Skip to content

Resource: awsVpcEndpointServiceAllowedPrincipal

Provides a resource to allow a principal to discover a VPC endpoint service.

\~> NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals: Terraform provides both a standalone VPC Endpoint Service Allowed Principal resource and a VPC Endpoint Service resource with an allowedPrincipals attribute. Do not use the same principal ARN in both a VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict and will overwrite the association.

Example Usage

Basic usage:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsCallerIdentityCurrent =
  new aws.dataAwsCallerIdentity.DataAwsCallerIdentity(this, "current", {});
new aws.vpcEndpointServiceAllowedPrincipal.VpcEndpointServiceAllowedPrincipal(
  this,
  "allow_me_to_foo",
  {
    principalArn: dataAwsCallerIdentityCurrent.arn,
    vpcEndpointServiceId: "${aws_vpc_endpoint_service.foo.id}",
  }
);

Argument Reference

The following arguments are supported:

  • vpcEndpointServiceId - (Required) The ID of the VPC endpoint service to allow permission.
  • principalArn - (Required) The ARN of the principal to allow permissions.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The ID of the association.