Added configuration for S3 VPC Endpoints

2020-08-05 12:46:27 +02:00 · 2020-08-05 12:46:27 +02:00 · 17cc649a53
commit 17cc649a53
parent 1461a9acd5
4 changed files with 80 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1,2 +1,19 @@
 # terraform-aws-vpc_endpoints
 Module to enable and configure VPC endpoints
+
+
+Module Usage
+
+```
+module "vpc_endpoints" {
+  count                  = var.enable_s3_endpoint ? 1 : 0
+  #source                 = "git@github.com:webuildyourcloud/terraform-aws-vpc_endpoints.git?ref=tags/0.18.1"
+  source                 = "git@github.com:webuildyourcloud/terraform-aws-vpc_endpoints.git"
+  region                 = var.region
+  name                   = var.name
+  vpc_id                 = module.vpc.vpc_id
+  private_route_table_id = module.subnets.private_route_table_ids
+  public_route_table_id  = module.subnets.public_route_table_ids
+  tags                   = local.tags
+}
+```
--- a/main.tf
+++ b/main.tf
@ -0,0 +1,32 @@
+######################
+# VPC Endpoint for S3
+######################
+data "aws_vpc_endpoint_service" "s3" {
+  count = var.enable_s3_endpoint ? 1 : 0
+
+  service = "s3"
+}
+
+resource "aws_vpc_endpoint" "s3" {
+  count = var.enable_s3_endpoint ? 1 : 0
+
+  vpc_id       = var.vpc_id
+  service_name = data.aws_vpc_endpoint_service.s3[0].service_name
+  tags         = local.vpce_tags
+}
+
+resource "aws_vpc_endpoint_route_table_association" "private_s3" {
+  count = var.enable_s3_endpoint ? local.nat_gateway_count : 0
+
+  vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
+  #route_table_id  = element(aws_route_table.private.*.id, count.index)
+  route_table_id  = element(var.private_route_table_id, count.index)
+}
+
+resource "aws_vpc_endpoint_route_table_association" "public_s3" {
+  count = var.enable_s3_endpoint && length(var.public_subnets) > 0 ? 1 : 0
+
+  vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
+  #route_table_id  = aws_route_table.public[0].id
+  route_table_id  = var.public_route_table_id
+}
--- a/outputs.tf
+++ b/outputs.tf
@ -0,0 +1,11 @@
+# VPC Endpoints
+output "vpc_endpoint_s3_id" {
+  description = "The ID of VPC endpoint for S3"
+  value       = concat(aws_vpc_endpoint.s3.*.id, [""])[0]
+}
+
+output "vpc_endpoint_s3_pl_id" {
+  description = "The prefix list for the S3 VPC endpoint."
+  value       = concat(aws_vpc_endpoint.s3.*.prefix_list_id, [""])[0]
+}
+
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,20 @@
+variable "vpc_id" {
+  description = "The VPC to launch the instance in (e.g. vpc-66ecaa02)."
+  type        = string
+}
+
+variable "enable_s3_endpoint" {
+  description = "Should be true if you want to provision an S3 endpoint to the VPC"
+  type        = bool
+  default     = false
+}
+
+variable "public_route_table_id" {
+  description = "Public route table of the VPC where then endpoint is located"
+  type        = list(string)
+}
+
+variable "private_route_table_id" {
+  description = "private route table of the VPC where then endpoint is located"
+  type        = list(string)
+}