fix(ec2): add proper handling for VPC endpoint service name prefix eu.amazonaws for new region eusc-de-east-1 for ECR & API Gateway services

[salah1994-sys]

Reason for this change

For the new region eusc-de-east-1 will be launched in AWS European Sovereign Cloud, services like:-

• ECR
• API Gateway
• Security Hub

They have their VPC endpoint service name starts with prefix eu.amazonaws rather than the default com.amazonaws

This requires special handling similar to what's already implemented for China regions cn-north-1 & cn-northwest-1 otherwise, while deploying, CloudFormation stacks will hit the error "The Vpc Endpoint Service com.amazonaws.eusc-de-east-1.ecr.dkr does not exist"

Description of changes

In the file packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts, I am updating the method getDefaultEndpointPrefix, adding special handling for eusc-de-east-1 when services are ['ecr.dkr', 'ecr.api', 'execute-api', 'securityhub'] to return eu.amazonaws instead of com.amazonaws. This is similar to what's already existing for China regions.

Description of how you validated changes

I also updated packages/aws-cdk-lib/aws-ec2/test/vpc-endpoint.test.ts to cover unit tests and was confirmed tests are passed

maelnabi@c889f3aaec8b aws-cdk-lib % yarn test aws-ec2
yarn run v1.22.22
$ jest aws-ec2
 PASS  aws-ec2/test/volume.test.ts (13.106 s)
 PASS  aws-ec2/test/instance.test.ts (14.333 s)
 PASS  aws-ec2/test/vpc.test.ts (15.864 s)
 PASS  aws-ec2/test/vpc-endpoint.test.ts (17.116 s)
 PASS  aws-ec2/test/launch-template.test.ts
 PASS  aws-ec2/test/security-group.test.ts
 PASS  aws-ec2/test/vpc-flow-logs.test.ts
 PASS  aws-ec2/test/userdata.test.ts
 PASS  aws-ec2/test/cfn-init.test.ts
 PASS  aws-ec2/test/cfn-init-element.test.ts
 PASS  aws-ec2/test/machine-image.test.ts
 PASS  aws-ec2/test/ip-addresses.test.ts
 PASS  aws-ec2/test/vpc.from-lookup.test.ts
 PASS  aws-ec2/test/connections.test.ts
 PASS  aws-ec2/test/vpc-endpoint-service.test.ts
 PASS  aws-ec2/test/vpn.test.ts
 PASS  aws-ec2/test/client-vpn-endpoint.test.ts
 PASS  aws-ec2/test/prefix-list.test.ts
 PASS  aws-ec2/test/network-utils.test.ts
 PASS  aws-ec2/test/bastion-host.test.ts
 PASS  aws-ec2/test/aspects/require-imdsv2-aspect.test.ts
 PASS  aws-ec2/test/client-vpn-route.test.ts
 PASS  aws-ec2/test/key-pair.test.ts
 PASS  aws-ec2/test/client-vpn-authorization-rule.test.ts
 PASS  aws-ec2/test/placement-group.test.ts
 PASS  aws-ec2/test/cidr-splits.test.ts
 PASS  aws-ec2/test/instance-requirements.test.ts
 PASS  aws-ec2/test/l1.test.ts
 PASS  aws-ec2/test/instance-type.test.ts

=============================== Coverage summary ===============================
Statements   : 59.25% ( 12033/20308 )
Branches     : 41.58% ( 3168/7618 )
Functions    : 43.44% ( 1860/4281 )
Lines        : 60.55% ( 11632/19210 )
================================================================================

Test Suites: 29 passed, 29 total
Tests:       941 passed, 941 total
Snapshots:   0 total
Time:        29.278 s
Ran all test suites matching /aws-ec2/i.
✨  Done in 32.88s.

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[aws-cdk-automation]

(This review is outdated)

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

[aemada-aws]

This file is updated automatically by a bot when reaching a specific number of contributions.

[salah1994-sys]

Thank you, updated the commit, removed changes made to CONTRIBUTORS.md

[github-actions]

⚠️ Experimental Feature: This security report is currently in experimental phase. Results may include false positives and the rules are being actively refined.
Please try merge from main to avoid findings unrelated to the PR.

---

	Tests	Passed ☑️	Skipped	Failed ❌️
Security Guardian Results	50 ran	49 passed		1 failed

Test	Result
Security Guardian Results
packages/@aws-cdk-testing/framework-integ/test/aws-ec2/test/integ.vpc-endpoint-eusc.js.snapshot/aws-cdk-ec2-vpc-endpoint-eusc.template.json
ec2-no-open-security-groups.guard	❌ failure

• View Security Guardian Results

[github-actions]

⚠️ Experimental Feature: This security report is currently in experimental phase. Results may include false positives and the rules are being actively refined.
Please try merge from main to avoid findings unrelated to the PR.

---

	Tests	Passed ✅	Skipped	Failed
Security Guardian Results with resolved templates	50 ran	50 passed

Test	Result
No test annotations available

• View Security Guardian Results with resolved templates

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

Merge Queue Status

✅ The pull request has been merged at e05fea1

This pull request spent 5 seconds in the queue, with no time running CI.
The checks were run in-place.

Required conditions to merge

• #approved-reviews-by >= 1 [🛡 GitHub branch protection]
  • fix(ec2): add proper handling for VPC endpoint service name prefix eu.amazonaws for new region eusc-de-east-1 for ECR & API Gateway services #36471
• #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
  • fix(ec2): add proper handling for VPC endpoint service name prefix eu.amazonaws for new region eusc-de-east-1 for ECR & API Gateway services #36471
• any of [🛡 GitHub branch protection]:
  • check-success = validate-pr
  • check-neutral = validate-pr
  • check-skipped = validate-pr
• any of [🛡 GitHub branch protection]:
  • check-success = build
  • check-neutral = build
  • check-skipped = build

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.