public static final class CreateVpnAttachmentRequest.Builder extends Object
| 限定符和类型 | 方法和说明 |
|---|---|
CreateVpnAttachmentRequest.Builder |
autoConfigRoute(Boolean autoConfigRoute)
Specifies whether to automatically configure routes.
|
CreateVpnAttachmentRequest.Builder |
bgpConfig(String bgpConfig)
The Border Gateway Protocol (BGP) configurations:
* **BgpConfig.EnableBgp**: specifies whether to enable BGP.
|
CreateVpnAttachmentRequest |
build() |
CreateVpnAttachmentRequest.Builder |
clientToken(String clientToken)
The client token that is used to ensure the idempotence of the request.
|
CreateVpnAttachmentRequest.Builder |
customerGatewayId(String customerGatewayId)
The ID of the customer gateway.
|
CreateVpnAttachmentRequest.Builder |
effectImmediately(Boolean effectImmediately)
Specifies whether to immediately start IPsec negotiations after the configuration takes effect.
|
CreateVpnAttachmentRequest.Builder |
enableDpd(Boolean enableDpd)
Specifies whether to enable the dead peer detection (DPD) feature.
|
CreateVpnAttachmentRequest.Builder |
enableNatTraversal(Boolean enableNatTraversal)
Specifies whether to enable NAT traversal.
|
CreateVpnAttachmentRequest.Builder |
healthCheckConfig(String healthCheckConfig)
The health check configuration:
* **HealthCheckConfig.enable**: specifies whether to enable health checks.
|
CreateVpnAttachmentRequest.Builder |
ikeConfig(String ikeConfig)
The configurations of Phase 1 negotiations:
* **IkeConfig.Psk**: The pre-shared key that is used for authentication between the VPN gateway and the data center
|
CreateVpnAttachmentRequest.Builder |
ipsecConfig(String ipsecConfig)
The configurations of Phase 2 negotiations:
* **IpsecConfig.IpsecEncAlg**: the encryption algorithm that is used in Phase 2 negotiations.
|
CreateVpnAttachmentRequest.Builder |
localSubnet(String localSubnet)
The CIDR block on the VPC side.
|
CreateVpnAttachmentRequest.Builder |
name(String name)
The name of the IPsec-VPN connection.
|
CreateVpnAttachmentRequest.Builder |
networkType(String networkType)
The network type of the IPsec-VPN connection.
|
CreateVpnAttachmentRequest.Builder |
ownerAccount(String ownerAccount)
OwnerAccount.
|
CreateVpnAttachmentRequest.Builder |
regionId(String regionId)
The region ID of the IPsec-VPN connection.
|
CreateVpnAttachmentRequest.Builder |
remoteCaCert(String remoteCaCert)
The peer CA certificate when a ShangMi (SM) VPN gateway is used to create the IPsec-VPN connection.
|
CreateVpnAttachmentRequest.Builder |
remoteSubnet(String remoteSubnet)
The CIDR block on the data center side.
|
CreateVpnAttachmentRequest.Builder |
resourceGroupId(String resourceGroupId)
The ID of the resource group to which the IPsec-VPN connection belongs.
|
CreateVpnAttachmentRequest.Builder |
resourceOwnerAccount(String resourceOwnerAccount)
ResourceOwnerAccount.
|
CreateVpnAttachmentRequest.Builder |
resourceOwnerId(Long resourceOwnerId)
ResourceOwnerId.
|
CreateVpnAttachmentRequest.Builder |
tags(List<CreateVpnAttachmentRequest.Tags> tags)
The tag value.
|
public CreateVpnAttachmentRequest.Builder autoConfigRoute(Boolean autoConfigRoute)
* **true** (default) * **false**
public CreateVpnAttachmentRequest.Builder bgpConfig(String bgpConfig)
* **BgpConfig.EnableBgp**: specifies whether to enable BGP. Valid values: **true** and **false**. Default value: false. * **BgpConfig.LocalAsn**: the ASN on the Alibaba Cloud side. Valid values: **1** to **4294967295**. Default value: **45104**. You can enter the ASN in two segments. Separate the first 16 bits of the ASN from the remaining 16 bits with a period (.). Enter the number in each segment in decimal format. For example, if you enter 123.456, the ASN is: 123 × 65536 + 456 = 8061384. * **BgpConfig.TunnelCidr**: the CIDR block of the IPsec tunnel. The CIDR block falls within 169.254.0.0/16. The subnet mask of the CIDR block must be 30 bits in length. * **LocalBgpIp:** the BGP IP address on the Alibaba Cloud side. This IP address must fall within the CIDR block range of the IPsec tunnel. > * Before you configure BGP, we recommend that you learn about how BGP works and the limits. For more information, see [BGP dynamic routing ](~~170235~~). > * We recommend that you use a private ASN to establish a connection with Alibaba Cloud over BGP. Refer to the relevant documentation for the private ASN range.
public CreateVpnAttachmentRequest.Builder clientToken(String clientToken)
You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. > If you do not specify this parameter, the system automatically uses the **request ID** as the **client token**. The **request ID** may be different for each request.
public CreateVpnAttachmentRequest.Builder customerGatewayId(String customerGatewayId)
public CreateVpnAttachmentRequest.Builder effectImmediately(Boolean effectImmediately)
* **true**: immediately starts IPsec negotiations after the configuration is complete. * **false** (default): starts IPsec negotiations when inbound traffic is received.
public CreateVpnAttachmentRequest.Builder enableDpd(Boolean enableDpd)
* **true** (default) The initiator of the IPsec-VPN connection sends DPD packets to verify the existence and availability of the peer. If no response is received from the peer within a specified period of time, the connection fails. ISAKMP SAs and IPsec SAs are deleted. The IPsec tunnel is also deleted. * **false**
public CreateVpnAttachmentRequest.Builder enableNatTraversal(Boolean enableNatTraversal)
* **true** (default) After NAT traversal is enabled, the initiator does not check the UDP ports during IKE negotiations and can automatically discover NAT gateway devices along the VPN tunnel. * **false**
public CreateVpnAttachmentRequest.Builder healthCheckConfig(String healthCheckConfig)
* **HealthCheckConfig.enable**: specifies whether to enable health checks. Valid values: **true** and **false**. Default value: false. * **HealthCheckConfig.dip**: the destination IP address configured for health checks. Enter the IP address on the data center side that the VPC can communicate with through the IPsec-VPN connection. * **HealthCheckConfig.sip**: the source IP address configured for health checks. Enter the IP address on the VPC side that the data center can communicate with through the IPsec-VPN connection. * **HealthCheckConfig.interval**: the time interval of health check retries. Unit: seconds. Default value: **3**. * **HealthCheckConfig.retry**: the maximum number of health check retries. Default value: **3**. * **HealthCheckConfig.Policy**: specifies whether to withdraw published routes when health checks fail. Valid values: * **revoke_route** (default): withdraws published routes. * **reserve_route**: does not withdraw published routes.
public CreateVpnAttachmentRequest.Builder ikeConfig(String ikeConfig)
* **IkeConfig.Psk**: The pre-shared key that is used for authentication between the VPN gateway and the data center. * It must be 1 to 100 characters in length, and can contain letters, digits, and the following characters: ``~!`@#$%^&*()_-+={}[]|;:\",.<>/?`` * If you do not specify a pre-shared key, the system generates a random 16-character string as the pre-shared key. You can call the [DescribeVpnConnection](~~2526951~~) operation to query the pre-shared key that is generated by the system. > The pre-shared key of the IPsec-VPN connection must be the same as the authentication key of the data center. Otherwise, a connection cannot be established between the data center and the VPN gateway. * **IkeConfig.IkeVersion**: the IKE version. Valid values: **ikev1** and **ikev2**. Default value: **ikev1**. * **IkeConfig.IkeMode**: the negotiation mode. Valid values: **main** and **aggressive**. Default value: **main**. * **IkeConfig.IkeEncAlg:** the encryption algorithm that is used in Phase 1 negotiations. Valid values: **aes**, **aes192**, **aes256**, **des**, and **3des**. Default value: **aes**. * **IkeConfig.IkeAuthAlg**: the authentication algorithm that is used in Phase 1 negotiations. Valid values: **md5**, **sha1**, **sha256**, **sha384**, and **sha512**. Default value: **md5**. * **IkeConfig.IkePfs**: the Diffie-Hellman key exchange algorithm that is used in Phase 1 negotiations. Valid values: **group1**, **group2**, **group5**, and **group14**. Default value: **group2**. * **IkeConfig.IkeLifetime**: the SA lifetime determined by Phase 1 negotiations. Unit: seconds. Valid values: **0** to **86400**. Default value: **86400**. * **IkeConfig.LocalId**: the identifier on the Alibaba Cloud side. The identifier cannot exceed 100 characters in length. This parameter is empty by default. * **IkeConfig.RemoteId**: the identifier on the data center side. The identifier cannot exceed 100 characters in length. The default value is the IP address of the customer gateway.
public CreateVpnAttachmentRequest.Builder ipsecConfig(String ipsecConfig)
* **IpsecConfig.IpsecEncAlg**: the encryption algorithm that is used in Phase 2 negotiations. Valid values: **aes**, **aes192**, **aes256**, **des**, and **3des**. Default value: **aes**. * **IpsecConfig. IpsecAuthAlg**: the authentication algorithm that is used in Phase 2 negotiations. Valid values: **md5**, **sha1**, **sha256**, **sha384**, and **sha512**. Default value: **md5**. * **IpsecConfig. IpsecPfs**: the Diffie-Hellman key exchange algorithm that is used in Phase 2 negotiations. Valid values: **disabled**, **group1**, **group2**, **group5**, and **group14**. Default value: **group2**. * **IpsecConfig. IpsecLifetime**: the SA lifetime that is determined by Phase 2 negotiations. Unit: seconds. Valid values: **0** to **86400**. Default value: **86400**.
public CreateVpnAttachmentRequest.Builder localSubnet(String localSubnet)
Separate multiple CIDR blocks with commas (,). Example: 192.168.1.0/24,192.168.2.0/24. The following routing modes are supported: * If you set **LocalSubnet** and **RemoteSubnet** to 0.0.0.0/0, the routing mode of the IPsec-VPN connection is set to Destination Routing Mode. * If you set **LocalSubnet** and **RemoteSubnet** to specific CIDR blocks, the routing mode of the IPsec-VPN connection is set to Protected Data Flows.
public CreateVpnAttachmentRequest.Builder name(String name)
The name must be 1 to 100 characters in length and cannot start with `http://` or `https://`.
public CreateVpnAttachmentRequest.Builder networkType(String networkType)
* **public** (default) * **private**
public CreateVpnAttachmentRequest.Builder ownerAccount(String ownerAccount)
public CreateVpnAttachmentRequest.Builder regionId(String regionId)
You can call the [DescribeRegions](~~36063~~) operation to query the most recent region list.
public CreateVpnAttachmentRequest.Builder remoteCaCert(String remoteCaCert)
public CreateVpnAttachmentRequest.Builder remoteSubnet(String remoteSubnet)
Separate multiple CIDR blocks with commas (,). Example: 192.168.3.0/24,192.168.4.0/24. The following routing modes are supported: * If you set **LocalSubnet** and **RemoteSubnet** to 0.0.0.0/0, the routing mode of the IPsec-VPN connection is set to Destination Routing Mode. * If you set **LocalSubnet** and **RemoteSubnet** to specific CIDR blocks, the routing mode of the IPsec-VPN connection is set to Protected Data Flows.
public CreateVpnAttachmentRequest.Builder resourceGroupId(String resourceGroupId)
* You can call the [ListResourceGroups](~~158855~~) operation to query resource group IDs. * If you do not specify a resource group ID, the IPsec-VPN connection belongs to the default resource group.
public CreateVpnAttachmentRequest.Builder resourceOwnerAccount(String resourceOwnerAccount)
public CreateVpnAttachmentRequest.Builder resourceOwnerId(Long resourceOwnerId)
public CreateVpnAttachmentRequest.Builder tags(List<CreateVpnAttachmentRequest.Tags> tags)
The tag value can be an empty string and cannot exceed 128 characters in length. It cannot start with `aliyun` or `acs:`, and cannot contain `http://` or `https://`. Each tag key corresponds to one tag value. You can specify up to 20 tag values in each call.
public CreateVpnAttachmentRequest build()
Copyright © 2024. All rights reserved.