AWS Client VPN is a managed, scalable virtual private network service that enables users to securely access AWS resources and on-premises networks. Federated Authentication makes it easy to integrate AWS Client VPN user authentication and authorization with a centralized, SAML based Identity Provider (IdP).

_— AWS — _AWS Client VPN now supports Federated Authentication via SAML 2.0

Previously, Amazon only supported active directory (user-based) and mutual authentication (certificate-based). Without active directory, one was required to use mutual authentication and so deal with managing user client certificates. This was a hassle.

Amazon currently provides a singular walk-through of integrating with a SAML 2.0 based Identity Provider (IdP), specifically with Okta: Authenticate AWS Client VPN users with SAML.

#vpn #aws