Terraform Template to Create SQS Private Endpoint
January 6, 2022•131 words
data "aws_vpc_endpoint_service" "sqs" {
service = "sqs"
filter {
name = "service-type"
values = ["Interface"]
}
}
data "aws_vpc" "selected" {
id = "vpc-change-me"
}
resource "aws_security_group" "sqs_ep" {
name = "sqs-ep"
vpc_id = "vpc-change-me"
revoke_rules_on_delete = true
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
# I use the https://github.com/cloudposse/terraform-null-label to create my tags
tags = module.label.tags
}
resource "aws_security_group_rule" "sqs_ep" {
description = "Allow https traffice from the VPC"
from_port = 443
protocol = "tcp"
security_group_id = aws_security_group.sqs_ep.id
cidr_blocks = [data.aws_vpc.selected.cidr_block]
to_port = 443
type = "ingress"
}
resource "aws_vpc_endpoint" "sqs_ep" {
vpc_id = "vpc-change-me"
service_name = data.aws_vpc_endpoint_service.sqs.service_name
vpc_endpoint_type = "Interface"
auto_accept = null
security_group_ids = [aws_security_group.sqs_ep.id]
subnet_ids = module.dynamic_subnets.private_subnet_ids
policy = null
private_dns_enabled = true
tags = module.label.tags
}