Skip to content

Latest commit

 

History

History
69 lines (53 loc) · 5.03 KB

README.md

File metadata and controls

69 lines (53 loc) · 5.03 KB
Raw

terraform-aws-privatelink

AWS Privatelink module

*** Note ***

This module supports the new AWS tagging feature for Privatelink, to make use of this feature a change to the AWS provider is required. There's currently a PR open to make this work. As a temporary workaround I'm using a submodule that invokes the AWS CLI, this module requires both AWS CLI & JQ installed & available. See digitickets/cli/aws for more details on module usage.

This terraform module creates the neccessary components for an AWS Privatelink service.

This module requires either a default profile to access AWS or use the environment variable AWS_PROFILE

terraform init
terraform apply --auto-approve

Requirements

Name Version
terraform >= 0.13

Providers

Name Version
aws 4.34.0

Modules

Name Source Version
tag_allowed_principals digitickets/cli/aws 5.0.4

Resources

Name Type
aws_ec2_tag.name resource
aws_sns_topic.name resource
aws_vpc_endpoint_connection_notification.name resource
aws_vpc_endpoint_service.name resource
aws_vpc_endpoint_service_allowed_principal.name resource

Inputs

Name Description Type Default Required
acceptance_required Acceptance required on the privatelink access bool true no
allowed_principals Allowed principals to access your service, applies Tags to each principal 
list(object({
    principal = string
    tags      = optional(list(map(any)))
    index     = number
  }))
 
[
  {
    "index": 0,
    "principal": "arn:aws:iam::123456789012:root",
    "tags": [
      {
        "key": "Customer",
        "value": "Default1"
      }
    ]
  }
]
 no
create_topic Create an SNS Topic to recieve notification events bool false no
enable_notifications Create Notifications for endpoint activity bool false no
endpoint_connection_notification_events List of connection events on your service endpoint list(string) 
[
  "Accept",
  "Reject"
]
 no
gateway_load_balancer_arns Arn of a Gateway Load balancer list(string) null no
network_load_balancer_arns Arn of a network loadbalancer list(string) null no
private_dns_name Private DNS name for endpoint string null no
service_name Name of the Endpoint service string "default-name" no
service_tags Map of tags for the service map(any) {} no
supported_ip_address_types List of Support IP Address Types list(string) 
[
  "ipv4"
]
 no

Outputs

Name Description
endpoint_service_arn VPC Endpoint Service ARN
endpoint_service_details Object of all Outputs from the VPC Endpoint Service
tags Tags which where applied to the Service Principal