By using AWS re:Post, you agree to the Terms of Use

AWS Client VPN - Notification of new client connection to another AWS service (e.g. Lambda)?



I'd like a Lambda function to be notified when a new client connects to our AWS Client VPN endpoint so that it can take some action to update our private hosted zone in Route53. Is there any way to send a notification from our AWS Client VPN endpoint to Lambda either via SNS or Eventbridge?

Many thanks in advance.

1 Answer
Accepted Answer

I've been able to find my own solution that I think will work:

  1. Setup connection logging from Client VPN endpoint to Cloudwatch Log Group. (
  2. Setup Lambda function that gets triggered when a new connection log event comes into the CW log group with the value for the 'connection-attempt-status' key set to 'successful' (
  3. Have the Lambda function do what it needs to do with the connection info (e.g. take the 'Client IP' key and update Route53).

So essentially, the flow is:

Client VPN Connection Log -> Cloudwatch -> Lambda (via CW log stream subscription) -> Route53.

Any better suggestions welcomed!

answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions