Difference between revisions of "Aws ec2 create-client-vpn-endpoint"
Jump to navigation
Jump to search
(17 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
* https://docs.aws.amazon.com/cli/latest/reference/ec2/create-client-vpn-endpoint.html | * https://docs.aws.amazon.com/cli/latest/reference/ec2/create-client-vpn-endpoint.html | ||
+ | --authentication-options Type= [ [[directory-service-authentication]] | [[certificate-authentication]] | [[federated-authentication]] ] | ||
+ | |||
+ | Syntax: | ||
+ | Type=StringWithAnyof3AvailableTypes,[[ActiveDirectory]]={DirectoryId=string},[[MutualAuthentication]]={ClientRootCertificateChainArn=string},[[FederatedAuthentication]]={SAMLProviderArn=string,SelfServiceSAMLProviderArn=string} ... | ||
== Example == | == Example == | ||
− | aws ec2 create-client-vpn-endpoint \ | + | [[aws ec2]] create-client-vpn-endpoint \ |
− | [[--client-cidr-block]] "172.31.0.0/16" \ | + | [[--client-cidr-block]] "[[172.31]].0.0/16" \ |
− | [[--server-certificate-arn]] arn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-11111EXAMPLE \ | + | [[--server-certificate-arn]] arn:aws:[[acm]]:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-11111EXAMPLE \ |
− | [[--authentication-options]] Type=certificate-authentication,MutualAuthentication={ClientRootCertificateChainArn=arn:aws:acm:ap-south- 1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-22222EXAMPLE} \ | + | [[--authentication-options]] Type=[[certificate-authentication]],[[MutualAuthentication]]={ClientRootCertificateChainArn=arn:aws:acm:ap-south- 1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-22222EXAMPLE} \ |
− | --connection-log-options Enabled=false | + | [[--connection-log-options]] Enabled=false |
+ | |||
+ | Output: | ||
+ | { | ||
+ | "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", | ||
+ | "Status": { | ||
+ | "Code": "pending-associate" | ||
+ | }, | ||
+ | "DnsName": "cvpn-endpoint-123456789123abcde.prod.[[clientvpn]].ap-south-1.[[amazonaws.com]]" | ||
+ | } | ||
== Related == | == Related == | ||
* A [[Client VPN endpoint]] supports a single [[IdP]] only | * A [[Client VPN endpoint]] supports a single [[IdP]] only | ||
+ | * [[Terraform resource]]: <code>[[aws_ec2_client_vpn_endpoint]]</code> | ||
+ | * <code>[[aws iam create-saml-provider]]</code> | ||
+ | * <code>[[aws ec2 describe-client-vpn-endpoints]]</code> | ||
== See also == | == See also == |
Latest revision as of 10:47, 16 March 2022
aws ec2 create-client-vpn-endpoint
--authentication-options Type= [ directory-service-authentication | certificate-authentication | federated-authentication ]
Syntax: Type=StringWithAnyof3AvailableTypes,ActiveDirectory={DirectoryId=string},MutualAuthentication={ClientRootCertificateChainArn=string},FederatedAuthentication={SAMLProviderArn=string,SelfServiceSAMLProviderArn=string} ...
Example[edit]
aws ec2 create-client-vpn-endpoint \ --client-cidr-block "172.31.0.0/16" \ --server-certificate-arn arn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-11111EXAMPLE \ --authentication-options Type=certificate-authentication,MutualAuthentication={ClientRootCertificateChainArn=arn:aws:acm:ap-south- 1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-22222EXAMPLE} \ --connection-log-options Enabled=false
Output:
{ "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "Status": { "Code": "pending-associate" }, "DnsName": "cvpn-endpoint-123456789123abcde.prod.clientvpn.ap-south-1.amazonaws.com" }
Related[edit]
- A Client VPN endpoint supports a single IdP only
- Terraform resource:
aws_ec2_client_vpn_endpoint
aws iam create-saml-provider
aws ec2 describe-client-vpn-endpoints
See also[edit]
- AWS VPN:
aws ec2 vpn
,attach-vpn-gateway
,associate-client-vpn-target-network
,create-client-vpn-endpoint
,create-client-vpn-route
,create-vpn-connection-route
,create-vpn-gateway
,export-client-vpn-client-configuration
,get-vpn-connection-device-types
,terminate-client-vpn-connections
,describe-vpn-connections
,describe-vpn-gateways
,authorize-client-vpn-ingress
,authorize-security-group-egress
,authorize-security-group-ingress
Advertising: