describe_client_vpn_endpoints(**kwargs)¶Describes one or more Client VPN endpoints in the account.
See also: AWS API Documentation
Request Syntax
response = client.describe_client_vpn_endpoints(
ClientVpnEndpointIds=[
'string',
],
MaxResults=123,
NextToken='string',
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False
)
The ID of the Client VPN endpoint.
One or more filters. Filter names and values are case-sensitive.
endpoint-id - The ID of the Client VPN endpoint.transport-protocol - The transport protocol ( tcp | udp ).A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
The name of the filter. Filter names are case-sensitive.
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
DryRunOperation . Otherwise, it is UnauthorizedOperation .dict
Response Syntax
{
'ClientVpnEndpoints': [
{
'ClientVpnEndpointId': 'string',
'Description': 'string',
'Status': {
'Code': 'pending-associate'|'available'|'deleting'|'deleted',
'Message': 'string'
},
'CreationTime': 'string',
'DeletionTime': 'string',
'DnsName': 'string',
'ClientCidrBlock': 'string',
'DnsServers': [
'string',
],
'SplitTunnel': True|False,
'VpnProtocol': 'openvpn',
'TransportProtocol': 'tcp'|'udp',
'VpnPort': 123,
'AssociatedTargetNetworks': [
{
'NetworkId': 'string',
'NetworkType': 'vpc'
},
],
'ServerCertificateArn': 'string',
'AuthenticationOptions': [
{
'Type': 'certificate-authentication'|'directory-service-authentication'|'federated-authentication',
'ActiveDirectory': {
'DirectoryId': 'string'
},
'MutualAuthentication': {
'ClientRootCertificateChain': 'string'
},
'FederatedAuthentication': {
'SamlProviderArn': 'string',
'SelfServiceSamlProviderArn': 'string'
}
},
],
'ConnectionLogOptions': {
'Enabled': True|False,
'CloudwatchLogGroup': 'string',
'CloudwatchLogStream': 'string'
},
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'SecurityGroupIds': [
'string',
],
'VpcId': 'string',
'SelfServicePortalUrl': 'string',
'ClientConnectOptions': {
'Enabled': True|False,
'LambdaFunctionArn': 'string',
'Status': {
'Code': 'applying'|'applied',
'Message': 'string'
}
},
'SessionTimeoutHours': 123,
'ClientLoginBannerOptions': {
'Enabled': True|False,
'BannerText': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
ClientVpnEndpoints (list) --
Information about the Client VPN endpoints.
(dict) --
Describes a Client VPN endpoint.
ClientVpnEndpointId (string) --
The ID of the Client VPN endpoint.
Description (string) --
A brief description of the endpoint.
Status (dict) --
The current state of the Client VPN endpoint.
Code (string) --
The state of the Client VPN endpoint. Possible states include:
pending-associate - The Client VPN endpoint has been created but no target networks have been associated. The Client VPN endpoint cannot accept connections.available - The Client VPN endpoint has been created and a target network has been associated. The Client VPN endpoint can accept connections.deleting - The Client VPN endpoint is being deleted. The Client VPN endpoint cannot accept connections.deleted - The Client VPN endpoint has been deleted. The Client VPN endpoint cannot accept connections.Message (string) --
A message about the status of the Client VPN endpoint.
CreationTime (string) --
The date and time the Client VPN endpoint was created.
DeletionTime (string) --
The date and time the Client VPN endpoint was deleted, if applicable.
DnsName (string) --
The DNS name to be used by clients when connecting to the Client VPN endpoint.
ClientCidrBlock (string) --
The IPv4 address range, in CIDR notation, from which client IP addresses are assigned.
DnsServers (list) --
Information about the DNS servers to be used for DNS resolution.
SplitTunnel (boolean) --
Indicates whether split-tunnel is enabled in the Client VPN endpoint.
For information about split-tunnel VPN endpoints, see Split-Tunnel Client VPN endpoint in the Client VPN Administrator Guide .
VpnProtocol (string) --
The protocol used by the VPN session.
TransportProtocol (string) --
The transport protocol used by the Client VPN endpoint.
VpnPort (integer) --
The port number for the Client VPN endpoint.
AssociatedTargetNetworks (list) --
Information about the associated target networks. A target network is a subnet in a VPC.
(dict) --
Describes a target network that is associated with a Client VPN endpoint. A target network is a subnet in a VPC.
NetworkId (string) --
The ID of the subnet.
NetworkType (string) --
The target network type.
ServerCertificateArn (string) --
The ARN of the server certificate.
AuthenticationOptions (list) --
Information about the authentication method used by the Client VPN endpoint.
(dict) --
Describes the authentication methods used by a Client VPN endpoint. For more information, see Authentication in the Client VPN Administrator Guide .
Type (string) --
The authentication type used.
ActiveDirectory (dict) --
Information about the Active Directory, if applicable.
DirectoryId (string) --
The ID of the Active Directory used for authentication.
MutualAuthentication (dict) --
Information about the authentication certificates, if applicable.
ClientRootCertificateChain (string) --
The ARN of the client certificate.
FederatedAuthentication (dict) --
Information about the IAM SAML identity provider, if applicable.
SamlProviderArn (string) --
The Amazon Resource Name (ARN) of the IAM SAML identity provider.
SelfServiceSamlProviderArn (string) --
The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.
ConnectionLogOptions (dict) --
Information about the client connection logging options for the Client VPN endpoint.
Enabled (boolean) --
Indicates whether client connection logging is enabled for the Client VPN endpoint.
CloudwatchLogGroup (string) --
The name of the Amazon CloudWatch Logs log group to which connection logging data is published.
CloudwatchLogStream (string) --
The name of the Amazon CloudWatch Logs log stream to which connection logging data is published.
Tags (list) --
Any tags assigned to the Client VPN endpoint.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SecurityGroupIds (list) --
The IDs of the security groups for the target network.
VpcId (string) --
The ID of the VPC.
SelfServicePortalUrl (string) --
The URL of the self-service portal.
ClientConnectOptions (dict) --
The options for managing connection authorization for new client connections.
Enabled (boolean) --
Indicates whether client connect options are enabled.
LambdaFunctionArn (string) --
The Amazon Resource Name (ARN) of the Lambda function used for connection authorization.
Status (dict) --
The status of any updates to the client connect options.
Code (string) --
The status code.
Message (string) --
The status message.
SessionTimeoutHours (integer) --
The maximum VPN session duration time in hours.
Valid values: 8 | 10 | 12 | 24
Default value: 24
ClientLoginBannerOptions (dict) --
Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
Enabled (boolean) --
Current state of text banner feature.
Valid values: true | false
BannerText (string) --
Customizable text that will be displayed in a banner on Amazon Web Services provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.