1 Answer
- Newest
- Most votes
- Most comments
0
I've been able to find my own solution that I think will work:
- Setup connection logging from Client VPN endpoint to Cloudwatch Log Group. (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/connection-logging.html)
- Setup Lambda function that gets triggered when a new connection log event comes into the CW log group with the value for the 'connection-attempt-status' key set to 'successful' (https://aws.amazon.com/blogs/mt/get-notified-specific-lambda-function-error-patterns-using-cloudwatch/)
- Have the Lambda function do what it needs to do with the connection info (e.g. take the 'Client IP' key and update Route53).
So essentially, the flow is:
Client VPN Connection Log -> Cloudwatch -> Lambda (via CW log stream subscription) -> Route53.
Any better suggestions welcomed!
answered 2 years ago
Relevant content
- asked 2 months ago
- asked 8 months ago
- AWS OFFICIALUpdated 2 years ago
- How do I get notified when the certificate associated to the Client VPN endpoint is about to expire?AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago