Releases: cloudposse-terraform-components/aws-datadog-integration
Releases · cloudposse-terraform-components/aws-datadog-integration
v1.535.1
Pin module reference @goruha (#28)
## what * Pin module referencewhy
- Relative path is not working with polyrepo pattern
Summary by CodeRabbit
- Chores
- Updated the source of the Datadog credentials module to use a specific version from a remote repository.
🤖 Automatic Updates
Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#32)
## what This is an auto-generated PR that updates the README.md and docswhy
To have most recent changes of README.md and doc from origin templates
chore(deps): update terraform cloudposse/ssm-parameter-store/aws to v0.13.0 @[renovate[bot]](https://github.com/apps/renovate) (#4)
This PR contains the following updates:| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/ssm-parameter-store/aws (source) | module | minor | 0.11.0 -> 0.13.0 |
Release Notes
cloudposse/terraform-aws-ssm-parameter-store (cloudposse/ssm-parameter-store/aws)
v0.13.0
chore: add overwrite argument back @gberenice (#53)
what
- Unfortunately, we have to add the
overwriteargument back due to the confusion of its deprecation:
Lastly, and unfortunately, configurations expecting the standard update flow will need to keep overwrite = true set until this becomes the default behavior in v6.0.0. Removing it in v5.X will result in the default value of false, preventing the parameter value from being updated, causing persistent differences.
why
- Prevent undesired behaviour.
references
v0.12.0
chore: remove deprecated `overwrite` argument @meysam81 (#52)
fixes #51
Sync github @max-lobur (#48)
Rebuild github dir from the template
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#31)
## what This is an auto-generated PR that updates the README.md and docswhy
To have most recent changes of README.md and doc from origin templates
chore(deps): update terraform cloudposse/datadog-integration/aws to v2 @[renovate[bot]](https://github.com/apps/renovate) (#16)
This PR contains the following updates:| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/datadog-integration/aws (source) | module | major | 1.3.0 -> 2.0.0 |
Release Notes
cloudposse/terraform-aws-datadog-integration (cloudposse/datadog-integration/aws)
v2.0.0
🚀 Enhancements
feat: restructure and add new datadog integration policies @RoseSecurity (#69)
Why
- Expanding permission sets as Datadog and AWS evolve
What
- Style update: change all
join("", resource.kind.*.name)andresource.kind[0].nametoone(resource.kind[*].name) - Deprecate
var.integrationsand addvar.policiesin its place- Update the description to indicate it is deprecated
- Make its default value null
- Add
var.policies - Create a
local.policieswhich is the list of policies specified viavar.integrationsandvar.policiescombined with mappings and then de-duplicated
[!NOTE]
For compatibility, mapvar.integrations"core" -> "core_integration" and "all" -> "full_integration" when adding tolocal.policies.
- Rename the "all" policy "full-integration" and update it
- Rename
iam_policy_all.tf->iam-policy-full-integration.tfand rename all the resources etc. named "all" to "full_integration", and trigger it with policy name "full-integration" - Update the policy reference
- Update the permissions (
statement.actions) from those sources:
full-integration permissions
actions = [
"apigateway:GET",
"autoscaling:Describe*",
"backup:List*",
"budgets:ViewBudget",
"cloudfront:GetDistributionConfig",
"cloudfront:ListDistributions",
"cloudtrail:DescribeTrails",
"cloudtrail:GetTrailStatus",
"cloudtrail:LookupEvents",
"cloudwatch:Describe*",
"cloudwatch:Get*",
"cloudwatch:List*",
"codedeploy:List*",
"codedeploy:BatchGet*",
"directconnect:Describe*",
"dynamodb:List*",
"dynamodb:Describe*",
"ec2:Describe*",
"ec2:GetTransitGatewayPrefixListReferences",
"ec2:SearchTransitGatewayRoutes",
"ecs:Describe*",
"ecs:List*",
"elasticache:Describe*",
"elasticache:List*",
"elasticfilesystem:DescribeFileSystems",
"elasticfilesystem:DescribeTags",
"elasticfilesystem:DescribeAccessPoints",
"elasticloadbalancing:Describe*",
"elasticmapreduce:List*",
"elasticmapreduce:Describe*",
"es:ListTags",
"es:ListDomainNames",
"es:DescribeElasticsearchDomains",
"events:CreateEventBus",
"fsx:DescribeFileSystems",
"fsx:ListTagsForResource",
"health:DescribeEvents",
"health:DescribeEventDetails",
"health:DescribeAffectedEntities",
"kinesis:List*",
"kinesis:Describe*",
"lambda:GetPolicy",
"lambda:List*",
"logs:DeleteSubscriptionFilter",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:DescribeSubscriptionFilters",
"logs:FilterLogEvents",
"logs:PutSubscriptionFilter",
"logs:TestMetricFilter",
"oam:ListSinks",
"oam:ListAttachedLinks",
"organizations:Describe*",
"organizations:List*",
"rds:Describe*",
"rds:List*",
"redshift:DescribeClusters",
"redshift:DescribeLoggingStatus",
"route53:List*",
"s3:GetBucketLogging",
"s3:GetBucketLocation",
"s3:GetBucketNotification",
"s3:GetBucketTagging",
"s3:ListAllMyBuckets",
"s3:PutBucketNotification",
"ses:Get*",
"sns:List*",
"sns:Publish",
"sns:GetSubscriptionAttributes",
"sqs:ListQueues",
"states:ListStateMachines",
"states:DescribeStateMachine",
"support:DescribeTrustedAdvisor*",
"support:RefreshTrustedAdvisorCheck",
"tag:GetResources",
"tag:GetTagKeys",
"tag:GetTagValues",
"wafv2:ListLoggingConfigurations",
"wafv2:GetLoggingConfiguration",
"xray:BatchGetTraces",
"xray:GetTraceSummaries"
],
- Rename
iam_policy_core.tf->iam-policy-core-integration.tfand rename all the resources etc. named "core" to "core_integration", and trigger it with policy name "core-integration" - Update the policy reference
- Update the permissions (
statement.actions) by removing 'support:*' - Create
iam-policy-resource-collection.tf - Follow the pattern of
iam-policy-full-integration.tfand createiam-policy-resource-collection.tfto implem...
Contributors
goruha
