使用Python 3 AWS Lambda函数连接到OpenVPN服务器

Question

I need to be able to connect to an OpenVPN server using a .ovpn file within a Python 3 script. Right now my script runs just fine, as the machine I'm running it on is connected to the OpenVPN server using Tunnelblick.

The goal is to have this run in an AWS Lambda function. So as part of the execution it would use the ovpn cert to connect the vpn, do it's thing, then disconnect.

Maybe I'm just looking for a module that functions as an OpenVPN Client? I'm currently using the paramiko module to ssh into a Linux box also connected to the OpenVPN server.

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(remote_ip, username='username', password=password)
stdin, stdout, stderr = ssh.exec_command(diagnose_script)
stdin.flush()
data = stdout.read().splitlines()
results = ''
for line in data:
    results += line.decode('utf-8')
    results += '\n'
return results
ssh.close()

Answer 1

If you have hundreds/thousands of boxes to connect to - AWS VPC (Virtual Private Cloud) sounds like a proper solution for your problem. It might a bit more effort and cost, but it's sustainable in the long term and I would say more secure.

There are multitude of options to choose from, and in your case AWS Managed VPN or Software VPN would fit best. Then you can have your Lambdas and outside AWS resources to run in one network.

Connecting to an OpenVPN from AWS Lambda is possible, you can install any packages you want, since it's a Linux container and I'm pretty sure there are some answers here about it, albeit it will cost you quite a bit of execution time especially if the function won't be called in a high volume (at least once per minute or so), since the container will have to start up and all the packages to be setup again.