DT-523 add vpc s3 endpoint resource #28
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Deployed the changes. ❯ terraform state list | grep vpc_endpoint deployment-team-dev 12:37:25
module.comet_vpc[0].aws_vpc_endpoint.s3
|
|
Added a name |
|
Endpoint exists Verify route table entries |
There was a problem hiding this comment.
Pull Request Overview
Adds a gateway VPC endpoint for S3 and wires in a new region variable, while updating default ElastiCache versions for Redis 7.
- Update default Redis engine version and parameter group to v7
- Introduce
regionvariable in the VPC module - Provision an
aws_vpc_endpointfor S3 and passregionthrough the root module
Reviewed Changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| variables.tf | Bump ElastiCache engine version and param group |
| modules/comet_vpc/variables.tf | Add required region variable |
| modules/comet_vpc/main.tf | Add aws_vpc_endpoint resource for S3 |
| main.tf | Pass var.region into the VPC module |
Files not reviewed (1)
- .terraform.lock.hcl: Language not supported
Comments suppressed due to low confidence (2)
modules/comet_vpc/main.tf:44
- [nitpick] The resource name
s3is ambiguous; consider renaming it tos3_endpointfor clarity and consistency with other endpoint resources.
resource "aws_vpc_endpoint" "s3" {
variables.tf:261
- The default ElastiCache engine version was changed from "7.1.0" to "7.1"—please verify that AWS accepts this shorter format and update the variable description or docs if necessary.
default = "7.1"
|
|
||
| variable "region" { | ||
| description = "AWS region to provision resources in" | ||
| type = string |
There was a problem hiding this comment.
[nitpick] Consider adding a validation block to the region variable to enforce only supported AWS region identifiers (e.g., us-east-1, eu-west-1).
Suggested change
| type = string | |
| type = string | |
| validation { | |
| condition = can(regex("^([a-z]{2}-[a-z]+-[0-9]{1})$", var.region)) | |
| error_message = "The region must be a valid AWS region identifier, e.g., 'us-east-1', 'eu-west-1'." | |
| } |
Copilot uses AI. Check for mistakes.
|
|
||
| resource "aws_vpc_endpoint" "s3" { | ||
| vpc_id = module.vpc.vpc_id | ||
| service_name = "com.amazonaws.${var.region}.s3" |
There was a problem hiding this comment.
Hardcoding the partition as com.amazonaws may break in GovCloud or China partitions—use the data.aws_partition source to build the service name dynamically.
Copilot uses AI. Check for mistakes.
darenjacobs
approved these changes
May 28, 2025
There was a problem hiding this comment.
I approve. This looks fine. You may want to consider incorporating this submodule: https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest/submodules/vpc-endpoints
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://comet-ml.atlassian.net/browse/DT-523