hashicorp · bflad · Jun 20, 2019 · Apr 19, 2019 · Apr 20, 2019 · May 14, 2019
diff --git a/aws/data_source_aws_vpc_endpoint.go b/aws/data_source_aws_vpc_endpoint.go
@@ -7,93 +7,103 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/ec2"
 	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/helper/structure"
 )
 
 func dataSourceAwsVpcEndpoint() *schema.Resource {
 	return &schema.Resource{
 		Read: dataSourceAwsVpcEndpointRead,
 
 		Schema: map[string]*schema.Schema{
-			"id": {
-				Type:     schema.TypeString,
-				Optional: true,
+			"cidr_blocks": {
+				Type:     schema.TypeList,
 				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
 			},
-			"vpc_id": {
-				Type:     schema.TypeString,
-				Optional: true,
+			"dns_entry": {
+				Type:     schema.TypeList,
 				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"dns_name": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"hosted_zone_id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
 			},
-			"service_name": {
+			"id": {
 				Type:     schema.TypeString,
 				Optional: true,
 				Computed: true,
 			},
-			"state": {
-				Type:     schema.TypeString,
-				Optional: true,
+			"network_interface_ids": {
+				Type:     schema.TypeSet,
 				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Set:      schema.HashString,
 			},
-			"vpc_endpoint_type": {
+			"owner_id": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
 			"policy": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"route_table_ids": {
-				Type:     schema.TypeSet,
-				Computed: true,
-				Elem:     &schema.Schema{Type: schema.TypeString},
-				Set:      schema.HashString,
-			},
 			"prefix_list_id": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"cidr_blocks": {
-				Type:     schema.TypeList,
+			"private_dns_enabled": {
+				Type:     schema.TypeBool,
 				Computed: true,
-				Elem:     &schema.Schema{Type: schema.TypeString},
 			},
-			"subnet_ids": {
+			"requester_managed": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"route_table_ids": {
 				Type:     schema.TypeSet,
 				Computed: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 				Set:      schema.HashString,
 			},
-			"network_interface_ids": {
+			"security_group_ids": {
 				Type:     schema.TypeSet,
 				Computed: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 				Set:      schema.HashString,
 			},
-			"security_group_ids": {
+			"service_name": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"state": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"subnet_ids": {
 				Type:     schema.TypeSet,
 				Computed: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 				Set:      schema.HashString,
 			},
-			"private_dns_enabled": {
-				Type:     schema.TypeBool,
+			"tags": tagsSchemaComputed(),
+			"vpc_endpoint_type": {
+				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"dns_entry": {
-				Type:     schema.TypeList,
+			"vpc_id": {
+				Type:     schema.TypeString,
+				Optional: true,
 				Computed: true,
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						"dns_name": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-						"hosted_zone_id": {
-							Type:     schema.TypeString,
-							Computed: true,
-						},
-					},
-				},
 			},
 		},
 	}
@@ -121,19 +131,85 @@ func dataSourceAwsVpcEndpointRead(d *schema.ResourceData, meta interface{}) erro
 	}
 
 	log.Printf("[DEBUG] Reading VPC Endpoint: %s", req)
-	resp, err := conn.DescribeVpcEndpoints(req)
+	respVpce, err := conn.DescribeVpcEndpoints(req)
 	if err != nil {
-		return err
+		return fmt.Errorf("error reading VPC Endpoint: %s", err)
 	}
-	if resp == nil || len(resp.VpcEndpoints) == 0 {
-		return fmt.Errorf("no matching VPC endpoint found")
+	if respVpce == nil || len(respVpce.VpcEndpoints) == 0 {
+		return fmt.Errorf("no matching VPC Endpoint found")
 	}
-	if len(resp.VpcEndpoints) > 1 {
-		return fmt.Errorf("multiple VPC endpoints matched; use additional constraints to reduce matches to a single VPC endpoint")
+	if len(respVpce.VpcEndpoints) > 1 {
+		return fmt.Errorf("multiple VPC Endpoints matched; use additional constraints to reduce matches to a single VPC Endpoint")
 	}
 
-	vpce := resp.VpcEndpoints[0]
+	vpce := respVpce.VpcEndpoints[0]
 	d.SetId(aws.StringValue(vpce.VpcEndpointId))
 
-	return vpcEndpointAttributes(d, vpce, conn)
+	serviceName := aws.StringValue(vpce.ServiceName)
+	d.Set("service_name", serviceName)
+	d.Set("state", vpce.State)
+	d.Set("vpc_id", vpce.VpcId)
+
+	respPl, err := conn.DescribePrefixLists(&ec2.DescribePrefixListsInput{
+		Filters: buildEC2AttributeFilterList(map[string]string{
+			"prefix-list-name": serviceName,
+		}),
+	})
+	if err != nil {
+		return fmt.Errorf("error reading Prefix List (%s): %s", serviceName, err)
+	}
+	if respPl == nil || len(respPl.PrefixLists) == 0 {
+		d.Set("cidr_blocks", []interface{}{})
+	} else if len(respPl.PrefixLists) > 1 {
+		return fmt.Errorf("multiple prefix lists associated with the service name '%s'. Unexpected", serviceName)
+	} else {
+		pl := respPl.PrefixLists[0]
+
+		d.Set("prefix_list_id", pl.PrefixListId)
+		err = d.Set("cidr_blocks", flattenStringList(pl.Cidrs))
+		if err != nil {
+			return fmt.Errorf("error setting cidr_blocks: %s", err)
+		}
+	}
+
+	err = d.Set("dns_entry", flattenVpcEndpointDnsEntries(vpce.DnsEntries))
+	if err != nil {
+		return fmt.Errorf("error setting dns_entry: %s", err)
+	}
+	err = d.Set("network_interface_ids", flattenStringSet(vpce.NetworkInterfaceIds))
+	if err != nil {
+		return fmt.Errorf("error setting network_interface_ids: %s", err)
+	}
+	d.Set("owner_id", vpce.OwnerId)
+	policy, err := structure.NormalizeJsonString(aws.StringValue(vpce.PolicyDocument))
+	if err != nil {
+		return fmt.Errorf("policy contains an invalid JSON: %s", err)
+	}
+	d.Set("policy", policy)
+	d.Set("private_dns_enabled", vpce.PrivateDnsEnabled)
+	err = d.Set("route_table_ids", flattenStringSet(vpce.RouteTableIds))
+	if err != nil {
+		return fmt.Errorf("error setting route_table_ids: %s", err)
+	}
+	d.Set("requester_managed", vpce.RequesterManaged)
+	err = d.Set("security_group_ids", flattenVpcEndpointSecurityGroupIds(vpce.Groups))
+	if err != nil {
+		return fmt.Errorf("error setting security_group_ids: %s", err)
+	}
+	err = d.Set("subnet_ids", flattenStringSet(vpce.SubnetIds))
+	if err != nil {
+		return fmt.Errorf("error setting subnet_ids: %s", err)
+	}
+	err = d.Set("tags", tagsToMap(vpce.Tags))
+	if err != nil {
+		return fmt.Errorf("error setting tags: %s", err)
+	}
+	// VPC endpoints don't have types in GovCloud, so set type to default if empty
+	if vpceType := aws.StringValue(vpce.VpcEndpointType); vpceType == "" {
+		d.Set("vpc_endpoint_type", ec2.VpcEndpointTypeGateway)
+	} else {
+		d.Set("vpc_endpoint_type", vpceType)
+	}
+
+	return nil
 }
diff --git a/aws/data_source_aws_vpc_endpoint_service.go b/aws/data_source_aws_vpc_endpoint_service.go
@@ -16,11 +16,43 @@ func dataSourceAwsVpcEndpointService() *schema.Resource {
 		Read: dataSourceAwsVpcEndpointServiceRead,
 
 		Schema: map[string]*schema.Schema{
+			"acceptance_required": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"availability_zones": {
+				Type:     schema.TypeSet,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+				Set:      schema.HashString,
+			},
+			"base_endpoint_dns_names": {
+				Type:     schema.TypeSet,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+				Set:      schema.HashString,
+			},
+			"manages_vpc_endpoints": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"owner": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"private_dns_name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"service": {
 				Type:          schema.TypeString,
 				Optional:      true,
 				ConflictsWith: []string{"service_name"},
 			},
+			"service_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"service_name": {
 				Type:          schema.TypeString,
 				Optional:      true,
@@ -31,34 +63,11 @@ func dataSourceAwsVpcEndpointService() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"owner": {
-				Type:     schema.TypeString,
-				Computed: true,
-			},
+			"tags": tagsSchemaComputed(),
 			"vpc_endpoint_policy_supported": {
 				Type:     schema.TypeBool,
 				Computed: true,
 			},
-			"acceptance_required": {
-				Type:     schema.TypeBool,
-				Computed: true,
-			},
-			"availability_zones": {
-				Type:     schema.TypeSet,
-				Elem:     &schema.Schema{Type: schema.TypeString},
-				Computed: true,
-				Set:      schema.HashString,
-			},
-			"private_dns_name": {
-				Type:     schema.TypeString,
-				Computed: true,
-			},
-			"base_endpoint_dns_names": {
-				Type:     schema.TypeSet,
-				Elem:     &schema.Schema{Type: schema.TypeString},
-				Computed: true,
-				Set:      schema.HashString,
-			},
 		},
 	}
 }
@@ -80,10 +89,10 @@ func dataSourceAwsVpcEndpointServiceRead(d *schema.ResourceData, meta interface{
 		ServiceNames: aws.StringSlice([]string{serviceName}),
 	}
 
-	log.Printf("[DEBUG] Reading VPC Endpoint Services: %s", req)
+	log.Printf("[DEBUG] Reading VPC Endpoint Service: %s", req)
 	resp, err := conn.DescribeVpcEndpointServices(req)
 	if err != nil {
-		return fmt.Errorf("Error fetching VPC Endpoint Services: %s", err)
+		return fmt.Errorf("error reading VPC Endpoint Service (%s): %s", serviceName, err)
 	}
 
 	if resp == nil || (len(resp.ServiceNames) == 0 && len(resp.ServiceDetails) == 0) {
@@ -114,13 +123,25 @@ func dataSourceAwsVpcEndpointServiceRead(d *schema.ResourceData, meta interface{
 	serviceName = aws.StringValue(sd.ServiceName)
 	d.SetId(strconv.Itoa(hashcode.String(serviceName)))
 	d.Set("service_name", serviceName)
-	d.Set("service_type", sd.ServiceType[0].ServiceType)
-	d.Set("owner", sd.Owner)
-	d.Set("vpc_endpoint_policy_supported", sd.VpcEndpointPolicySupported)
 	d.Set("acceptance_required", sd.AcceptanceRequired)
-	d.Set("availability_zones", flattenStringList(sd.AvailabilityZones))
+	err = d.Set("availability_zones", flattenStringSet(sd.AvailabilityZones))
+	if err != nil {
+		return fmt.Errorf("error setting availability_zones: %s", err)
+	}
+	err = d.Set("base_endpoint_dns_names", flattenStringSet(sd.BaseEndpointDnsNames))
+	if err != nil {
+		return fmt.Errorf("error setting base_endpoint_dns_names: %s", err)
+	}
+	d.Set("manages_vpc_endpoints", sd.ManagesVpcEndpoints)
+	d.Set("owner", sd.Owner)
 	d.Set("private_dns_name", sd.PrivateDnsName)
-	d.Set("base_endpoint_dns_names", flattenStringList(sd.BaseEndpointDnsNames))
+	d.Set("service_id", sd.ServiceId)
+	d.Set("service_type", sd.ServiceType[0].ServiceType)
+	err = d.Set("tags", tagsToMap(sd.Tags))
+	if err != nil {
+		return fmt.Errorf("error setting tags: %s", err)
+	}
+	d.Set("vpc_endpoint_policy_supported", sd.VpcEndpointPolicySupported)
 
 	return nil
 }