From 1dd4abcaa840f3babb6192fb73d0987ef671becb Mon Sep 17 00:00:00 2001
From: Dan Lutsch <dan.lutsch@trueaccord.com>
Date: Fri, 5 Dec 2025 13:08:45 +0900
Subject: [PATCH] fix: Add VPC ID validation for RAM service network discovery

Adds validation in findServiceNetworkViaVPCAssociation() to ensure
CLUSTER_VPC_ID environment variable is set before attempting to list
VPC-to-Service Network associations.

Provides clear error message when configuration is missing, making
debugging easier for RAM-shared service network deployments.
---
 pkg/aws/services/vpclattice.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkg/aws/services/vpclattice.go b/pkg/aws/services/vpclattice.go
index 85d994de..24b2ba57 100644
--- a/pkg/aws/services/vpclattice.go
+++ b/pkg/aws/services/vpclattice.go
@@ -426,6 +426,11 @@ func (d *defaultLattice) buildServiceNetworkInfo(ctx context.Context, snMatch *v
 // by examining VPC associations. This is used to discover RAM-shared
 // service networks that don't appear in ListServiceNetworks.
 func (d *defaultLattice) findServiceNetworkViaVPCAssociation(ctx context.Context, nameOrId string) (*ServiceNetworkInfo, error) {
+	// Validate that VPC ID is configured
+	if config.VpcID == "" {
+		return nil, fmt.Errorf("cannot discover RAM-shared service networks: CLUSTER_VPC_ID environment variable is not set")
+	}
+
 	// List all VPC-to-Service Network associations for the controller's VPC
 	associations, err := d.ListServiceNetworkVpcAssociationsAsList(ctx,
 		&vpclattice.ListServiceNetworkVpcAssociationsInput{