From ea48130af56c20f9bdf8f5b428e643716df070ba Mon Sep 17 00:00:00 2001 From: janli Date: Mon, 9 Dec 2024 14:20:10 -0800 Subject: [PATCH 1/3] feat: add waggledance vpce --- CHANGELOG.md | 7 +++++++ endpoints.tf | 14 ++++++++++++++ variables.tf | 12 ++++++++++++ 3 files changed, 33 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4abb9ba..00b6da7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,13 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## [4.5.6] - 2024-12-10 +### Added +- Added waggledance VPC endpoint service +- Added following new variables to support waggledance VPC endpint service: + - `enable_vpc_endpoint_services` + - `waggledance_customer_accounts` + ## [4.5.5] - 2024-10-04 ### Added - Added variables to control Waggledance deployment dns policy and config. diff --git a/endpoints.tf b/endpoints.tf index d0f18ce..2ab388d 100644 --- a/endpoints.tf +++ b/endpoints.tf @@ -72,3 +72,17 @@ resource "aws_route53_record" "metastore_alias" { ttl = "60" records = [aws_vpc_endpoint.remote_metastores[count.index].dns_entry[0].dns_name] } + + +data "aws_lb" "waggledance_lb" { + count = var.wd_instance_type == "k8s" && var.enable_vpc_endpoint_services ? 1 : 0 + name = split("-", split(".", kubernetes_service.waggle_dance[0].status.0.load_balancer.0.ingress.0.hostname).0).0 +} + +resource "aws_vpc_endpoint_service" "waggledance" { + count = var.enable_vpc_endpoint_services ? 1 : 0 + network_load_balancer_arns = compact(concat(aws_lb.waggledance[0].*.arn, data.aws_lb.waggledance_lb[0].*.arn)) + acceptance_required = false + allowed_principals = formatlist("arn:aws:iam::%s:root", var.waggledance_customer_accounts) + tags = merge(tomap({"Name"="${local.instance_alias}"}), var.tags) +} diff --git a/variables.tf b/variables.tf index 061e495..517d61c 100644 --- a/variables.tf +++ b/variables.tf @@ -524,3 +524,15 @@ variable "extended_server_config" { type = string default = "" } + +variable "enable_vpc_endpoint_services" { + description = "Enable metastore NLB, Route53 entries VPC access and VPC endpoint services, for cross-account access." + type = bool + default = false +} + +variable "waggledance_customer_accounts" { + description = "Waggledance VPC Endpoint customer accounts" + type = list(string) + default = [] +} From 2841305f4322dee92f4ad2c4366bad17ffa601e1 Mon Sep 17 00:00:00 2001 From: janli Date: Mon, 9 Dec 2024 14:32:15 -0800 Subject: [PATCH 2/3] fix: update load balancer --- endpoints.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/endpoints.tf b/endpoints.tf index 2ab388d..36aefe2 100644 --- a/endpoints.tf +++ b/endpoints.tf @@ -81,7 +81,7 @@ data "aws_lb" "waggledance_lb" { resource "aws_vpc_endpoint_service" "waggledance" { count = var.enable_vpc_endpoint_services ? 1 : 0 - network_load_balancer_arns = compact(concat(aws_lb.waggledance[0].*.arn, data.aws_lb.waggledance_lb[0].*.arn)) + network_load_balancer_arns = var.wd_instance_type == "ecs" ? aws_lb.waggledance[0].*.arn : data.aws_lb.waggledance_lb[0].*.arn) acceptance_required = false allowed_principals = formatlist("arn:aws:iam::%s:root", var.waggledance_customer_accounts) tags = merge(tomap({"Name"="${local.instance_alias}"}), var.tags) From 62545559d88cc2cf6919f02587c507b044acf1d2 Mon Sep 17 00:00:00 2001 From: janli Date: Mon, 9 Dec 2024 14:33:38 -0800 Subject: [PATCH 3/3] fix: fix typo --- endpoints.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/endpoints.tf b/endpoints.tf index 36aefe2..f04186b 100644 --- a/endpoints.tf +++ b/endpoints.tf @@ -81,7 +81,7 @@ data "aws_lb" "waggledance_lb" { resource "aws_vpc_endpoint_service" "waggledance" { count = var.enable_vpc_endpoint_services ? 1 : 0 - network_load_balancer_arns = var.wd_instance_type == "ecs" ? aws_lb.waggledance[0].*.arn : data.aws_lb.waggledance_lb[0].*.arn) + network_load_balancer_arns = var.wd_instance_type == "ecs" ? aws_lb.waggledance[0].*.arn : data.aws_lb.waggledance_lb[0].*.arn acceptance_required = false allowed_principals = formatlist("arn:aws:iam::%s:root", var.waggledance_customer_accounts) tags = merge(tomap({"Name"="${local.instance_alias}"}), var.tags)