Support multiple sets of shared VPC interface endpoints #314
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To allow using multiple sets of shared endpoints, introducing a new property which can be used to specify the ID of the shared endpoints to use/expose.
- Add new sharedEndpointsVpcRegionsMap to keep track of sharedEndpointIds in each region - Validate that the sharedEndpointsId parameter and central parameter are not used together - Validate that the sharedEndpointsId is not duplicated within a region - Validate that the sharedEndpointsId is not used in a unsupported region - Validate that if an Id is referenced, that there is an shared endpoints VPC with the same Id
Part of the work to allow multiple sets of centralised endpoints. We need to ensure that privateDNS is disabled when using centralised endpoints either with the central flag, or sharedEndpointsId parameter.
…ed endpoints - Function to get all sharedEndpointIds across the configuration - Function to get the vpc configuration for a vpc with a specific sharedEndpoointId - Refactor existing getCentralEndpointVpc to reuse shared code
For all VPC's which share endpoints using the sharedEndpointId parameter, create private hosted zones which can be assosicated with other VPC's
Updated the validator to limit the ids to values which can be used in the role name. This role is used to assume into the account for authorisaing the PHZ association. Update the code to also support the sharedendpointId for creating assoications.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #313:
Description of changes:
Update to support providing multiple sets of VPC Interface endpoints based on an unique identifier, rather than the central boolean flag.
Usage:
In the config for the VPC sharing the endpoints:
In the config for the VPC using the endpoints
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.