create-vpc-endpoint.sh

#!/bin/bash
#This script requires an up-to-date version of the aws cli tool

profile=$1
environment=$2

region=us-east-1
service_name=com.amazonaws.$region.s3

get_env_vpc_id () {
    local profile=$1
    local env=$2
    local vpc_id
    vpc_id=$(aws --profile $profile ec2 describe-vpcs \
        --filters "Name=tag:Name,Values=$env" \
        --query 'Vpcs[].VpcId|[0]' \
        --output text)
    echo $vpc_id
}

get_vpc_route_table_ids () {
    local profile=$1
    local vpc=$2
    local routetable_id
    routetable_id=$(aws --profile $profile ec2 \
        describe-route-tables \
        --filters "Name=vpc-id,Values=$vpc" \
        --query '*[][].RouteTableId' --output text | tr '[:blank:]' ',')
    echo $routetable_id
}

create_vpc_end_point () {
    local profile=$1
    local vpc_id=$2
    local service_name=$3
    local route_table_ids
    route_table_ids=$(echo $4 | tr ',' ' ')
    aws --profile $profile ec2 create-vpc-endpoint \
        --vpc-id $vpc_id \
        --service-name $service_name \
        --route-table-ids $route_table_ids
}

create_security_group () {
    local profile=$1
    local vpc_id=$2
    local prefix_list_id
    prefix_list_id=$(aws ec2 describe-prefix-lists \
        --query 'PrefixLists[0].PrefixListId' \
        --output text)
    aws ec2 create-security-group \
        --group-name my-lambda \
        --description 'Lambda Access to S3' --vpc-id $vpc_id
}

vpc_id=$(get_env_vpc_id $profile $environment)
route_table_ids=$(get_vpc_route_table_ids $profile $vpc_id)
create_vpc_end_point $profile $vpc_id $service_name $route_table_ids