From 51e739ea222a11299eed14d58fe86409b318993d Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Mon, 3 May 2021 11:08:23 -0400
Subject: [PATCH] fix

---
 routing/vpc-endpoints.tf | 38 ++++++++++++++++++++++++--------------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/routing/vpc-endpoints.tf b/routing/vpc-endpoints.tf
index 227d27a..8e031bb 100644
--- a/routing/vpc-endpoints.tf
+++ b/routing/vpc-endpoints.tf
@@ -1,6 +1,12 @@
 #---
 # vpc endpoint: s3
 #---
+
+locals {
+  vpce_s3       = var.enable_vpc_endpoint_s3 ? element(concat(aws_vpc_endpoint.s3[*].id, tolist("")), 0) : ""
+  vpce_dynamodb = var.enable_vpc_endpoint_dynamodb ? element(concat(aws_vpc_endpoint.dynamodb[*].id, tolist("")), 0) : ""
+}
+
 data "aws_vpc_endpoint_service" "s3" {
   service = "s3"
   #  service_name = "com.amazonaws.${local.region}.s3"
@@ -11,20 +17,22 @@ data "aws_vpc_endpoint_service" "s3" {
 }
 
 resource "aws_vpc_endpoint" "s3" {
-  vpc_id       = aws_vpc.vpc.id
+  count        = var.enable_vpc_endpoint_s3 ? 1 : 0
+  vpc_id       = var.vpc_id
   service_name = data.aws_vpc_endpoint_service.s3.service_name
-  depends_on   = [aws_vpc.vpc]
 
   tags = merge(
-    local.common_tags,
-    map("Name", "vpce-s3-${var.vpc_full_name}-"),
+    local.base_tags,
+    local.tags,
+    map("Name", format("%v%v-%v", local._prefixes["vpc-endpoint"], "s3", var.vpc_full_name)),
   )
 }
 
 resource "aws_vpc_endpoint_route_table_association" "private_s3" {
-  count           = length(aws_route_table.private[*].id)
-  vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id  = element(aws_route_table.private[*].id, count.index)
+  for_each = var.enable_vpc_endpoint_s3 ? local.availability_zones : local.empty
+  #  vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
+  vpc_endpoint_id = local.vpce_s3
+  route_table_id  = aws_route_table.private[each.key].id
 }
 
 #---
@@ -36,18 +44,20 @@ data "aws_vpc_endpoint_service" "dynamodb" {
 }
 
 resource "aws_vpc_endpoint" "dynamodb" {
-  vpc_id       = aws_vpc.vpc.id
+  count        = var.enable_vpc_endpoint_dynamodb ? 1 : 0
+  vpc_id       = var.vpc_id
   service_name = data.aws_vpc_endpoint_service.dynamodb.service_name
-  depends_on   = [aws_vpc.vpc]
 
   tags = merge(
-    local.common_tags,
-    map("Name", "vpce-dynamodb-${var.vpc_full_name}-"),
+    local.base_tags,
+    local.tags,
+    map("Name", format("%v%v-%v", local._prefixes["vpc-endpoint"], "dynamodb", var.vpc_full_name)),
   )
 }
 
 resource "aws_vpc_endpoint_route_table_association" "private_dynamodb" {
-  count           = length(aws_route_table.private[*].id)
-  vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id  = element(aws_route_table.private[*].id, count.index)
+  for_each = var.enable_vpc_endpoint_dynamodb ? local.availability_zones : local.empty
+  #  vpc_endpoint_id = aws_vpc_endpoint.dynamodb[0].id
+  vpc_endpoint_id = local.vpce_dynamodb
+  route_table_id  = aws_route_table.private[each.key].id
 }