This is an updated PoC to connect to the AWS Client VPN with OSS OpenVPN using SAML authentication. Tested on Linux primarily, but should work on OS X.
This is based on the work by samm's repo; and you can read their blog post for the implementation details.
This version has taken the shell scripts and folds all of that into a single golang binary.
- openvpn-v2.4.9-aws.patch - patch required to build AWS compatible OpenVPN v2.4.9, based on the AWS source code (thanks to @heprotecbuthealsoattac) for the link.
- main.go - a go wrapper to perform the authentication and handle the double-tap of connecting to the vpn
- compile-patched-openvpn.sh - bash script to download,patch and compile the openvpn client to use for the golang tool
- Update openssl
sudo apt-get install libssl-dev
- Update lzo
sudo apt-get install libssl-dev liblzo2-dev libpam0g-dev
- Build patched openvpn version using
compile-patched-openvpn.sh
- Either save your downloaded aws config as
~/.awsvpn.conf
or place it somewhere nice - Compile the go wrapper
go build
- Run the golang tool, use command arg
-config
to point to your conf file if its not saved as~/.awsvpn.conf
./aws-vpn-wrapper -config 'dev.ovpn'
- This should do the rest from here