Consolidates VPC Endpoints back into the module

Better to break things now.

Note: When applying, terraform will error out on the first run (when
it's destroying the old endpoints), but if you run it again, it will
create the new ones successfully.

Not goign to be tagged yet, but will eventually be part of v0.9.4

base/standard_vpc/main.tf

@@ -36,20 +36,54 @@ module "vpc" {
   enable_nat_gateway = false
   enable_vpn_gateway = false
   enable_dns_hostnames = true
-  enable_s3_endpoint = true
-  enable_dynamodb_endpoint = true
-  enable_sts_endpoint = true
-  enable_kms_endpoint = true
   enable_dhcp_options = true
 
+  
+  # Endpoints without a DNS setting
+  enable_dynamodb_endpoint = true
+  enable_s3_endpoint = true
+
+  # Endpoints with a dns setting
   enable_ec2_endpoint              = true
   ec2_endpoint_private_dns_enabled = true
-  kms_endpoint_private_dns_enabled = true
-  sts_endpoint_private_dns_enabled = true
   ec2_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_ec2messages_endpoint = true
+  ec2messages_endpoint_private_dns_enabled = true
+  ec2messages_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_ecr_api_endpoint = true
+  ecr_api_endpoint_private_dns_enabled = true
+  ecr_api_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_ecr_dkr_endpoint = true
+  ecr_dkr_endpoint_private_dns_enabled = true
+  ecr_dkr_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_kms_endpoint = true
+  kms_endpoint_private_dns_enabled = true
   kms_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_logs_endpoint = true
+  logs_endpoint_private_dns_enabled = true
+  logs_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_ssm_endpoint = true
+  ssm_endpoint_private_dns_enabled = true
+  ssm_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_ssmmessages_endpoint = true
+  ssmmessages_endpoint_private_dns_enabled = true
+  ssmmessages_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
+  enable_sts_endpoint = true
+  sts_endpoint_private_dns_enabled = true
   sts_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
 
+  enable_monitoring_endpoint = true
+  monitoring_endpoint_private_dns_enabled = true
+  monitoring_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
+
   dhcp_options_domain_name = var.dns_info["private"]["zone"]
   dhcp_options_domain_name_servers = var.dns_servers
   dhcp_options_ntp_servers = [ "169.254.169.123" ]
@@ -71,91 +105,3 @@ resource "aws_flow_log" "flowlogs" {
   vpc_id          = module.vpc.vpc_id
   tags            = merge(var.standard_tags, var.tags)
 }
-
-
-resource "aws_vpc_endpoint" "ec2messages" {
-  vpc_id            = module.vpc.vpc_id
-  service_name      = "com.amazonaws.${var.aws_region}.ec2messages"
-  vpc_endpoint_type = "Interface"
-
-  subnet_ids = slice(module.vpc.public_subnets,0,3)
-  security_group_ids = [
-    module.aws_endpoints_sg.this_security_group_id
-  ]
-  private_dns_enabled = true
-}
-
-resource "aws_vpc_endpoint" "ssm" {
-  vpc_id            = module.vpc.vpc_id
-  service_name      = "com.amazonaws.${var.aws_region}.ssm"
-  vpc_endpoint_type = "Interface"
-
-  subnet_ids = slice(module.vpc.public_subnets,0,3)
-  security_group_ids = [
-    module.aws_endpoints_sg.this_security_group_id
-  ]
-  private_dns_enabled = true
-}
-data "aws_vpc_endpoint_service" "ecr_api_endpoint" {
-  service = "ecr.api"
-}
-
-data "aws_vpc_endpoint_service" "ecr_dkr_endpoint" {
-  service = "ecr.dkr"
-}
-
-resource "aws_vpc_endpoint" "ecr_api" {
-  vpc_id             = module.vpc.vpc_id
-  service_name       = data.aws_vpc_endpoint_service.ecr_api_endpoint.service_name
-  vpc_endpoint_type  = "Interface"
-
-  subnet_ids         = module.vpc.private_subnets
-  security_group_ids = [
-    module.aws_endpoints_sg.this_security_group_id
-  ]
-  private_dns_enabled = true
-}
-
-resource "aws_vpc_endpoint" "ecr_dkr" {
-  vpc_id             = module.vpc.vpc_id
-  service_name       = data.aws_vpc_endpoint_service.ecr_dkr_endpoint.service_name
-  vpc_endpoint_type  = "Interface"
-
-  subnet_ids         = module.vpc.private_subnets
-  security_group_ids = [
-    module.aws_endpoints_sg.this_security_group_id
-  ]
-  private_dns_enabled = true
-}
-
-data "aws_vpc_endpoint_service" "logs_endpoint" {
-  service = "logs"
-}
-
-resource "aws_vpc_endpoint" "logs" {
-  vpc_id             = module.vpc.vpc_id
-  service_name       = data.aws_vpc_endpoint_service.logs_endpoint.service_name
-  vpc_endpoint_type  = "Interface"
-
-  subnet_ids         = module.vpc.private_subnets
-  security_group_ids = [
-    module.aws_endpoints_sg.this_security_group_id
-  ]
-  private_dns_enabled = true
-}
-
-data "aws_vpc_endpoint_service" "monitoring_endpoint" {
-  service = "monitoring"
-}
-
-resource "aws_vpc_endpoint" "monitoring" {
-  vpc_id             = module.vpc.vpc_id
-  service_name       = data.aws_vpc_endpoint_service.monitoring_endpoint.service_name
-  vpc_endpoint_type  = "Interface"
-
-  subnet_ids         = module.vpc.private_subnets
-  security_group_ids = [
-    module.aws_endpoints_sg.this_security_group_id
-  ]
-  private_dns_enabled = true
-}