Describe the feature

AWS Services, i.e., Xray, Wafv2, Workmail, have started to release support for IPv6 or Dualstack for their VPC endpoints.

Use Case

We are migrating our infrastructure to work on IPv6-only or dualstack mode and we would like talk to AWS services through IPv6.

The current workaround is to either 1) write a custom resource to create the VPCEndpoint (or mutate an existing one) and specify the DnsOptions and IpAddressType or 2) use the L1 construct to wire up the VPCEndpoint to use ipv6 or dualstack.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpcendpoint.html
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcEndpoint.html

Proposed Solution

The API itself it's trivial,

// Add an interface endpoint
vpc.addInterfaceEndpoint('XRayEndpoint', {
  service: ec2.InterfaceVpcEndpointAwsService.XRAY,
  privateDnsEnabled: true,
  /* new props */
  // would default to ec2.InterfaceVpcEndpointIpAddressType.IPv4
  ipAddressType: ec2.InterfaceVpcEndpointIpAddressType.DUALSTACK,
  // dns options is restricted by ipAddressType and can have defaults, but it specified by the customer as not-specified
  dnsRecordType: ec2.InterfaceVpcEndpointIpAddressType.DUALSTACK,
  // we do not have a use case but it's part of the dnsOptions
  privateDnsOnlyForInboundResolverEndpoint: false // OR true
});

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

CDK version used

2.170.1

Environment details (OS name and version, etc.)

Linux