ec2-describe-vpn-connections

Description

Gives you information about your VPN connections. You can filter the results to return information only about VPN connections that match criteria you specify. For example, you could get information only about VPN connections whose state is pending or available. You can specify multiple values for the filter. A VPN connection must match at least one of the specified values for it to be included in the results.

You can specify multiple filters (e.g., the VPN connection is associated with a particular virtual private gateway, and the gateway's state is pending or available). The result includes information for a particular VPN connection only if it matches all your filters. If there's no match, no special message is returned; the response is simply empty.

You can use wildcards with the filter values: * matches zero or more characters, and ? matches exactly one character. You can escape special characters using a backslash before the character. For example, a value of \*amazon\?\\ searches for the literal string *amazon?\.

The following table shows the available filters.

Filter Name	Description
`customer-gateway-configuration`	Configuration information for the customer gateway. Type: String
`customer-gateway-id`	The ID of a customer gateway associated with the VPN connection. Type: String
`state`	The state of the VPN connection. Type: String Valid Values: `pending` \| `available` \| `deleting` \| `deleted`
`tag-key`	Key of a tag assigned to the resource. This filter is independent of the `tag-value` filter. For example, if you use both the filter `tag-key=Purpose` and the filter `tag-value=X`, you get any resources assigned both the tag key `Purpose` (regardless of what the tag's value is), and the tag value `X` (regardless of what the tag's key is). If you want to list only resources where Purpose=X, see the `tag:key` filter later in this table. For more information about tags, go to Using Tags in the Amazon Elastic Compute Cloud User Guide. Type: String
`tag-value`	Value of a tag assigned to the resource. This filter is independent of the `tag-key` filter. Type: String
`tag:``key`	Filters the results based on a specific tag/value combination. Example: To list just the resources assigned tag Purpose=X, then specify: `--filter tag:Purpose=X` Example: To list just resources assigned tag Purpose=X OR Purpose=Y, then specify: `--filter tag:Purpose=X --filter tag:Purpose=Y`
`type`	The type of VPN connection. Currently the only supported type is `ipsec.1`. Type: String Valid Values: `ipsec.1`
`vpn-connection-id`	ID of the VPN connection. Type: String
`vpn-gateway-id`	The ID of a virtual private gateway associated with the VPN connection. Type: String

For VPN connections in the pending or available state only, you can also optionally get the configuration information for the VPN connection's customer gateway. You do this by specifying a format with the --format option, or by specifying an XSL stylesheet of your own design with the --stylesheet option (you were also able to do this when you created the VPN connection).

For more information about Amazon Virtual Private Cloud and VPN connections, go to Adding an IPsec Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide.

The short version of this command is ec2dvpn.

Syntax

ec2-describe-vpn-connections [vpn_connection_id ... ] [{--format format} | {--stylesheet your_stylesheet}] [[--filter name=value] ...]

Options

Name	Description	Required
`vpn_connection_id`	A VPN connection ID. You can specify more than one in the request. Type: String Default: Returns information about all your VPN connections. Example: vpn-44a8938f	No
`--format` `format`	Causes the response to include customer gateway configuration information, in the format specified by this option. The information is returned only if the VPN connection is in the pending or available state. The returned information can be formatted for various devices, including a Cisco device (cisco-ios-isr) or Juniper device (juniper-junos-j), in human readable format (generic), or in the native XML format (xml). Type: String Default: None Valid Values: `cisco-ios-isr` \| `juniper-junos-j` \| `juniper-screenos-6.2` \| `juniper-screenos-6.1` \| `generic` \| `xml` Example: --format cisco-ios-isr	No
`--stylesheet` `your_stylesheet`	Causes the response to include customer gateway configuration information, formatted according to the custom XSL stylesheet you specify with this option. The information is returned only if the VPN connection is in the pending or available state. Type: String Default: None Example: --stylesheet c:\my_stylesheet.xsl	No
`-F, --filter` `name`=`value`	A filter for limiting the results. See the preceding table for a list of allowed filter names and values. You need to use quotation marks if the value string has a space (e.g., "name=value example"). If you're using the command line tools on a Windows system, you might need to use quotation marks, even when there is no space in the value string (e.g., "name=value"). Type: String Default: Describes all VPN connections you own, or only those otherwise specified. Example: --filter "tag-key=Production"	No

Common Options

Option	Description
`--region` `REGION`	Overrides the Region specified in the `EC2_URL` environment variable and the URL specified by the `-U` option. Default: The `EC2_URL` environment variable, or `us-east-1` if the environment variable is not set. Example: `--region eu-west-1`
`-U, --url` `URL`	`URL` is the uniform resource locator of the Amazon EC2 web service entry point. Default: The `EC2_URL` environment variable, or https://ec2.amazonaws.com if the environment variable is not set. Example: `-U https://ec2.amazonaws.com`
`-K, --private-key` `EC2-PRIVATE-KEY`	The private key to use when constructing requests to Amazon EC2. Default: The value of the `EC2_PRIVATE_KEY` environment variable. Example: `-K pk-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem`
`-C, --cert` `EC2-CERT`	The X.509 certificate to use when constructing requests to Amazon EC2. Default: The value of the `EC2_CERT` environment variable. Example: `-C cert-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem`
`--connection-timeout` `TIMEOUT`	Specifies a connection timeout (in seconds). Example: --connection-timeout 30
`--request-timeout` `TIMEOUT`	Specifies a request timeout (in seconds). Example: --request-timeout 45
`-v, --verbose`	Displays verbose output by showing the SOAP request and response on the command line. This is particularly useful if you are building tools to talk directly to our SOAP API.
`-H, --headers`	Displays column headers in the output.
`--show-empty-fields`	Shows empty columns as `(nil)`.
`--hide-tags`	Do not display tags for tagged resources.
`--debug`	Prints internal debugging information. This is useful to assist us when troubleshooting problems.
`-?, --help, -h`	Displays Help.
`-`	If `-` is specified as an argument to one of the parameters, a list of arguments is read from standard input. This is useful for piping the output of one command into the input of another. Example: `ec2-describe-instances \| grep stopped \| cut -f 2 \| ec2-start-instances -`

Output

The command returns a table that contains the following information:

Output type identifier ("VPNCONNECTION")
VPN connection ID
Type of VPN connection
Customer gateway ID
Virtual private gateway ID
State of the VPN connection (pending, available, deleting, deleted)
Configuration information for the customer gateway (optional and available only if the VPN connection is in the pending or available state)
Any tags assigned to the VPN connection

Amazon EC2 command line tools display errors on stderr.

Examples

Example Request

This example gives a description of the VPN connection with ID vpn-44a8938f. The example specifies that the configuration information be formatted as needed for a Cisco customer gateway. Because it's a long set of information, we haven't displayed it here in the response. To see an example of the configuration information, go to the Amazon Virtual Private Cloud Network Administrator Guide.

PROMPT> ec2-describe-vpn-connections vpn-44a8938f --format cisco-ios-isr 
					VPNCONNECTION  vpn-44a8938f  ipsec.1  vgw-8db04f81  cgw-b4dc3961  available   
						<Long customer gateway configuration data formatted for Cisco device... >

Example Request

This example uses filters to give a description of any VPN connection you own associated with the customer gateway with ID cgw-b4dc3961, and whose state is either pending or available. Note that it doesn't use the option that causes the output to include the customer gateway configuration.

PROMPT> ec2-describe-vpn-connections --filter "customer-gateway-id=cgw-b4dc3961"  --filter "state=pending" --filter "state=available" 
VPNCONNECTION  vpn-44a8938f  ipsec.1  vgw-8db04f81  cgw-b4dc3961  available

Description

Syntax

Options

Common Options

Output

Examples

Example Request

Example Request

Related Operations