Merge pull request #4799 from vincepri/delete-vpc-endpoint-cond

k8s-ci-robot · web-flow · commit 66bb485dfe2c · 2024-02-20T09:21:26.000-08:00
🐛 Delete VPC endpoints only if s3 bucket is enabled
diff --git a/controllers/awscluster_controller_test.go b/controllers/awscluster_controller_test.go
@@ -1437,24 +1437,6 @@ func mockedDeleteVPCCallsForNonExistentVPC(m *mocks.MockEC2APIMockRecorder) {
 }
 
 func mockedDeleteVPCCalls(m *mocks.MockEC2APIMockRecorder) {
-	m.DescribeVpcEndpointsPages(gomock.Eq(&ec2.DescribeVpcEndpointsInput{
-		Filters: []*ec2.Filter{
-			{
-				Name:   aws.String("vpc-id"),
-				Values: aws.StringSlice([]string{"vpc-exists"}),
-			},
-		}}),
-		gomock.Any()).Do(func(_, y interface{}) {
-		funct := y.(func(page *ec2.DescribeVpcEndpointsOutput, lastPage bool) bool)
-		funct(&ec2.DescribeVpcEndpointsOutput{VpcEndpoints: []*ec2.VpcEndpoint{{
-			VpcEndpointId: aws.String("vpce-12345"),
-		}}}, true)
-	}).Return(nil).AnyTimes()
-
-	m.DeleteVpcEndpoints(gomock.Eq(&ec2.DeleteVpcEndpointsInput{
-		VpcEndpointIds: aws.StringSlice([]string{"vpce-12345"}),
-	})).Return(&ec2.DeleteVpcEndpointsOutput{}, nil).AnyTimes()
-
 	m.DescribeSubnetsWithContext(context.TODO(), gomock.Eq(&ec2.DescribeSubnetsInput{
 		Filters: []*ec2.Filter{
 			{
diff --git a/pkg/cloud/services/network/vpc.go b/pkg/cloud/services/network/vpc.go
@@ -276,6 +276,15 @@ func (s *Service) deleteVPCEndpoints() error {
 		return nil
 	}
 
+	// Gather all services that might have been enabled.
+	services := sets.New[string]()
+	if s.scope.Bucket() != nil {
+		services.Insert(fmt.Sprintf("com.amazonaws.%s.s3", s.scope.Region()))
+	}
+	if services.Len() == 0 {
+		return nil
+	}
+
 	// Get all existing endpoints.
 	endpoints, err := s.describeVPCEndpoints()
 	if err != nil {
