Auditing Active AWS Client VPN Users Apr 28, 2021 Get a valid token for your target aws account. For those of us using SAML + MFA for our connections: https://github.com/jmhale/okta-awscli Get a list of all AWS Client Vpn Endpoints in your region aws ec2 --region us-west-1 describe-client-vpn-endpoints --query 'ClientVpnEndpoints[*].ClientVpnEndpointId' --output text --no-cli-pager List all the users connected to each endpoint aws ec2 --region us-west-1 describe-client-vpn-connections --client-vpn-endpoint-id cvpn-endpoint-yourverycoolendpointid --query 'Connections[?Status.Code==`active`].Username' --output text --no-cli-pager