Add a new data source for aws_ec2_instance_connect_endpoint

[bozzaj]

Description

Typically, an EC2 instance connect endpoint is created at the VPC level. If there is the need to get the information about the endpoint in a separate terraform plan, there doesn't seem to be a way to get that information. For example, if one wanted to create a security group in a separate terraform plan that allowed access from the network range used by the EC2 instance connect endpoint.

I'm requested a data source for aws_ec2_instance_connect_endpoint (and maybe aws_ec2_instance_connect_endpoints) The API seems to support filters (and ids) to return the data.

Affected Resource(s) or Data Source(s)

• aws_ec2_instance_connect_endpoint
• aws_ec2_instance_connect_endpoints (might not be necessary, since you typically only need information about a single EICE)

Potential Terraform Configuration

data "aws_ec2_instance_connect_endpoint" "eice" {
   vpc_id = var.vpcId
}

data "aws_ec2_instance_connect_endpoint" "eice_prod" {
   filter {
      name = "tag:Env"
      values = ["prod"]
   }
}

# The filters in the documentation support id, state, subnet-id, tags, and vpc-id. 
# I formed the above to be similar to other data sources that separate id, 
# vpc_id, etc., out of the filters

data "aws_ec2_instance_connect_endpoints" "eices" {
   filter {
      name = "tag:Product"
      values = ["product1","product2"]
   }
}

# In my use case, I would only need a single EICE, but I can see the possible need for getting multiples

Potential usage for data resource:

data "aws_ec2_instance_connect_endpoint" "eice" {
   vpc_id = var.vpcId
}

data "aws_subnet" "eice_subnet" {
   id = data.aws_ec2_instance_connect_endpoint.eice.subnet_id
}

resource "aws_vpc_security_group_ingress_rule" "sg" {
  security_group_id = aws_security_group.ec2.id
  from_port = 22
  to_port = 22
  ip_protocol = "tcp"
  cidr_ipv4 = data.aws_subnet.eice_subnet.cidr_block
}

References

Input and output show the parameters and properties necessary to support the data sources
https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/ec2#Client.DescribeInstanceConnectEndpoints

Would you like to implement the enhancement?

No

[github-actions]

Community Guidelines

This comment is added to every new Issue to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

• Please vote on this Issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
• Please see our prioritization guide for additional information on how the maintainers handle prioritization.
• Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Issue and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.
• For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.