Gruntwork release 2019-06
Guides / Update Guides / Releases / 2019-06
This page is lists all the updates to the Gruntwork Infrastructure as Code
Library that were released in 2019-06. For instructions
on how to use these updates in your code, check out the updating
documentation.
Here are the repos that were updated:
Published: 6/20/2019 | Modules affected: server-group | Release notes
- Fix bug where
var.enable_elastic_ips
was not properly used in the conditional logic to control Route 53 records in modules/server-group
. This led to syntax errors when you had the right inputs to enable the resource.
Published: 6/11/2019 | Modules affected: server-group, asg-rolling-deploy | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
Published: 6/24/2019 | Modules affected: redis | Release notes
This release fixes a bug where the module errors on the output if you set both replication_group_size
and cluster_modes
input variables in the redis
module.
Published: 6/11/2019 | Modules affected: redis, memcached | Release notes
redis
[BACKWARDS INCOMPATIBLE]
memcached
[BACKWARDS INCOMPATIBLE]
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/22/2019 | Modules affected: jenkins-server, iam-policies, ec2-backup | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/18/2019 | Modules affected: jenkins-server | Release notes
- Add a variable for
aws_alb_target_group.health_check.matcher
to the jenkins-server
module.
Published: 6/4/2019 | Modules affected: install-jenkins, jenkins-server | Release notes
- Use latest jenkins version, because the package repo is throttling super old version
- Update CODEOWNERS
- Fix test summary and use different port
- jenkins-server: allow additional target group to be specified
- bug: fix duplicate description attribute in jenkins module
Published: 6/17/2019 | Modules affected: rds, lambda-share-snapshot, lambda-create-snapshot, lambda-copy-shared-snapshot | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/14/2019 | Modules affected: rds | Release notes
- When
allow_connections_from_cidr_blocks
is empty, do not create the allow_connections_from_cidr_blocks
security rule.
Published: 6/21/2019 | Modules affected: ecs-service, ecs-service-with-discovery, ecs-service-with-alb, ecs-fargate | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/13/2019 | Modules affected: ecs-cluster, ecs-service, ecs-service-with-discovery, ecs-service-with-alb | Release notes
This release introduces the ability to extend the AWS principals that can assume the ECS task role. For each module that provisions an ECS task, there is a new variable additional_task_assume_role_policy_principals
that allows you to extend the list of allowed principals.
Published: 6/20/2019 | Modules affected: eks-k8s-role-mapping | Release notes
- Fix bug where IAM to RBAC mapping did not work with capital letters in the entity name. This caused login issues because the script would naively use the IAM role / user name as the Kubernetes username, which were invalid when they contained upper case letters.
- Documentation updates and fixes.
Published: 6/14/2019 | Modules affected: scheduled-lambda-job, lambda, lambda-edge, keep-warm | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/20/2019 | Modules affected: nlb | Release notes
Fixes a bug that arises when using terraform >=0.12.2 with the nlb
module. Specifically, the access_logs
subblock requires a valid bucket
and prefix
to be specified if the block is included, regardless of enabled
flag. This release fixes it so that you can still pass in a null
or empty bucket
and prefix
even if the access logs are disabled.
Published: 6/11/2019 | Modules affected: alb, nlb, acm-tls-certificate | Release notes
alb
[BACKWARDS INCOMPATIBLE]
nlb
[BACKWARDS INCOMPATIBLE]
acm-tls-certificate
[BACKWARDS INCOMPATIBLE]
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/13/2019 | Modules affected: kinesis, sns, sqs | Release notes
kinesis
[BACKWARDS INCOMPATIBLE]
sns
[BACKWARDS INCOMPATIBLE]
sqs
[BACKWARDS INCOMPATIBLE]
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/27/2019 | Modules affected: cloudwatch-dashboard-metric-widget | Release notes
- Fix
type
constraint on the metrics
variable of the cloudwatch-dashboard-metric-widget
module to allow non-string types in the inner list, including map values.
Published: 6/24/2019 | Modules affected: logs/cloudwatch-log-aggregation-scripts | Release notes
- This release verifies compatibility of various module scripts in the repo with Ubuntu 18.04. Prior to this version, all modules except for
logs/cloudwatch-log-aggregation-scripts
worked with Ubuntu 18.04. This release fixes the logs/cloudwatch-log-aggregation-scripts
module to also be compatible with Ubuntu 18.04.
Published: 6/21/2019 | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/20/2019 | Modules affected: alarms | Release notes
- #95: Fix default statistic for asg-memory-alarms
Published: 6/11/2019 | Modules affected: alarms/sqs-alarms | Release notes
Thanks to @bendavies for the PR!
Published: 6/26/2019 | Modules affected: init-openvpn | Release notes
- Populate DNS server from proper location on Ubuntu 18.04. This should fix DNS resolution on client machines.
Published: 6/20/2019 | Modules affected: openvpn-server | Release notes
- Fix bug where the IAM role for the openvpn server did not have a lifecycle config for
create_before_destroy
, leading to issues when trying to do a rolling update.
Published: 6/18/2019 | Modules affected: openvpn-server | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/18/2019 | Modules affected: openvpn-server | Release notes
This release introduces the ability to set an expiration lifecycle on the objects in the S3 backup bucket for the openvpn-server
module. To enable expiration, set the enable_backup_bucket_noncurrent_version_expiration
input variable to true
. You can configure the days to expiration using the input variable backup_bucket_noncurrent_version_expiration_days
(defaults to 30
).
Published: 6/17/2019 | Modules affected: install-openvpn | Release notes
install-openvpn
has been updated to support ubuntu 18.04.
Published: 6/25/2019 | Modules affected: gruntsam, api-gateway-account-settings | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module. For gruntsam
, this means the generated code is only compatible with terraform 0.12.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module vars.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/26/2019 | Modules affected: ssh-grunt | Release notes
- Fix a bug where the crontab configured by
ssh-grunt install
was missing the --force-user-deletion
flag.
Published: 6/24/2019 | Modules affected: ssm-healthchecks-iam-permissions, saml-iam-roles, os-hardening, kms-master-key | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/21/2019 | Modules affected: ssm-healthchecks-iam-permissions | Release notes
This release introduces a new module ssm-healthchecks-iam-permissions
which provides IAM policies that you can attach to instance profiles that grants the EC2 instance the requisite permissions to run SSM healthchecks, which are enabled by default on many base AWS AMIs such as Ubuntu.
Published: 6/14/2019 | Modules affected: kms-master-key | Release notes
- Allow cross account usage for CMK keys by granting the requisite IAM permissions to allow an external account to grant access to the KMS key to IAM entities within that account. You can use the new
cmk_external_user_iam_arns
input variable to specify which accounts should have this capability.
Published: 6/11/2019 | Modules affected: single-server | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/6/2019 | Modules affected: attach-eni | Release notes
The attach-eni
script is now compatible with Ubuntu 18.04.
Published: 6/13/2019 | Release notes
This fixes a bug that was introduced in upgrading to terraform 0.12, where prepare-pex-environment
always returned the python3 version of the pex.
Published: 6/6/2019 | Release notes
intermediate-variable
[REMOVED]
list-remove
[BREAKING]
join-path
[BREAKING]
operating-system
[BREAKING]
prepare-pex-environment
[BREAKING]
require-executable
[BREAKING]
run-pex-as-data-source
[BREAKING]
run-pex-as-resource
[BREAKING]
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Additionally, we have deprecated and removed the intermediate-variable
module in this release. This module has been superseded by terraform local values. To upgrade, switch usage of intermediate-variable
with locals
.
Published: 6/11/2019 | Modules affected: vpc-peering, vpc-peering-external, vpc-mgmt, vpc-mgmt-network-acls | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Published: 6/7/2019 | Modules affected: vpc-mgmt, vpc-app | Release notes
var.custom_tags
now propagate to EIP resources created in the VPCs.
Published: 6/11/2019 | Modules affected: k8s-tiller, k8s-tiller-tls-certs, k8s-service-account, k8s-namespace | Release notes
All the modules are now terraform 0.12.0 compatible. Note that this means the modules are no longer compatible with terraform 0.11 and under. Starting this release, you must use terraform 0.12.0 or greater to use this module.
All the module variables have been updated to use concrete types based on the new type system introduced in terraform 0.12.0. You can learn more about the types in the official documentation.
Note that as part of this, we switched to using null
to indicate unset values when passing them through to resources. If you were previously using a 0 value (""
for strings and 0
for numbers), review the module variables.tf
file to double check if the 0 value has been converted to a null
.
Note: there is one major interface change due to the upgrade. For the TLS modules, we no longer cannot pass through the subject info of the TLS cert as an inline block due to type issues. The main issue here is with the street_address attribute, which is of type list(string)
. To support the types, the street_address
must be provided as newline delimited string
, which will be later converted to list(string)
.