provider/aws: add support for vpc endpoint #2282
Conversation
|
CC: @radeksimko - think you we're looking at this too. |
|
Hi, the vpc endpoint is mandatory for me because it is one of the 2 ways we have to let the EC2 connect S3 in a VPC (using s3fs). The other way i found is to set a role to the EC2 but at this time this is not possible with the aws_instance resource. So i am blocked. I hope you release soon !! ;) |
|
@adelamarre Do you mean an IAM role on an EC2 instance? That's this property -https://terraform.io/docs/providers/aws/r/instance.html#iam_instance_profile |
|
I think ignoring endpoints in the route table state is probably the right way to cope with this. I'd initially thought that extending aws_route_table_association to support VPC endpoints might be the way to go, but looking at it in more detail, that resource maps directly to an AWS API call, so conflating it with endpoint behaviour seems potentially confusing. It seems cleaner to have the Terraform object model continue to map 1to1 with the AWS one. I'm also keen to use this resource, so I'd love to see it completed and merged :) |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
This is a WIP but wanted to get some feedback on some gotchas with how the api works.
The way the endpoint api works is you add/remove an existing route table to the endpoint, and then it updates the routes behind the scenes, which makes the state of the route table kinda awkward. Is ignoring it from the route table state the best option?