feat: Add support for subnet_configuration on VPC endpoints (#1164)

feat: Support subnet_configuration in aws_vpc_endpoint resource

Co-authored-by: Bryant Biggs <[email protected]>

Author: sassdavid

examples/complete/main.tf

@@ -122,6 +122,13 @@ module "vpc_endpoints" {
       service             = "ecs"
       private_dns_enabled = true
       subnet_ids          = module.vpc.private_subnets
+      subnet_configurations = [
+        for v in module.vpc.private_subnet_objects :
+        {
+          ipv4      = cidrhost(v.cidr_block, 10)
+          subnet_id = v.id
+        }
+      ]
     },
     ecs_telemetry = {
       create              = false

modules/vpc-endpoints/README.md

@@ -26,9 +26,19 @@ module "endpoints" {
       tags            = { Name = "dynamodb-vpc-endpoint" }
     },
     sns = {
-      service    = "sns"
-      subnet_ids = ["subnet-12345678", "subnet-87654321"]
-      tags       = { Name = "sns-vpc-endpoint" }
+      service               = "sns"
+      subnet_ids            = ["subnet-12345678", "subnet-87654321"]
+      subnet_configurations = [
+        {
+          ipv4      = "10.8.34.10"
+          subnet_id = "subnet-12345678"
+        },
+        {
+          ipv4      = "10.8.35.10"
+          subnet_id = "subnet-87654321"
+        }
+      ]
+      tags = { Name = "sns-vpc-endpoint" }
     },
     sqs = {
       service             = "sqs"

modules/vpc-endpoints/main.tf

@@ -46,6 +46,16 @@ resource "aws_vpc_endpoint" "this" {
     }
   }
 
+  dynamic "subnet_configuration" {
+    for_each = try(each.value.subnet_configurations, [])
+
+    content {
+      ipv4      = try(subnet_configuration.value.ipv4, null)
+      ipv6      = try(subnet_configuration.value.ipv6, null)
+      subnet_id = try(subnet_configuration.value.subnet_id, null)
+    }
+  }
+
   tags = merge(
     var.tags,
     { "Name" = replace(each.key, ".", "-") },