A CLI wrapper for the AWS VPN Client. Connect to your VPN without leaving the terminal.
Supports macOS and Linux.
- AWS VPN Client with at least one profile configured
- Python 3
sudoaccess (for establishing the tunnel)- fzf (optional — enables the interactive picker shown in the demo)
brew install jlars22/tools/aws-vpn-cligit clone https://github.com/jlars22/aws-vpn-cli.git
ln -s "$(pwd)/aws-vpn-cli/vpn" ~/.local/bin/vpnMake sure ~/.local/bin is on your PATH.
Most of the time you just run vpn. It shows an fzf picker — select a profile to connect, select an active one to disconnect. Profiles are imported on first launch.
$ vpn # interactive picker (connect or disconnect)
$ vpn [profile] # connect (or disconnect if already connected)
$ vpn all # connect to all profiles sequentially
$ vpn status # show active connections
$ vpn disconnect [profile] # disconnect (or select if multiple)
$ vpn disconnect all # disconnect all active connections
$ vpn list # list available profiles
$ vpn import # re-import profiles from AWS VPN Client
$ vpn logs [profile] # tail the connection log
$ vpn setup-sudo # skip password prompts (configures sudoers)Multiple VPN connections are supported simultaneously — just run vpn again and pick another profile.
Tab completion is available for bash and zsh (restart your shell after installing).
Imports your existing AWS VPN Client profiles, starts a local SAML server on 127.0.0.1:35001, initiates an OpenVPN handshake to get the SSO URL, opens your browser for authentication, then establishes the tunnel using the bundled acvc-openvpn binary with sudo. DNS is configured via scutil (macOS) or resolvectl (Linux).
No data leaves your machine beyond normal SSO/VPN traffic.
Built on ideas from aws-vpn-client.