{"id":44944831,"url":"https://github.com/sqlxpert/10-minute-aws-client-vpn","last_synced_at":"2026-02-18T09:43:33.152Z","repository":{"id":283563347,"uuid":"543953699","full_name":"sqlxpert/10-minute-aws-client-vpn","owner":"sqlxpert","description":"Set up AWS Client VPN in 10 minutes, run it for as little as $1.41 per work day","archived":false,"fork":false,"pushed_at":"2025-10-19T04:34:30.000Z","size":87,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-19T14:39:44.796Z","etag":null,"topics":["aws","aws-client-vpn","cloudformation","cost","openvpn","terraform","terraform-module","vpc","vpn"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sqlxpert.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-CODE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-10-01T08:41:40.000Z","updated_at":"2025-10-19T04:25:52.000Z","dependencies_parsed_at":null,"dependency_job_id":"92a5c93f-0745-45d3-8b72-2f1323a9c460","html_url":"https://github.com/sqlxpert/10-minute-aws-client-vpn","commit_stats":null,"previous_names":["sqlxpert/10-minute-aws-client-vpn"],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/sqlxpert/10-minute-aws-client-vpn","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqlxpert%2F10-minute-aws-client-vpn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqlxpert%2F10-minute-aws-client-vpn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqlxpert%2F10-minute-aws-client-vpn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqlxpert%2F10-minute-aws-client-vpn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sqlxpert","download_url":"https://codeload.github.com/sqlxpert/10-minute-aws-client-vpn/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqlxpert%2F10-minute-aws-client-vpn/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29575213,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-18T08:38:15.585Z","status":"ssl_error","status_checked_at":"2026-02-18T08:38:14.917Z","response_time":162,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-client-vpn","cloudformation","cost","openvpn","terraform","terraform-module","vpc","vpn"],"created_at":"2026-02-18T09:43:32.421Z","updated_at":"2026-02-18T09:43:33.136Z","avatar_url":"https://github.com/sqlxpert.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 10-Minute AWS Client VPN\n\n## Goals\n\nThis CloudFormation template (+\u0026nbsp;optional Terraform module) helps you set\nup an\n[AWS-managed VPN](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html)\nin about 10\u0026nbsp;minutes and operate it for as little as $1.41 per work day!\n\nHow this template minimizes costs:\n\n 1. [Split-tunneling](https://en.wikipedia.org/wiki/Split_tunneling).\n    Only AWS private network (VPC) traffic uses the VPN.\n\n 2. Single Availability Zone, by default.\n    [VPN clients can access VPC resources in any Availability Zone in the same\n    region at no extra charge](https://aws.amazon.com/about-aws/whats-new/2022/04/aws-data-transfer-price-reduction-privatelink-transit-gateway-client-vpn-services/).\n\n 3. Optional on/off scheduling with\n    [github.com/sqlxpert/lights-off-aws](https://github.com/sqlxpert/lights-off-aws#bonus-delete-and-recreate-expensive-resources-on-a-schedule)\u0026nbsp;.\n\n    \u003cdetails\u003e\n      \u003csummary\u003eCost savings...\u003c/summary\u003e\n\n    \u003cbr/\u003e\n\n    |VPN usage|Price (1\u0026nbsp;hour)|Hours (7\u0026nbsp;days)|Hours (365\u0026nbsp;days)|Cost (365\u0026nbsp;days)|\n    |:---|:---:|:---:|:---:|:---:|\n    |_Always\u0026nbsp;on:_|||||\n    |Endpoint associated|10¢|168|8,760|$876|\n    |1\u0026nbsp;client connected|5¢|40|2,080|$104|\n    |Total||||$980|\n    |_Work\u0026nbsp;hours\u0026nbsp;only:_|||||\n    |Endpoint associated|10¢|**50**|**2,607**|**$261**|\n    |1\u0026nbsp;client connected|5¢|40|2,080|$104|\n    |Total||||**$365**|\n\n    $365 per year divided by 260\u0026nbsp;work days gives $1.41\u0026nbsp;per work day.\n\n    \u003e [AWS Client VPN prices](https://aws.amazon.com/vpn/pricing/#AWS_Client_VPN_pricing)\n    in the `us-east-1` region were checked in October,\u0026nbsp;2025 but can change\n    at any time. NAT gateway, data transfer, and other charges may also apply.\n\n    \u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eRationale for connecting to AWS with a VPN...\u003c/summary\u003e\n\n\u003cbr/\u003e\n\nExperts discourage relying on the strength of the perimeter around your private\nnetwork, but sometimes, perimeter security _is_ the available defense, and a\nvirtual private network connection is necessary. For example, to access an AWS\nElastic File System (EFS) volume from your local computer, you must use a VPN,\nso that the Network File System (NFS) client connection originates _inside_\nyour AWS Virtual Private Cloud (VPC). NFS server software was not designed for\nexposure to the public Internet.\n\n\u003c/details\u003e\n\n## Quick Installation\n\n\u003e Before you begin, take a deep breath! Certificate setup is shorter than it\nlooks. To avoid errors, read each step completely before doing it. You will\nhave to switch between this ReadMe file and AWS's documentation.\n\n\u003e [AWS CloudShell](https://docs.aws.amazon.com/cloudshell/latest/userguide/welcome.html)\nmight be useful for setup and maintenance, but be aware of\n[limitations on persistent storage](https://docs.aws.amazon.com/cloudshell/latest/userguide/limits.html#persistent-storage-limitations)\nif you use your free CloudShell home directory to store your certificate\nauthority (and Terraform state, if you are using Terraform).\n\n 1. Create the VPN certificate(s) by following AWS's\n    [mutual authentication steps](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-auth-mutual-enable.html).\n\n    - Copy the _individual_ Linux/macOS commands and execute them verbatim.\n\n    - Copy and edit the _block_ of commands before executing those. Not\n      replacing `custom_folder` is actually fine for now (if only AWS's\n      technical writers had picked a meaningful folder name instead of a\n      placeholder!), but after the `mkdir` line, please insert:\n\n      ```shell\n      chmod go= ~/custom_folder\n      ```\n\n    - After uploading the first (server) certificate, copy the ARN returned by\n      AWS Certificate Manager.\n\n    - Uploading the second (client) certificate is completely optional.\n\n 2. \u0026#9888; **Tag the VPN certificate(s) if you are using Terraform.**\n    If you are not using a separate client certificate, apply both tags to\n    the _server_ certificate.\n\n    ```shell\n    aws acm add-tags-to-certificate --tags 'Key=CVpnServer,Value=' --certificate-arn 'SERVER_CERT_ARN'\n    aws acm add-tags-to-certificate --tags 'Key=CVpnClientRootChain,Value=' --certificate-arn 'CLIENT_CERT_ARN'\n    ```\n\n 3. Install the Client VPN CloudFormation stack using CloudFormation or\n    Terraform.\n\n    - **CloudFormation**\u003cbr/\u003e_Easy_ \u0026check;\n\n      Create a stack \"With new resources (standard)\" from a locally-saved copy\n      of\n      [cloudformation/10-minute-aws-client-vpn.yaml](/cloudformation/10-minute-aws-client-vpn.yaml?raw=true)\n      [right-click to save as...].\n\n      - Name the stack `CVpn`\u0026nbsp;.\n\n      - The parameters are thoroughly documented. Set only the \"Essential\"\n        ones.\n\n      - Under \"Additional settings\" \u0026rarr; \"Stack policy - optional\", you can\n        \"Upload a file\" and select a locally-saved copy of\n        [cloudformation/10-minute-aws-client-vpn-policy.json](/cloudformation/10-minute-aws-client-vpn-policy.json?raw=true)\n        [right-click to save as...]. The stack policy prevents replacement or\n        deletion of certain resources during stack updates, producing an error\n        if you attempt\n        [parameter updates](#parameter-updates)\n        that are not possible.\n\n    - **Terraform**\n\n      Check that you have at least:\n\n      - [Terraform v1.10.0 (2024-11-27)](https://github.com/hashicorp/terraform/releases/tag/v1.10.0)\n      - [Terraform AWS provider v6.0.0 (2025-06-18)](https://github.com/hashicorp/terraform-provider-aws/releases/tag/v6.0.0)\n\n      Add the following child module to your existing root module:\n\n      ```terraform\n      module \"cvpn\" {\n        source = \"git::https://github.com/sqlxpert/10-minute-aws-client-vpn.git//terraform?ref=v4.1.1\"\n          # Reference a specific version from github.com/sqlxpert/10-minute-aws-client-vpn/releases\n\n        cvpn_params = {\n          TargetSubnetId = \"subnet-10123456789abcdef\"\n        }\n      }\n      ```\n\n      Edit the subnet\u0026nbsp;ID to match the ID of a subnet in the VPN's\n      primary (or sole) Availability Zone.\n\n      Have Terraform download the module's source code. Review the plan\n      before typing `yes` to allow Terraform to proceed with applying the\n      changes.\n\n      ```shell\n      terraform init\n      terraform apply\n      ```\n\n      \u0026#9888; **Turn on the VPN** by changing the `Enable` parameter of the\n      `CVpn` stack to `true` in CloudFormation. The Terraform module leaves\n      the VPN off at first and then deliberately ignores changes to\n      `cvpn_params[\"Enable\"]` so that CloudFormation can manage that\n      parameter.\n\n 4. Follow\n    [Step\u0026nbsp;7 of AWS's Getting Started document](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-getting-started.html#cvpn-getting-started-config).\n\n    - Find your VPN in the list of\n      [Client VPN endpoints](https://console.aws.amazon.com/vpc/home#ClientVPNEndpoints:search=ClientVpnEndpoint)\n      in the AWS Console and download the configuration file from there.\n\n    - `cd` to the directory where you downloaded the file and:\n\n      ```shell\n      chmod go= downloaded-client-config.ovpn\n      ```\n\n    - Open the file in your preferred editor, copy the skeleton from AWS's\n      instructions and paste it at the end of the file, then replace the text\n      between the tags with the contents of the\n      `~/custom_folder/client1.domain.tld.crt` certificate file and the\n      `~/custom_folder/client1.domain.tld.key` key file.\n\n    - Rename `~/custom_folder` and note that you must also continue to protect\n      `easy-rsa/easyrsa3/pki` and `downloaded-client-config.ovpn`\u0026nbsp;. All\n      three contain copies of your key.\n\n 5. Download either the latest\n    [OpenVPN](https://openvpn.net) client (Resources \u0026rarr; Connect Client\n    \u0026rarr; Download) or\n    [AWS client](https://aws.amazon.com/vpn/client-vpn-download/).\n\n 6. Import your edited configuration file to the client.\n\n 7. Use the client to connect to the VPN.\n\n 8. Add `FromClientSampleSecGrp` to an EC2 instance or, if you do not use SSH,\n    create and add a security group that accepts traffic from VPN clients on\n    the port of your choice.\n\n 9. Test. On your local computer, run:\n\n    ```shell\n    ssh -i PRIVATE_KEY_FILE ec2-user@IP_ADDRESS\n    ```\n\n    where _PRIVATE_KEY_FILE_ is the path to the private key for the instance's\n    SSH key pair, and _IP_ADDRESS_ is the **private** address of the instance.\n\n    Different operating system images have different\n    [default usernames](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connection-prereqs-general.html#connection-prereqs-get-info-about-instance);\n    `ec2-user` is not always correct!\n\n    If you do not use SSH, run a different command to test VPN connectivity.\n\n10. Remove `FromClientSampleSecGrp` (or equivalent) from you EC2 instance.\n\n## Automatic Scheduling\n\n\u003cdetails\u003e\n  \u003csummary\u003eTo turn the VPN on and off on a schedule...\u003c/summary\u003e\n\n 1. If you used Terraform above,\n    [skip to Automatic Scheduling Step\u0026nbsp;2](#automatic-scheduling-step-2).\n\n    If you used CloudFormation...\n\n    - Create a stack \"With new resources (standard)\" from a locally-saved copy\n      of\n      [cloudformation/10-minute-aws-client-vpn-prereq.yaml](/cloudformation/10-minute-aws-client-vpn-prereq.yaml?raw=true)\n      [right-click to save as...].\n\n    - Name this stack `CVpnPrereq`\u0026nbsp;.\n\n    - Under \"Additional settings\" \u0026rarr; \"Stack policy - optional\", you can\n      \"Upload a file\" and select a locally-saved copy of\n      [10-minute-aws-client-vpn-prereq-policy.json](/10-minute-aws-client-vpn-prereq-policy.json?raw=true)\n      [right-click to save as...]. The stack policy prevents inadvertent\n      replacement or deletion of the deployment role during stack updates,\n      but it cannot prevent deletion of the entire `CVpnPrereq` stack.\n\n    - Update your initial `CVpn` stack, changing nothing until the \"Configure\n      stack options\" page, on which you will set \"IAM role - optional\" to\n      `CVpnPrereq-DeploymentRole`\u0026nbsp;. You are using a\n      [CloudFormation service role](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html)\n      to delegate update privileges.\n\n      If your own privileges are limited, you might need explicit permission to\n      _pass_ the role to CloudFormation. See the\n      `CVpnPrereq-SampleDeploymentRolePassRolePol` IAM policy for an example.\n\n 2. \u003ca name=\"automatic-scheduling-step-2\"\u003e\u003c/a\u003e[Install Lights Off](https://github.com/sqlxpert/lights-off-aws#quick-start).\n\n 3. Update your `CVpn` CloudFormation stack, adding the following stack-level\n    tags:\n\n    - `sched-set-Enable-true` : `u=1 u=2 u=3 u=4 u=5 H:M=11:00`\n    - `sched-set-Enable-false` : `u=2 u=3 u=4 u=5 u=6 H:M=01:00`\n\n    In Terraform, set the following variable inside your `module` block:\n\n    ```terraform\n        cvpn_schedule_tags = {\n          sched-set-Enable-true  = \"u=1 u=2 u=3 u=4 u=5 H:M=11:00\"\n          sched-set-Enable-false = \"u=2 u=3 u=4 u=5 u=6 H:M=01:00\"\n        }\n    ```\n\n    Adjust the weekdays and the times based on your work schedule. This example\n    is suitable for the mainland portions of the United States and Canada.\n\n    - `u=1` is Monday and `u=7` is Sunday, per\n      [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601#Week_dates).\n    - Times are in Universal Coordinated Time (UTC). This converter may be\n      helpful:\n      [www.timeanddate.com](https://www.timeanddate.com/worldclock/converter.html?iso=20250320T110000\u0026p1=224\u0026p2=250\u0026p3=1440\u0026p4=37\u0026p5=44)\u0026nbsp;.\n    - UTC has no provision for Daylight Saving Time/Summer Time. Leave a\n      buffer at the end of your work day to avoid having to change schedules.\n\n 4. Find your VPN in the list of\n    [Client VPN endpoints](https://console.aws.amazon.com/vpc/home#ClientVPNEndpoints:search=ClientVpnEndpoint)\n    in the AWS Console and check that its \"Target network associations\" are\n    being created and deleted as scheduled. Check actual costs after a few\n    days, and set up alerts with\n    [AWS Budgets](https://docs.aws.amazon.com/cost-management/latest/userguide/budgets-managing-costs.html).\n\n\u003c/details\u003e\n\n## Parameter Updates\n\nYou can toggle the `Enable` parameter (always in CloudFormation, never from\nTerraform).\n\nYou can add or remove a backup subnet (in a second Availability Zone), but you\nmust do it while the VPN is enabled, or the change won't register.\n\nYou can also switch between generic and custom VPN client security groups.\n\nDo not try to change the VPC, the IP address ranges, or the path parameters\nafter the `CVpn` stack has been created. Instead, create a `CVpn2` stack (in\nTerraform, create a new module instance with\n`cvpn_stack_name_suffix = \"2\"`\u0026nbsp;), then update the _remote_ line of\nyour client configuration file and re-import the configuration file to your VPN\nclient utility.\n\n## Terraform Details\n\n### Terraform Module Outputs\n\n|Output|Original Resource and Attribute|\n|:---|:---|\n||**Matching Data Source and Argument**|\n|`module.cvpn.cvpn_endpoint_id`|[`aws_ec2_client_vpn_endpoint`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_client_vpn_endpoint).[`id`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_client_vpn_endpoint#id-1)|\n||[`data.aws_ec2_client_vpn_endpoint`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_client_vpn_endpoint).[`client_vpn_endpoint_id`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_client_vpn_endpoint#client_vpn_endpoint_id-1)|\n|`module.cvpn.cvpn_client_sec_grp_id`|[`aws_security_group`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group.html).[`id`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group.html#id-1)|\n||[`data.aws_security_group`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group).[`id`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group#id-1)|\n\nTo accept traffic from VPN clients, reference `module.cvpn.cvpn_client_sec_grp_id` in:\n\n- [`aws_vpc_security_group.`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group).[`ingress`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#ingress).[`security_groups`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#security_groups-1) or\n- [`aws_vpc_security_group_ingress_rule`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule).[`referenced_security_group_id`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule#referenced_security_group_id-1)\n\nof server or listener security groups. \u0026#9888; The security group output is not\navailable if `cvpn_params[\"CustomClientSecGrpIds\"]` was set.\n\n### Creating Certificates in Terraform\n\nTo automate certificate creation, consider third-party modules such as:\n\n- [ssm-tls-self-signed-cert](https://registry.terraform.io/modules/cloudposse/ssm-tls-self-signed-cert/aws/latest)\n- [serverless-ca](https://registry.terraform.io/modules/serverless-ca/ca/aws/latest)\n\n### Terraform Permissions\n\n\u003cdetails\u003e\n  \u003csummary\u003eIf you run Terraform with least-privilege permissions...\u003c/summary\u003e\n\n\u003cbr/\u003e\n\nIf you do not give Terraform full AWS administrative permissions, you must give\nit permission to:\n\n- List, describe, get tags for, create, tag, update, untag and delete\n  IAM roles, update the \"assume role\" (role trust or \"resource-based\")\n  policy, and put and delete in-line policies\n- List, describe, create, tag, update, untag, and delete CloudFormation\n  stacks\n- Set and get CloudFormation stack policies\n- Pass `CVpnPrereq-DeploymentRole-*` to CloudFormation\n- List, describe, and get tags for, all `data` sources. For a list, run:\n\n  ```shell\n  grep 'data \"' terraform*/*.tf | cut --delimiter=' ' --fields='1,2'\n  ```\n\nOpen the\n[AWS Service Authorization Reference](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html#actions_table),\ngo through the list of services on the left, and consult the \"Actions\" table\nfor each of:\n\n- `AWS Identity and Access Management (IAM)`\n- `CloudFormation`\n- `AWS Security Token Service`\n- `Amazon EC2`\n- `AWS Certificate Manager`\n- `AWS Systems Manager`\n- `AWS Key Management Service` (if you encrypt the CloudWatch log group with a\n  KMS key)\n\nIn most cases, you can scope Terraform's permissions to one workload by\nregulating resource naming and tagging, and then by using:\n\n- [ARN patterns in `Resource` lists](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html#reference_policies_elements_resource_wildcards)\n- [ARN patterns in `Condition` entries](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_ARN)\n- [Request tag and then resource tag `Condition` entries](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)\n\nCheck Service and Resource Control Policies (SCPs and RCPs), as well as\nresource policies (such as KMS key policies).\n\nThe deployment role defined in the `CVpnPrereq` stack gives CloudFormation the\npermissions it needs to create the `CVpn` stack. Terraform itself does not need\nthe deployment role's permissions.\n\n\u003c/details\u003e\n\n## Feedback\n\nTo help improve the 10-minute AWS Client VPN template, please\n[report bugs](https://github.com/sqlxpert/10-minute-aws-client-vpn/issues)\nand\n[propose changes](https://github.com/sqlxpert/10-minute-aws-client-vpn/pulls).\n\n## Licenses\n\n|Scope|Link|Included Copy|\n|:---|:---:|:---:|\n|Source code files, and source code embedded in documentation files|[GNU General Public License (GPL) 3.0](http://www.gnu.org/licenses/gpl-3.0.html)|[LICENSE-CODE.md](/LICENSE-CODE.md)|\n|Documentation files (including this readme file)|[GNU Free Documentation License (FDL) 1.3](http://www.gnu.org/licenses/fdl-1.3.html)|[LICENSE-DOC.md](/LICENSE-DOC.md)|\n\nCopyright Paul Marcelin\n\nContact: `marcelin` at `cmu.edu` (replace \"at\" with `@`)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsqlxpert%2F10-minute-aws-client-vpn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsqlxpert%2F10-minute-aws-client-vpn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsqlxpert%2F10-minute-aws-client-vpn/lists"}