Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(ec2): global vpc endpoint support (#29563)
### Issue # (if applicable) Closes #29560. ### Reason for this change The service name generated by the CDK for global VPC endpoints was incorrect, as it contained the stack's region: ```sh $ aws ec2 describe-vpc-endpoint-services --region=us-east-1 --service-names=com.amazonaws.s3-global.accesspoint | jq '.ServiceDetails[] | .ServiceName' "com.amazonaws.s3-global.accesspoint" ``` ```ts new CfnOutput(this, "endpoint", { value: ec2.InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS.name, }); // TestDeployStack.endpoint = com.amazonaws.eu-west-1.s3-global.accesspoint ``` In addition, another global endpoint was missing from `InterfaceVpcEndpointAwsService`. ### Description of changes * The `InterfaceVpcEndpointAwsService` constructor was modified to * I would have preferred to switch to a single object for the optional constructor properties (`prefix`, `port`, and now `global`), but couldn't make a breaking change to a publicly accessible constructor * `InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS` was changed to be a global VPC endpoint * `InterfaceVpcEndpointAwsService.CODECATALYST` was added ### Description of how you validated changes I've added a unit test to check that the global endpoints' name were set correctly. I also added an integration test for `InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS`. To test it, I created a publicly accessible EC2 instance on the VPC, connected to it and ran `nslookup accesspoint.s3-global.amazonaws.com` to make sure it was resolvable (see [Configuring a Multi-Region Access Point for use with AWS PrivateLink](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointsPrivateLink.html)): Without the `InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS` interface endpoint: ```sh $ nslookup accesspoint.s3-global.amazonaws.com Server: 10.0.0.2 Address: 10.0.0.2#53 Non-authoritative answer: *** Can't find accesspoint.s3-global.amazonaws.com: No answer ``` With the `InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS` interface endpoint: ```sh $ nslookup accesspoint.s3-global.amazonaws.com Server: 10.0.0.2 Address: 10.0.0.2#53 Non-authoritative answer: Name: accesspoint.s3-global.amazonaws.com Address: 10.0.156.75 Name: accesspoint.s3-global.amazonaws.com Address: 10.0.246.83 ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
- Loading branch information
