cloudformation-coverage-roadmap
cloudformation-coverage-roadmap copied to clipboard
Published
20 hours ago •
aws-cloudformation
aws-cloudformation
AWS::EC2::VPCEndpoint - Output-PrefixId(Gateway)
trafficstars
AWS::EC2::VPCEndpoint Return Values supports interface type endpoints, but in order to use Gateways in SecurityGroup Egress rules it needs to return the Prefix Id, which they currently don't.
Expected behavior
It should return the PrefixId required for the Gateway endpoint just created. Currently these have to be looked up via a AWS CLI call. For us, we had to make a hardcoded mapping table in the template.
{
"ap-south-1": {"s3": "pl-78a54011", "dynamodb": "pl-66a7420f"},
"ap-northeast-1": {
"s3": "pl-61a54008",
"dynamodb": "pl-78a54011",
},
"ap-northeast-2": {
"s3": "pl-78a54011",
"dynamodb": "pl-48a54021",
},
"ap-southeast-1": {
"s3": "pl-6fa54006",
"dynamodb": "pl-67a5400e",
},
"ap-southeast-2": {
"s3": "pl-6ca54005",
"dynamodb": "pl-62a5400b",
},
"ca-central-1": {
"s3": "pl-7da54014",
"dynamodb": "pl-4ea54027",
},
"eu-central-1": {
"s3": "pl-6ea54007",
"dynamodb": "pl-66a5400f",
},
"eu-north-1": {"s3": "pl-c3aa4faa", "dynamodb": "pl-adae4bc4"},
"eu-west-1": {"s3": "pl-6da54004", "dynamodb": "pl-6fa54006"},
"eu-west-2": {"s3": "pl-7ca54015", "dynamodb": "pl-b3a742da"},
"eu-west-3": {"s3": "pl-23ad484a", "dynamodb": "pl-abb451c2"},
"sa-east-1": {"s3": "pl-6aa54003", "dynamodb": "pl-60a54009"},
"us-east-1": {"s3": "pl-63a5400a", "dynamodb": "pl-02cd2c6b"},
"us-east-2": {"s3": "pl-7ba54012", "dynamodb": "pl-4ca54025"},
"us-west-1": {"s3": "pl-6ba54002", "dynamodb": "pl-6ea54007"},
"us-west-2": {"s3": "pl-68a54001", "dynamodb": "pl-00a54069"},
}
Helpful Links to speed up research and evaluation
https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-prefix-lists.html https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html#aws-resource-ec2-vpcendpoint-return-values https://docs.aws.amazon.com/vpc/latest/userguide/vpce-gateway.html
