Merge pull request #360 from ministryofjustice/nd-510

Added route for s3 endpoint

modules/servers_vpc/endpoints.tf

@@ -55,10 +55,23 @@ resource "aws_vpc_endpoint" "monitoring" {
 
 
 resource "aws_vpc_endpoint" "s3" {
-  vpc_id          = module.vpc.vpc_id
-  route_table_ids = module.vpc.private_route_table_ids
-  service_name    = "com.amazonaws.${var.region}.s3"
-  tags            = var.tags
+  vpc_id = module.vpc.vpc_id
+  route_table_ids = concat(
+    module.vpc.private_route_table_ids,
+    module.vpc.public_route_table_ids
+  )
+  service_name = "com.amazonaws.${var.region}.s3"
+  tags         = var.tags
+}
+
+resource "aws_vpc_endpoint" "sts" {
+  vpc_id              = module.vpc.vpc_id
+  subnet_ids          = module.vpc.public_subnets
+  service_name        = "com.amazonaws.${var.region}.sts"
+  vpc_endpoint_type   = "Interface"
+  private_dns_enabled = true
+  security_group_ids  = [aws_security_group.endpoints.id]
+  tags                = var.tags
 }