I am creating an AWS VPC Endpoint to connect to an interface type of service.I am using this code for it.
resource "aws_vpc_endpoint" "endpoints" {
for_each = var.custom_endpoint_services
vpc_id = data.aws_vpc.current_vpc.id
service_name = each.value.service_name
vpc_endpoint_type = "Interface"
security_group_ids = [
aws_security_group.endpoints-sg.id
]
tags = merge(var.tags, {
"Name" = each.key
})
}
Now as you can see i am not using any subnets.But still the endpoint gets created and is shown as available endpoint connections in the endpoint service.How is this possible?
>Solution :
How is this possible?
You have created an endpoint in the VPC, but none of the subnets in the VPC will route traffic to it currently. The Terraform documentation even includes an example similar to the code in your question, however if you check the subnet_ids attribute documentation on that same page, it states:
Interface type endpoints cannot function without being assigned to a subnet.
So, while it allows you to create Interface Endpoints without a subnet assignment, the documentation warns you that it will not be functional.
Note that endpoints of type Gateway do not need subnet assignments in order to work.