VPN Monitor on AWS
VPN Monitor on AWS

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Automated Deployment

Before you launch the automated deployment, please review the architecture, configuration, and other considerations discussed in this guide. Follow the step-by-step instructions in this section to configure and deploy the VPN Monitor into your account.

Time to deploy: Approximately five (5) minutes

Launch the Stack

This automated AWS CloudFormation template deploys the VPN Monitor in AWS Lambda, and configures related components.


You are responsible for the cost of the AWS services used while running this solution. See the Cost section for more details. For full details, see the pricing webpage for each AWS service you will be using in this solution.

  1. Log in to the AWS Management Console and click the button below to launch the vpn-monitor AWS CloudFormation template.

                            VPN Monitor launch button

    You can also download the template as a starting point for your own implementation.

  2. The template is launched in the US East (N. Virginia) Region by default. To launch the VPN Monitor in a different AWS Region, use the region selector in the console navigation bar.


    This solution uses the AWS Lambda service, which is currently available in specific AWS Regions only. Therefore, you must launch this solution an AWS Region where Lambda is available. For the most current AWS Lambda availability by region, see AWS service offerings by region.

  3. On the Select Template page, verify that you selected the correct template and choose Next.

  4. On the Specify Details page, assign a name to your VPN Monitor stack.

  5. Under Parameters, review the parameters for the template, and modify them as necessary.

    Parameter Default Description
    CW Event Schedule cron(****?*) Enter the scheduled expression for CloudWatch Event rule that sets the VPN Monitor interval. For example: cron(****?*) (1-minute) or cron(0/5***?*) (5-minute).
    Send Anonymous Usage Data Yes Send anonymous data to AWS to help us understand VPN usage and related cost savings across our customer base as a whole. To opt out of this feature, select No. For more information, see the appendix.
  6. Click Next.

  7. On the Options page, choose Next.

  8. On the Review page, review and confirm the settings. Be sure to check the box acknowledging that the template will create AWS Identity and Access Management (IAM) resources.

  9. Choose Create to deploy the stack.

    You can view the status of the stack in the AWS CloudFormation console in the Status column. You should see a status of CREATE_COMPLETE in roughly five (5) minutes.


    In addition to the primary AWS Lambda function vpnTunnelStatus, this solution includes the SolutionHelper Lambda function, which runs only during initial configuration or when resources are updated or deleted.

    When running this solution, you will see both Lambda functions in the AWS Lambda console, but only the primary vpnTunnelStatus function is regularly active. However, do not delete the SolutionHelper function as it is necessary to manage associated resources.

On this page: