Skip to main content

Gruntwork release 2016-08

Guides / Update Guides / Releases / 2016-08

This page is lists all the updates to the Gruntwork Infrastructure as Code Library that were released in 2016-08. For instructions on how to use these updates in your code, check out the updating documentation.

Here are the repos that were updated:

boilerplate

v0.0.5

Published: 8/26/2016 | Release notes

  • Add support for a new option called --missing-key-action that defines what to do when a template looks up a variable that is not defined

v0.0.4

Published: 8/22/2016 | Release notes

  • Update the README.md in the _docs folder rather than the auto-generated one in the root folder

v0.0.3

Published: 8/8/2016 | Release notes

  • Add a bunch of new template helpers to make it easier to manipulate strings and numbers: downcase, upcase, capitalize, replace, replaceAll, trim, round, ceil, floor, dasherize, snakeCase, camelCase, camelCaseLower.

terraform-aws-ci

v0.0.18

Published: 8/5/2016 | Release notes

  • The script configure-environment-for-gruntwork-module now optionally installs Terragrunt. In addition, terraform, terragrunt, packer, and glide are now automatically placed in the system PATH.

terraform-aws-monitoring

v0.0.9

Published: 8/13/2016 | Release notes

  • Add a syslog module that allows you to configure rate limiting and log rotation settings syslog.

terraform-aws-security

v0.0.3

Published: 8/23/2016 | Release notes

  • Add a new module called ssh-iam that allows your developers to upload their public SSH keys to IAM and use those to SSH to servers.

v0.0.2

Published: 8/15/2016 | Release notes

  • Add auto-update module to configure Amazon Linux or Ubuntu to automatically download and install the latest security updates.

v0.0.0

Published: 8/11/2016 | Release notes

This release is used for internal testing only! Do not use it in production!

terraform-aws-vpc

v0.1.0

Published: 8/31/2016 | Release notes

BREAKING CHANGE: Upgrade module parameters to take advantage of the new data types introduced in Terraform 0.7.x: list and map. As a result of this change, this release is NOT backwards-compatible with Terraform 0.6.x.

  • All VPC output variables that used to return comma-separated strings now return proper lists (e.g. public_subnet_cidr_blocks, private_app_subnet_ids, private_persistence_route_table_ids, etc).

  • Similarly, all VPC input variables that used to look for a comma-separated string now look for a proper list as well (e.g. public_subnet_ids, private_app_subnet_cidr_blocks).

  • The VPC modules no longer take aws_availability_zones as an input variable. They now determine this using the aws_availability_zones data source instead. Unfortunately, due to a limitation in Terraform, we cannot automatically tell how many AZs are available, so you must specify the number using the num_availability_zones variable.

  • The Availability Zones output is now called availability_zones instead of aws_ availability_zones.

  • vars.tf:

    • Example diff and
    • Remove the aws_availability_zones variable.
    • Add a variable called num_availability_zones. This represents the number of availability zones usable by this AWS account for the current AWS region. Set its default value to 2, 3, or 4, depending on your region.
  • main.tf

    • Example diff (ignore the user_data stuff)
    • Update the ref of the vpc-mgmt and vpc-mgmt-network-acls URLs to 0.1.0.
    • In the mgmt_vpc module, instead of setting aws_availability_zones = "${var.aws_availability_zones}", set num_availability_zones = "${var.num_availability_zones}".
    • In the mgmt_vpc_network_acls module, instead of setting num_subnets = "${length(split(",", var.aws_availability_zones))}", set num_subnets = "${var.num_availability_zones}".
    • In the mgmt_vpc_network_acls module, if you don't have it already, set a new parameter: vpc_ready = "${module.mgmt_vpc.vpc_ready}".
  • Deploy:

    • Run terragrunt get -update
    • Run terragrunt plan
    • You may see a few Network ACLs being created and destroyed. That's OK.
    • You should NOT see the VPC, any route tables, or any subnets being created or destroyed. If you do, let us know (support@gruntwork.io)!
    • If everything looks OK, run terragrunt apply.

These use the exact same upgrade process as the mgmt VPC, except there are some additional steps for the peering connection:

  • main.tf:
    • Example diff (ignore the user_data stuff)
    • Update the ref of the vpc-peering URL to 0.1.0.
    • Instead of manually concatenating values in a string for the origin_vpc_route_table_ids and destination_vpc_route_table_ids parameters, use the concat and list functions. You should get something like origin_vpc_route_table_ids = "${concat(data.terraform_remote_state.mgmt_vpc.private_subnet_route_table_ids, list(data.terraform_remote_state.mgmt_vpc.public_subnet_route_table_id))}".
    • Replace length(split(",", var.aws_availability_zones)) in the calculation of the num_origin_vpc_route_tables and num_destination_vpc_route_tables parameters with var.num_availability_zones. The other parts of the calculation (e.g. the +1 and the *2) stay the same.
  • Deploy:
    • Same process as the mgmt VPC above.
    • Other than minor Network ACL changes, you should not see anything being destroyed. If you do, this could lead to outage, so please notify us (support@gruntwork.io)!

You can update other variables and outputs to lists (e.g. var.aws_account_ids), get rid of unnecessary split and join usage, and upgrade terraform_remote_state usage to data sources. See the Terraform 0.7 upgrade guide for details.

Finally, when using other modules that depend on outputs from your VPC, note that the outputs are now lists rather than strings, so you may want to update those other modules to the 0.7 versions (see their release notes) or you may need to add or remove some calls to split and join.

ENHANCEMENT: vpc-app and vpc-mgmt now allow for specifying the exact CIDR blocks to be used for all subnets.