v0.41.2

🐛 Bug Fixes

Fix #137 bad output when cluster_mode_enabled=true @Nuru (#139)

what

• Fix #137 bad output when cluster_mode_enabled=true
• Add migration documentation

why

• join("", [null]) results in a Terraform error
• Should have been included in v0.40.0

references

• Closes #137
• Supersedes and closes #138

v0.41.1

🐛 Bug Fixes

Bugfixes @Nuru (#136)

what

• Always pass string for zone_id for route53-cluster-hostname module
• Never pass null for security_group_id for aws_elasticache_replication_group

why

• Errors otherwise

references

• Closes #134
• Supersedes and closes #135

v0.41.0

Upgrade to new securty-group standards @Nuru (#133)

what

• Upgrade to new Cloud Posse security group standards
• Enable proper operation when DNS zone is created at the same time as the cluster
• Enable create_before_destroy on security groups by default
• Update AWS provider version constraint to properly require a version that has all the features the module uses
• Add additional outputs for the Redis Replication Group

why

• Further standardize all Cloud Posse modules
• Supply bug fixes and features requested via "issues".

references

• Closes #82
• Closes #86
• Closes #104
• Closes #113
• Closes #121
• Closes #127
• Supersedes and closes #130
• Supersedes and closes #132

v0.40.3

🤖 Automatic Updates

chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.12.2 @renovate (#129)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/route53-cluster-hostname/aws (source)	module	patch	0.12.1 -> 0.12.2

---

Release Notes

cloudposse/terraform-aws-route53-cluster-hostname

v0.12.2

Compare Source

🚀 Enhancements

Bump AWS provider 3.0 @​nitrocode (#​36)

#### what * Bump AWS provider 3.0 #### why * Downstream modules can take advantage of the more recent aws provider #### references N/A

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

v0.40.2

🚀 Enhancements

Chore: bump Route53 cluster hostname module to `0.12.1` @bradj (#128)

what

• Bumps Route53 cluster hostname module

why

• New Route53 cluster module now supports tenants

references

v0.40.1

🤖 Automatic Updates

Update context.tf @cloudpossebot (#126)

what

This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label

why

To support all the features of the context interface.

v0.40.0 Unstable Pre-Release

We are revising and standardizing our handling of security groups and security group rules across all our Terraform modules. This is an early attempt with significant breaking changes. We will make further breaking changes soon, so using this version is not recommended.

BREAKING CHANGES

Click for details and migration guidance

If there is something not documented here, please let us know by filing a ticket.

• var.allowed_security_groups is removed in favor of the security group module's var.security_group_rules which can contain a single source_security_group_id per rule

• var.allowed_cidr_blocks is removed in favor of the security group module's var.security_group_rules which can contain a cidr_blocks

• var.use_existing_security_groups is replaced with var.security_group_enabled (note that if the former was true, the latter should be false)

• var.existing_security_groups is replaced with var.security_groups

• security group has moved

  terraform state mv \
    "module.redis.aws_security_group.default[0]" \
    "module.redis.module.security_group.aws_security_group.default[0]"

• default security_group_rules does not allow ingress but this can be added manually.

  Note: The list must have the same json keys per index

  security_group_rules = [
    {
      type                     = "egress"
      from_port                = 0
      to_port                  = 65535
      protocol                 = "-1"
      cidr_blocks              = ["0.0.0.0/0"]
      source_security_group_id = null
      description              = "Allow all outbound traffic"
    },
    {
      type                     = "ingress"
      from_port                = 6379
      to_port                  = 6379
      protocol                 = "tcp"
      cidr_blocks              = []
      source_security_group_id = local.security_group_id # provide existing security group or comment out this rule
      description              = "Allow inbound traffic from existing Security Groups"
    },
    {
      type                     = "ingress"
      from_port                = 6379
      to_port                  = 6379
      protocol                 = "tcp"
      cidr_blocks              = [] # provide cidr blocks or comment out this rule
      source_security_group_id = null
      description              = "Allow inbound traffic from CIDR blocks"
    }
  ]

• security group rules have been moved

  Note: since the new security group rule names are generated upon a plan, the plan will need to be run first to generate the new names in order to move the rules. Replace someguid with the appropriate value.

  terraform state mv \
    'module.redis.aws_security_group_rule.egress[0]' \
    'module.redis.module.security_group.aws_security_group_rule.default["egress--1-0-65535-someguid"]'
  terraform state mv \
    'module.redis.aws_security_group_rule.ingress_security_groups[0]' \
    'module.redis.module.security_group.aws_security_group_rule.default["ingress-tcp-6379-6379-someguid"]'
  terraform state mv \
    'module.redis.aws_security_group_rule.ingress_cidr_blocks[0]' \
    'module.redis.module.security_group.aws_security_group_rule.default["ingress-tcp-6379-6379-someguid"]'

---

feat: use security-group module instead of resource @SweetOps (#119)

what

• use security-group module instead of resource
• update tests

why

• more flexible than current implementation
• bring configuration of security group/rules to one standard

references

• CPCO-409

v0.39.0

feat: allow final snapshot creation @jlsan92 (#120)

what

• Allows the creation of a final snapshot if the instance is deleted or recreated.

why

• It is important to keep a final snapshot in case of a mistake or malfunctioning recreation of your redis
• automatic snapshots get wiped once the elasticache instance is removed

references

• n/a

v0.38.0

Add TF attribute member-clusters to available outputs @patrick-armitage (#118)

what

• Add member-clusters Terraform-exposed attribute to list of available outputs
• Tested and working against tag 0.37.0

why

• This output can be useful for automation (I have a use case in flight for work which depends on its availability)

references

• Terraform attribute API doc: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#member_clusters

v0.37.0

Allow empty "egress_cidr_blocks" @marcuz (#93)

what

• Allow empty egress_cidr_blocks (no egress rules in default security group)

why

• Not mandatory to have an egress rule

references

• #90