Allow optional creation of S3 endpoint association for database subnets

[grozdz]

Currenly, VPC module allows to create S3 endpoint for private and public subnets (optionally). It would be great to add possibility to create such endpoint (route table association) for database subnets as well. This could be very useful for enabling S3 access from RDS via S3 endpoint like described here: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.SaveIntoS3.html
and there:
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Integrating.Authorizing.Network.html

I think it could be done by simple code like:

  count = var.create_vpc && var.enable_s3_endpoint && var.enable_database_s3_endpoint && length(var.database_subnets) > 0 && var.s3_endpoint_type == "Gateway" ? local.nat_gateway_count : 0

  vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
  route_table_id  = element(aws_route_table.database.*.id, count.index)
}

in vpc-endpoints.tf.

BR
Grzegorz

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.