Releases: cloudposse/terraform-aws-components
Releases · cloudposse/terraform-aws-components
v1.434.0
`sqs-queue` better support dead-letter queues @Benbentwo (#1037)
what
- Updates component
sqs-queueto better support dead-letter queues
why
- This is an awkward component currently, it is really just a pass through to an sqs resource. This should probably be broken down into a module and then wrapped with a component. In the meantime, this will allow easier access to other sqs-queues' URL for the redrive policy which is used for deadletter queues
references
Contributors
Benbentwo
Assets 2
v1.433.0
`sqs-queue`: Update to include SQS Policy @Benbentwo (#1035)
what
- Update SQS Queue component to include an access policy block
- Add IAM Policy variable to make it writeable per queue
- Added helpers to add filters like current account and current queue arn
why
- need an access policy that can allow s3 notifications
Contributors
Benbentwo
Assets 2
v1.432.0
Better support for KUBECONFIG file authentication @Nuru (#1034)
what
- Update
providers-helm.tfto provide better support forKUBECONFIGfile authentication - Add support for computing the
KUBECONFIGcontext name from the EKS cluster name
why
- Previous support had bugs, and lacked support for alternative access to EKS clusters, such as via a gateway (authenticating) proxy, such as Teleport
- Enable support for
KUBECONFIGfiles which configure access for multiple clusters, selected via "context" setting
Contributors
Nuru
Assets 2
v1.431.1
[eks/cluster] Update to use AWS Auth API @Nuru (#1033)
Breaking Changes
[!WARNING]
This release contains breaking changes to theeks/clustercomponent.
Read the migration guidance in the CHANGELOG
what
- Upgrade the
eks/clustercomponent to use the AWS API for access control
why
- The old mechanism, using a ConfigMap, was unreliable
references
terraform-aws-eks-clusterv4.0.0 Release Notesterraform-aws-eks-clusterv4 Migration Guide- New API for EKS access control
🤖 Automatic Updates
Contributors
osterman and Nuru
Assets 2
v1.431.0
feat: Spacelift worker pool enhancements @RoseSecurity (#1029)
what
- Adds
instance_lifetimevariable - Adds logic for
launch_template_version - Makes AMI filter for architecture extensible
why
- Adds
instance_lifetimeto enhance security of worker by terminating and replacing long-lived instances
[!NOTE]
The addition of this variable is purely for security purposes and can be removed if contributors deem it unnecessary
- A refresh will not start when
version = "$Latest"is configured in thelaunch_templateblock. To trigger the instance refresh when a launch template is changed, configureversionto use thelatest_versionattribute of theaws_launch_templateresource.
references
Contributors
RoseSecurity
Assets 2
v1.430.1
fix: update spacelift worker installation for latest images @RoseSecurity (#1023)
what
- Utilizes ECR credential helper
why
- Spacelift updated their AMI to AL23, resulting in broken packages with the current installation script
🤖 Automatic Updates
Contributors
osterman and RoseSecurity
Assets 2
v1.430.0
`[New Docs]` ECS Partial Task Definiton @Benbentwo (#1027)
what
- What is and how do you setup ECS Partial task definitions
why
- Documentation for clearing up ECS Partial Task definitions.
- Creates a place for us to update when adding more information for ECS partial task definitions
references
Contributors
Benbentwo
Assets 2
v1.429.0
v1.428.0
feat: add input_storage rds variable @wavemoran (#1026)
what
- Add the
storage_throughputvariable for theaws_db_instanceresource
why
- This variable is needed for
gp3storage types
references
Contributors
wavemoran
Assets 2
v1.427.0
feat: Provide Anonymous ArgoCD Access @RoseSecurity (#1017)
what
- Enables anonymous user access. The anonymous access to Argo CD can be enabled using
users.anonymous.enabledfield in argocd-cm (see argocd-cm.yaml). The anonymous users get default role permissions specified bypolicy.defaultinargocd-rbac-cm.yaml. For read-only access you'll wantpolicy.default: role:readonly.
why
- Provides anonymous user access
references
Contributors
RoseSecurity