fix(ec2): global vpc endpoint support

[nmussy]

Issue # (if applicable)

Closes #29560.

Reason for this change

The service name generated by the CDK for global VPC endpoints was incorrect, as it contained the stack's region:

$ aws ec2 describe-vpc-endpoint-services --region=us-east-1 --service-names=com.amazonaws.s3-global.accesspoint | jq '.ServiceDetails[] | .ServiceName'

"com.amazonaws.s3-global.accesspoint"

new CfnOutput(this, "endpoint", {
	value: ec2.InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS.name,
});

// TestDeployStack.endpoint = com.amazonaws.eu-west-1.s3-global.accesspoint

In addition, another global endpoint was missing from InterfaceVpcEndpointAwsService.

Description of changes

• The InterfaceVpcEndpointAwsService constructor was modified to
  • I would have preferred to switch to a single object for the optional constructor properties (prefix, port, and now global), but couldn't make a breaking change to a publicly accessible constructor
• InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS was changed to be a global VPC endpoint
• InterfaceVpcEndpointAwsService.CODECATALYST was added

Description of how you validated changes

I've added a unit test to check that the global endpoints' name were set correctly.

I also added an integration test for InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS.
To test it, I created a publicly accessible EC2 instance on the VPC, connected to it and ran nslookup accesspoint.s3-global.amazonaws.com to make sure it was resolvable (see Configuring a Multi-Region Access Point for use with AWS PrivateLink):

Without the InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS interface endpoint:

$ nslookup accesspoint.s3-global.amazonaws.com
Server:         10.0.0.2
Address:        10.0.0.2#53

Non-authoritative answer:
*** Can't find accesspoint.s3-global.amazonaws.com: No answer

With the InterfaceVpcEndpointAwsService.S3_MULTI_REGION_ACCESS_POINTS interface endpoint:

$ nslookup accesspoint.s3-global.amazonaws.com
Server:         10.0.0.2
Address:        10.0.0.2#53

Non-authoritative answer:
Name:   accesspoint.s3-global.amazonaws.com
Address: 10.0.156.75
Name:   accesspoint.s3-global.amazonaws.com
Address: 10.0.246.83

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[aws-cdk-automation]

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

[msambol]

@nmussy want to rebase this and i'll take a look?

[nmussy]

@msambol Should be good to go, thanks 👍

[msambol]

LGTM

[msambol]

NIce! Thanks.

[aaythapa]

Thanks for making this change! Just one nit and question

[aaythapa]

I would have preferred to switch to a single object for the optional constructor properties (prefix, port, and now global), but couldn't make a breaking change to a publicly accessible constructor

Not sure I fully understand this part of the description, could you elaborate? Did you want to add prefix, port and global as one props like object?

[nmussy]

Did you want to add prefix, port and global as one props like object?

Ideally, yes. The Props interface we ended up with still leaves us with undefined args before it, but changing that would cause a breaking change. We could have a factory function I suppose, but I would require storing the global property to allow the constructor to access it.

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[msambol]

@Mergifyio refresh

[mergify]

refresh

❌ Command disallowed due to command restrictions in the Mergify configuration.

Details

• any of:
  • sender-permission>=write
  • sender={{author}}

[nmussy]

@Mergifyio refresh

[mergify]

refresh

✅ Pull request refreshed

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 5f4a42d
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[nmussy]

@Mergifyio refresh

[mergify]

refresh

✅ Pull request refreshed