Fixed formatting after #213

README.md

@@ -15,7 +15,7 @@ These types of resources are supported:
 * [VPN Gateway](https://www.terraform.io/docs/providers/aws/r/vpn_gateway.html)
 * [VPC Endpoint](https://www.terraform.io/docs/providers/aws/r/vpc_endpoint.html):
   * Gateway: S3, DynamoDB
-  * Interface: EC2, SSM, EC2 Messages, SSM Messages
+  * Interface: EC2, SSM, EC2 Messages, SSM Messages, ECR API, ECR DKR
 * [RDS DB Subnet Group](https://www.terraform.io/docs/providers/aws/r/db_subnet_group.html)
 * [ElastiCache Subnet Group](https://www.terraform.io/docs/providers/aws/r/elasticache_subnet_group.html)
 * [Redshift Subnet Group](https://www.terraform.io/docs/providers/aws/r/redshift_subnet_group.html)
@@ -216,6 +216,12 @@ Terraform version 0.10.3 or newer is required for this module to work.
 | ec2messages\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for EC2MESSAGES endpoint | string | `"false"` | no |
 | ec2messages\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for EC2MESSAGES endpoint | list | `[]` | no |
 | ec2messages\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for EC2MESSAGES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list | `[]` | no |
+| ecr\_api\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECR API endpoint | string | `"false"` | no |
+| ecr\_api\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for ECR API endpoint | list | `[]` | no |
+| ecr\_api\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for ECR api endpoint. If omitted, private subnets will be used. | list | `[]` | no |
+| ecr\_dkr\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECR DKR endpoint | string | `"false"` | no |
+| ecr\_dkr\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for ECR DKR endpoint | list | `[]` | no |
+| ecr\_dkr\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for ECR dkr endpoint. If omitted, private subnets will be used. | list | `[]` | no |
 | elasticache\_route\_table\_tags | Additional tags for the elasticache route tables | map | `{}` | no |
 | elasticache\_subnet\_suffix | Suffix to append to elasticache subnets name | string | `"elasticache"` | no |
 | elasticache\_subnet\_tags | Additional tags for the elasticache subnets | map | `{}` | no |
@@ -226,6 +232,8 @@ Terraform version 0.10.3 or newer is required for this module to work.
 | enable\_dynamodb\_endpoint | Should be true if you want to provision a DynamoDB endpoint to the VPC | string | `"false"` | no |
 | enable\_ec2\_endpoint | Should be true if you want to provision an EC2 endpoint to the VPC | string | `"false"` | no |
 | enable\_ec2messages\_endpoint | Should be true if you want to provision an EC2MESSAGES endpoint to the VPC | string | `"false"` | no |
+| enable\_ecr\_api\_endpoint | Should be true if you want to provision an ecr api endpoint to the VPC | string | `"false"` | no |
+| enable\_ecr\_dkr\_endpoint | Should be true if you want to provision an ecr dkr endpoint to the VPC | string | `"false"` | no |
 | enable\_nat\_gateway | Should be true if you want to provision NAT Gateways for each of your private networks | string | `"false"` | no |
 | enable\_s3\_endpoint | Should be true if you want to provision an S3 endpoint to the VPC | string | `"false"` | no |
 | enable\_ssm\_endpoint | Should be true if you want to provision an SSM endpoint to the VPC | string | `"false"` | no |

examples/complete-vpc/main.tf

@@ -62,6 +62,16 @@ module "vpc" {
   ec2messages_endpoint_private_dns_enabled = true
   ec2messages_endpoint_security_group_ids  = ["${data.aws_security_group.default.id}"]
 
+  # VPC Endpoint for ECR API
+  enable_ecr_api_endpoint              = true
+  ecr_api_endpoint_private_dns_enabled = true
+  ecr_api_endpoint_security_group_ids  = ["${data.aws_security_group.default.id}"]
+
+  # VPC Endpoint for ECR DKR
+  enable_ecr_dkr_endpoint              = true
+  ecr_dkr_endpoint_private_dns_enabled = true
+  ecr_dkr_endpoint_security_group_ids  = ["${data.aws_security_group.default.id}"]
+
   tags = {
     Owner       = "user"
     Environment = "staging"

main.tf

@@ -367,46 +367,6 @@ resource "aws_vpc_endpoint_route_table_association" "public_s3" {
   route_table_id  = "${aws_route_table.public.id}"
 }
 
-##########################
-# VPC Endpoint for ECR API
-##########################
-data "aws_vpc_endpoint_service" "ecr_api" {
-  count = "${var.create_vpc && var.enable_ecr_api_endpoint ? 1 : 0}"
-
-  service = "ecr.api"
-}
-
-resource "aws_vpc_endpoint" "ecr_api" {
-  count = "${var.create_vpc && var.enable_ecr_api_endpoint ? 1 : 0}"
-
-  vpc_endpoint_type = "Interface"
-  vpc_id       = "${local.vpc_id}"
-  security_group_ids = ["${var.ecr_api_endpoint_security_group_ids}"]
-  subnet_ids          = ["${coalescelist(var.ecr_api_endpoint_subnet_ids, aws_subnet.private.*.id)}"]
-  service_name = "${data.aws_vpc_endpoint_service.ecr_api.service_name}"
-  private_dns_enabled = "${var.ecr_api_endpoint_private_dns_enabled}"
-}
-
-##########################
-# VPC Endpoint for ECR DKR
-##########################
-data "aws_vpc_endpoint_service" "ecr_dkr" {
-  count = "${var.create_vpc && var.enable_ecr_dkr_endpoint ? 1 : 0}"
-
-  service = "ecr.dkr"
-}
-
-resource "aws_vpc_endpoint" "ecr_dkr" {
-  count = "${var.create_vpc && var.enable_ecr_dkr_endpoint ? 1 : 0}"
-
-  vpc_endpoint_type = "Interface"
-  vpc_id       = "${local.vpc_id}"
-  security_group_ids = ["${var.ecr_dkr_endpoint_security_group_ids}"]
-  subnet_ids          = ["${coalescelist(var.ecr_dkr_endpoint_subnet_ids, aws_subnet.private.*.id)}"]
-  service_name = "${data.aws_vpc_endpoint_service.ecr_dkr.service_name}"
-  private_dns_enabled = "${var.ecr_dkr_endpoint_private_dns_enabled}"
-}
-
 ############################
 # VPC Endpoint for DynamoDB
 ############################
@@ -528,6 +488,48 @@ resource "aws_vpc_endpoint" "ec2messages" {
   private_dns_enabled = "${var.ec2messages_endpoint_private_dns_enabled}"
 }
 
+###########################
+# VPC Endpoint for ECR API
+###########################
+data "aws_vpc_endpoint_service" "ecr_api" {
+  count = "${var.create_vpc && var.enable_ecr_api_endpoint ? 1 : 0}"
+
+  service = "ecr.api"
+}
+
+resource "aws_vpc_endpoint" "ecr_api" {
+  count = "${var.create_vpc && var.enable_ecr_api_endpoint ? 1 : 0}"
+
+  vpc_id            = "${local.vpc_id}"
+  service_name      = "${data.aws_vpc_endpoint_service.ecr_api.service_name}"
+  vpc_endpoint_type = "Interface"
+
+  security_group_ids  = ["${var.ecr_api_endpoint_security_group_ids}"]
+  subnet_ids          = ["${coalescelist(var.ecr_api_endpoint_subnet_ids, aws_subnet.private.*.id)}"]
+  private_dns_enabled = "${var.ecr_api_endpoint_private_dns_enabled}"
+}
+
+###########################
+# VPC Endpoint for ECR DKR
+###########################
+data "aws_vpc_endpoint_service" "ecr_dkr" {
+  count = "${var.create_vpc && var.enable_ecr_dkr_endpoint ? 1 : 0}"
+
+  service = "ecr.dkr"
+}
+
+resource "aws_vpc_endpoint" "ecr_dkr" {
+  count = "${var.create_vpc && var.enable_ecr_dkr_endpoint ? 1 : 0}"
+
+  vpc_id            = "${local.vpc_id}"
+  service_name      = "${data.aws_vpc_endpoint_service.ecr_dkr.service_name}"
+  vpc_endpoint_type = "Interface"
+
+  security_group_ids  = ["${var.ecr_dkr_endpoint_security_group_ids}"]
+  subnet_ids          = ["${coalescelist(var.ecr_dkr_endpoint_subnet_ids, aws_subnet.private.*.id)}"]
+  private_dns_enabled = "${var.ecr_dkr_endpoint_private_dns_enabled}"
+}
+
 ##########################
 # Route table association
 ##########################

variables.tf

@@ -178,46 +178,6 @@ variable "enable_s3_endpoint" {
   default     = false
 }
 
-variable "enable_ecr_api_endpoint" {
-  description = "Should be true if you want to provision an ecr api endpoint to the VPC"
-  default     = false
-}
-
-variable "ecr_api_endpoint_subnet_ids" {
-  description = "The ID of one or more subnets in which to create a network interface for ECR api endpoint. If omitted, private subnets will be used."
-  default     = []
-}
-
-variable "ecr_api_endpoint_private_dns_enabled" {
-  description = "Whether or not to associate a private hosted zone with the specified VPC for ECR API endpoint"
-  default     = false
-}
-
-variable "ecr_api_endpoint_security_group_ids" {
-  description = "The ID of one or more security groups to associate with the network interface for ECR API endpoint"
-  default     = []
-}
-
-variable "enable_ecr_dkr_endpoint" {
-  description = "Should be true if you want to provision an ecr dkr endpoint to the VPC"
-  default     = false
-}
-
-variable "ecr_dkr_endpoint_subnet_ids" {
-  description = "The ID of one or more subnets in which to create a network interface for ECR dkr endpoint. If omitted, private subnets will be used."
-  default     = []
-}
-
-variable "ecr_dkr_endpoint_private_dns_enabled" {
-  description = "Whether or not to associate a private hosted zone with the specified VPC for ECR DKR endpoint"
-  default     = false
-}
-
-variable "ecr_dkr_endpoint_security_group_ids" {
-  description = "The ID of one or more security groups to associate with the network interface for ECR DKR endpoint"
-  default     = []
-}
-
 variable "enable_ssm_endpoint" {
   description = "Should be true if you want to provision an SSM endpoint to the VPC"
   default     = false
@@ -298,6 +258,46 @@ variable "ec2messages_endpoint_subnet_ids" {
   default     = []
 }
 
+variable "enable_ecr_api_endpoint" {
+  description = "Should be true if you want to provision an ecr api endpoint to the VPC"
+  default     = false
+}
+
+variable "ecr_api_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for ECR api endpoint. If omitted, private subnets will be used."
+  default     = []
+}
+
+variable "ecr_api_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for ECR API endpoint"
+  default     = false
+}
+
+variable "ecr_api_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for ECR API endpoint"
+  default     = []
+}
+
+variable "enable_ecr_dkr_endpoint" {
+  description = "Should be true if you want to provision an ecr dkr endpoint to the VPC"
+  default     = false
+}
+
+variable "ecr_dkr_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for ECR dkr endpoint. If omitted, private subnets will be used."
+  default     = []
+}
+
+variable "ecr_dkr_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for ECR DKR endpoint"
+  default     = false
+}
+
+variable "ecr_dkr_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for ECR DKR endpoint"
+  default     = []
+}
+
 variable "map_public_ip_on_launch" {
   description = "Should be false if you do not want to auto-assign public IP on launch"
   default     = true