fix: (PSKD-494) AWS - private endpoint type for S3 should be of type Interface #295
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary:
Revise a previously made update to the type for the s3 private endpoint used in private EKS clusters.
Issue Description: Be default, the viya4-iac-aws project should create the s3 private endpoint with a type of "interface". Currently, viya4-iac-aws creates a s3 private endpoint with a type of "gateway" for use with private EKS clusters. IAC-729 incorrectly advised that the s3 private endpoint should be changed to a type of "gateway". That could work, but additional more complex routing configuration not already present in the project would be required in order for the s3 private endpoint to work with a type "gateway".
Additional testing since then has shown that the existing "interface" type for the s3 private endpoint is sufficient and works as intended, so this work item will revert the ill-advised change originally requested by IAC-729.
Tests
Use IAC AWS (Run a terraform apply command, BYON = 0) to successfully create an EKS K8S cluster with the configuration variable
cluster_api_modeset to the following values: