I need some assistance architecting a solution that is an automated way to remove Users from an AWS Client VPN Endpoint.
Because AWS charges for connections, I would like to create something that would automatically kick off a User and require them to log back in after 8 hours.
I've been told by AWS Support that this is attainable by using Lambda to check the state of the VPN connection and CloudWatch to execute a check during a given amount of time (say, every 5 minutes).
I am fairly competent with CloudWatch, so really I'm seeking some cose assistance.
The Lambda function would work something like this:
ns  could be used
IF condition to verify that if the parameter "connectionEstablishedTime
" has exceeded 8 hours duration.
If it has exceeded 8 hours duration then to make another API call "TerminateClientVpnConnect
ions " for that connection.
Does anyone have a good recipe for something like this? It doesn't have to be Lambda, that was just suggested by AWS Support.
Thanks for your help.