Resource: awsVpcEndpointService
Provides a VPC Endpoint Service resource. Service consumers can create an Interface VPC Endpoint to connect to the service.
\~> NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals: Terraform provides both a standalone VPC Endpoint Service Allowed Principal resource and a VPC Endpoint Service resource with an allowedPrincipals
attribute. Do not use the same principal ARN in both a VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict and will overwrite the association.
Example Usage
Network Load Balancers
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.vpcEndpointService.VpcEndpointService(this, "example", {
acceptanceRequired: false,
networkLoadBalancerArns: ["${aws_lb.example.arn}"],
});
Gateway Load Balancers
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.vpcEndpointService.VpcEndpointService(this, "example", {
acceptanceRequired: false,
gatewayLoadBalancerArns: ["${aws_lb.example.arn}"],
});
Argument Reference
The following arguments are supported:
acceptanceRequired
- (Required) Whether or not VPC endpoint connection requests to the service must be accepted by the service owner -true
orfalse
.allowedPrincipals
- (Optional) The ARNs of one or more principals allowed to discover the endpoint service.gatewayLoadBalancerArns
- (Optional) Amazon Resource Names (ARNs) of one or more Gateway Load Balancers for the endpoint service.networkLoadBalancerArns
- (Optional) Amazon Resource Names (ARNs) of one or more Network Load Balancers for the endpoint service.tags
- (Optional) A map of tags to assign to the resource. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.privateDnsName
- (Optional) The private DNS name for the service.supportedIpAddressTypes
- (Optional) The supported IP address types. The possible values areipv4
andipv6
.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The ID of the VPC endpoint service.availabilityZones
- A set of Availability Zones in which the service is available.arn
- The Amazon Resource Name (ARN) of the VPC endpoint service.baseEndpointDnsNames
- A set of DNS names for the service.managesVpcEndpoints
- Whether or not the service manages its VPC endpoints -true
orfalse
.serviceName
- The service name.serviceType
- The service type,gateway
orinterface
.state
- The state of the VPC endpoint service.privateDnsNameConfiguration
- List of objects containing information about the endpoint service private DNS name configuration.name
- Name of the record subdomain the service provider needs to create.state
- Verification state of the VPC endpoint service. Consumers of the endpoint service can use the private name only when the state isverified
.type
- Endpoint service verification type, for exampletxt
.value
- Value the service provider adds to the private DNS name domain record before verification.tagsAll
- A map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.
Import
VPC Endpoint Services can be imported using the vpcEndpointServiceId
, e.g.,