Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement]: support service_region with aws_vpc_endpoint (privateLink consumer) #40583

Merged
merged 19 commits into from
Dec 18, 2024
Merged

[Enhancement]: support service_region with aws_vpc_endpoint (privateLink consumer) #40583

merged 19 commits into from
Dec 18, 2024

Conversation

MS99-9
Copy link
Contributor

@MS99-9 MS99-9 commented Dec 16, 2024
edited by ewbankkit
Loading

Description

This pull request adds support for the service_region argument to the aws_vpc_endpoint resource. The service_region argument allows users to specify the region of the VPC Endpoint Service explicitly, enabling cross-region endpoint connections.

Changes

  • Added a new optional service_region argument to the aws_vpc_endpoint resource schema.
    • This argument supports specifying the AWS region of the VPC Endpoint Service.
    • Changes to this argument force the creation of a new resource.
  • Updated the create and read functions to handle the new argument:
    • The create function validates the service_region against the service's available regions.
    • The read function parses the service_region from the service name.
  • Updated acceptance tests to cover the following scenarios:
    • Creation of a VPC endpoint with a specified service_region.
    • Validation of service_region for cross-region configurations.
    • Error handling for unsupported service_region.
  • Updated documentation to include the new argument.

Tests

  • Added the following new acceptance tests:
    • TestAccVPCEndpoint_crossRegionService: Validates that the service_region argument works as expected for cross-region endpoints.
    • TestAccVPCEndpoint_invalidCrossRegionService: Ensures an error is returned when specifying an unsupported service_region.

Relations

Closes #40522.
Closes #40438.

References

Output from Acceptance Testing

% make testacc P=3 TESTS=TestAccVPCEndpoint_ PKG=ec2
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 3 -run='TestAccVPCEndpoint_'  -timeout 360m
2024/12/17 02:00:21 Initializing Terraform AWS Provider...
=== RUN   TestAccVPCEndpoint_gatewayBasic
=== PAUSE TestAccVPCEndpoint_gatewayBasic
=== RUN   TestAccVPCEndpoint_interfaceBasic
=== PAUSE TestAccVPCEndpoint_interfaceBasic
=== RUN   TestAccVPCEndpoint_interfaceNoPrivateDNS
=== PAUSE TestAccVPCEndpoint_interfaceNoPrivateDNS
=== RUN   TestAccVPCEndpoint_interfacePrivateDNS
=== PAUSE TestAccVPCEndpoint_interfacePrivateDNS
=== RUN   TestAccVPCEndpoint_interfacePrivateDNSNoGateway
=== PAUSE TestAccVPCEndpoint_interfacePrivateDNSNoGateway
=== RUN   TestAccVPCEndpoint_disappears
=== PAUSE TestAccVPCEndpoint_disappears
=== RUN   TestAccVPCEndpoint_tags
=== PAUSE TestAccVPCEndpoint_tags
=== RUN   TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy
=== PAUSE TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy
=== RUN   TestAccVPCEndpoint_gatewayPolicy
=== PAUSE TestAccVPCEndpoint_gatewayPolicy
=== RUN   TestAccVPCEndpoint_ignoreEquivalent
=== PAUSE TestAccVPCEndpoint_ignoreEquivalent
=== RUN   TestAccVPCEndpoint_ipAddressType
=== PAUSE TestAccVPCEndpoint_ipAddressType
=== RUN   TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup
=== PAUSE TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup
=== RUN   TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate
=== PAUSE TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate
=== RUN   TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate
=== PAUSE TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate
=== RUN   TestAccVPCEndpoint_interfaceUserDefinedIPv4
=== PAUSE TestAccVPCEndpoint_interfaceUserDefinedIPv4
=== RUN   TestAccVPCEndpoint_interfaceUserDefinedIPv6
=== PAUSE TestAccVPCEndpoint_interfaceUserDefinedIPv6
=== RUN   TestAccVPCEndpoint_interfaceUserDefinedDualstack
=== PAUSE TestAccVPCEndpoint_interfaceUserDefinedDualstack
=== RUN   TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer
=== PAUSE TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer
=== RUN   TestAccVPCEndpoint_crossRegionService
=== PAUSE TestAccVPCEndpoint_crossRegionService
=== RUN   TestAccVPCEndpoint_invalidCrossRegionService
=== PAUSE TestAccVPCEndpoint_invalidCrossRegionService
=== CONT  TestAccVPCEndpoint_gatewayBasic
=== CONT  TestAccVPCEndpoint_ipAddressType
=== CONT  TestAccVPCEndpoint_interfaceUserDefinedIPv6
--- PASS: TestAccVPCEndpoint_gatewayBasic (31.62s)
=== CONT  TestAccVPCEndpoint_invalidCrossRegionService
--- PASS: TestAccVPCEndpoint_interfaceUserDefinedIPv6 (224.19s)
=== CONT  TestAccVPCEndpoint_crossRegionService
--- PASS: TestAccVPCEndpoint_invalidCrossRegionService (222.47s)
=== CONT  TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer
--- PASS: TestAccVPCEndpoint_ipAddressType (345.62s)
=== CONT  TestAccVPCEndpoint_interfaceUserDefinedDualstack
--- PASS: TestAccVPCEndpoint_interfaceUserDefinedDualstack (205.46s)
=== CONT  TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate
--- PASS: TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer (391.30s)
=== CONT  TestAccVPCEndpoint_interfaceUserDefinedIPv4
--- PASS: TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate (247.95s)
=== CONT  TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate
--- PASS: TestAccVPCEndpoint_interfaceUserDefinedIPv4 (202.84s)
=== CONT  TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup
--- PASS: TestAccVPCEndpoint_crossRegionService (634.15s)
=== CONT  TestAccVPCEndpoint_disappears
--- PASS: TestAccVPCEndpoint_disappears (28.22s)
=== CONT  TestAccVPCEndpoint_ignoreEquivalent
--- PASS: TestAccVPCEndpoint_ignoreEquivalent (34.52s)
=== CONT  TestAccVPCEndpoint_gatewayPolicy
--- PASS: TestAccVPCEndpoint_gatewayPolicy (49.59s)
=== CONT  TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy
--- PASS: TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy (49.96s)
=== CONT  TestAccVPCEndpoint_tags
--- PASS: TestAccVPCEndpoint_tags (54.72s)
=== CONT  TestAccVPCEndpoint_interfacePrivateDNSNoGateway
--- PASS: TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate (287.98s)
=== CONT  TestAccVPCEndpoint_interfacePrivateDNS
--- PASS: TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup (337.00s)
=== CONT  TestAccVPCEndpoint_interfaceNoPrivateDNS
--- PASS: TestAccVPCEndpoint_interfaceNoPrivateDNS (121.34s)
=== CONT  TestAccVPCEndpoint_interfaceBasic
--- PASS: TestAccVPCEndpoint_interfaceBasic (91.71s)
--- PASS: TestAccVPCEndpoint_interfacePrivateDNSNoGateway (385.19s)
--- PASS: TestAccVPCEndpoint_interfacePrivateDNS (441.88s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/ec2       1535.596s
...

MS99-9 and others added 12 commits December 9, 2024 23:42
@MS99-9
Merge pull request #1 from hashicorp/main
19ec727 
Rebase forked main branch
@MS99-9
Merge pull request #2 from hashicorp/main
82560d8 
rebase from main
@MS99-9
enhancement: allow cross-region service within vpc endpoint create fu…
6e2832c 
…nction

Signed-off-by: Mohamed Medhat Mohamed Ibrahim Shalaby <[email protected]>
@MS99-9
Update vpc_endpoint_test for crossRegion services
cd0fdfc
@MS99-9
Merge pull request #3 from MS99-9/MS99-9-patch-1
983807e 
Update vpc_endpoint_test for crossRegion services
@MS99-9
Update Read function + Add forcenew for serviceRegion + remove redund…
75b53e6 
…ant validator function
@MS99-9
Merge pull request #5 from MS99-9/update-read-function-for-cross-regi…
40b1407 
…on-services

Update Read function + Add forcenew for serviceRegion + remove redund…
@MS99-9
update docs to add service region attribute
1eda22d
@MS99-9
Merge pull request #6 from MS99-9/Update-docs-add-serviceRegion
a5882b7 
update docs to add service region attribute
@MS99-9
Merge branch 'hashicorp:main' into main
077e8a9
@MS99-9
add-computed-to-service-region
bbdacde
@MS99-9
Merge pull request #7 from MS99-9/add-computed-to-service-region
dc068b1 
Add computed to service region
@MS99-9 MS99-9 requested a review from a team as a code owner December 16, 2024 18:55
@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/vpc Issues and PRs that pertain to the vpc service. needs-triage Waiting for first response or review from a maintainer. labels Dec 16, 2024
@MS99-9
Copy link
Contributor Author

MS99-9 commented Dec 18, 2024

I can't see why golangci-lint check failed. It looks like it was killed, maybe it timed-out, not sure 🤔

@ewbankkit ewbankkit added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels Dec 18, 2024
@ewbankkit ewbankkit self-assigned this Dec 18, 2024
@github-actions github-actions bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Dec 18, 2024
ewbankkit
ewbankkit approved these changes Dec 18, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccVPCEndpoint_\|TestAccVPCEndpointDataSource_basic' PKG=ec2 ACCTEST_PARALLELISM=3
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.3 test ./internal/service/ec2/... -v -count 1 -parallel 3  -run=TestAccVPCEndpoint_\|TestAccVPCEndpointDataSource_basic -timeout 360m
2024/12/18 08:56:39 Initializing Terraform AWS Provider...
=== RUN   TestAccVPCEndpoint_gatewayBasic
=== PAUSE TestAccVPCEndpoint_gatewayBasic
=== RUN   TestAccVPCEndpoint_interfaceBasic
=== PAUSE TestAccVPCEndpoint_interfaceBasic
=== RUN   TestAccVPCEndpoint_interfaceNoPrivateDNS
=== PAUSE TestAccVPCEndpoint_interfaceNoPrivateDNS
=== RUN   TestAccVPCEndpoint_interfacePrivateDNS
=== PAUSE TestAccVPCEndpoint_interfacePrivateDNS
=== RUN   TestAccVPCEndpoint_interfacePrivateDNSNoGateway
=== PAUSE TestAccVPCEndpoint_interfacePrivateDNSNoGateway
=== RUN   TestAccVPCEndpoint_disappears
=== PAUSE TestAccVPCEndpoint_disappears
=== RUN   TestAccVPCEndpoint_tags
=== PAUSE TestAccVPCEndpoint_tags
=== RUN   TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy
=== PAUSE TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy
=== RUN   TestAccVPCEndpoint_gatewayPolicy
=== PAUSE TestAccVPCEndpoint_gatewayPolicy
=== RUN   TestAccVPCEndpoint_ignoreEquivalent
=== PAUSE TestAccVPCEndpoint_ignoreEquivalent
=== RUN   TestAccVPCEndpoint_ipAddressType
=== PAUSE TestAccVPCEndpoint_ipAddressType
=== RUN   TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup
=== PAUSE TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup
=== RUN   TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate
=== PAUSE TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate
=== RUN   TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate
=== PAUSE TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate
=== RUN   TestAccVPCEndpoint_interfaceUserDefinedIPv4
=== PAUSE TestAccVPCEndpoint_interfaceUserDefinedIPv4
=== RUN   TestAccVPCEndpoint_interfaceUserDefinedIPv6
=== PAUSE TestAccVPCEndpoint_interfaceUserDefinedIPv6
=== RUN   TestAccVPCEndpoint_interfaceUserDefinedDualstack
=== PAUSE TestAccVPCEndpoint_interfaceUserDefinedDualstack
=== RUN   TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer
=== PAUSE TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer
=== RUN   TestAccVPCEndpoint_crossRegionService
=== PAUSE TestAccVPCEndpoint_crossRegionService
=== RUN   TestAccVPCEndpoint_invalidCrossRegionService
=== PAUSE TestAccVPCEndpoint_invalidCrossRegionService
=== CONT  TestAccVPCEndpoint_gatewayBasic
=== CONT  TestAccVPCEndpoint_interfaceUserDefinedIPv6
=== CONT  TestAccVPCEndpoint_ipAddressType
--- PASS: TestAccVPCEndpoint_gatewayBasic (30.87s)
=== CONT  TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate
--- PASS: TestAccVPCEndpoint_interfaceUserDefinedIPv6 (220.41s)
=== CONT  TestAccVPCEndpoint_interfaceUserDefinedIPv4
--- PASS: TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnUpdate (300.27s)
=== CONT  TestAccVPCEndpoint_crossRegionService
--- PASS: TestAccVPCEndpoint_ipAddressType (341.79s)
=== CONT  TestAccVPCEndpoint_invalidCrossRegionService
--- PASS: TestAccVPCEndpoint_interfaceUserDefinedIPv4 (188.51s)
=== CONT  TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer
--- PASS: TestAccVPCEndpoint_invalidCrossRegionService (235.20s)
=== CONT  TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate
--- PASS: TestAccVPCEndpoint_VPCEndpointType_gatewayLoadBalancer (419.75s)
=== CONT  TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup
--- PASS: TestAccVPCEndpoint_crossRegionService (517.54s)
=== CONT  TestAccVPCEndpoint_disappears
--- PASS: TestAccVPCEndpoint_disappears (25.69s)
=== CONT  TestAccVPCEndpoint_ignoreEquivalent
--- PASS: TestAccVPCEndpoint_interfaceNonAWSServiceAcceptOnCreate (297.43s)
=== CONT  TestAccVPCEndpoint_gatewayPolicy
--- PASS: TestAccVPCEndpoint_ignoreEquivalent (31.38s)
=== CONT  TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy
--- PASS: TestAccVPCEndpoint_gatewayPolicy (44.93s)
=== CONT  TestAccVPCEndpoint_tags
--- PASS: TestAccVPCEndpoint_gatewayWithRouteTableAndPolicy (45.51s)
=== CONT  TestAccVPCEndpoint_interfacePrivateDNS
--- PASS: TestAccVPCEndpoint_tags (51.26s)
=== CONT  TestAccVPCEndpoint_interfacePrivateDNSNoGateway
--- PASS: TestAccVPCEndpoint_interfaceWithSubnetAndSecurityGroup (252.70s)
=== CONT  TestAccVPCEndpoint_interfaceNoPrivateDNS
--- PASS: TestAccVPCEndpoint_interfaceNoPrivateDNS (58.50s)
=== CONT  TestAccVPCEndpoint_interfaceUserDefinedDualstack
--- PASS: TestAccVPCEndpoint_interfacePrivateDNSNoGateway (200.50s)
=== CONT  TestAccVPCEndpoint_interfaceBasic
--- PASS: TestAccVPCEndpoint_interfaceBasic (68.68s)
--- PASS: TestAccVPCEndpoint_interfacePrivateDNS (297.63s)
--- PASS: TestAccVPCEndpoint_interfaceUserDefinedDualstack (189.71s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	1335.307s

jar-b
jar-b approved these changes Dec 18, 2024
View reviewed changes
Copy link
Member

@jar-b jar-b left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

@ewbankkit
Copy link
Contributor

@MS99-9 Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 5820ac3 into hashicorp:main Dec 18, 2024
42 checks passed
@github-actions github-actions bot added this to the v5.82.0 milestone Dec 18, 2024
@CarlosLanderas
Copy link

CarlosLanderas commented Dec 19, 2024
edited
Loading

Good afternoon!
Thanks for this contribution, I think we are facing this exact same problem.

I have a VPC endpoint service in APAC and when trying to create the vpc endpoint in eu-west-1 terraform displays an error: api error InvalidServiceName: The Vpc Endpoint Service 'xxx' does not exist

However, I can create it without any problem using the AWS console by setting the cross region checkbox and choosing the region that finally sets the service_region.

Thanks

@github-actions GitHub Actions
Copy link

This functionality has been released in v5.82.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Dec 19, 2024
@CarlosLanderas CarlosLanderas mentioned this pull request Dec 19, 2024
Closed
@ewbankkit ewbankkit mentioned this pull request Jan 7, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drewtul drewtul drewtul left review comments

@jar-b jar-b jar-b approved these changes

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. service/vpc Issues and PRs that pertain to the vpc service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.82.0
5 participants
@MS99-9 @ewbankkit @CarlosLanderas @drewtul @jar-b