From f0da5758277cccc21bed6ddd6906d1c67c1d2d91 Mon Sep 17 00:00:00 2001
From: Mark Bouchkevitch <99093446+mbtiii@users.noreply.github.com>
Date: Fri, 12 Jul 2024 13:24:46 -0400
Subject: [PATCH] Add endpoint_management attribute (#1)
---
README.md | 5 +++--
main.tf | 1 +
variables.tf | 11 +++++++++++
versions.tf | 2 +-
4 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/README.md b/README.md
index bf2455c..2247de9 100644
--- a/README.md
+++ b/README.md
@@ -91,13 +91,13 @@ Apache-2.0 Licensed. See [LICENSE](https://github.com/aws-ia/terraform-aws-mwaa/
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0.0 |
-| [aws](#requirement\_aws) | >= 4.63.0 |
+| [aws](#requirement\_aws) | >= 5.39.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 4.63.0 |
+| [aws](#provider\_aws) | >= 5.39.0 |
## Modules
@@ -136,6 +136,7 @@ No modules.
| [create\_s3\_bucket](#input\_create\_s3\_bucket) | Create new S3 bucket for MWAA. | `string` | `true` | no |
| [create\_security\_group](#input\_create\_security\_group) | Create security group for MWAA | `bool` | `true` | no |
| [dag\_s3\_path](#input\_dag\_s3\_path) | (Required) The relative path to the DAG folder on your Amazon S3 storage bucket. For example, dags. | `string` | `"dags"` | no |
+| [endpoint\_management](#input\_endpoint\_management) | (Optional) Specifies who is responsible for creating the VPC endpoints for environment. CUSTOMER is useful when your VPC is owned by another account. Possible options: SERVICE (default) and CUSTOMER | `string` | `"SERVICE"` | no |
| [environment\_class](#input\_environment\_class) | (Optional) Environment class for the cluster. Possible options are mw1.small, mw1.medium, mw1.large, mw1.xlarge, mw1.2xlarge.
Will be set by default to mw1.small. Please check the AWS Pricing for more information about the environment classes. | `string` | `"mw1.small"` | no |
| [execution\_role\_arn](#input\_execution\_role\_arn) | (Required) The Amazon Resource Name (ARN) of the task execution role that the Amazon MWAA and its environment can assume
Mandatory if `create_iam_role=false` | `string` | `null` | no |
| [force\_detach\_policies](#input\_force\_detach\_policies) | IAM role Force detach policies | `bool` | `false` | no |
diff --git a/main.tf b/main.tf
index e689ee8..a788845 100644
--- a/main.tf
+++ b/main.tf
@@ -23,6 +23,7 @@ resource "aws_mwaa_environment" "mwaa" {
source_bucket_arn = local.source_bucket_arn
webserver_access_mode = var.webserver_access_mode
weekly_maintenance_window_start = var.weekly_maintenance_window_start
+ endpoint_management = var.endpoint_management
tags = var.tags
diff --git a/variables.tf b/variables.tf
index 612b9ee..0c72d6a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -137,6 +137,17 @@ variable "weekly_maintenance_window_start" {
default = null
}
+variable "endpoint_management" {
+ description = "(Optional) Specifies who is responsible for creating the VPC endpoints for environment. CUSTOMER is useful when your VPC is owned by another account. Possible options: SERVICE (default) and CUSTOMER"
+ type = string
+ default = "SERVICE"
+
+ validation {
+ condition = contains(["SERVICE", "CUSTOMER"], var.endpoint_management)
+ error_message = "Invalid input, options: \"SERVICE\", \"CUSTOMER\"."
+ }
+}
+
variable "tags" {
description = "(Optional) A map of resource tags to associate with the resource"
type = map(string)
diff --git a/versions.tf b/versions.tf
index b398951..e98b4ca 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 4.63.0"
+ version = ">= 5.39.0"
}
}
}