When using the "private" mode, the check will fail as the S3 VPC Interface Endpoint will include DnsEntries that includes a wildcard.
In the get_ip_address function, the DnsEntries is the first in the list which might be something like *.vpce-xxxxxxxxx-xxxxxxxxx.s3.eu-west-3.vpce.amazonaws.com.
This will fail the call to hostname = endpoint[0]['DnsEntries'][0]['DnsName'].
All other VPC endpoints used by MWAA don't include a "*" in their DNS Names.
When using the "private" mode, the check will fail as the S3 VPC Interface Endpoint will include DnsEntries that includes a wildcard.
In the
get_ip_addressfunction, theDnsEntriesis the first in the list which might be something like*.vpce-xxxxxxxxx-xxxxxxxxx.s3.eu-west-3.vpce.amazonaws.com.This will fail the call to
hostname = endpoint[0]['DnsEntries'][0]['DnsName'].All other VPC endpoints used by MWAA don't include a "*" in their DNS Names.