From fde0732b0bc5c799e9fb452fc44c64d6babbb6bb Mon Sep 17 00:00:00 2001
From: Gezi-lzq <lzqtxwd@gmail.com>
Date: Thu, 12 Dec 2024 20:02:02 +0800
Subject: [PATCH] feat: add S3 table VPC endpoint configuration (#24)

* feat: add .gitignore to exclude sensitive and environment-specific files

* feat: update .gitignore to exclude all Terraform files

* feat: add S3 table VPC endpoint configuration in aws.tf
---
 .gitignore  | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 aws.tf      | 18 ++++++++++++++++++
 2 files changed, 64 insertions(+)
 create mode 100644 .gitignore 

diff --git a/.gitignore  b/.gitignore 
new file mode 100644
index 0000000..1dc7ffa
--- /dev/null
+++ b/.gitignore 	
@@ -0,0 +1,46 @@
+# Terraform files
+**/.terraform/*
+.terraform.lock.hcl
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# passwords, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform/*
+
+# Ignore editor config files
+.editorconfig
+
+# Ignore pre-commit config
+.pre-commit-config.yaml
+
+# Ignore release config
+.releaserc.json
+
+# Ignore GitHub workflows
+.github/
+
+# Ignore OS-specific files
+.DS_Store
+Thumbs.db
+
+# Ignore IDE-specific files
+.vscode/
+.idea/
\ No newline at end of file
diff --git a/aws.tf b/aws.tf
index 15ea537..d581e4b 100644
--- a/aws.tf
+++ b/aws.tf
@@ -119,6 +119,24 @@ resource "aws_vpc_endpoint" "s3_endpoint" {
   }
 }
 
+resource "aws_vpc_endpoint" "s3table_endpoint" {
+  count = var.create_new_vpc ? 1 : 0
+
+  vpc_id             = module.automq_byoc_vpc[0].vpc_id
+  service_name       = "com.amazonaws.${var.cloud_provider_region}.s3tables"
+  vpc_endpoint_type  = "Interface"
+  security_group_ids = [aws_security_group.vpc_endpoint_sg[0].id]
+  subnet_ids         = module.automq_byoc_vpc[0].private_subnets
+
+  private_dns_enabled = true
+
+  tags = {
+    Name                = "automq-byoc-ec2-endpoint-${var.automq_byoc_env_id}"
+    automqVendor        = "automq"
+    automqEnvironmentID = var.automq_byoc_env_id
+  }
+}
+
 locals {
   automq_byoc_vpc_id                       = var.create_new_vpc ? module.automq_byoc_vpc[0].vpc_id : var.automq_byoc_vpc_id
   automq_byoc_env_console_public_subnet_id = var.create_new_vpc ? element(module.automq_byoc_vpc[0].public_subnets, 0) : var.automq_byoc_env_console_public_subnet_id