feat(infra): created gateway vpc endpoint for communication between E…

…CS and S3 (#2138)

* feat(infra): created gateway vpc endpoint for communication between ECS and S3

Created gateway vpc endpoint intended to replace NAT instance for
communication between ECS and S3.
For testing this features is working, erase S3 bucket policy that allows
NAT instance's public ip. If the communication between ECS and S3 still
works, this gateway vpc endpoint is deemed working properly.
Also, moved the content of gateway_vpc_endpoint_to_s3 in /network directory
to s3_gateway_vpc_endpoint in the /storage directory (unlike in PR #2122).

* feat(infra): created gateway vpc endpoint for communication between ECS and S3

* feat(infra): created gateway vpc endpoint for communication between ECS and S3

apps/infra/production/storage/s3_gateway_vpc_endpoint.tf

@@ -1,8 +1,15 @@
+data "aws_route_table" "private" {
+  vpc_id = data.aws_vpc.main.id
+  tags = {
+    Name = "Codedang-Private-RT"
+  }
+}
+
 resource "aws_vpc_endpoint" "s3_endpoint" {
-  vpc_id            = aws_vpc.main.id
-  service_name      = "com.amazonaws.ap-northeast-2.s3"
+  vpc_id            = data.aws_vpc.main.id
+  service_name      = "com.amazonaws.${var.region}.s3"
   vpc_endpoint_type = "Gateway"
-  route_table_ids   = [aws_route_table.private.id]
+  route_table_ids   = [data.aws_route_table.private.id]
 
   policy = jsonencode({
     Version = "2008-10-17"
@@ -17,7 +24,7 @@ resource "aws_vpc_endpoint" "s3_endpoint" {
   })
 
   tags = {
-    "Name" = "s3-endpoint"
+    "Name" = "S3-Gateway-Endpoint-for-Private-RT"
   }
 }
 

apps/infra/production/storage/variables.tf

@@ -18,3 +18,10 @@ variable "redis_port" {
   default     = 6379
   sensitive   = true
 }
+
+variable "region" {
+  type        = string
+  description = "The region for provider"
+  default     = "ap-northeast-2"
+}
+