Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement]: aws_vpc_endpoint_service auto reject existing connection when principal is removed #37260

Open
marcaurele opened this issue May 3, 2024 · 1 comment
Open

[Enhancement]: aws_vpc_endpoint_service auto reject existing connection when principal is removed #37260

marcaurele opened this issue May 3, 2024 · 1 comment
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/vpc Issues and PRs that pertain to the vpc service.

Comments

@marcaurele
Copy link

Description

Currently when a principal is removed from the list of allowed ones, if there is an existing endpoint connection with that account, it remains active. There is no way to forcefully close an endpoint with the provider currently.

It would be good to be able to automatically reject any existing endpoint connections with a principal that is being removed from the list of allowed ones, to forcefully close the connection.

Affected Resource(s) and/or Data Source(s)

  • aws_vpc_endpoint_service

Potential Terraform Configuration

resource "aws_vpc_endpoint_service" "example" {
  acceptance_required         = false
  network_load_balancer_arns  = [aws_lb.example.arn]
  allowed_principals          = [...]
  reject_on_principal_removal = true
}

References

No response

Would you like to implement a fix?

None
@marcaurele marcaurele added the enhancement Requests to existing resources that expand the functionality or scope. label May 3, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented May 3, 2024

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@github-actions github-actions bot added the service/vpc Issues and PRs that pertain to the vpc service. label May 3, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label May 3, 2024
@marcaurele marcaurele changed the title [Enhancement]: auto reject existing connection when principal is removed [Enhancement]: aws_vpc_endpoint_service auto reject existing connection when principal is removed May 3, 2024
@justinretzolk justinretzolk removed the needs-triage Waiting for first response or review from a maintainer. label May 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/vpc Issues and PRs that pertain to the vpc service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marcaurele @justinretzolk