[APIE-679] Multi-Env support in AWS - CLI

[cqin-confluent]

Release Notes

Breaking Changes

• PLACEHOLDER

New Features

• Add --type ingress-privatelink flag to confluent network gateway create to support a new type of Ingress Private Link for AWS, and add --display-name, --region, --id, and --phase flags to confluent network gateway list command to support filtering gateways
• Add confluent network access-point private-link ingress-endpoint [ create | update | describe | list | delete ] commands to support a new type of Ingress Private Link for AWS

Bug Fixes

• PLACEHOLDER

Checklist

• I have successfully built and used a custom CLI binary, without linter issues from this PR.
• I have clearly specified in the What section below whether this PR applies to Confluent Cloud, Confluent Platform, or both.
• I have verified this PR in Confluent Cloud pre-prod or production environment, if applicable.
• I have verified this PR in Confluent Platform on-premises environment, if applicable.
• I have attached manual CLI verification results or screenshots in the Test & Review section below.
• I have added appropriate CLI integration or unit tests for any new or updated commands and functionality.
• I confirm that this PR introduces no breaking changes or backward compatibility issues.
• I have indicated the potential customer impact if something goes wrong in the Blast Radius section below.
• I have put checkmarks below confirming that the feature associated with this PR is enabled in:
  • Confluent Cloud prod
  • Confluent Cloud stag
  • Confluent Platform
  • Check this box if the feature is enabled for certain organizations only

What

This PR extends the existing Gateway and Access Point functionality to support a new Gateway and Access Point type (Ingress Private Link) for AWS.

More context:
Today, customers face challenges when connecting a single VPC to multiple Confluent Cloud environments (e.g., production, development, QA) within the same AWS region.

This change is part of the broader initiative to migrate the existing PLATT/PLATTC APIs to the new Gateway and Access Point model. Within the current scope, the original functionality remains unchanged.

By enabling an AccessPoint-based endpoint backed by Ingress Private Link, this feature resolves the multi-environment PLATT limitation and allows customers to cleanly connect multiple Confluent Cloud environments from a single VPC.

Blast Radius

Should be minimal. This change is additive only so should not impact or block any existing customer workflows.

References

Corresponding JIRA Ticket: Multi-Env support in AWS/Azure/GCP - CLI

Test & Review

Validation Doc APIE-679 Multi-Env support CLI Testing

[confluent-cla-assistant]

🎉 All Contributor License Agreements have been signed. Ready to merge.
_{Please push an empty commit if you would like to re-run the checks to verify CLA status for all contributors.}

[Copilot]

Pull Request Overview

This PR adds multi-environment support for AWS ingress private link functionality in the CLI, extending the existing egress private link capabilities. The changes enable users to create, manage, and interact with AWS ingress private link gateways and endpoints.

Key Changes:

• Added support for AWS ingress private link gateway type alongside existing egress private link
• Implemented complete CRUD operations for ingress endpoints (create, list, describe, update, delete)
• Updated dependency versions for networking-access-point and networking-gateway SDKs

Reviewed Changes

Copilot reviewed 11 out of 12 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
internal/network/command_gateway.go	Added AWS ingress private link gateway type constants and mapping
internal/network/command_gateway_create.go	Added ingress-privatelink gateway creation support with AWS-only validation
internal/network/command_gateway_list.go	Extended list command to display region and principal ARN for ingress gateways
internal/network/command_access_point_private_link.go	Added ingress-endpoint subcommand to private-link command tree
internal/network/command_access_point_private_link_ingress_endpoint.go	Core ingress endpoint functionality including output formatting and autocomplete
internal/network/command_access_point_private_link_ingress_endpoint_create.go	Implements ingress endpoint creation with AWS VPC endpoint service configuration
internal/network/command_access_point_private_link_ingress_endpoint_list.go	Lists ingress endpoints with filtering by display names
internal/network/command_access_point_private_link_ingress_endpoint_describe.go	Describes individual ingress endpoint details
internal/network/command_access_point_private_link_ingress_endpoint_update.go	Updates ingress endpoint display name
internal/network/command_access_point_private_link_ingress_endpoint_delete.go	Deletes one or more ingress endpoints with confirmation
go.mod	Updated SDK dependencies to internal versions with ingress support

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.