Added more VPC endpoints (Glue, STS, Sagemaker Notebook), and all missing outputs (#311)

* AWS Glue VPC endpoint * sagemaker notebook vpc endpoint * correct service name for notebook endpoint * added outputs kinesis * added endpoints output glue, fix readme * endpoint for STS * endpoint for STS (variables) * Added more VPC endpoints (Glue, STS, Sagemaker Notebook), and all missing outputs

Added more VPC endpoints (Glue, STS, Sagemaker Notebook), and all missing outputs (#311)
* AWS Glue VPC endpoint * sagemaker notebook vpc endpoint * correct service name for notebook endpoint * added outputs kinesis * added endpoints output glue, fix readme * endpoint for STS * endpoint for STS (variables) * Added more VPC endpoints (Glue, STS, Sagemaker Notebook), and all missing outputs
2fbaaacd · Edward Viaene · Anton Babenko · 013b7ab6 · 2fbaaacd · 2fbaaacd
Commit 2fbaaacd authored Sep 02, 2019 by Edward Viaene Committed by Anton Babenko Sep 02, 2019
Showing with 965 additions and 633 deletions

README.md README.md +44 -1

main.tf main.tf +0 -632

outputs.tf outputs.tf +150 -0

variables.tf variables.tf +78 -0

vpc-endpoints.tf vpc-endpoints.tf +693 -0

No files found.
--- a/README.md
+++ b/README.md
--- a/main.tf
+++ b/main.tf
--- a/outputs.tf
+++ b/outputs.tf
@@ -398,6 +398,81 @@ output "vpc_endpoint_sqs_dns_entry" {
  value       = flatten(aws_vpc_endpoint.sqs.*.dns_entry)
 }
+output "vpc_endpoint_codebuild_id" {
+  description = "The ID of VPC endpoint for codebuild"
+  value       = concat(aws_vpc_endpoint.codebuild.*.id, [""])[0]
+}
+output "vpc_endpoint_codebuild_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for codebuild."
+  value       = flatten(aws_vpc_endpoint.codebuild.*.network_interface_ids)
+}
+output "vpc_endpoint_codebuild_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for codebuild."
+  value       = flatten(aws_vpc_endpoint.codebuild.*.dns_entry)
+}
+output "vpc_endpoint_codecommit_id" {
+  description = "The ID of VPC endpoint for codecommit"
+  value       = concat(aws_vpc_endpoint.codecommit.*.id, [""])[0]
+}
+output "vpc_endpoint_codecommit_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for codecommit."
+  value       = flatten(aws_vpc_endpoint.codecommit.*.network_interface_ids)
+}
+output "vpc_endpoint_codecommit_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for codecommit."
+  value       = flatten(aws_vpc_endpoint.codecommit.*.dns_entry)
+}
+output "vpc_endpoint_git_codecommit_id" {
+  description = "The ID of VPC endpoint for git_codecommit"
+  value       = concat(aws_vpc_endpoint.git_codecommit.*.id, [""])[0]
+}
+output "vpc_endpoint_git_codecommit_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for git_codecommit."
+  value       = flatten(aws_vpc_endpoint.git_codecommit.*.network_interface_ids)
+}
+output "vpc_endpoint_git_codecommit_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for git_codecommit."
+  value       = flatten(aws_vpc_endpoint.git_codecommit.*.dns_entry)
+}
+output "vpc_endpoint_config_id" {
+  description = "The ID of VPC endpoint for config"
+  value       = concat(aws_vpc_endpoint.config.*.id, [""])[0]
+}
+output "vpc_endpoint_config_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for config."
+  value       = flatten(aws_vpc_endpoint.config.*.network_interface_ids)
+}
+output "vpc_endpoint_config_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for config."
+  value       = flatten(aws_vpc_endpoint.config.*.dns_entry)
+}
+output "vpc_endpoint_secretsmanager_id" {
+  description = "The ID of VPC endpoint for secretsmanager"
+  value       = concat(aws_vpc_endpoint.secretsmanager.*.id, [""])[0]
+}
+output "vpc_endpoint_secretsmanager_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for secretsmanager."
+  value       = flatten(aws_vpc_endpoint.secretsmanager.*.network_interface_ids)
+}
+output "vpc_endpoint_secretsmanager_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for secretsmanager."
+  value       = flatten(aws_vpc_endpoint.secretsmanager.*.dns_entry)
+}
 output "vpc_endpoint_ssm_id" {
  description = "The ID of VPC endpoint for SSM"
  value       = concat(aws_vpc_endpoint.ssm.*.id, [""])[0]
@@ -458,6 +533,36 @@ output "vpc_endpoint_ec2messages_dns_entry" {
  value       = flatten(aws_vpc_endpoint.ec2messages.*.dns_entry)
 }
+output "vpc_endpoint_transferserver_id" {
+  description = "The ID of VPC endpoint for transferserver"
+  value       = concat(aws_vpc_endpoint.transferserver.*.id, [""])[0]
+}
+output "vpc_endpoint_transferserver_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for transferserver"
+  value       = flatten(aws_vpc_endpoint.transferserver.*.network_interface_ids)
+}
+output "vpc_endpoint_transferserver_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for transferserver."
+  value       = flatten(aws_vpc_endpoint.transferserver.*.dns_entry)
+}
+output "vpc_endpoint_glue_id" {
+  description = "The ID of VPC endpoint for Glue"
+  value       = concat(aws_vpc_endpoint.glue.*.id, [""])[0]
+}
+output "vpc_endpoint_glue_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Glue."
+  value       = flatten(aws_vpc_endpoint.glue.*.network_interface_ids)
+}
+output "vpc_endpoint_glue_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Glue."
+  value       = flatten(aws_vpc_endpoint.glue.*.dns_entry)
+}
 output "vpc_endpoint_kms_id" {
  description = "The ID of VPC endpoint for KMS"
  value       = concat(aws_vpc_endpoint.kms.*.id, [""])[0]
@@ -473,6 +578,36 @@ output "vpc_endpoint_kms_dns_entry" {
  value       = flatten(aws_vpc_endpoint.kms.*.dns_entry)
 }
+output "vpc_endpoint_kinesis_firehose_id" {
+  description = "The ID of VPC endpoint for Kinesis Firehose"
+  value       = concat(aws_vpc_endpoint.kinesis_firehose.*.id, [""])[0]
+}
+output "vpc_endpoint_kinesis_firehose_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Kinesis Firehose."
+  value       = flatten(aws_vpc_endpoint.kinesis_firehose.*.network_interface_ids)
+}
+output "vpc_endpoint_kinesis_firehose_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Kinesis Firehose."
+  value       = flatten(aws_vpc_endpoint.kinesis_firehose.*.dns_entry)
+}
+output "vpc_endpoint_kinesis_streams_id" {
+  description = "The ID of VPC endpoint for Kinesis Streams"
+  value       = concat(aws_vpc_endpoint.kinesis_streams.*.id, [""])[0]
+}
+output "vpc_endpoint_kinesis_streams_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for Kinesis Streams."
+  value       = flatten(aws_vpc_endpoint.kinesis_streams.*.network_interface_ids)
+}
+output "vpc_endpoint_kinesis_streams_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for Kinesis Streams."
+  value       = flatten(aws_vpc_endpoint.kinesis_streams.*.dns_entry)
+}
 output "vpc_endpoint_ecr_api_id" {
  description = "The ID of VPC endpoint for ECR API"
  value       = concat(aws_vpc_endpoint.ecr_api.*.id, [""])[0]
@@ -653,6 +788,21 @@ output "vpc_endpoint_cloudtrail_dns_entry" {
  value       = flatten(aws_vpc_endpoint.cloudtrail.*.dns_entry)
 }
+output "vpc_endpoint_sts_id" {
+  description = "The ID of VPC endpoint for STS"
+  value       = concat(aws_vpc_endpoint.sts.*.id, [""])[0]
+}
+output "vpc_endpoint_sts_network_interface_ids" {
+  description = "One or more network interfaces for the VPC Endpoint for STS."
+  value       = flatten(aws_vpc_endpoint.sts.*.network_interface_ids)
+}
+output "vpc_endpoint_sts_dns_entry" {
+  description = "The DNS entries for the VPC Endpoint for STS."
+  value       = flatten(aws_vpc_endpoint.sts.*.dns_entry)
+}
 # Static values (arguments)
 output "azs" {
  description = "A list of availability zones specified as argument to this module"

--- a/variables.tf
+++ b/variables.tf
@@ -903,6 +903,84 @@ variable "kinesis_firehose_endpoint_private_dns_enabled" {
  default     = false
 }
+variable "enable_glue_endpoint" {
+  description = "Should be true if you want to provision a Glue endpoint to the VPC"
+  type        = bool
+  default     = false
+}
+variable "glue_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for Glue endpoint"
+  type        = list(string)
+  default     = []
+}
+variable "glue_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for Glue endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+  type        = list(string)
+  default     = []
+}
+variable "glue_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for Glue endpoint"
+  type        = bool
+  default     = false
+}
+variable "enable_sagemaker_notebook_endpoint" {
+  description = "Should be true if you want to provision a Sagemaker Notebook endpoint to the VPC"
+  type        = bool
+  default     = false
+}
+variable "sagemaker_notebook_endpoint_region" {
+  description = "Region to use for Sagemaker Notebook endpoint"
+  type        = string
+  default     = ""
+}
+variable "sagemaker_notebook_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for Sagemaker Notebook endpoint"
+  type        = list(string)
+  default     = []
+}
+variable "sagemaker_notebook_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for Sagemaker Notebook endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+  type        = list(string)
+  default     = []
+}
+variable "sagemaker_notebook_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for Sagemaker Notebook endpoint"
+  type        = bool
+  default     = false
+}
+variable "enable_sts_endpoint" {
+  description = "Should be true if you want to provision a STS endpoint to the VPC"
+  type        = bool
+  default     = false
+}
+variable "sts_endpoint_security_group_ids" {
+  description = "The ID of one or more security groups to associate with the network interface for STS endpoint"
+  type        = list(string)
+  default     = []
+}
+variable "sts_endpoint_subnet_ids" {
+  description = "The ID of one or more subnets in which to create a network interface for STS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+  type        = list(string)
+  default     = []
+}
+variable "sts_endpoint_private_dns_enabled" {
+  description = "Whether or not to associate a private hosted zone with the specified VPC for STS endpoint"
+  type        = bool
+  default     = false
+}
 variable "map_public_ip_on_launch" {
  description = "Should be false if you do not want to auto-assign public IP on launch"
  type        = bool

--- a/vpc-endpoints.tf
+++ b/vpc-endpoints.tf