Skip to content

Releases: suzuki-shunsuke/terraform-aws-tfaction

v0.2.4

07 Dec 21:52
@suzuki-shunsuke suzuki-shunsuke
v0.2.4
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
e0e5d4c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.4 Latest
Latest

v0.2.3...v0.2.4

Fixes

#267 Remove the permission for S3 native state locking from IAM Role for tfmigrate plan

tfmigrate plan doesn't need this permission.

Assets 2
Loading

v0.2.3

07 Dec 00:59
@suzuki-shunsuke suzuki-shunsuke
v0.2.3
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
0c21354
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.3

v0.2.2...v0.2.3

Features

#265 #266 Enable to use S3 native state locking @cappyzawa

As of Terraform v1.10, the s3 backend now supports S3 native state locking.
This release grants permissions for this feature to IAM Roles.

https://github.com/hashicorp/terraform/releases/tag/v1.10.0

backend/s3: The s3 backend now supports S3 native state locking. When used with DynamoDB-based locking, locks will be acquired from both sources. In a future minor release of Terraform the DynamoDB locking mechanism and associated arguments will be deprecated. (hashicorp/terraform#35661)

https://developer.hashicorp.com/terraform/language/state/locking
https://developer.hashicorp.com/terraform/language/backend/s3

Contributors

cappyzawa
Assets 2
Loading

v0.2.2

03 Sep 13:38
@suzuki-shunsuke suzuki-shunsuke
v0.2.2
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
0b61234
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.2

v0.2.1...v0.2.2

Features

#190 Enable to create a aws_iam_openid_connect_provider resource

Assets 2
Loading

v0.2.1

21 Oct 21:51
@suzuki-shunsuke suzuki-shunsuke
v0.2.1
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
e54e854
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.1

Pull Requests | v0.2.0...v0.2.1

#52 Support changing Assume Role conditions

Added input variables

  • assume_role_policy_main_conditions
  • assume_role_policy_pr_conditions

e.g.

  assume_role_policy_pr_conditions = [
    {
      test     = "StringEquals"
      variable = "token.actions.githubusercontent.com:aud"
      values   = ["sts.amazonaws.com"]
    },
    {
      test     = "StringLike"
      variable = "token.actions.githubusercontent.com:sub"
      values = [
        # pull request to the main branch
        "repo:${local.repo}:event_name:pull_request_target:base_ref:${local.main_branch}:*",
        # workflow_dispatch and schedule on the main branch
        "repo:${local.repo}:event_name:workflow_dispatch:base_ref::ref:refs/heads/${local.main_branch}",
        "repo:${local.repo}:event_name:schedule:base_ref::ref:refs/heads/${local.main_branch}",
      ]
    },
  ]

  assume_role_policy_main_conditions = [
    {
      test     = "StringEquals"
      variable = "token.actions.githubusercontent.com:aud"
      values   = ["sts.amazonaws.com"]
    },
    {
      test     = "StringEquals"
      variable = "token.actions.githubusercontent.com:sub"
      # push to the main branch
      values = ["repo:${local.repo}:event_name:push:base_ref::ref:refs/heads/${local.main_branch}"]
    },
  ]
Assets 2
Loading

v0.2.0

18 Oct 00:47
@suzuki-shunsuke suzuki-shunsuke
v0.2.0
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
e2b16ee
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.0

Pull Requests | v0.1.4...v0.2.0

#48 Remove permissions for plan files

This change is for tfaction v0.7.0.
As of tfaction v0.7.0, these permissions are unnecessary.

⚠️ Breaking Changes

  • #48 The variable s3_bucket_terraform_plan_file_name is removed
  • #48 Some resources are removed
    • aws_iam_policy.delete_plan_file
    • aws_iam_policy.put_plan_file
    • aws_iam_policy.read_plan_file
    • aws_iam_role_policy_attachment.terraform_apply_put_plan_file
    • aws_iam_role_policy_attachment.terraform_apply_read_plan_file
    • aws_iam_role_policy_attachment.terraform_plan_delete_plan_file
    • aws_iam_role_policy_attachment.terraform_plan_put_plan_file
    • aws_iam_role_policy_attachment.tfmigrate_plan_delete_plan_file

How to upgrade

  • Please upgrade tfaction to v0.7.0 or later
  • Please remove the variable s3_bucket_terraform_plan_file_name
Assets 2
Loading

v0.1.4

19 Sep 12:41
@suzuki-shunsuke suzuki-shunsuke
v0.1.4
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
87c9923
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.4

Pull Requests | v0.1.3...v0.1.4

Bug Fixes

#24 #25 Fixed output description

Actual output is IAM Role name, but the description is IAM Role ARN.

  • aws_iam_role_terraform_plan_name
  • aws_iam_role_terraform_apply_name
  • aws_iam_role_tfmigrate_plan_name
  • aws_iam_role_tfmigrate_apply_name

Contributors

Thanks, Contributors!

@yutachaos #24

Contributors

yutachaos
Assets 2
Loading

v0.1.3

15 Sep 10:40
@suzuki-shunsuke suzuki-shunsuke
v0.1.3
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Verified
Learn about vigilant mode.
f31f296
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.3

Pull Requests | v0.1.2...v0.1.3

Bug Fixes

#22 Fix typo of IAM Policy name

Resource: aws_iam_policy.delete_plan_file

AS IS

GitHubActions_Terraform_${var.name}_deletete_plan_file

TO BE

GitHubActions_Terraform_${var.name}_delete_plan_file

Contributors

Thanks, Contributors!

@koka831 #22

Contributors

koka831
Assets 2
Loading

v0.1.2

01 Feb 10:37
@suzuki-shunsuke suzuki-shunsuke
v0.1.2
db354d2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.2

Pull Requests | v0.1.1...v0.1.2

#5 fix invalid action s3:HeadObject

Assets 2
Loading

v0.1.1

25 Jan 00:57
@suzuki-shunsuke suzuki-shunsuke
v0.1.1
0aca807
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.1

Pull Requests | v0.1.0...v0.1.1

#4 fix: allow IAM Role for terraform plan to delete plan file

For suzuki-shunsuke/tfaction#77

Assets 2
Loading

v0.1.0

22 Jan 05:02
@suzuki-shunsuke suzuki-shunsuke
v0.1.0
7798012
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.0 
Merge pull request #3 from suzuki-shunsuke/fix/fix-count-condition

fix: fix count condition
Assets 2
Loading