DescribeClientVpnAuthorizationRules - Amazon Elastic Compute Cloud


Describes the authorization rules for a specified Client VPN endpoint.

Request Parameters

The following parameters are for this specific action. For more information about required and optional parameters that are common to all actions, see Common Query Parameters.


The ID of the Client VPN endpoint.

Type: String

Required: Yes


Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Type: Boolean

Required: No


One or more filters. Filter names and values are case-sensitive.

  • description - The description of the authorization rule.

  • destination-cidr - The CIDR of the network to which the authorization rule applies.

  • group-id - The ID of the Active Directory group to which the authorization rule grants access.

Type: Array of Filter objects

Required: No


The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.

Type: Integer

Valid Range: Minimum value of 5. Maximum value of 1000.

Required: No


The token to retrieve the next page of results.

Type: String

Required: No

Response Elements

The following elements are returned by the service.


Information about the authorization rules.

Type: Array of AuthorizationRule objects


The token to use to retrieve the next page of results. This value is null when there are no more results to return.

Type: String


The ID of the request.

Type: String


For information about the errors that are common to all actions, see Common client error codes.



This example describes the authorization rules for a specific Client VPN endpoint.

Sample Request &ClientVpnEndpointId.1=cvpn-endpoint-EXAMPLEc8db8d3536 &AUTHPARAMS

Sample Response

<DescribeClientVpnAuthorizationRulesResponse xmlns=""> <requestId>9d5c69db-763e-4b63-88ee-EXAMPLE</requestId> <authorizationRule> <item> <accessAll>true</accessAll> <description>auth-rule-one</description> <destinationCidr></destinationCidr> <clientVpnEndpointId>cvpn-endpoint-EXAMPLEc8db8d3536</clientVpnEndpointId> <groupId/> <status> <code>active</code> </status> </item> </authorizationRule> </DescribeClientVpnAuthorizationRulesResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: