terraform.aws-baseline-infra/modules/networking/vpc-endpoints
2023-07-12 20:37:30 +08:00
..
main.tf UPD: updated vpc and vpcep modules to support provider default tags 2023-07-12 20:37:30 +08:00
provider.tf UPD: changes from upstream 2023-07-06 12:02:34 +08:00
README.md UPD: changes from upstream 2023-07-06 12:02:34 +08:00
variables.tf UPD: updated vpc and vpcep modules to support provider default tags 2023-07-12 20:37:30 +08:00

vpc-endpoints module

This module deploys VPC endpoints.

Automatically, this module performs the following additional tasks

  • Create and attach security group which allows access from the same VPC
  • Associate endpoints with 1 subnet in each availability zone

Inputs

Variable Type Required Description
voc-id string yes ID of VPC to deploy endpoints to
interface-ep-services list(string) yes Interface endpoint names
gateway-ep-services list(string) no Gateway endpoint names
default-tags map yes Tags to add to resources
resource-prefix string yes Prefix that will be added to resource name tags

Types of endpoints

Gateway endpoints

At time of writing, AWS provides 2 gateway endpoints at no charge. These endpoints are deployed by default, unless an empty list [] is provided as input.

  • s3
  • dynamodb

Full documentation: https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-endpoints.html

Interface endpoints

At time of writing, AWS provides 200+ interface endpoints:

  • access-analyzer
  • account
  • execute-api
  • appmesh
  • appmesh-envoy-management
  • apprunner
  • apprunner.requests
  • application-autoscaling
  • mgn
  • appstream.api
  • appstream.streaming
  • appsync-api
  • athena
  • auditmanager
  • rds
  • autoscaling-plans
  • backup
  • backup-gateway
  • batch
  • billingconductor
  • braket
  • cleanrooms
  • cloudcontrolapi
  • cloudcontrolapi-fips
  • clouddirectory
  • cloudformation
  • cloudhsmv2
  • cloudtrail
  • evidently
  • evidently-dataplane
  • monitoring
  • rum
  • rum-dataplane
  • synthetics
  • events
  • logs
  • codeartifact.api
  • codeartifact.repositories
  • codebuild
  • codebuild-fips
  • codecommit
  • codecommit-fips
  • git-codecommit
  • git-codecommit-fips
  • codedeploy
  • codedeploy-commands-secure
  • codeguru-profiler
  • codeguru-reviewer
  • codepipeline
  • codestar-connections.api
  • comprehend
  • comprehendmedical
  • config
  • app-integrations
  • cases
  • connect-campaigns
  • profile
  • voiceid
  • wisdom
  • dataexchange
  • dms
  • dms-fips
  • datasync
  • devops-guru
  • ds
  • ebs
  • ec2
  • autoscaling
  • imagebuilder
  • ecr.api
  • ecr.dkr
  • ecs
  • ecs-agent
  • ecs-telemetry
  • eks
  • elasticbeanstalk
  • elasticbeanstalk-health
  • drs
  • elasticfilesystem
  • elasticfilesystem-fips
  • elastic-inference.runtime
  • elasticloadbalancing
  • elasticache
  • elasticache-fips
  • elasticmapreduce
  • emr-containers
  • emr-serverless
  • events
  • fis
  • finspace
  • finspace-api
  • forecast
  • forecastquery
  • forecast-fips
  • forecastquery-fips
  • frauddetector
  • fsx
  • fsx-fips
  • glue
  • databrew
  • grafana
  • grafana-workspace
  • groundstation
  • guardduty-data
  • guardduty-data-fips
  • healthlake
  • identitystore
  • rolesanywhere
  • inspector2
  • iot.data
  • iot.fleethub.api
  • deviceadvisor.iot
  • iotwireless.api
  • lorawan.cups
  • lorawan.lns
  • iotfleetwise
  • greengrass
  • iotroborunner
  • iotsitewise.api
  • iotsitewise.data
  • iottwinmaker.api
  • iottwinmaker.data
  • kendra
  • kendra-ranking
  • kms
  • kms-fips
  • cassandra
  • cassandra-fips
  • kinesis-firehose
  • kinesis-streams
  • lakeformation
  • lambda
  • models-v2-lex
  • runtime-v2-lex
  • license-manager
  • license-manager-fips
  • lookoutequipment
  • lookoutmetrics
  • lookoutvision
  • macie2
  • m2
  • aps
  • aps-workspaces
  • airflow.api
  • airflow.env
  • airflow.ops
  • console
  • signin
  • memory-db
  • memorydb-fips
  • migrationhub-orchestrator
  • refactor-spaces
  • migrationhub-strategy
  • nimble
  • analytics-omics
  • control-storage-omics
  • storage-omics
  • tags-omics
  • workflows-omics
  • service-managed
  • panorama
  • payment-cryptography.controlplane
  • payment-cryptography.dataplane
  • personalize
  • personalize-events
  • personalize-runtime
  • pinpoint
  • pinpoint-sms-voice-v2
  • polly
  • private-networks
  • acm-pca
  • proton
  • qldb.session
  • rds
  • rds-data
  • redshift
  • redshift-fips
  • redshift-data
  • rekognition
  • rekognition-fips
  • streaming-rekognition
  • streaming-rekognition-fips
  • robomaker
  • s3
  • com.amazonaws.s3-global.accesspoint
  • s3-outposts
  • aws.sagemaker.region.notebook
  • aws.sagemaker.region.studio
  • sagemaker.api
  • sagemaker.featurestore-runtime
  • sagemaker.metrics
  • sagemaker.runtime
  • sagemaker.runtime-fips
  • secretsmanager
  • securityhub
  • sts
  • servicecatalog
  • servicecatalog-appregistry
  • email-smtp
  • simspaceweaver
  • snow-device-management
  • sns
  • sqs
  • swf
  • swf-fips
  • states
  • sync-states
  • storagegateway
  • ec2messages
  • ssm
  • ssm-contacts
  • ssm-incidents
  • ssmmessages
  • tnb
  • textract
  • textract-fips
  • transcribe
  • transcribestreaming
  • transcribe
  • transcribestreaming
  • transfer
  • transfer.server
  • translate
  • verifiedpermissions
  • vpc-lattice
  • workspaces
  • xray

Full documentation: https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html