From fdd28c892a99186cf0970407705ee591eda16778 Mon Sep 17 00:00:00 2001
From: xpk <xpk@headdesk.me>
Date: Wed, 12 Jul 2023 23:11:21 +0800
Subject: [PATCH] DOC: updated readme

---
 modules/networking/vpc-endpoints/README.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/modules/networking/vpc-endpoints/README.md b/modules/networking/vpc-endpoints/README.md
index 4c91e03..3b5fe1b 100644
--- a/modules/networking/vpc-endpoints/README.md
+++ b/modules/networking/vpc-endpoints/README.md
@@ -21,9 +21,14 @@ unless an empty list `[]` is provided as input.
 * s3
 * dynamodb
 
+For gateway endpoints, all route tables in the VPC will be updated with routes to the private links.
+
 Full documentation: https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-endpoints.html
 
 ## Interface endpoints
+Interface endpoints are placed in one subnet for every AZ. Security group is created automatically
+and allow access from the VPC's cidr, plus all additional CIDRs if applicable.
+
 At time of writing, AWS provides 200+ interface endpoints:
 * access-analyzer
 * account
@@ -255,3 +260,18 @@ At time of writing, AWS provides 200+ interface endpoints:
 
 
 Full documentation: https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html
+
+
+## Example
+```hcl
+module "vpc-ep" {
+  count  = var.create-free-vpc-endpoints ? 1 : 0
+  source = "../vpc-endpoints"
+
+  gateway-ep-services   = ["s3", "dynamodb"]
+  interface-ep-services = []
+  resource-prefix       = var.resource-prefix
+  vpc-id                = aws_vpc.vpc.id
+  secondary_cidrs       = var.secondary_cidr_blocks
+}
+```
\ No newline at end of file