From 1507dff94f17909e1db7682b26fadd27f52db646 Mon Sep 17 00:00:00 2001 From: vibhuti goyal Date: Tue, 20 Jun 2023 16:44:54 +0530 Subject: [PATCH] feat: added vpc endpoint resource --- _example/private-subnet/example.tf | 1 + .../example.tf | 1 + _example/public-private-subnet/example.tf | 1 + _example/public-subnet/example.tf | 1 + main.tf | 26 ++++++++++++++++++- variables.tf | 6 +++++ 6 files changed, 35 insertions(+), 1 deletion(-) diff --git a/_example/private-subnet/example.tf b/_example/private-subnet/example.tf index 70180aa..7b9988f 100644 --- a/_example/private-subnet/example.tf +++ b/_example/private-subnet/example.tf @@ -29,5 +29,6 @@ module "private-subnets" { ipv6_cidr_block = module.vpc.ipv6_cidr_block public_subnet_ids = ["subnet-xxxxxxxxxxxx", "subnet-xxxxxxxxxxxx"] assign_ipv6_address_on_creation = false + enable_vpc_endpoint = false } diff --git a/_example/public-private-subnet-single-nat-gateway/example.tf b/_example/public-private-subnet-single-nat-gateway/example.tf index d643235..8bf414f 100644 --- a/_example/public-private-subnet-single-nat-gateway/example.tf +++ b/_example/public-private-subnet-single-nat-gateway/example.tf @@ -30,5 +30,6 @@ module "subnets" { cidr_block = module.vpc.vpc_cidr_block ipv6_cidr_block = module.vpc.ipv6_cidr_block assign_ipv6_address_on_creation = false + enable_vpc_endpoint = false } \ No newline at end of file diff --git a/_example/public-private-subnet/example.tf b/_example/public-private-subnet/example.tf index b2cf7f9..9759af2 100644 --- a/_example/public-private-subnet/example.tf +++ b/_example/public-private-subnet/example.tf @@ -29,5 +29,6 @@ module "subnets" { cidr_block = module.vpc.vpc_cidr_block ipv6_cidr_block = module.vpc.ipv6_cidr_block assign_ipv6_address_on_creation = false + enable_vpc_endpoint = false } \ No newline at end of file diff --git a/_example/public-subnet/example.tf b/_example/public-subnet/example.tf index da50f61..dcab940 100644 --- a/_example/public-subnet/example.tf +++ b/_example/public-subnet/example.tf @@ -27,5 +27,6 @@ module "subnets" { cidr_block = module.vpc.vpc_cidr_block ipv6_cidr_block = module.vpc.ipv6_cidr_block assign_ipv6_address_on_creation = false + enable_vpc_endpoint = false } diff --git a/main.tf b/main.tf index 8badffe..18f99ce 100644 --- a/main.tf +++ b/main.tf @@ -329,6 +329,30 @@ resource "aws_route_table_association" "private" { ) } +#Module : VPC ENDPOINT +#Description : Provides a resource to create A VPC endpoint +# to privately connect to supported AWS services and VPC endpoint services powered by AWS PrivateLink. + +data "aws_region" "current" {} + +resource "aws_vpc_endpoint" "s3" { + count = var.enabled == true && var.enable_vpc_endpoint == true ? 1 : 0 + vpc_id = var.vpc_id + service_name = "com.amazonaws.${data.aws_region.current.name}.s3" + route_table_ids = flatten([ + aws_route_table.public.*.id, + aws_route_table.private.*.id + ]) + + tags = merge( + module.private-labels.tags, + { + Name = "endpointS3", + Environment = var.environment + } + ) +} + #Module : ROUTE #Description : Provides a resource to create a routing table entry (a route) in a VPC # routing table. @@ -346,7 +370,7 @@ resource "aws_route" "nat_gateway" { resource "aws_eip" "private" { count = local.nat_gateway_count - vpc = true + domain = "vpc" tags = merge( module.private-labels.tags, { diff --git a/variables.tf b/variables.tf index 2efa225..60f2d5e 100644 --- a/variables.tf +++ b/variables.tf @@ -204,4 +204,10 @@ variable "assign_ipv6_address_on_creation" { type = bool default = false description = "Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address." +} + +variable "enable_vpc_endpoint" { + type = bool + default = true + description = "enable vpc endpoint" } \ No newline at end of file