Merge pull request #4805 from k8s-infra-cherrypick-robot/cherry-pick-…

…4799-to-release-2.3 [release-2.3] 🐛 Delete VPC endpoints only if s3 bucket is enabled
kubernetes-sigs · Feb 21, 2024 · 1b49010 · 1b49010
2 parents 6cfd980 + 897de7a
commit 1b49010
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 18 deletions.
diff --git a/controllers/awscluster_controller_test.go b/controllers/awscluster_controller_test.go
@@ -711,24 +711,6 @@ func mockedDeleteVPCCallsForNonExistentVPC(m *mocks.MockEC2APIMockRecorder) {
 }
 
 func mockedDeleteVPCCalls(m *mocks.MockEC2APIMockRecorder) {
-	m.DescribeVpcEndpointsPages(gomock.Eq(&ec2.DescribeVpcEndpointsInput{
-		Filters: []*ec2.Filter{
-			{
-				Name:   aws.String("vpc-id"),
-				Values: aws.StringSlice([]string{"vpc-exists"}),
-			},
-		}}),
-		gomock.Any()).Do(func(_, y interface{}) {
-		funct := y.(func(page *ec2.DescribeVpcEndpointsOutput, lastPage bool) bool)
-		funct(&ec2.DescribeVpcEndpointsOutput{VpcEndpoints: []*ec2.VpcEndpoint{{
-			VpcEndpointId: aws.String("vpce-12345"),
-		}}}, true)
-	}).Return(nil).AnyTimes()
-
-	m.DeleteVpcEndpoints(gomock.Eq(&ec2.DeleteVpcEndpointsInput{
-		VpcEndpointIds: aws.StringSlice([]string{"vpce-12345"}),
-	})).Return(&ec2.DeleteVpcEndpointsOutput{}, nil).AnyTimes()
-
 	m.DescribeSubnetsWithContext(context.TODO(), gomock.Eq(&ec2.DescribeSubnetsInput{
 		Filters: []*ec2.Filter{
 			{

diff --git a/pkg/cloud/services/network/vpc.go b/pkg/cloud/services/network/vpc.go
@@ -255,6 +255,15 @@ func (s *Service) deleteVPCEndpoints() error {
 		return nil
 	}
 
+	// Gather all services that might have been enabled.
+	services := sets.New[string]()
+	if s.scope.Bucket() != nil {
+		services.Insert(fmt.Sprintf("com.amazonaws.%s.s3", s.scope.Region()))
+	}
+	if services.Len() == 0 {
+		return nil
+	}
+
 	// Get all existing endpoints.
 	endpoints, err := s.describeVPCEndpoints()
 	if err != nil {