Releases: cloudposse/terraform-aws-elasticache-redis
v1.7.0 Add support for Valkey cache
This release adds a new input, engine
, which you can set to redis
(the default) or valkey
to choose which cache engine you want to use.
feat: Add support for Valkey engine @adamantike (#249)
## whatThis change allows setting the engine
variable, to allow using Valkey as the cache engine.
No breaking changes are expected, as the default value for the engine
variable is set to redis
. Also, the minimum AWS provider version is not changed as using Redis does not require using a newer provider.
references
v1.6.0
v1.5.0
🚀 Enhancements
Allow config endpoint as reader endpoint output @justinfranco (#245)
## what This avoids a situation where the reader endpoint tries to use `coalesce(null, null, null)` when in cluster mode and instead uses the configuration endpoint.why
When using cluster mode there is no reader endpoint so the output tries to use coalesce(null, null, null)
which results in a plan error. As outlined in the AWS docs the config endpoint should be used instead when in cluster mode.
references
Closes #236
chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /test/src in the go_modules group across 1 directory @dependabot (#246)
Bumps the go_modules group with 1 update in the /test/src directory: [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter).Updates github.com/hashicorp/go-getter
from 1.7.4 to 1.7.5
Release notes
Sourced from github.com/hashicorp/go-getter's releases.
v1.7.5
What's Changed
- Prevent Git Config Alteration on Git Update by
@dduzgun-security
in hashicorp/go-getter#497New Contributors
@dduzgun-security
made their first contribution in hashicorp/go-getter#497Full Changelog: hashicorp/go-getter@v1.7.4...v1.7.5
Commits
5a63fd9
Merge pull request #497 from hashicorp/fix-git-update5b7ec5f
fetch tags on update and fix tests9906874
recreate git config during update to prevent config alteration- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.
🤖 Automatic Updates
chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /test/src in the go_modules group across 1 directory @dependabot (#246)
Bumps the go_modules group with 1 update in the /test/src directory: [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter).Updates github.com/hashicorp/go-getter
from 1.7.4 to 1.7.5
Release notes
Sourced from github.com/hashicorp/go-getter's releases.
v1.7.5
What's Changed
- Prevent Git Config Alteration on Git Update by
@dduzgun-security
in hashicorp/go-getter#497New Contributors
@dduzgun-security
made their first contribution in hashicorp/go-getter#497Full Changelog: hashicorp/go-getter@v1.7.4...v1.7.5
Commits
5a63fd9
Merge pull request #497 from hashicorp/fix-git-update5b7ec5f
fetch tags on update and fix tests9906874
recreate git config during update to prevent config alteration- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this...
v1.4.1
🚀 Enhancements
fix: Default transit_encryption_mode to null if var.transit_encryption_enabled is false @amontalban (#238)
what
Fixing this problem when var.transit_encryption_enabled
is false
the transit_encryption_mode
value should be null.
why
I was blindsided with my use case of encrypting everything and I should have covered the default use case.
references
v1.4.0
feat: Allow configuring transit_encryption_mode @amontalban (#231)
what
Allow configuring transit_encryption_mode
.
why
This was added in AWS Provider v5.47.0 as part of hashicorp/terraform-provider-aws#30403
This is needed if you want to migrate to in-transit encryption with no downtime.
references
- Closes #190
v1.3.0
v1.2.3
feat: Allow configuring auth_token_update_strategy @amontalban (#232)
what
Allow configuring auth_token_update_strategy
provider setting.
This has been added to AWS Provider on v5.27.0 in this PR hashicorp/terraform-provider-aws#16203
why
Give user the flexibility to change the update strategy when setting/changing the auth_token
.
references
Closes #55
🤖 Automatic Updates
Update release workflow to allow pull-requests: write @osterman (#233)
what
- Update workflow (
.github/workflows/release.yaml
) to have permission to comment on PR
why
- So we can support commenting on PRs with a link to the release
Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#230)
what
- Update workflows (
.github/workflows
) to use shared workflows from.github
repo
why
- Reduce nested levels of reusable workflows
Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#229)
what
- Update workflows (
.github/workflows
) to addissue: write
permission needed by ReviewDogtflint
action
why
- The ReviewDog action will comment with line-level suggestions based on linting failures
Update GitHub workflows @osterman (#228)
what
- Update workflows (
.github/workflows/settings.yaml
)
why
- Support new readme generation workflow.
- Generate banners
Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#226)
what
- Install latest GitHub Action Workflows
why
- Use shared workflows from
cldouposse/.github
repository - Simplify management of workflows from centralized hub of configuration
Add GitHub Settings @osterman (#224)
what
- Install a repository config (
.github/settings.yaml
)
why
- Programmatically manage GitHub repo settings
Update README.md and docs @cloudpossebot (#222)
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
Update Scaffolding @osterman (#223)
what
- Reran
make readme
to rebuildREADME.md
fromREADME.yaml
- Migrate to square badges
- Add scaffolding for repo settings and Mergify
why
- Upstream template changed in the
.github
repo - Work better with repository rulesets
- Modernize look & feel
chore(deps): update terraform cloudposse/vpc/aws to v2.2.0 @renovate (#220)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/vpc/aws (source) | module | minor | 2.1.1 -> 2.2.0 |
Release Notes
chore(deps): update terraform cloudposse/cloudwatch-logs/aws to v0.6.8 @renovate (#214)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/cloudwatch-logs/aws (source) | module | patch | 0.6.5 -> 0.6.8 |
Release Notes
cloudposse/terraform-aws-cloudwatch-logs (cloudposse/cloudwatch-logs/aws)
v0.6.8
🚀 Enhancements
Fix mistake in policy. Part2 @ramses999 (#39)
what
This is just a continuation of the fix https://github.com/cloudposse/terraform-aws-cloudwatch-logs/pull/38.
Prod environment tested. That's how it works correctly.
v0.6.7
🚀 Enhancements
Fix mistake in policy @ramses999 (#38)
what
Fix mistake in policy
why
The policy is created simply by ARN without the ":" construct, which is necessary to create the correct policy for the role.
Without this ":" construct, the policy is created, but it does not work correctly.
This error was discovered when I tried to create a cloudwatch group in the cloudtrail module.
I got the response "Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Access denied. Verify in IAM that the role has adequate permissions."
After studying the code, I realized that I need to add the construction ":*" in a couple of lines.
My solution looks like this, I need to replace the lines in file :
This line:
join("", aws_cloudwatch_log_group.default..arn),
replaced by
"${join("", aws_cloudwatch_log_group.default..arn)}:*"
You need to do this in both identical lines.
Perhaps you can suggest a better solution, I'm new to terraforming.
references
https://github.com/cloudposse/terraform-aws-cloudwatch-logs/issues/37
https://github.com/cloudposse/terraform-aws-cloudwatch-logs/blob/master/iam.tf#L55
v0.6.6
🤖 Automatic Updates
Update Terraform cloudposse/iam-role/aws to v0.16.2 @renovate (#33)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/iam-role/aws (source) | module | patch | 0.16.1 -> 0.16.2 |
chore(deps): update terraform cloudposse/vpc/aws to v2.1.1 @renovate (#215)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/vpc/aws (source) | module | patch | 2.1.0 -> 2.1.1 |
Release Notes
cloudposse/terraform-aws-vpc (cloudposse/vpc/aws)
v2.1.1
Add support for network address usage metrics @lanzrein (#124)
what
This PR adds support for Network Address Usage Metrics on the VPC.
AWS documentation : https://docs.aws.amazon.com/vpc/latest/userguide/network-address-usage.html
Terraform documentation : https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_network_address_usage_metrics
why
Network Address Usage metrics can help monitor the growth of a VPC and would be useful for any user.
Enable this after creating a VPC does not trigger recreation of the VPC.
references
closes #115
Sync github @max-lobur (#120)
Rebuild github dir from the template
🤖 Automatic Updates
Update README.md and docs @cloudpossebot (#125)
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
v1.2.2
🤖 Automatic Updates
chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.13.0 @renovate (#219)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/route53-cluster-hostname/aws (source) | module | minor | 0.12.2 -> 0.13.0 |
Release Notes
cloudposse/terraform-aws-route53-cluster-hostname (cloudposse/route53-cluster-hostname/aws)
v0.13.0
- No changes
v0.12.3
Add zone inputs, update tests, add usage @nitrocode (#42)
what
- Add zone inputs, update tests, add usage
why
- Verify zone name exists
- Dynamically retrieve zone name based on data source inputs
references
git.io->cloudposse.tools update @dylanbannon (#40)
what and why
Change all references to git.io/build-harness
into cloudposse.tools/build-harness
, since git.io
redirects will stop working on April 29th, 2022.
References
- DEV-143
chore(deps): update terraform cloudposse/dynamic-subnets/aws to v2.4.1 @renovate (#216)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/dynamic-subnets/aws (source) | module | minor | 2.3.0 -> 2.4.1 |
Release Notes
cloudposse/terraform-aws-dynamic-subnets (cloudposse/dynamic-subnets/aws)
v2.4.1
🚀 Enhancements
v2.4.0
Update dependencies, remove deprecation, add NACL example @Nuru (#184)
Note
Dropping support for deprecated EC2-Classic
With this release, EIPs allocated for NAT ingress are allocated in the default domain. This most likely does not affect you, but for accounts created before 2013-12-04 (almost 10 years ago as of this writing), the default domain could be EC2-Classic rather than the current VPC. Previously this module forced the EIPs to be in the VPC domain, but the breaking changes between AWS Provider v4 and v5 make that difficult.
If you find yourself in the rare situation where the EIPs allocated by this module are in EC2-Classic but you want them in VPC, then create the EIPs outside of this module and supply them to this module via nat_elastic_ips
.
Custom NACLs
This release includes an example (examples/nacls/
) showing how to create custom NACLs in conjunction with this module. Note that by default, this module creates wide-open NACLs, and subnets can only have one NACL associated with them. If you try to add a NACL to a subnet without disabling the default NACLs, you may get a possibly confusing error like:
│ Error: creating EC2 Network ACL: creating EC2 Network ACL (acl-0376c5f12dd9d784d) Association: InvalidAssociationID.NotFound: The association ID 'aclassoc-0818d5a9e3876a2bb' does not exist
See https://github.com/hashicorp/terraform-provider-aws/issues/31888
what
- Make appropriate inputs non-nullable (treat an input of
null
as meaning "default") - Remove
aws_eip
vpc = true
- Update terraform cloudposse/utils/aws to v1.3.0 (Supersedes and closes #182)
- Add example of how to add custom NACLs to subnets created by this module (Supersedes and closes #176)
- Update tests and test framework
why
- Allow better, more consistent configuration
- Deprecated
- Include support for new AWS regions
- Encourage composition of modules and resources rather than aggregation of functionality into bloated modules (c.f. #176)
- Stay current with features, bug fixes, and security updates
references
- Terraform AWS Provider Version 5 Upgrade Guide: aws_eip
- Disallowing Null Input Values
- EC2 Classic
v1.2.1
🚀 Enhancements
fix: remove transit_encryption != null, auth_token rotation support @Steve-Louie-Bose (#195)
what
- This conditional causes this module to not support dynamic auth_token rotation in a nice way. This conditional forces us into a destroy/create instead of an in place modify
why
- Avoiding a destroy / create when the aws providers supports this behavior is worth it. It would allow one to use
random_password
and feed that into anauth_token
and rotate it gracefully.
references
- closes #194
v1.2.0
bugfix: import existing replication groups @y3ti (#217)
what
Ignore security_group_names
for aws_elasticache_replication_group
resource.
why
There is a bug in the terraform aws provider: hashicorp/terraform-provider-aws#32835
When importing an aws_elasticache_replication_group
resource the attribute security_group_names
is imported as null
.
The security_group_names
attribute is not used by this module.