From 3f77fdf7f1376e3d1a91501cc8a7a45d385b0e52 Mon Sep 17 00:00:00 2001 From: jocobu Date: Fri, 10 Feb 2023 02:06:31 -0500 Subject: [PATCH] change s3 endpoint to gateway --- modules/aws_vpc/main.tf | 15 +++++++++++++++ modules/aws_vpc/variables.tf | 8 +++++++- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/modules/aws_vpc/main.tf b/modules/aws_vpc/main.tf index 1c2eef76..912ab12f 100644 --- a/modules/aws_vpc/main.tf +++ b/modules/aws_vpc/main.tf @@ -53,6 +53,21 @@ resource "aws_vpc_endpoint" "private_endpoints" { ] } +resource "aws_vpc_endpoint" "s3_private_endpoint" { + vpc_id = local.vpc_id + service_name = "com.amazonaws.${var.region}.${var.vpc_s3_private_endpoint}" + vpc_endpoint_type = "Gateway" + + tags = merge( + { + "Name" = format("%s", "${var.name}-private-endpoint-${var.vpc_s3_private_endpoint}") + }, + var.tags, + ) + + route_table_ids = aws_route_table.private.*.id +} + data "aws_subnet" "public" { count = local.existing_public_subnets ? length(var.subnets["public"]) : 0 id = element(var.existing_subnet_ids["public"], count.index) diff --git a/modules/aws_vpc/variables.tf b/modules/aws_vpc/variables.tf index 2a78705b..5b2216c2 100644 --- a/modules/aws_vpc/variables.tf +++ b/modules/aws_vpc/variables.tf @@ -106,7 +106,13 @@ variable "map_public_ip_on_launch" { variable "vpc_private_endpoints" { description = "Endpoints needed for private cluster" type = list(string) - default = [ "ec2", "ecr.api", "ecr.dkr", "s3", "logs", "sts", "elasticloadbalancing", "autoscaling" ] + default = [ "ec2", "ecr.api", "ecr.dkr", "logs", "sts", "elasticloadbalancing", "autoscaling" ] +} + +variable "vpc_s3_private_endpoint" { + description = "S3 gateway endpoint needed for private cluster" + type = string + default = "s3" } variable "region" {