fix(ec2): private DNS for custom endpoints has incorrect default

Currently if I create an InterfaceVpcEndpoint to a non-AWS service, I must set the privateDnsEnabled field to be "false". This is because the default is "true", which works for AWS services but not for custom hosted services. This change exposes a privateDnsDefault for different IInterfaceVpcEndpointService implementations, and VpcEndpoint will use that as the default if privateDnsEnabled is not specified. This way, I could create a service without having to specify private DNS settings.

packages/@aws-cdk/aws-ec2/lib/vpc-endpoint.ts

@@ -201,6 +201,11 @@ export interface IInterfaceVpcEndpointService {
    * The port of the service.
    */
   readonly port: number;
+
+  /**
+   * Whether Private DNS is supported by default.
+   */
+  readonly privateDnsDefault?: boolean;
 }
 
 /**
@@ -218,6 +223,11 @@ export class InterfaceVpcEndpointService implements IInterfaceVpcEndpointService
    */
   public readonly port: number;
 
+  /**
+   * Whether Private DNS is supported by default.
+   */
+  public readonly privateDnsDefault?: boolean = false;
+
   constructor(name: string, port?: number) {
     this.name = name;
     this.port = port || 443;
@@ -279,6 +289,11 @@ export class InterfaceVpcEndpointAwsService implements IInterfaceVpcEndpointServ
    */
   public readonly port: number;
 
+  /**
+   * Whether Private DNS is supported by default.
+   */
+  public readonly privateDnsDefault?: boolean = true;
+
   constructor(name: string, prefix?: string, port?: number) {
     this.name = `${prefix || 'com.amazonaws'}.${Aws.REGION}.${name}`;
     this.port = port || 443;
@@ -298,7 +313,8 @@ export interface InterfaceVpcEndpointOptions {
    * Whether to associate a private hosted zone with the specified VPC. This
    * allows you to make requests to the service using its default DNS hostname.
    *
-   * @default true
+   * @default set by the instance of IInterfaceVpcEndpointService, or true if
+   * not defined by the instance of IInterfaceVpcEndpointService
    */
   readonly privateDnsEnabled?: boolean;
 
@@ -429,7 +445,7 @@ export class InterfaceVpcEndpoint extends VpcEndpoint implements IInterfaceVpcEn
     const subnetIds = subnets.subnetIds;
 
     const endpoint = new CfnVPCEndpoint(this, 'Resource', {
-      privateDnsEnabled: props.privateDnsEnabled !== undefined ? props.privateDnsEnabled : true,
+      privateDnsEnabled: props.privateDnsEnabled ?? props.service.privateDnsDefault ?? true,
       policyDocument: Lazy.anyValue({ produce: () => this.policyDocument }),
       securityGroupIds: securityGroups.map(s => s.securityGroupId),
       serviceName: props.service.name,

packages/@aws-cdk/aws-ec2/test/test.vpc-endpoint.ts

@@ -345,10 +345,31 @@ export = {
 
       // THEN
       expect(stack).to(haveResource('AWS::EC2::VPCEndpoint', {
-        ServiceName: "com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc"
+        ServiceName: "com.amazonaws.vpce.us-east-1.vpce-svc-uuddlrlrbastrtsvc",
+        PrivateDnsEnabled: false
       }));
 
       test.done();
     },
+    'marketplace partner service interface endpoint'(test: Test) {
+      // GIVEN
+      const stack = new Stack();
+      const vpc = new Vpc(stack, 'VpcNetwork');
+
+      // WHEN
+      vpc.addInterfaceEndpoint('YourService', {
+        service: {name: "com.amazonaws.vpce.us-east-1.vpce-svc-mktplacesvcwprdns",
+                  port: 443,
+                  privateDnsDefault: true}
+      });
+
+      // THEN
+      expect(stack).to(haveResource('AWS::EC2::VPCEndpoint', {
+        ServiceName: "com.amazonaws.vpce.us-east-1.vpce-svc-mktplacesvcwprdns",
+        PrivateDnsEnabled: true
+      }));
+
+      test.done();
+    }
   }
 };