Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Requester-managed Interface VPC Endpoints #8396

Closed
wants to merge 4 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
146 changes: 106 additions & 40 deletions aws/data_source_aws_vpc_endpoint.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/hashicorp/terraform/helper/schema"
"github.com/hashicorp/terraform/helper/structure"
)

func dataSourceAwsVpcEndpoint() *schema.Resource {
Expand All @@ -19,51 +20,65 @@ func dataSourceAwsVpcEndpoint() *schema.Resource {
Optional: true,
Computed: true,
},
"vpc_id": {
"service_name": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"service_name": {
"state": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"state": {
"vpc_id": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"vpc_endpoint_type": {
Type: schema.TypeString,
"cidr_blocks": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"policy": {
Type: schema.TypeString,
"dns_entry": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"dns_name": {
Type: schema.TypeString,
Computed: true,
},
"hosted_zone_id": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
"route_table_ids": {
"network_interface_ids": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
},
"policy": {
Type: schema.TypeString,
Computed: true,
},
"prefix_list_id": {
Type: schema.TypeString,
Computed: true,
},
"cidr_blocks": {
Type: schema.TypeList,
"private_dns_enabled": {
Type: schema.TypeBool,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"subnet_ids": {
Type: schema.TypeSet,
"requester_managed": {
Type: schema.TypeBool,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
},
"network_interface_ids": {
"route_table_ids": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Expand All @@ -75,25 +90,15 @@ func dataSourceAwsVpcEndpoint() *schema.Resource {
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
},
"private_dns_enabled": {
Type: schema.TypeBool,
"subnet_ids": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
},
"dns_entry": {
Type: schema.TypeList,
"vpc_endpoint_type": {
Type: schema.TypeString,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"dns_name": {
Type: schema.TypeString,
Computed: true,
},
"hosted_zone_id": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
},
}
Expand Down Expand Up @@ -121,19 +126,80 @@ func dataSourceAwsVpcEndpointRead(d *schema.ResourceData, meta interface{}) erro
}

log.Printf("[DEBUG] Reading VPC Endpoint: %s", req)
resp, err := conn.DescribeVpcEndpoints(req)
respVpce, err := conn.DescribeVpcEndpoints(req)
if err != nil {
return err
return fmt.Errorf("error reading VPC Endpoint: %s", err)
}
if resp == nil || len(resp.VpcEndpoints) == 0 {
return fmt.Errorf("no matching VPC endpoint found")
if respVpce == nil || len(respVpce.VpcEndpoints) == 0 {
return fmt.Errorf("no matching VPC Endpoint found")
}
if len(resp.VpcEndpoints) > 1 {
return fmt.Errorf("multiple VPC endpoints matched; use additional constraints to reduce matches to a single VPC endpoint")
if len(respVpce.VpcEndpoints) > 1 {
return fmt.Errorf("multiple VPC Endpoints matched; use additional constraints to reduce matches to a single VPC Endpoint")
}

vpce := resp.VpcEndpoints[0]
vpce := respVpce.VpcEndpoints[0]
d.SetId(aws.StringValue(vpce.VpcEndpointId))

return vpcEndpointAttributes(d, vpce, conn)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Replace call to vpcEndpointAttributes() with explicit setting of attributes (including new requester_managed attribute), see also https://github.com/terraform-providers/terraform-provider-aws/pull/8396/files#r277149439.

serviceName := aws.StringValue(vpce.ServiceName)
d.Set("service_name", serviceName)
d.Set("state", vpce.State)
d.Set("vpc_id", vpce.VpcId)

respPl, err := conn.DescribePrefixLists(&ec2.DescribePrefixListsInput{
Filters: buildEC2AttributeFilterList(map[string]string{
"prefix-list-name": serviceName,
}),
})
if err != nil {
return fmt.Errorf("error reading Prefix List (%s): %s", serviceName, err)
}
if respPl == nil || len(respPl.PrefixLists) == 0 {
d.Set("cidr_blocks", []interface{}{})
} else if len(respPl.PrefixLists) > 1 {
return fmt.Errorf("multiple prefix lists associated with the service name '%s'. Unexpected", serviceName)
} else {
pl := respPl.PrefixLists[0]

d.Set("prefix_list_id", pl.PrefixListId)
err = d.Set("cidr_blocks", flattenStringList(pl.Cidrs))
if err != nil {
return fmt.Errorf("error setting cidr_blocks: %s", err)
}
}

err = d.Set("dns_entry", flattenVpcEndpointDnsEntries(vpce.DnsEntries))
if err != nil {
return fmt.Errorf("error setting dns_entry: %s", err)
}
err = d.Set("network_interface_ids", flattenStringSet(vpce.NetworkInterfaceIds))
if err != nil {
return fmt.Errorf("error setting network_interface_ids: %s", err)
}
policy, err := structure.NormalizeJsonString(aws.StringValue(vpce.PolicyDocument))
if err != nil {
return fmt.Errorf("policy contains an invalid JSON: %s", err)
}
d.Set("policy", policy)
d.Set("private_dns_enabled", vpce.PrivateDnsEnabled)
err = d.Set("route_table_ids", flattenStringSet(vpce.RouteTableIds))
if err != nil {
return fmt.Errorf("error setting route_table_ids: %s", err)
}
d.Set("requester_managed", vpce.RequesterManaged)
err = d.Set("security_group_ids", flattenVpcEndpointSecurityGroupIds(vpce.Groups))
if err != nil {
return fmt.Errorf("error setting security_group_ids: %s", err)
}
err = d.Set("subnet_ids", flattenStringSet(vpce.SubnetIds))
if err != nil {
return fmt.Errorf("error setting subnet_ids: %s", err)
}
// VPC endpoints don't have types in GovCloud, so set type to default if empty
if vpceType := aws.StringValue(vpce.VpcEndpointType); vpceType == "" {
d.Set("vpc_endpoint_type", ec2.VpcEndpointTypeGateway)
} else {
d.Set("vpc_endpoint_type", vpceType)
}

return nil
}
55 changes: 33 additions & 22 deletions aws/data_source_aws_vpc_endpoint_service.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,37 +27,41 @@ func dataSourceAwsVpcEndpointService() *schema.Resource {
Computed: true,
ConflictsWith: []string{"service"},
},
"service_type": {
Type: schema.TypeString,
"acceptance_required": {
Type: schema.TypeBool,
Computed: true,
},
"owner": {
Type: schema.TypeString,
"availability_zones": {
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Computed: true,
Set: schema.HashString,
},
"vpc_endpoint_policy_supported": {
Type: schema.TypeBool,
"base_endpoint_dns_names": {
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Computed: true,
Set: schema.HashString,
},
"acceptance_required": {
"manages_vpc_endpoints": {
Type: schema.TypeBool,
Computed: true,
},
"availability_zones": {
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
"owner": {
Type: schema.TypeString,
Computed: true,
Set: schema.HashString,
},
"private_dns_name": {
Type: schema.TypeString,
Computed: true,
},
"base_endpoint_dns_names": {
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
"service_type": {
Type: schema.TypeString,
Computed: true,
},
"vpc_endpoint_policy_supported": {
Type: schema.TypeBool,
Computed: true,
Set: schema.HashString,
},
},
}
Expand All @@ -80,10 +84,10 @@ func dataSourceAwsVpcEndpointServiceRead(d *schema.ResourceData, meta interface{
ServiceNames: aws.StringSlice([]string{serviceName}),
}

log.Printf("[DEBUG] Reading VPC Endpoint Services: %s", req)
log.Printf("[DEBUG] Reading VPC Endpoint Service: %s", req)
resp, err := conn.DescribeVpcEndpointServices(req)
if err != nil {
return fmt.Errorf("Error fetching VPC Endpoint Services: %s", err)
return fmt.Errorf("error reading VPC Endpoint Service (%s): %s", serviceName, err)
}

if resp == nil || (len(resp.ServiceNames) == 0 && len(resp.ServiceDetails) == 0) {
Expand Down Expand Up @@ -114,13 +118,20 @@ func dataSourceAwsVpcEndpointServiceRead(d *schema.ResourceData, meta interface{
serviceName = aws.StringValue(sd.ServiceName)
d.SetId(strconv.Itoa(hashcode.String(serviceName)))
d.Set("service_name", serviceName)
d.Set("service_type", sd.ServiceType[0].ServiceType)
d.Set("owner", sd.Owner)
d.Set("vpc_endpoint_policy_supported", sd.VpcEndpointPolicySupported)
d.Set("acceptance_required", sd.AcceptanceRequired)
d.Set("availability_zones", flattenStringList(sd.AvailabilityZones))
err = d.Set("availability_zones", flattenStringSet(sd.AvailabilityZones))
if err != nil {
return fmt.Errorf("error setting availability_zones: %s", err)
}
err = d.Set("base_endpoint_dns_names", flattenStringSet(sd.BaseEndpointDnsNames))
if err != nil {
return fmt.Errorf("error setting base_endpoint_dns_names: %s", err)
}
d.Set("manages_vpc_endpoints", sd.ManagesVpcEndpoints)
d.Set("owner", sd.Owner)
d.Set("private_dns_name", sd.PrivateDnsName)
d.Set("base_endpoint_dns_names", flattenStringList(sd.BaseEndpointDnsNames))
d.Set("service_type", sd.ServiceType[0].ServiceType)
d.Set("vpc_endpoint_policy_supported", sd.VpcEndpointPolicySupported)

return nil
}
Loading