Skip to main content

Gruntwork release 2021-11

Guides / Update Guides / Releases / 2021-11

This page is lists all the updates to the Gruntwork Infrastructure as Code Library that were released in 2021-11. For instructions on how to use these updates in your code, check out the updating documentation.

Here are the repos that were updated:



Published: 11/10/2021 | Release notes Fix the build so that binaries are published with each release. The last couple releases are missing binaries, but we should have them with this release.


Published: 11/9/2021 | Release notes Fix a bug with concurrent map writes. Add check for OS file descriptor limits.



Published: 11/22/2021 | Modules affected: terraform-helpers, infrastructure-deploy-script | Release notes

  • Fixed minor style issues in git-updated-files
  • Fixed quoting in one of the error messages in infrastructure-deploy-script


Published: 11/18/2021 | Modules affected: terraform-helpers | Release notes

  • Introduced a new script git-updated-files which will return the list of files that were modified between two refs, with filter functionality.


Published: 11/17/2021 | Modules affected: terraform-helpers, ecs-deploy-runner-standard-configuration, ecs-deploy-runner, infrastructure-deploy-script | Release notes

  • Fixed bug where terraform-update-variable included output from terraform wrappers like tfenv.
  • Added support for passing through --terragrunt-modules-that-include


Published: 11/1/2021 | Modules affected: infrastructure-deploy-script, ecs-deploy-runner | Release notes

  • Fixed bug where branch refs passed as ref to infrastructure-deploy-script was not being handled correctly.
  • Bumped default module_ci_tag in ECS Deploy Runner docker files to this release tag.



Published: 11/3/2021 | Modules affected: security, landingzone, networking | Release notes

Updates versions of underlying dependencies:

  • gruntwork-io/terraform-aws-lambda to v0.14.1
  • gruntwork-io/terraform-aws-service-catalog to v0.65.0
  • gruntwork-io/terraform-aws-vpc to v0.17.8



Published: 11/2/2021 | Modules affected: rds | Release notes

Added delete_automated_backups variable and respective handling to rds module.



Published: 11/24/2021 | Modules affected: eks-cluster-control-plane | Release notes

  • Added the ability to control control access to the private VPC endpoint for kubernetes API access. Refer to the updated documentation for more details.


Published: 11/13/2021 | Modules affected: eks-cluster-managed-workers | Release notes

Added support to AWS Managed Node Groups to pass in taints. This adds the variable to the node_group_configurations and defaults to empty list.


Published: 11/11/2021 | Modules affected: eks-fargate-container-logs | Release notes

  • Fixed bug where the value for auto_create_group for the CloudWatch configuration of EKS FireLens is no longer a valid value on new EKS clusters.



Published: 11/17/2021 | Modules affected: agents | Release notes

  • Swapped jq for gojq to support arm64/aarch64 architecture.



Published: 11/4/2021 | Modules affected: openvpn-server, start-openvpn-admin, openvpn-admin | Release notes

  • Use Gruntwork SQS module for issue and revoke queues [BACKWARD INCOMPATIBLE].
  • Update openvpn-host module user-data script to use AWS Instance Metadata Service Version 2 (IMDSv2)
  • Upgrade openvpn-admin Golang binary to use AWS Instance Metadata Service Version 2 (IMDSv2)



Published: 11/5/2021 | Modules affected: persistent-ebs-volume | Release notes

  • Migrate unmount-ebs-volume script to use IMDSv2. These changes are fully backward compatible.



Published: 11/30/2021 | Modules affected: services/eks-cluster, services, networking, base | Release notes

  • Updated dependency gruntwork-io/terraform-aws-eks to v0.46.5. Note that this change includes a backward incompatible update. Refer to the migration guide below for more information.
  • Updated dependency gruntwork-io/terraform-aws-vpc to v0.18.0
  • Updated dependency gruntwork-io/gruntwork-installer to v0.0.38
  • Updated dependency gruntwork-io/terraform-aws-monitoring to v0.30.3
  • Updated dependency gruntwork-io/terragrunt to v0.35.12
  • Exposed additional_security_groups from terraform-aws-eks control-plane


Published: 11/18/2021 | Modules affected: mgmt | Release notes

  • Update dependency gruntwork-io/terraform-aws-ci to v0.39.5


Published: 11/18/2021 | Modules affected: services/ecs-service, services/ecs-fargate-cluster | Release notes

  • Exposed name of ECS Fargate cluster as an output for dependency chaining.
  • Updated ecs-service to accept dynamic security group rules for awsvpc network config. You can now have the module create and manage a Security Group for your service, instead of externally providing one. Note that as a result of this, the type of the input variable network_configuration has changed. Refer to the migration guide for more info.


Published: 11/16/2021 | Modules affected: services | Release notes

  • Fixed bug where the ALB access logs S3 bucket used a hard coded prefix instead of the configurable parameter.


Published: 11/16/2021 | Modules affected: data-stores | Release notes

  • RDS: Added support for "backup_window" variable to specify when backups should run


Published: 11/12/2021 | Modules affected: mgmt, networking, services, data-stores | Release notes

  • Adds the ability to enable/disable endpoints.
  • Add support for apex records in the route53 module
  • Expose wait and wait_timeout inputs for k8s-service module
  • Update dependency gruntwork-io/terraform-aws-ci to v0.39.3
  • Update dependency gruntwork-io/terraform-aws-eks to v0.46.2
  • Update dependency gruntwork-io/terragrunt to v0.35.7
  • Update dependency gruntwork-io/terraform-aws-data-storage to v0.22.1
  • Update dependency gruntwork-io/terragrunt to v0.35.10
  • Update dependency gruntwork-io/terratest to v0.38.4
  • Update dependency gruntwork-io/terraform-aws-server to v0.13.7
  • Update dependency gruntwork-io/terraform-aws-openvpn to v0.17.0
    • NOTE: this update will delete and recreate the SQS queues used by the openvpn-admin utility when requesting and revoking certificates. VPN functionality is not affected. Please see the migration guide for v0.17.0.
  • Update dependency hashicorp/terraform to v1.0.10


Published: 11/9/2021 | Modules affected: services/public-static-website | Release notes


Published: 11/9/2021 | Modules affected: services, mgmt, networking | Release notes

  • Fix a bug in the route53 module in how it was reading the zone_id parameter.
  • You can now configure the ecs-cluster module to use a public IP using the new cluster_instance_associate_public_ip_address input variable.
  • Update dependency gruntwork-io/aws-sample-app to v0.0.5.


Published: 11/4/2021 | Modules affected: services/k8s-service | Release notes

  • Updated ingress_group input to support setting priority = null, so that you can have ingress resources with no group order. This is useful in situations where you have dynamic environments where the priority doesn't matter, as you can only have one ingress per group order.


Published: 11/3/2021 | Modules affected: mgmt, base, networking, services | Release notes

Changes in this release:

  • The variable autoscaler_skip_nodes_with_local_storage was added to the eks-core-services service
  • Subnet related outputs were added to the vpc service

This release also updates versions of underlying dependencies:

  • gruntwork-io/terraform-aws-ci to v0.39.2
  • gruntwork-io/bash-commons to v0.1.9
  • gruntwork-io/terraform-aws-eks to v0.46.1
  • hashicorp/packer to v1.7.8
  • gruntwork-io/terragrunt to v0.35.5



Published: 11/17/2021 | Modules affected: vpc-app-network-acls, vpc-app, vpc-mgmt-network-acls, vpc-mgmt | Release notes

  • Updated description of NACLs.
  • [BACKWARD INCOMPATIBLE]: The vpc-app module now requires Terraform version >= 0.13.7. This was previously mentioned in the comment but the code had not been updated.
  • Added many new VPC interface endpoints. See #225 for details. Thanks to @schniber for this contribution!


Published: 11/4/2021 | Modules affected: vpc-app | Release notes

vpc-app: Add S3 and DynamoDB endpoints to outputs


Published: 11/2/2021 | Modules affected: vpc-app | Release notes

  • vpc-app: Add outputs containing all subnet information