CfnVpn 1.0.0 Release with SAML Support and Cost Saving Features

The 1.0.0 release of cfn-vpn introduces the latest features of AWS Client-VPN including federated authentication using SAML and route authorizations using the groups of the federated user as well as cost saving features to associate and disassociate the Client-VPN subnets.

Federated Authentication with SAML

AWS Client-VPN recently added support for single sign-on using SAML 2.0 federated authentication giving you the ability make authentication and authorization easier with a centralized, SAML based Identity Provider (IdP).

You can enable SAML based authentication when launching a new cfn-vpn stack by providing a IAM SAML identity provider ARN. Follow the docs for further help.

Route authorizations can also be implemented by following the help in the docs

Cost Saving with Client-VPN Scheduling

cfn-vpn now provides the capability to schedule your Client-VPN to save costs when you’re not using it. The scheduling works by associating and disassociating the subnets attached to VPN using Lambda triggered with a CloudWatch cron schedule. The subnets can also be manually associated and disassociated using the cli commands. Checkout the docs for further information.

To see the full list of changes checkout the release on GitHub.