Feature Request: Support AWS RAM Resource Sharing for VPC Lattice Services in Gateway API Controller #697
Description
The Gateway API controller automatically associates VPC Lattice services with a service network. However, according to the AWS documentation on the "Centralized VPC Lattice service network" model, providers are encouraged to share VPC Lattice services across different accounts using AWS RAM. This means the service should first be shared with the network account, allowing them to handle network associations, see Centralized VPC Lattice service network.
Currently, the Gateway API controller does not support this AWS RAM sharing process. As a result, it automatically tries to associate the VPC Lattice service with the service network, which limits the ability to follow the recommended centralized management approach.
It would be great to have the option in the Gateway API controller to create an AWS RAM resource share for VPC Lattice services created via HTTPRoute. This feature would enable:
- Providers to share VPC Lattice services with a specified network account via AWS RAM.
- The network management account to handle service network associations independently using their own automation tools.
There's already an ongoing issue focused on preventing automatic network associations for VPC Lattice services, which you can track here: #691