terraform-aws-control_tower_account_factory icon indicating copy to clipboard operation
terraform-aws-control_tower_account_factory copied to clipboard

Published 20 hours ago verified publisher icon aws-ia

Missing VPC endpoint for AWS Organizations

Open silvaalbert opened this issue 1 year ago • 1 comments

Expected behavior AFT makes calls to AWS Organizations. There are Interface Endpoints for other services, but not for AWS Organizations.

Additional context AWS Organizations can be tricky, as endpoints can only be created in us-east-1, but AFT can be deployed elsewhere. I suggest the endpoint be added to the solution, with a condition that only deploys if the region is us-east-1.

Furthermore, this behavior should be called out in the documentation, given that deployments in other regions will be sending this traffic through public IP address space, regardless of whether VPC endpoints are enabled for the solution.

silvaalbert avatar Apr 15 '24 22:04 silvaalbert

@silvaalbert thank you for reaching out. I will create an internal backlog to address this.

snebhu3 avatar Jun 21 '24 20:06 snebhu3