Difference between revisions of "Aws ec2 create-client-vpn-endpoint"

aws ec2 create-client-vpn-endpoint

• https://docs.aws.amazon.com/cli/latest/reference/ec2/create-client-vpn-endpoint.html

 --authentication-options Type= [ directory-service-authentication | certificate-authentication | federated-authentication ]

Syntax:
Type=StringWithAnyof3AvailableTypes,ActiveDirectory={DirectoryId=string},MutualAuthentication={ClientRootCertificateChainArn=string},FederatedAuthentication={SAMLProviderArn=string,SelfServiceSAMLProviderArn=string} ...

Example

aws ec2 create-client-vpn-endpoint \
    --client-cidr-block "172.31.0.0/16" \
    --server-certificate-arn arn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-11111EXAMPLE \
    --authentication-options Type=certificate-authentication,MutualAuthentication={ClientRootCertificateChainArn=arn:aws:acm:ap-south- 1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-22222EXAMPLE} \
    --connection-log-options Enabled=false

Related

• A Client VPN endpoint supports a single IdP only
• Terraform resource: aws_ec2_client_vpn_endpoint
• aws iam create-saml-provider

See also

• AWS VPN: aws ec2 vpn, attach-vpn-gateway, associate-client-vpn-target-network, create-client-vpn-endpoint, create-client-vpn-route, create-vpn-connection-route, create-vpn-gateway, export-client-vpn-client-configuration, get-vpn-connection-device-types, terminate-client-vpn-connections, describe-vpn-connections, describe-vpn-gateways, authorize-client-vpn-ingress, authorize-security-group-egress, authorize-security-group-ingress