aws ec2 create-customer-gateway

Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the internet-routable IP address of the customer gateway's external interface. The IP address must be static and can be behind a device performing network address translation (NAT). For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range). Amazon EC2 supports all 4-byte ASN numbers in the range of 1 - 2147483647, with the exception of the following: 7224 - reserved in the us-east-1 Region 9059 - reserved in the eu-west-1 Region 17943 - reserved in the ap-southeast-1 Region 10124 - reserved in the ap-northeast-1 Region For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide. To create more than one customer gateway with the same VPN type, IP address, and BGP ASN, specify a unique device name for each customer gateway. Identical requests return information about the existing customer gateway and do not create new customer gateways

Options

NameDescription
--bgp-asn <integer>For devices that support BGP, the customer gateway's BGP ASN. Default: 65000
--public-ip <string>The Internet-routable IP address for the customer gateway's outside interface. The address must be static
--certificate-arn <string>The Amazon Resource Name (ARN) for the customer gateway certificate
--type <string>The type of VPN connection that this customer gateway supports (ipsec.1)
--tag-specifications <list>The tags to apply to the customer gateway
--device-name <string>A name for the customer gateway device. Length Constraints: Up to 255 characters
--dry-runChecks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation
--no-dry-runChecks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation
--cli-input-json <string>Performs service operation based on the JSON string provided. The JSON string follows the format provided by ``--generate-cli-skeleton``. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally
--generate-cli-skeleton <string>Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value ``input``, prints a sample input JSON that can be used as an argument for ``--cli-input-json``. If provided with the value ``output``, it validates the command inputs and returns a sample output JSON for that command