terraform/website/source/docs/providers/aws/r/vpc_endpoint.html.markdown

---
layout: "aws"
page_title: "AWS: aws_vpc_endpoint"
sidebar_current: "docs-aws-resource-vpc-endpoint"
description: |-
  Provides a VPC Endpoint resource.
---

# aws\_vpc\_endpoint

Provides a VPC Endpoint resource.

~> **NOTE on VPC Endpoints and VPC Endpoint Route Table Associations:** Terraform provides
both a standalone [VPC Endpoint Route Table Association](vpc_endpoint_route_table_association.html)
(an association between a VPC endpoint and a single `route_table_id`) and a VPC Endpoint resource
with a `route_table_ids` attribute. Do not use the same route table ID in both a VPC Endpoint resource
and a VPC Endpoint Route Table Association resource. Doing so will cause a conflict of associations
and will overwrite the association.

## Example Usage

Basic usage:

```
resource "aws_vpc_endpoint" "private-s3" {
  vpc_id       = "${aws_vpc.main.id}"
  service_name = "com.amazonaws.us-west-2.s3"
}
```

## Argument Reference

The following arguments are supported:

* `vpc_id` - (Required) The ID of the VPC in which the endpoint will be used.
* `service_name` - (Required) The AWS service name, in the form `com.amazonaws.region.service`.
* `policy` - (Optional) A policy to attach to the endpoint that controls access to the service.
* `route_table_ids` - (Optional) One or more route table IDs.

## Attributes Reference

The following attributes are exported:

* `id` - The ID of the VPC endpoint.
* `prefix_list_id` - The prefix list ID of the exposed service.
* `cidr_blocks` - The list of CIDR blocks for the exposed service.


## Import

VPC Endpoints can be imported using the `vpc endpoint id`, e.g.

```
$ terraform import aws_vpc_endpoint.endpoint1 vpce-3ecf2a57
```
provider/aws: Add docs for vpc_endpoint 2015-07-10 14:12:11 +02:00			`---`
			`layout: "aws"`
			`page_title: "AWS: aws_vpc_endpoint"`
			`sidebar_current: "docs-aws-resource-vpc-endpoint"`
			`description: \|-`
			`Provides a VPC Endpoint resource.`
			`---`

			`# aws\_vpc\_endpoint`

			`Provides a VPC Endpoint resource.`

Add new aws_vpc_endpoint_route_table_association resource (#10137) * Add new aws_vpc_endpoint_route_table_association resource. This commit adds a new resource which allows to a list of route tables to be either added and/or removed from an existing VPC Endpoint. This resource would also be complimentary to the existing `aws_vpc_endpoint` resource where the route tables might not be specified (not a requirement for a VPC Endpoint to be created successfully) during creation, especially where the workflow is such where the route tables are not immediately known. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> Additions by Kit Ewbank <Kit_Ewbank@hotmail.com>: * Add functionality * Add documentation * Add acceptance tests * Set VPC endpoint route_table_ids attribute to "Computed" * Changes after review - Set resource ID in create function. * Changes after code review by @kwilczynski: * Removed error types and simplified the error handling in 'resourceAwsVPCEndpointRouteTableAssociationRead' * Simplified logging in 'resourceAwsVPCEndpointRouteTableAssociationDelete' 2016-12-05 13:55:37 +01:00			`~> NOTE on VPC Endpoints and VPC Endpoint Route Table Associations: Terraform provides`
			`both a standalone [VPC Endpoint Route Table Association](vpc_endpoint_route_table_association.html)`
			(an association between a VPC endpoint and a single `route_table_id`) and a VPC Endpoint resource
			with a `route_table_ids` attribute. Do not use the same route table ID in both a VPC Endpoint resource
			`and a VPC Endpoint Route Table Association resource. Doing so will cause a conflict of associations`
			`and will overwrite the association.`

provider/aws: Add docs for vpc_endpoint 2015-07-10 14:12:11 +02:00			`## Example Usage`

			`Basic usage:`

			```
			`resource "aws_vpc_endpoint" "private-s3" {`
website/docs: Run `terraform fmt` on code examples (#12075) * docs/vsphere: Fix code block * docs: Convert `...` to `# ...` to allow `terraform fmt`ing * docs: Trim trailing whitespace * docs: First-pass run of `terraform fmt` on code examples 2017-02-18 23:48:50 +01:00			`vpc_id = "${aws_vpc.main.id}"`
			`service_name = "com.amazonaws.us-west-2.s3"`
provider/aws: Add docs for vpc_endpoint 2015-07-10 14:12:11 +02:00			`}`
			```

			`## Argument Reference`

			`The following arguments are supported:`

			* `vpc_id` - (Required) The ID of the VPC in which the endpoint will be used.
			* `service_name` - (Required) The AWS service name, in the form `com.amazonaws.region.service`.
correct policy_document to policy in vpc_endpoint docs 2015-09-24 16:58:58 +02:00			* `policy` - (Optional) A policy to attach to the endpoint that controls access to the service.
provider/aws: Add docs for vpc_endpoint 2015-07-10 14:12:11 +02:00			* `route_table_ids` - (Optional) One or more route table IDs.

			`## Attributes Reference`

			`The following attributes are exported:`

			* `id` - The ID of the VPC endpoint.
Add 'prefix_list_id' exported attribute to AWS VPC Endpoint 'prefix_list_id' can be used in egress rules in VPC security groups. 2016-06-06 12:02:07 +02:00			* `prefix_list_id` - The prefix list ID of the exposed service.
provider/aws Return service CIDR blocks from aws_vpc_endpoint resource. (#10254) 2016-11-21 09:43:56 +01:00			* `cidr_blocks` - The list of CIDR blocks for the exposed service.
Website: Adding an import section to the bottom of the page of importable resources (#7703) * docs/digitalocean: Adding an import section to the bottom of the DO importable resources * docs/azurerm: Adding the Import sections for the AzureRM Importable resources * docs/aws: Adding the import sections to the AWS provider pages 2016-07-19 18:22:30 +02:00

			`## Import`

Add new aws_vpc_endpoint_route_table_association resource (#10137) * Add new aws_vpc_endpoint_route_table_association resource. This commit adds a new resource which allows to a list of route tables to be either added and/or removed from an existing VPC Endpoint. This resource would also be complimentary to the existing `aws_vpc_endpoint` resource where the route tables might not be specified (not a requirement for a VPC Endpoint to be created successfully) during creation, especially where the workflow is such where the route tables are not immediately known. Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com> Additions by Kit Ewbank <Kit_Ewbank@hotmail.com>: * Add functionality * Add documentation * Add acceptance tests * Set VPC endpoint route_table_ids attribute to "Computed" * Changes after review - Set resource ID in create function. * Changes after code review by @kwilczynski: * Removed error types and simplified the error handling in 'resourceAwsVPCEndpointRouteTableAssociationRead' * Simplified logging in 'resourceAwsVPCEndpointRouteTableAssociationDelete' 2016-12-05 13:55:37 +01:00			VPC Endpoints can be imported using the `vpc endpoint id`, e.g.
Website: Adding an import section to the bottom of the page of importable resources (#7703) * docs/digitalocean: Adding an import section to the bottom of the DO importable resources * docs/azurerm: Adding the Import sections for the AzureRM Importable resources * docs/aws: Adding the import sections to the AWS provider pages 2016-07-19 18:22:30 +02:00
			```
documentation/aws: More additions of Import documention to the AWS (#7729) resources 2016-07-21 00:28:59 +02:00			`$ terraform import aws_vpc_endpoint.endpoint1 vpce-3ecf2a57`
Correct 'VPN Endpoints' to 'VPC Endpoints' (#9887) 2016-11-04 20:47:52 +01:00			```