{"id":20770664,"url":"https://github.com/ably/terraform-aws-privatelink","last_synced_at":"2026-03-19T17:27:02.032Z","repository":{"id":37928774,"uuid":"479042714","full_name":"ably/terraform-aws-privatelink","owner":"ably","description":"Terraform Module for creating resources to communicate with Ably via AWS PrivateLink","archived":false,"fork":false,"pushed_at":"2023-12-18T15:41:27.000Z","size":20,"stargazers_count":1,"open_issues_count":0,"forks_count":2,"subscribers_count":22,"default_branch":"main","last_synced_at":"2025-01-18T07:11:59.791Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ably.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-07T15:25:59.000Z","updated_at":"2024-11-26T11:05:46.000Z","dependencies_parsed_at":"2024-11-17T12:11:16.138Z","dependency_job_id":null,"html_url":"https://github.com/ably/terraform-aws-privatelink","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ably%2Fterraform-aws-privatelink","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ably%2Fterraform-aws-privatelink/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ably%2Fterraform-aws-privatelink/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ably%2Fterraform-aws-privatelink/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ably","download_url":"https://codeload.github.com/ably/terraform-aws-privatelink/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243104204,"owners_count":20236943,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-17T12:11:11.676Z","updated_at":"2026-01-28T00:10:57.263Z","avatar_url":"https://github.com/ably.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# [Ably](https://www.ably.io)\n\n\\_[Ably](https://ably.com) is the platform that powers synchronized digital experiences in realtime. Whether attending an event in a virtual venue, receiving realtime financial information, or monitoring live car performance data – consumers simply expect realtime digital experiences as standard. Ably provides a suite of APIs to build, extend, and deliver powerful digital experiences in realtime for more than 250 million devices across 80 countries each month. Organizations like Bloomberg, HubSpot, Verizon, and Hopin depend on Ably’s platform to offload the growing complexity of business-critical realtime data synchronization at global scale. For more information, see the [Ably documentation](https://ably.com/documentation).\\_\n\n# Ably Privatelink Connections\n\nUse this module to configure private inter-VPC communication with Ably using AWS PrivateLink.\n\n**NOTE:** You need an active Ably account and will need to engage with Ably's SRE team to make use of this module.\n\nFor PrivateLink documentation, see [AWS PrivateLink](https://aws.amazon.com/privatelink)\n\n## Pre-requisites\n\nBefore you can use this module, you will need to go through some setup with your Ably account manager. This includes providing the IDs of the AWS accounts you expect to make PrivateLink connections from, and agreeing which AWS regions and availability zones you will ll be connecting from. Once you have completed that setup, you will then need to create VPCs and subnets in those availability zones, and pass their IDs to the module as Terraform variables vpc\\_id and subnet\\_ids.\n\n## Infrastructure created by this module\n\nThis module will provision the following infrastructure:\n\n- VPC Endpoint (Type = Interface) (Includes IP address per subnet/AZ specified)\n- VPC Endpoint Security Group\n- VPC Endpoint Security Group Rules (to allow HTTP and HTTPS traffic)\n\n## Verifying that your VPC Endpoint is responding to requests\n\nOnce you have successfully applied the module, you can verify that the VPC endpoint is working correctly by running the following curl command from within your VPC.\n\n```bash\ncurl -Iv http://{Your VPC Endpoint IP}/health.\n```\nYou should receive an HTTP 200 status code with the body of the response containing the phrase 'Ably Up'.\n\nDocumentation on troubleshooting AWS Interface VPC endpoints can be found here - [Troubleshooting Interface VPC Endpoints](https://aws.amazon.com/premiumsupport/knowledge-center/connect-endpoint-service-vpc/).\n\n## Usage\n\n```terraform\nmodule \"ably_privatelink\" {\n  source                          = \"ably/terraform-aws-privatelink\"\n  version                         = \"0.0.1\"\n  vpc_id                          = \"vpc_id\"\n  ably_vpc_service_endpoint_name  = \"vpc_service_endpoint\"\n  subnet_ids                      = ['subnet_id']\n  vpc_endpoint_sg_name            = \"ably-privatelink-vpc-endpoint-sg\"\n  vpc_endpoint_sg_description     = \"Ably PrivateLink VPC Endpoint SG\"\n  https_ingress_allowed_ipv4_cidr = [\"10.0.0.0/8\"]\n  http_ingress_allowed_ipv4_cidr  = [\"10.0.0.0/8\"]\n  https_ingress_allowed_ipv6_cidr = []\n  http_ingress_allowed_ipv6_cidr  = []\n  egress_allowed_ipv4_cidr        = [\"0.0.0.0/0\"]\n  egress_allowed_ipv6_cidr        = [\"::/0\"]\n}\n```\n\n## Support, feedback and troubleshooting\n\nPlease visit http://support.ably.io/ for access to our knowledgebase and to ask for any assistance.\n\nYou can also view the community reported Github issues.\n\n## Contributing\n\nFor guidance on how to contribute to this project, see [CONTRIBUTING.md](CONTRIBUTING.md).\n\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | ~\u003e 5.0 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | ~\u003e 5.0 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_security_group.vpc_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_vpc_endpoint.ably](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_ably_vpc_service_endpoint_name\"\u003e\u003c/a\u003e [ably\\_vpc\\_service\\_endpoint\\_name](#input\\_ably\\_vpc\\_service\\_endpoint\\_name) | The VPC Service Endpoint Name. This value will be provided to you by Ably | `string` | n/a | yes |\n| \u003ca name=\"input_egress_allowed_ipv4_cidr\"\u003e\u003c/a\u003e [egress\\_allowed\\_ipv4\\_cidr](#input\\_egress\\_allowed\\_ipv4\\_cidr) | A list of allowed IPV4 CIDRs for egress on the VPC Endpoint | `list(string)` | `[]` | no |\n| \u003ca name=\"input_egress_allowed_ipv6_cidr\"\u003e\u003c/a\u003e [egress\\_allowed\\_ipv6\\_cidr](#input\\_egress\\_allowed\\_ipv6\\_cidr) | A list of allowed IPV6 CIDRs for egress on the VPC Endpoint | `list(string)` | `[]` | no |\n| \u003ca name=\"input_http_ingress_allowed_ipv4_cidr\"\u003e\u003c/a\u003e [http\\_ingress\\_allowed\\_ipv4\\_cidr](#input\\_http\\_ingress\\_allowed\\_ipv4\\_cidr) | A list of allowed IPV4 CIDRs for HTTP (Port 80) ingress on the VPC Endpoint | `list(string)` | `[]` | no |\n| \u003ca name=\"input_http_ingress_allowed_ipv6_cidr\"\u003e\u003c/a\u003e [http\\_ingress\\_allowed\\_ipv6\\_cidr](#input\\_http\\_ingress\\_allowed\\_ipv6\\_cidr) | A list of allowed IPV6 CIDRs for HTTP (Port 80) ingress on the VPC Endpoint | `list(string)` | `[]` | no |\n| \u003ca name=\"input_https_ingress_allowed_ipv4_cidr\"\u003e\u003c/a\u003e [https\\_ingress\\_allowed\\_ipv4\\_cidr](#input\\_https\\_ingress\\_allowed\\_ipv4\\_cidr) | A list of allowed IPV4 CIDRs for HTTPS (Port 443) ingress on the VPC Endpoint | `list(string)` | `[]` | no |\n| \u003ca name=\"input_https_ingress_allowed_ipv6_cidr\"\u003e\u003c/a\u003e [https\\_ingress\\_allowed\\_ipv6\\_cidr](#input\\_https\\_ingress\\_allowed\\_ipv6\\_cidr) | A list of allowed IPV6 CIDRs for HTTPS (Port 443) ingress on the VPC Endpoint | `list(string)` | `[]` | no |\n| \u003ca name=\"input_subnet_ids\"\u003e\u003c/a\u003e [subnet\\_ids](#input\\_subnet\\_ids) | A list of subnet IDs to create a network interface for the VPC Endpoint | `list(string)` | n/a | yes |\n| \u003ca name=\"input_vpc_endpoint_sg_description\"\u003e\u003c/a\u003e [vpc\\_endpoint\\_sg\\_description](#input\\_vpc\\_endpoint\\_sg\\_description) | Human readable description for the VPC Endpoint Security Group | `string` | `\"Ably VPC Endpoint Security Group\"` | no |\n| \u003ca name=\"input_vpc_endpoint_sg_name\"\u003e\u003c/a\u003e [vpc\\_endpoint\\_sg\\_name](#input\\_vpc\\_endpoint\\_sg\\_name) | Human readable name for the VPC Endpoint Security Group | `string` | `\"ably-privatelink-vpc-endpoint-sg\"` | no |\n| \u003ca name=\"input_vpc_endpoint_sg_tag_name\"\u003e\u003c/a\u003e [vpc\\_endpoint\\_sg\\_tag\\_name](#input\\_vpc\\_endpoint\\_sg\\_tag\\_name) | Human readable name for your VPC Endpoint Security Group | `string` | `\"ably-privatelink-vpc-endpoint-sg\"` | no |\n| \u003ca name=\"input_vpc_endpoint_type\"\u003e\u003c/a\u003e [vpc\\_endpoint\\_type](#input\\_vpc\\_endpoint\\_type) | The VPC Endpoint Type. Will always be Interface | `string` | `\"Interface\"` | no |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | The ID of your VPC | `string` | n/a | yes |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_vpc_endpoint_dns_hosted_zone_id\"\u003e\u003c/a\u003e [vpc\\_endpoint\\_dns\\_hosted\\_zone\\_id](#output\\_vpc\\_endpoint\\_dns\\_hosted\\_zone\\_id) | The Hosted Zone ID for your VPC Endpoint |\n| \u003ca name=\"output_vpc_endpoint_dns_name\"\u003e\u003c/a\u003e [vpc\\_endpoint\\_dns\\_name](#output\\_vpc\\_endpoint\\_dns\\_name) | DNS Name of your VPC Endpoint |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fably%2Fterraform-aws-privatelink","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fably%2Fterraform-aws-privatelink","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fably%2Fterraform-aws-privatelink/lists"}