Skip to content

Latest commit

 

History

History
105 lines (84 loc) · 5.17 KB

File metadata and controls

105 lines (84 loc) · 5.17 KB

AWS VPC Endpoints Terraform sub-module

Terraform sub-module which creates VPC endpoint resources on AWS.

Usage

See examples directory for working examples to reference:

module "endpoints" {
  source = "terraform-aws-modules/vpc/aws//modules/vpc-endpoints"

  vpc_id             = "vpc-12345678"
  security_group_ids = ["sg-12345678"]

  endpoints = {
    s3 = {
      # interface endpoint
      service             = "s3"
      tags                = { Name = "s3-vpc-endpoint" }
    },
    dynamodb = {
      # gateway endpoint
      service         = "dynamodb"
      route_table_ids = ["rt-12322456", "rt-43433343", "rt-11223344"]
      tags            = { Name = "dynamodb-vpc-endpoint" }
    },
    sns = {
      service    = "sns"
      subnet_ids = ["subnet-12345678", "subnet-87654321"]
      tags       = { Name = "sns-vpc-endpoint" }
    },
    sqs = {
      service             = "sqs"
      private_dns_enabled = true
      security_group_ids  = ["sg-987654321"]
      subnet_ids          = ["subnet-12345678", "subnet-87654321"]
      tags                = { Name = "sqs-vpc-endpoint" }
    },
  }

  tags = {
    Owner       = "user"
    Environment = "dev"
  }
}

Examples

Requirements

Name Version
terraform >= 1.0
aws >= 5.46

Providers

Name Version
aws >= 5.46

Modules

No modules.

Resources

Name Type
aws_security_group.this resource
aws_security_group_rule.this resource
aws_vpc_endpoint.this resource
aws_vpc_endpoint_service.this data source

Inputs

Name Description Type Default Required
create Determines whether resources will be created bool true no
create_security_group Determines if a security group is created bool false no
endpoints A map of interface and/or gateway endpoints containing their properties and configurations any {} no
security_group_description Description of the security group created string null no
security_group_ids Default security group IDs to associate with the VPC endpoints list(string) [] no
security_group_name Name to use on security group created. Conflicts with security_group_name_prefix string null no
security_group_name_prefix Name prefix to use on security group created. Conflicts with security_group_name string null no
security_group_rules Security group rules to add to the security group created any {} no
security_group_tags A map of additional tags to add to the security group created map(string) {} no
subnet_ids Default subnets IDs to associate with the VPC endpoints list(string) [] no
tags A map of tags to use on all resources map(string) {} no
timeouts Define maximum timeout for creating, updating, and deleting VPC endpoint resources map(string) {} no
vpc_id The ID of the VPC in which the endpoint will be used string null no

Outputs

Name Description
endpoints Array containing the full resource object and attributes for all endpoints created
security_group_arn Amazon Resource Name (ARN) of the security group
security_group_id ID of the security group