Resource: awsVpcEndpointPolicy
Provides a VPC Endpoint Policy resource.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsVpcExample = new aws.vpc.Vpc(this, "example", {
cidrBlock: "10.0.0.0/16",
});
const dataAwsVpcEndpointServiceExample =
new aws.dataAwsVpcEndpointService.DataAwsVpcEndpointService(
this,
"example_1",
{
service: "dynamodb",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsVpcEndpointServiceExample.overrideLogicalId("example");
const awsVpcEndpointExample = new aws.vpcEndpoint.VpcEndpoint(
this,
"example_2",
{
serviceName: dataAwsVpcEndpointServiceExample.serviceName,
vpcId: awsVpcExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsVpcEndpointExample.overrideLogicalId("example");
const awsVpcEndpointPolicyExample = new aws.vpcEndpointPolicy.VpcEndpointPolicy(
this,
"example_3",
{
policy:
'${jsonencode({\n "Version" : "2012-10-17",\n "Statement" : [\n {\n "Sid" : "AllowAll",\n "Effect" : "Allow",\n "Principal" : {\n "AWS" : "*"\n },\n "Action" : [\n "dynamodb:*"\n ],\n "Resource" : "*"\n }\n ]\n })}',
vpcEndpointId: awsVpcEndpointExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsVpcEndpointPolicyExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
vpcEndpointId
- (Required) The VPC Endpoint ID.policy
- (Optional) A policy to attach to the endpoint that controls access to the service. Defaults to full access. Allgateway
and someinterface
endpoints support policies - see the relevant AWS documentation for more details. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The ID of the VPC endpoint.
Import
VPC Endpoint Policies can be imported using the id
, e.g.