> This page location: Tools & Workflows > API, CLI & SDKs > CLI > vpc > Full Neon documentation index: https://neon.com/docs/llms.txt # Neon CLI commands — vpc Use the Neon CLI to manage Neon directly from the terminal ## Before you begin - Before running a `vpc` command, ensure that you have [installed the Neon CLI](https://neon.com/docs/reference/cli-install). - If you have not authenticated with the [neon auth](https://neon.com/docs/reference/cli-auth) command, running a Neon CLI command automatically launches the Neon CLI browser authentication process. Alternatively, you can specify a Neon API key using the `--api-key` option when running a command. See [Connect](https://neon.com/docs/reference/neon-cli#connect). ## The `vpc` command You can use the `vpc` CLI command to manage [Private Networking](https://neon.com/docs/guides/neon-private-networking) configurations in Neon. The `vpc` command includes subcommands for managing VPC endpoints and project-level VPC endpoint restrictions. | Subcommand | Description | | :------------------------------------------------------------------------------ | :--------------------------------------------- | | [endpoint](https://neon.com/docs/reference/cli-vpc#the-vpc-endpoint-subcommand) | Manage VPC endpoints | | [project](https://neon.com/docs/reference/cli-vpc#the-vpc-project-subcommand) | Manage project-level VPC endpoint restrictions | ## The `vpc endpoint` subcommand The `vpc endpoint` subcommand lets you to list, assign, remove, and get the status of VPC endpoints for a Neon organization. ### Usage | Subcommand | Description | | :------------ | :------------------------------------------------------------------------------------------------------------------------------------ | | `list` | List configured VPC endpoints for the Neon organization. | | `assign ` | Add or update a VPC endpoint in the Neon organization. The ID is the VPC endpoint ID. Aliases for this command are `add` and `update` | | `remove ` | Remove a VPC endpoint from the Neon organization. The ID is the VPC endpoint ID. A removed VPC endpoint cannot be added back. | | `status ` | Get the status of a VPC endpoint for the Neon organization. The ID is the VPC endpoint ID. | ### Options In addition to the Neon CLI [global options](https://neon.com/docs/reference/neon-cli#global-options), the `vpc endpoint` subcommand supports these options: | Option | Description | Type | Required | | :--------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----- | :-------------------------------------------------------------------------------------------------------------------------------- | | `--context-file` | [Context file](https://neon.com/docs/reference/cli-set-context#using-a-named-context-file) path and file name | string | | | `--org-id` | Organization ID | string | Only if the user has more than one organization. If not specified, and the user has only one organization, that `org_id` is used. | | `--region-id` | The region ID. Possible values: `aws-us-west-2`, `aws-ap-southeast-1`, `aws-ap-southeast-2`, `aws-eu-central-1`, `aws-us-east-2`, `aws-us-east-1`, `azure-eastus2` | string | yes | ### Examples - **List VPC endpoints** Retrieve a list of all configured VPC endpoints for a specific Neon organization. ```bash neon vpc endpoint list --org-id org-bold-bonus-12345678 ``` - **Assign a VPC endpoint** Add or update a VPC endpoint for a specific Neon organization and region. ```bash neon vpc endpoint assign vpce-1234567890abcdef0 --org-id org-bold-bonus-12345678 --region-id aws-us-east-1 ``` After assigning a VPC endpoint to a Neon organization, client connections will be accepted from the corresponding VPC for all projects in the Neon organization, unless restricted. Aliases for this command are `add` and `update`. - **Remove a VPC endpoint** Delete an existing VPC endpoint from a specific Neon organization. ```bash neon vpc endpoint remove vpce-1234567890abcdef0 --org-id org-bold-bonus-12345678 ``` **Note:** A removed VPC endpoint cannot be added back to the Neon organization. - **Get the status of a VPC endpoint** Check the status of a specific VPC endpoint in a Neon organization. ```bash neon vpc endpoint status vpce-1234567890abcdef0 --org-id org-bold-bonus-12345678 ``` ## The `vpc project` subcommand The `vpc project` subcommand lets you list, configure, or remove VPC endpoint restrictions to prevent access to specific projects in your Neon organization. ### Usage | Subcommand | Description | | :-------------- | :-------------------------------------------------------------------------------------------------------------- | | `list` | List all VPC endpoint restrictions for a specific project. | | `restrict ` | Configure or update a VPC endpoint restriction for a project. The ID is the VPC endpoint ID. \[Alias: `update`] | | `remove ` | Remove a VPC endpoint restriction from a project. The ID is the VPC endpoint ID. | ### Options In addition to the Neon CLI [global options](https://neon.com/docs/reference/neon-cli#global-options), the `vpc project` subcommand supports these options: | Option | Description | Type | Required | | :--------------- | :------------------------------------------------------------------------------------------------------------ | :----- | :------- | | `--context-file` | [Context file](https://neon.com/docs/reference/cli-set-context#using-a-named-context-file) path and file name | string | | | `--project-id` | The Project ID. | string | yes | ### Examples - **List project-level VPC endpoint restrictions** List all VPC endpoint restrictions for the specified Neon project. ```bash neon vpc project list --project-id orange-credit-12345678 ``` - **Restrict connections to a specific VPC** Configure or update a VPC endpoint restriction for a Neon project. When a VPC endpoint ID is assigned as a restriction, the specified project only accepts connections from the specified VPC. ```bash neon vpc project restrict vpce-1234567890abcdef0 --project-id orange-credit-12345678 ``` - **Remove a VPC endpoint restriction** Remove a VPC endpoint restriction from a specific Neon project. ```bash neon vpc project remove vpce-1234567890abcdef0 --project-id orange-credit-12345678 ``` --- ## Related docs (CLI) - [Overview](https://neon.com/docs/reference/neon-cli) - [Quickstart](https://neon.com/docs/reference/cli-quickstart) - [Install and connect](https://neon.com/docs/reference/cli-install) - [auth](https://neon.com/docs/reference/cli-auth) - [me](https://neon.com/docs/reference/cli-me) - [orgs](https://neon.com/docs/reference/cli-orgs) - [projects](https://neon.com/docs/reference/cli-projects) - [ip-allow](https://neon.com/docs/reference/cli-ip-allow) - [branches](https://neon.com/docs/reference/cli-branches) - [databases](https://neon.com/docs/reference/cli-databases) - [roles](https://neon.com/docs/reference/cli-roles) - [operations](https://neon.com/docs/reference/cli-operations) - [connection-string](https://neon.com/docs/reference/cli-connection-string) - [set-context](https://neon.com/docs/reference/cli-set-context) - [init](https://neon.com/docs/reference/cli-init) - [completion](https://neon.com/docs/reference/cli-completion)