Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws.ec2.VpcEndpoint only supports the full-access endpoint policy. #1711

Open
Defman opened this issue Sep 6, 2024 · 1 comment
Open

aws.ec2.VpcEndpoint only supports the full-access endpoint policy. #1711

Defman opened this issue Sep 6, 2024 · 1 comment
Labels
kind/bug Some behavior is incorrect or out of spec

Comments

@Defman
Copy link

Defman commented Sep 6, 2024

What happened?

When setting privateDnsEnabled to true from false.

const vpcEndpoint = new awsNative.ec2.VpcEndpoint(`${stack}-${endpoint.name}`, {
  serviceName: endpoint.serviceName,
  vpcId: vpc.id,
  vpcEndpointType: endpoint.vpcEndpointType,
  privateDnsEnabled: endpoint.privateDnsEnabled,
  subnetIds: privateSubnets.map((subnet) => subnet.subnet.id),
  securityGroupIds,
});

Results in

error: operation UPDATE failed with "GeneralServiceException": Service com.amazonaws.vpce.eu-central-1.vpce-svc-xxxxx only supports the full-access endpoint policy. (Service: Ec2, Status Code: 400, Request ID: xxx)

Works with aws classic

const vpcEndpoint = new awsClassic.ec2.VpcEndpoint(`${stack}-${endpoint.name}`, {
  serviceName: endpoint.serviceName,
  vpcId: vpc.id,
  vpcEndpointType: endpoint.vpcEndpointType,
  privateDnsEnabled: endpoint.privateDnsEnabled,
  subnetIds: privateSubnets.map((subnet) => subnet.subnet.id),
  securityGroupIds,
});

Example

const vpcEndpoint = new awsNative.ec2.VpcEndpoint(`${stack}-${endpoint.name}`, {
  serviceName: endpoint.serviceName,
  vpcId: vpc.id,
  vpcEndpointType: endpoint.vpcEndpointType,
  privateDnsEnabled: endpoint.privateDnsEnabled,
  subnetIds: privateSubnets.map((subnet) => subnet.subnet.id),
  securityGroupIds,
});

Output of pulumi about

CLI          
Version      3.130.0
Go Version   go1.22.6
Go Compiler  gc

Plugins
KIND      NAME    VERSION
language  nodejs  unknown

Host     
OS       darwin
Version  13.0.1
Arch     arm64

This project is written in nodejs: executable='/opt/homebrew/bin/node' version='v22.6.0'

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@Defman Defman added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Sep 6, 2024
@t0yv0 t0yv0 removed the needs-triage Needs attention from the triage team label Sep 6, 2024
@t0yv0
Copy link
Member

t0yv0 commented Sep 6, 2024

Thanks for reporting this @Defman, we'll take a look as time permits. Thanks for including the workaround as well (using AWS Classic).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Some behavior is incorrect or out of spec
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t0yv0 @Defman