Open hoegertn opened 5 years ago
@hoegertn I dont suppose you have an example of that custom resource to save me re-inventing the wheel? Thanks.
Yes, being able to get these IPs easily and throw them in an NLB TargetGroup would be very handy. Off to write a custom resource to look them up. sigh
I am also facing the same issue, I am trying to create a IP Target group to include VPC endpoint ENI IPs using cloud formation. with the GetAtt i could get the DNS but as mentioned above there is some scenarios we need the IPs.
For interface typed VPC endpoints it would be good to have the private IPs of the ENIs as an attribute accessible via !GetAtt.
For several use cases, DNS names are not enough and you need the IP of the ENI.
Currently, this can only be solved by a custom resource that takes the ENIs (
!GetAtt VPCE.NetworkInterfaceIds
) and resolves them to IPs.https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html
Category: Networking & Content (VPC, Route53, API GW,...)
@hoegertn Could you please specify that custom resource? I am also looking for a solution of this problem
Our use case would be using the VPCE private ip for a subnet NACL rules.
+1 I would also like to see this as I'm attaching an NLB in front of an IOT Core MQTT endpoint that's accessed over a direct connect (because reasons)
The diagram of your architecture here. https://docs.aws.amazon.com/whitepapers/latest/best-practices-api-gateway-private-apis-integration/rest-api.html#private-integration Would require a return of IP addresses. Otherwise it is done with a Custom Resource.
+1 would also love to have this!
+1
+1
+1
+1
+1
Four years and no progress at all? I want to connect a NLB to an API Gateway ( https://docs.aws.amazon.com/whitepapers/latest/best-practices-api-gateway-private-apis-integration/rest-api.html#private-integration ) and it seems that I must use a Custom Resource.
For interface typed VPC endpoints it would be good to have the private IPs of the ENIs as an attribute accessible via !GetAtt.
For several use cases, DNS names are not enough and you need the IP of the ENI.
Currently, this can only be solved by a custom resource that takes the ENIs (
!GetAtt VPCE.NetworkInterfaceIds
) and resolves them to IPs.https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html
Category: Networking & Content (VPC, Route53, API GW,...)