VPC Endpoint Module for AWS
A Terraform module for deploying a VPC Endpoint for VM-Series firewalls.
Reference
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.0.0, < 2.0.0 |
| aws | ~> 5.17 |
Providers
| Name | Version |
|---|---|
| aws | ~> 5.17 |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| aws_vpc_endpoint.this | resource |
| aws_vpc_endpoint_route_table_association.this | resource |
| aws_vpc_endpoint_subnet_association.this | resource |
| aws_vpc_endpoint.this | data source |
| aws_vpc_endpoint_service.this | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| auto_accept | If a service connection requires service owner's acceptance, the request will be approved automatically, provided that both parties are members of the same AWS account. | bool | null | no |
| create | If false, does not create a new AWS VPC Endpoint, but instead uses a pre-existing one. The inputs name, service_name, simple_service_name, tags, type, and vpc_id can be used to match the pre-existing endpoint. | bool | true | no |
| name | n/a | string | null | no |
| policy | n/a | string | null | no |
| private_dns_enabled | n/a | bool | null | no |
| route_table_ids | n/a | map(string) | {} | no |
| security_group_ids | n/a | list(string) | [] | no |
| service_name | The exact service name. This input is ignored if simple_service_name is defined. Typically "com.amazonaws.REGION.SERVICE", for example: "com.amazonaws.us-west-2.s3" | string | null | no |
| simple_service_name | The simplified service name for AWS service, for example: "s3". Uses the service from the current region. If null, the service_name input is used instead. | string | null | no |
| subnets | Map of Subnets where to create the Endpoints. Each map's key is the availability zone name and each map's object has an attributeid identifying AWS Subnet. Importantly, the traffic returning from the Endpoint uses the Subnet's route table.The keys of this input map are used for the output map endpoints.Example for users of module subnet_set: | | {} | no |
| tags | n/a | map(string) | {} | no |
| type | The type of the service. The type "Gateway" does not tolerate inputs subnets, security_group_ids, and private_dns_enabled.The type "Interface" does not tolerate input route_table_ids.The type "GatewayLoadBalancer" is similar to "Gateway", but can be deployed with the dedicated module gwlb_endpoint_set.If null, "Gateway" is used by default. | string | n/a | yes |
| vpc_id | n/a | string | n/a | yes |
Outputs
| Name | Description |
|---|---|
| endpoint | The created aws_vpc_endpoint object. Alternatively, the data resource if the input create is false. |