identifier for your CPE device. Can be either an IP address or a hostname (specifically,
// the fully qualified domain name (FQDN)). The type of identifier here must correspond
// to the value for `cpeLocalIdentifierType`.
// If you don't provide a value when creating the IPSec connection, the `ipAddress` attribute
// for the Cpe object specified by `cpeId` is used as the `cpeLocalIdentifier`.
// For information about why you'd provide this value, see
// If Your CPE Is Behind a NAT Device (https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/overviewIPsec.htm#nat).
// Example IP address: `10.0.3.3`
// Example hostname: `cpe.example.com`
CpeLocalIdentifier *string `mandatory:"false" json:"cpeLocalIdentifier"`
// The type of identifier for your CPE device. The value here must correspond to the value
// for `cpeLocalIdentifier`.
CpeLocalIdentifierType IpSecConnectionCpeLocalIdentifierTypeEnum `mandatory:"false" json:"cpeLocalIdentifierType,omitempty"`
// The date and time the IPSec connection was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339).
// Example: `2016-08-25T21:10:29.600Z`
TimeCreated *common.SDKTime `mandatory:"false" json:"timeCreated"`
}
func (m IpSecConnection) String() string {
return common.PointerString(m)
}
// IpSecConnectionLifecycleStateEnum Enum with underlying type: string
type IpSecConnectionLifecycleStateEnum string
// Set of constants representing the allowable values for IpSecConnectionLifecycleStateEnum
const (
IpSecConnectionLifecycleStateProvisioning IpSecConnectionLifecycleStateEnum = "PROVISIONING"
IpSecConnectionLifecycleStateAvailable IpSecConnectionLifecycleStateEnum = "AVAILABLE"
IpSecConnectionLifecycleStateTerminating IpSecConnectionLifecycleStateEnum = "TERMINATING"
IpSecConnectionLifecycleStateTerminated IpSecConnectionLifecycleStateEnum = "TERMINATED"
)
var mappingIpSecConnectionLifecycleState = map[string]IpSecConnectionLifecycleStateEnum{
"PROVISIONING": IpSecConnectionLifecycleStateProvisioning,
"AVAILABLE": IpSecConnectionLifecycleStateAvailable,
"TERMINATING": IpSecConnectionLifecycleStateTerminating,
"TERMINATED": IpSecConnectionLifecycleStateTerminated,
}
// GetIpSecConnectionLifecycleStateEnumValues Enumerates the set of values for IpSecConnectionLifecycleStateEnum
func GetIpSecConnectionLifecycleStateEnumValues() []IpSecConnectionLifecycleStateEnum {
values := make([]IpSecConnectionLifecycleStateEnum, 0)
for _, v := range mappingIpSecConnectionLifecycleState {
values = append(values, v)
}
return values
}
// IpSecConnectionCpeLocalIdentifierTypeEnum Enum with underlying type: string
type IpSecConnectionCpeLocalIdentifierTypeEnum string
// Set of constants representing the allowable values for IpSecConnectionCpeLocalIdentifierTypeEnum
const (
IpSecConnectionCpeLocalIdentifierTypeIpAddress IpSecConnectionCpeLocalIdentifierTypeEnum = "IP_ADDRESS"
IpSecConnectionCpeLocalIdentifierTypeHostname IpSecConnectionCpeLocalIdentifierTypeEnum = "HOSTNAME"
)
var mappingIpSecConnectionCpeLocalIdentifierType = map[string]IpSecConnectionCpeLocalIdentifierTypeEnum{
"IP_ADDRESS": IpSecConnectionCpeLocalIdentifierTypeIpAddress,
"HOSTNAME": IpSecConnectionCpeLocalIdentifierTypeHostname,
}
// GetIpSecConnectionCpeLocalIdentifierTypeEnumValues Enumerates the set of values for IpSecConnectionCpeLocalIdentifierTypeEnum
func GetIpSecConnectionCpeLocalIdentifierTypeEnumValues() []IpSecConnectionCpeLocalIdentifierTypeEnum {
values := make([]IpSecConnectionCpeLocalIdentifierTypeEnum, 0)
for _, v := range mappingIpSecConnectionCpeLocalIdentifierType {
values = append(values, v)
}
return values
}