add more endpoints

terraform-aws-modules · Feb 8, 2020 · 597ccf3 · 597ccf3
1 parent 7a5f129
commit 597ccf3
Show file tree

Hide file tree

Showing 3 changed files with 272 additions and 0 deletions.
diff --git a/outputs.tf b/outputs.tf
@@ -992,6 +992,7 @@ output "vpc_endpoint_cloud_directory_id" {
   value       = concat(aws_vpc_endpoint.cloud_directory.*.id, [""])[0]
 }
 
+
 output "vpc_endpoint_cloud_directory_network_interface_ids" {
   description = "One or more network interfaces for the VPC Endpoint for Cloud Directory."
   value       = flatten(aws_vpc_endpoint.cloud_directory.*.network_interface_ids)
@@ -1002,6 +1003,185 @@ output "vpc_endpoint_cloud_directory_dns_entry" {
   value       = flatten(aws_vpc_endpoint.cloud_directory.*.dns_entry)
 }
 
+output "vpc_endpoint_elasticmapreduce_id" {
+  description = "The ID of VPC endpoint for EMR"
+  value       = concat(aws_vpc_endpoint.emr.*.id, [""])[0]
+}
+
+output "vpc_endpoint_elasticmapreduce_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for EMR."
+  value       = flatten(aws_vpc_endpoint.emr.*.network_interface_ids)
+}
+
+output "vpc_endpoint_elasticmapreduce_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for EMR."
+  value       = flatten(aws_vpc_endpoint.emr.*.dns_entry)
+}
+
+output "vpc_endpoint_sms_id" {
+  description = "The ID of VPC endpoint for SMS"
+  value       = concat(aws_vpc_endpoint.sms.*.id, [""])[0]
+}
+
+output "vpc_endpoint_sms_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for SMS."
+  value       = flatten(aws_vpc_endpoint.sms.*.network_interface_ids)
+}
+
+output "vpc_endpoint_sms_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for SMS."
+  value       = flatten(aws_vpc_endpoint.sms.*.dns_entry)
+}
+
+output "vpc_endpoint_states_id" {
+  description = "The ID of VPC endpoint for Step Function"
+  value       = concat(aws_vpc_endpoint.states.*.id, [""])[0]
+}
+
+output "vpc_endpoint_states_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Step Function."
+  value       = flatten(aws_vpc_endpoint.states.*.network_interface_ids)
+}
+
+output "vpc_endpoint_elastic_inference_runtime_id" {
+  description = "The ID of VPC endpoint for Elastic Inference Runtime"
+  value       = concat(aws_vpc_endpoint.elastic_inference_runtime.*.id, [""])[0]
+}
+
+output "vpc_endpoint_elastic_inference_runtime_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Elastic Inference Runtime."
+  value       = flatten(aws_vpc_endpoint.elastic_inference_runtime.*.network_interface_ids)
+}
+
+output "vpc_endpoint_elastic_inference_runtime_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Elastic Inference Runtime."
+  value       = flatten(aws_vpc_endpoint.elastic_inference_runtime.*.dns_entry)
+}
+
+output "vpc_endpoint_states_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Step Function."
+  value       = flatten(aws_vpc_endpoint.states.*.dns_entry)
+}
+
+output "vpc_endpoint_elasticbeanstalk_id" {
+  description = "The ID of VPC endpoint for Elastic Beanstalk"
+  value       = concat(aws_vpc_endpoint.elasticbeanstalk.*.id, [""])[0]
+}
+
+output "vpc_endpoint_elasticbeanstalk_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Elastic Beanstalk."
+  value       = flatten(aws_vpc_endpoint.elasticbeanstalk.*.network_interface_ids)
+}
+
+output "vpc_endpoint_elasticbeanstalk_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Elastic Beanstalk."
+  value       = flatten(aws_vpc_endpoint.elasticbeanstalk.*.dns_entry)
+}
+
+output "vpc_endpoint_workspaces_id" {
+  description = "The ID of VPC endpoint for Workspaces"
+  value       = concat(aws_vpc_endpoint.workspaces.*.id, [""])[0]
+}
+
+output "vpc_endpoint_workspaces_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Workspaces."
+  value       = flatten(aws_vpc_endpoint.workspaces.*.network_interface_ids)
+}
+
+output "vpc_endpoint_workspaces_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Workspaces."
+  value       = flatten(aws_vpc_endpoint.workspaces.*.dns_entry)
+}
+
+output "vpc_endpoint_auto_scaling_plans_id" {
+  description = "The ID of VPC endpoint for Auto Scaling Plans"
+  value       = concat(aws_vpc_endpoint.auto_scaling_plans.*.id, [""])[0]
+}
+
+output "vpc_endpoint_auto_scaling_plans_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Auto Scaling Plans."
+  value       = flatten(aws_vpc_endpoint.auto_scaling_plans.*.network_interface_ids)
+}
+
+output "vpc_endpoint_auto_scaling_plans_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Auto Scaling Plans."
+  value       = flatten(aws_vpc_endpoint.auto_scaling_plans.*.dns_entry)
+}
+
+output "vpc_endpoint_application_auto_scaling_id" {
+  description = "The ID of VPC endpoint for Application Auto Scaling"
+  value       = concat(aws_vpc_endpoint.application_auto_scaling.*.id, [""])[0]
+}
+
+output "vpc_endpoint_application_auto_scaling_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Application Auto Scaling."
+  value       = flatten(aws_vpc_endpoint.application_auto_scaling.*.network_interface_ids)
+}
+
+output "vpc_endpoint_application_auto_scaling_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Application Auto Scaling."
+  value       = flatten(aws_vpc_endpoint.application_auto_scaling.*.dns_entry)
+}
+
+output "vpc_endpoint_ebs_id" {
+  description = "The ID of VPC endpoint for EBS"
+  value       = concat(aws_vpc_endpoint.ebs.*.id, [""])[0]
+}
+
+output "vpc_endpoint_ebs_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for EBS."
+  value       = flatten(aws_vpc_endpoint.ebs.*.network_interface_ids)
+}
+
+output "vpc_endpoint_ebs_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for EBS."
+  value       = flatten(aws_vpc_endpoint.ebs.*.dns_entry)
+}
+
+output "vpc_endpoint_qldb_session_id" {
+  description = "The ID of VPC endpoint for QLDB Session"
+  value       = concat(aws_vpc_endpoint.qldb_session.*.id, [""])[0]
+}
+
+output "vpc_endpoint_qldb_session_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for QLDB Session."
+  value       = flatten(aws_vpc_endpoint.qldb_session.*.network_interface_ids)
+}
+
+output "vpc_endpoint_qldb_session_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for QLDB Session."
+  value       = flatten(aws_vpc_endpoint.qldb_session.*.dns_entry)
+}
+
+output "vpc_endpoint_datasync_id" {
+  description = "The ID of VPC endpoint for DataSync"
+  value       = concat(aws_vpc_endpoint.datasync.*.id, [""])[0]
+}
+
+output "vpc_endpoint_datasync_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for DataSync."
+  value       = flatten(aws_vpc_endpoint.datasync.*.network_interface_ids)
+}
+
+output "vpc_endpoint_datasync_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for DataSync."
+  value       = flatten(aws_vpc_endpoint.datasync.*.dns_entry)
+}
+
+output "vpc_endpoint_access_analyzer_id" {
+  description = "The ID of VPC endpoint for Access Analyzer"
+  value       = concat(aws_vpc_endpoint.access_analyzer.*.id, [""])[0]
+}
+
+output "vpc_endpoint_access_analyzer_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Access Analyzer."
+  value       = flatten(aws_vpc_endpoint.access_analyzer.*.network_interface_ids)
+}
+
+output "vpc_endpoint_access_analyzer_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Access Analyzer."
+  value       = flatten(aws_vpc_endpoint.access_analyzer.*.dns_entry)
+}
 
 # Static values (arguments)
 output "azs" {

diff --git a/variables.tf b/variables.tf
@@ -1538,6 +1538,54 @@ variable "qldb_session_endpoint_private_dns_enabled" {
   default     = false
 }
 
+variable "enable_elasticbeanstalk_endpoint" {
+  description = "Should be true if you want to provision a Elastic Beanstalk endpoint to the VPC"
+  type        = bool
+  default     = false
+}
+
+variable "elasticbeanstalk_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for Elastic Beanstalk endpoint"
+  type        = list(string)
+  default     = []
+}
+
+variable "elasticbeanstalk_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for Elastic Beanstalk endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+  type        = list(string)
+  default     = []
+}
+
+variable "elasticbeanstalk_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for Elastic Beanstalk endpoint"
+  type        = bool
+  default     = false
+}
+
+variable "enable_states_endpoint" {
+  description = "Should be true if you want to provision a Step Function endpoint to the VPC"
+  type        = bool
+  default     = false
+}
+
+variable "states_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for Step Function endpoint"
+  type        = list(string)
+  default     = []
+}
+
+variable "states_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for Step Function endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+  type        = list(string)
+  default     = []
+}
+
+variable "states_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for Step Function endpoint"
+  type        = bool
+  default     = false
+}
+
 variable "map_public_ip_on_launch" {
   description = "Should be false if you do not want to auto-assign public IP on launch"
   type        = bool

diff --git a/vpc-endpoints.tf b/vpc-endpoints.tf
@@ -1233,3 +1233,47 @@ resource "aws_vpc_endpoint" "qldb_session" {
 
   tags = local.vpce_tags
 }
+
+#############################
+# VPC Endpoint for Step Function
+#############################
+data "aws_vpc_endpoint_service" "states" {
+  count = var.create_vpc && var.enable_states_endpoint ? 1 : 0
+
+  service = "states"
+}
+
+resource "aws_vpc_endpoint" "states" {
+  count = var.create_vpc && var.enable_states_endpoint ? 1 : 0
+
+  vpc_id            = local.vpc_id
+  service_name      = data.aws_vpc_endpoint_service.states[0].service_name
+  vpc_endpoint_type = "Interface"
+
+  security_group_ids  = var.states_endpoint_security_group_ids
+  subnet_ids          = coalescelist(var.states_endpoint_subnet_ids, aws_subnet.private.*.id)
+  private_dns_enabled = var.states_endpoint_private_dns_enabled
+  tags                = local.vpce_tags
+}
+
+#############################
+# VPC Endpoint for Elastic Beanstalk
+#############################
+data "aws_vpc_endpoint_service" "elasticbeanstalk" {
+  count = var.create_vpc && var.enable_elasticbeanstalk_endpoint ? 1 : 0
+
+  service = "elasticbeanstalk"
+}
+
+resource "aws_vpc_endpoint" "elasticbeanstalk" {
+  count = var.create_vpc && var.enable_elasticbeanstalk_endpoint ? 1 : 0
+
+  vpc_id            = local.vpc_id
+  service_name      = data.aws_vpc_endpoint_service.elasticbeanstalk[0].service_name
+  vpc_endpoint_type = "Interface"
+
+  security_group_ids  = var.elasticbeanstalk_endpoint_security_group_ids
+  subnet_ids          = coalescelist(var.elasticbeanstalk_endpoint_subnet_ids, aws_subnet.private.*.id)
+  private_dns_enabled = var.elasticbeanstalk_endpoint_private_dns_enabled
+  tags                = local.vpce_tags
+}