MWAA - Check Service Vpc Endpoints showing wrong results

[cbroggi]

Function check_service_vpc_endpoints returns wrong information, mentioning that not all vpc endpoints are associated with the corresponding subnets used in the environment creation of mwaa.

Context:

• I created VPC endpoints of the following services: s3, ecr, kms, sqs, monitoring, airflow.api, airflow.env, airflow.ops
• These VPC endpoints are associated to the same VPC and subnets as the mwaa environment
• Moreover, this endpoints are supported to a 3rd subnet that is not associated with the mwaa environment (as 2 subnets only are right now supported)

Promt

What is expected:

Possible bug:

I think this line can be the problem:

aws-support-tools/MWAA/verify_env/verify_env.py

Line 658 in a143ec9

vpc_endpoints = [endpoint for endpoint in vpc_endpoints if all(subnet in s_ids for subnet in

it's checking whether all the subnets associated with the endpoints are present in the subnets of the MWAA environment, but it should be the other way around.

[abigan09]

Hi, thanks for reaching out and pointing out this issue. I'm looking into this issue. I will get back here once I have more information.