ClientVpnEndpoint

---

Resource Icon

Resource Overview

A managed client-based VPN service that enables secure access to AWS resources and on-premises network resources.

Associated Resources

Parent Resources

• Region
• Vpc

Connected Resources

• Log
• SecurityGroup
• Subnet

---

Resource Configuration

Basic Settings

• description : Description of the Client VPN endpoint
• client_cidr_block : CIDR block from which client IP addresses are assigned
• server_acm_certificate_name : Server certificate name
• transport_protocol : TLS session transport protocol - tcp, udp
• vpn_port : VPN port - 443, 1194
• enabled_split_tunnel : Whether split tunneling is enabled - true, false
• enabled_self_service_portal : Whether the self-service portal is enabled - true, false
• session_timeout_hours : Session timeout duration - 8, 10, 12, 24

Authentication Settings (authentication)

• authentication.option_types : Authentication method - certificate-authentication, directory-service-authentication, federated-authentication
• authentication.client_acm_certificate_name : Client certificate name
• authentication.active_directory_id : Active Directory ID
• authentication.saml_provider_arn : SAML provider ARN
• authentication.self_service_saml_provider_arn : Self-service SAML provider ARN

Connection Logging (connection_logging)

• connection_logging.enabled : Whether client connection logging is enabled - true, false
• connection_logging.linked_log_group_name : CloudWatch Logs log group name
• connection_logging.log_stream_name : CloudWatch Logs log stream name

Network Association

• included_vpc_name : Name of the VPC to associate
• linked_security_group_names : List of security group names to apply
• linked_subnet_names : List of subnet names to associate

Tags

• tag : Tags used to categorize the resource

---

References

• AWS Client Vpn Endpoint (AWS)
• AWS Client Vpn Endpoint(Terraform)