Releases: cloudposse/terraform-aws-ec2-instance
Releases · cloudposse/terraform-aws-ec2-instance
v0.32.1
🤖 Automatic Updates
chore(deps): update terraform cloudposse/security-group/aws to v0.1.4 @renovate (#88)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/security-group/aws (source) | terraform | patch | 0.1.2 -> 0.1.4 |
Release Notes
cloudposse/terraform-aws-security-group
v0.1.4
🚀 Enhancements
Add some missing TF 0.14 updates @Nuru (#10)
#### what - Some updates included in the general TF 0.14 updates were missed. This brings the module up-to-date. #### why - Closes #9v0.1.3
🚀 Enhancements
create md5 from sec group rule description in order to allow multiple… @1david5 (#6)
… rules with the same port and different descriptions.
what
- This PR generates the md5 hash from the security group rule description when creating the rule map keys.
why
- This change prevents key map duplication when generating the security group rule map and there are rules with the same port and different descriptions. Example below:
main.tf
module "security_groups"
source = "github.com/cloudposse/terraform-aws-security-group"
name = "sg_name"
vpc_id = "vpc-0000111122223333"
rules = [
{
type = "ingress"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = "10.10.0.0/16"
description = "Allow ssh from main office"
},
{
type = "ingress"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = "192.168.0.0/24"
description = "Allow ssh from management VPC"
},
{
type = "egress"
from_port = 0
to_port = 65535
protocol = "all"
cidr_blocks = ["0.0.0.0/0"]
description = "Allow all outbound"
}
]
description = "sg_descrition"
}
ERROR
Error: Duplicate object key
on .terraform/modules/security_groups/main.tf line 11, in locals:
9: rules = module.this.enabled && var.rules != null ? {
10: for rule in flatten(distinct(var.rules)) :
11: format("%s-%s-%s-%s-%s-%s-%s-%s-%s-%s",
12: rule.type,
13: rule.protocol,
14: rule.from_port,
15: rule.to_port,
16: lookup(rule, "cidr_blocks", null) == null ? "no_ipv4" : "ipv4",
17: lookup(rule, "ipv6_cidr_blocks", null) == null ? "no_ipv6" : "ipv6",
18: lookup(rule, "security_group_id", null) == null ? "no_ssg" : "ssg",
19: lookup(rule, "prefix_list_ids", null) == null ? "no_pli" : "pli",
20: lookup(rule, "self", null) == null ? "no_self" : "self",
21: lookup(rule, "description", null) == null ? "no_desc" : "desc"
22: ) => rule
23: } : {}
|----------------
| rule.from_port is 22
| rule.protocol is "tcp"
| rule.to_port is 22
| rule.type is "ingress"
Two different items produced the key
"ingress-tcp-22-22-ipv4-no_ipv6-no_ssg-no_pli-no_self-desc" in this 'for'
expression. If duplicates are expected, use the ellipsis (...) after the value
expression to enable grouping by key.
references
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻️ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box.
This PR has been generated by WhiteSource Renovate. View repository job log here.
v0.32.0
v0.31.0
Remove use of deprecated null_data_source @bwmetcalf (#94)
Moved logic from null_data_source into definition of locals.public_dns.
null_data_source is now deprecated (using tf 0.14.5) and throws warnings. See PR below.
https://registry.terraform.io/providers/hashicorp/null/latest/docs/data-sources/data_source
v0.30.4
🚀 Enhancements
Adding metadata hop limit @jamengual (#89)
what
- Adding metadata hop limit
why
- when metadata option tokens enable the max hop needs to be higher than 1 for an instance to be able to call the metadata endpoint
v0.30.3
🤖 Automatic Updates
chore(deps): update terraform cloudposse/security-group/aws to v0.1.2 @renovate (#87)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/security-group/aws (source) | terraform | patch | 0.1.1 -> 0.1.2 |
Release Notes
cloudposse/terraform-aws-security-group
v0.1.2
🤖 Automatic Updates
Update context.tf @cloudpossebot (#3)
#### what This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label` #### why To support all the features of the `context` interface.v0.30.2
🤖 Automatic Updates
context.tf updated to v0.24.1, minimum required Terraform version bumped to 0.13.0 when needed, readme updated @maximmi (#85)
what
- update context.tf to v0.24.1
- minimum required Terraform version bumped to 0.13.0
- readme updated, Bridgecrew compliance badges added
why
- It allows for setting the letter case of tag names and labels, back compatibility with context v0.22.0 and below
- we have dropped support for Terraform 0.12
- To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant
v0.30.1
🤖 Automatic Updates
Update context.tf @cloudpossebot (#86)
what
This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label
why
To support all the features of the context interface.
v0.30.0
minimum required Terraform version bumped to 0.13.0, context.tf updated, readme updated @maximmi (#83)
what
- update context.tf to v0.23.0
- minimum required Terraform version bumped to 0.13.0
- readme updated, Bridgecrew compliance badges added
why
- It allows for setting the letter case of tag names and labels
- we have dropped support for Terraform 0.12
- To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant
v0.29.0
v0.28.0
readme updated, BridgeCrew compliance fixes @maximmi (#81)
what
- BridgeCrew compliance checks fix
- readme updated
- default behaviour changed: Public IP for EC2 instance disabled by default
- default behaviour changed:
Instance Metadata Service Version 2forced by default - default behaviour changed:
Encryption of the root block deviceenabled by default - default behaviour changed:
Encrypt EBS Volumeenabled by default
why
- To be able to position our modules as standards compliant
- stay in sync with code
- To comply BridgeCrew check