Skip to main content

Gruntwork release 2022-08

Guides / Update Guides / Releases / 2022-08

This page is lists all the updates to the Gruntwork Infrastructure as Code Library that were released in 2022-08. For instructions on how to use these updates in your code, check out the updating documentation.

Here are the repos that were updated:

gruntkms

v0.0.11

Published: 8/2/2022 | Release notes

  • Updated decryption routine to decrypt multiple ciphertexts in the input concurrently to improve performance.

Special thanks to @rubysolo for their contribution.

https://github.com/gruntwork-io/gruntkms/pull/36

gruntwork

v0.3.10

Published: 8/24/2022 | Release notes

Fix a bug causing the git ref used to fetch the boilerplate template for the form wizard to be out of date.

v0.3.9

Published: 8/22/2022 | Release notes

This release adds two new commands:

  • gruntwork vault login - quickly log into any account defined in your aws-vault account profiles
  • gruntwork vault exec - quickly execute an arbitrary command against any account defined in your aws-vault account profiles

These commands are intended to be used in conjunction with the gruntwork vault generate command, for scaffolding aws-vault account profiles from your infrastructure-live repository.

v0.3.8

Published: 8/17/2022 | Release notes

This release adds a new command gruntwork vault generate that assists you in generating valid aws-vault account profiles for your Ref Arch AWS accounts, to ease login and executing commands.

terraform-aws-architecture-catalog

v0.0.32

Published: 8/4/2022 | Release notes

Full Changelog: https://github.com/gruntwork-io/terraform-aws-architecture-catalog/compare/v0.0.31...v0.0.32

v0.0.31

Published: 8/2/2022 | Release notes

Full Changelog: https://github.com/gruntwork-io/terraform-aws-architecture-catalog/compare/v0.0.30...v0.0.31

terraform-aws-cache

v0.18.1

Published: 8/2/2022 | Release notes

(none)

v0.18.0

Published: 8/2/2022 | Modules affected: memcached, redis | Release notes

  • Some housekeeping updates.
  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

terraform-aws-ci

v0.50.7

Published: 8/12/2022 | Modules affected: terraform-helpers | Release notes

  • Updated terraform-update-variable to make the formatting step optional, allowing you to run it without terraform being available in the PATH.

v0.50.6

Published: 8/3/2022 | Modules affected: ecs-deploy-runner-standard-configuration, ecs-deploy-runner | Release notes

  • Added support in build-docker-image ECS Deploy Runner script for injecting docker buildkit compatible secrets into Kaniko builds via the --env-secret parameter.

v0.50.5

Published: 8/2/2022 | Release notes

  • Improvements to upgrade testing

terraform-aws-ci-steampipe

v0.3.4

Published: 8/4/2022 | Modules affected: ecs-deploy-runner-with-steampipe, steampipe-runner | Release notes

  • ecs-deploy-runner-with-steampipe

  • steampipe-runner

  • Updated dependencies:

    • terraform-aws-service-catalog: v0.92.0 => v0.95.0
    • terraform-aws-security: v0.65.6 => v0.65.8
    • Various test dependencies.

https://github.com/gruntwork-io/terraform-aws-ci-steampipe/pull/31

terraform-aws-cis-service-catalog

v0.41.0

Published: 8/11/2022 | Modules affected: landingzone/account-baseline-app, landingzone/account-baseline-root, landingzone/account-baseline-security, networking/vpc-mgmt | Release notes

  • Updated for-production examples for Reference Architecture
  • Updated dependencies:
    • terraform-aws-service-catalog: v0.95.0 to v0.96.1
  • Unlocked AWS provider v4. Require minimum 3.75.1.
    • In v0.39.0, we missed several module updates in the underlying terraform-aws-service-catalog dependency of this repo.
    • That has been remedied in gruntwork-io/terraform-aws-service-catalog@v0.96.1 (release).
    • Now we've updated all references in terraform-aws-cis-service-catalog to point to the latest, AWS Provider v4 unlocked, version of terraform-aws-service-catalog.
    • No configuration changes are required by you. Please see the migration guide below.

v0.40.1

Published: 8/4/2022 | Modules affected: landingzone/account-baseline-app, landingzone/account-baseline-root, landingzone/account-baseline-security, networking/vpc-mgmt | Release notes

  • Update dependencies:
    • terraform-aws-service-catalog: v0.94.0 to v0.95.0
    • terraform-aws-monitoring: v0.35.2 to v0.35.3
    • Various test dependencies

v0.40.0

Published: 8/3/2022 | Modules affected: landingzone/account-baseline-app, landingzone/account-baseline-root, landingzone/account-baseline-security, security/aws-securityhub | Release notes

  • Renamed variable associate_to_master_account_id to associate_to_admin_account_id in aws-securityhub module to align with latest AWS documentation.

v0.39.0

Published: 8/2/2022 | Modules affected: landingzone/account-baseline-app, landingzone/account-baseline-root, landingzone/account-baseline-security, networking/vpc | Release notes

  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more info.

terraform-aws-ecs

v0.34.1

Published: 8/18/2022 | Modules affected: ecs-cluster | Release notes

  • Updated ecs-cluster module to use the aws_ecs_cluster_capacity_providers to avoid the need for a python script on destroy.

v0.34.0

Published: 8/4/2022 | Modules affected: ecs-cluster, ecs-daemon-service, ecs-service | Release notes

  • Internal housekeeping changes
    • Added patch for v0.32.0
    • Added patch for v0.33.0
    • Updated code owners
    • Added patch for v0.31.0
  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

terraform-aws-eks

v0.53.0

Published: 8/8/2022 | Modules affected: eks-alb-ingress-controller, eks-alb-ingress-controller-iam-policy, eks-aws-auth-merger, eks-cloudwatch-agent | Release notes

  • Housekeeping fixes:
    • Fixed Helm link in alb-ingress-controller README
    • Fixed contributing docs link
    • Updated code owners
  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

terraform-aws-lambda

v0.20.3

Published: 8/3/2022 | Modules affected: run-lambda-entrypoint | Release notes

  • Updated run-lambda-entrypoint CLI to support loading Secrets Manager entries by name instead of ARN. You can now pass a Secrets Manager name to the _ARN environment variables that the entrypoint CLI supports.

terraform-aws-load-balancer

v0.29.1

Published: 8/2/2022 | Release notes

  • No functional changes were introduced with this release!
  • Updated incorrect go package reference.

v0.29.0

Published: 8/1/2022 | Modules affected: alb, acm-tls-certificate, lb-listener-rules | Release notes

  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

terraform-aws-messaging

v0.9.1

Published: 8/2/2022 | Release notes

  • No functional changes were introduced in this release!
  • Updated incorrect go package reference.

v0.9.0

Published: 8/1/2022 | Modules affected: kinesis, msk, sns-sqs-connection, sns | Release notes

  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

terraform-aws-monitoring

v0.35.5

Published: 8/26/2022 | Modules affected: logs | Release notes

  • modules/logs updated to only install logrotate from source if the RPM isn't already installed

v0.35.4

Published: 8/18/2022 | Modules affected: alarms/alb-alarms, alarms/alb-target-group-alarms, alarms/asg-cpu-alarms, alarms/asg-disk-alarms | Release notes

  • Updated all alarms module to expose treat_missing_data as a configurable parameter.

v0.35.3

Published: 8/4/2022 | Modules affected: All | Release notes

  • Renamed legacy vars.tf files to variables.tf.

terraform-aws-openvpn

v0.24.3

Published: 8/10/2022 | Modules affected: openvpn-admin | Release notes

  • Update dependencies of openvpn-admin utility to support usage with AWS SSO.

v0.24.2

Published: 8/8/2022 | Release notes

  • Add retroactive patches for backward incompatible versions v0.20.0 to v0.24.0

terraform-aws-server

v0.15.1

Published: 8/2/2022 | Release notes

  • No functional changes were introduced in this release!
  • Updated incorrect go package reference

v0.15.0

Published: 8/1/2022 | Modules affected: ec2-backup, single-server | Release notes

  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

terraform-aws-service-catalog

v0.96.2

Published: 8/19/2022 | Modules affected: services/k8s-service, landingzone/account-baseline-root, mgmt/terraform-aws-openvpn, mgmt/jenkins | Release notes

  • Exposed the cleanup_on_fail parameter in k8s-service module's helm_release resource.
  • Updated landingzone/account-baseline-root to expose advanced_event_selectors for Cloudtrail as cloudtrail_advanced_event_selectors.
  • Updated rds module to make the option_group_name parameter configurable.
  • Updated jenkins to allow configuring without a Route53 entry.
  • Updated dependencies:
    • terraform-aws-openvpn: v0.24.1 to v0.24.3

v0.96.1

Published: 8/11/2022 | Release notes

  • Unlock AWS Provider v4. Require minimum 3.75.1. In https://github.com/gruntwork-io/terraform-aws-service-catalog/releases/tag/v0.96.0, we missed a few spots. This release updates the above modules with the same minimum version of 3.75.1, with no upper limit. These updates arose from bumping the following underlying library modules:
    • terraform-aws-server
    • terraform-aws-load-balancer
    • terraform-aws-cache
    • terraform-aws-messaging

Special thanks to @lorelei-rupp-imprivata for catching this issue!

v0.96.0

Published: 8/9/2022 | Modules affected: services, base, data-stores, landingzone | Release notes

  • Module dependency updates, to unlock Terraform AWS Provider v4:
    • Update Terraform github.com/gruntwork-io/terraform-aws-eks to v0.53.0
    • Update Terraform github.com/gruntwork-io/terraform-aws-ecs to v0.34.0
  • Unlock AWS provider v4. Require minimum 3.75.1. This update includes a few tests that make sure upgrading to this module from the last release is easy. However, you may need to bump your AWS provider version. See the migration guide notes below for more.

v0.95.1

Published: 8/5/2022 | Modules affected: base/ec2-baseline, services/ec2-instance, mgmt/jenkins, mgmt/bastion-host | Release notes

  • Exposed the ability to set AWS Tags on the resources managed by the ecs-deploy-runner module.
  • Updated dependencies:
    • terraform-aws-monitoring: v0.35.2 to v0.35.3
    • Updated test dependencies.
  • Updated for-production example to the latest iteration of the Reference Architecture.

v0.95.0

Published: 8/4/2022 | Modules affected: networking/sns-topics, base/ec2-baseline, services/ec2-instance, mgmt/jenkins | Release notes

  • Updated dependencies:
    • terraform-aws-ci: v0.50.3 to v0.50.6
    • terraform-aws-monitoring: v0.34.1 to v0.35.2
  • Updated sns-topics module to require passing through the Slack webhook URL using AWS Secrets Manager instead of directly as module variables. This is to treat the webhook URL more like a Secret as recommended by Slack.

v0.94.2

Published: 8/3/2022 | Modules affected: data-stores/aurora, data-stores/rds, landingzone/account-baseline-app, landingzone/account-baseline-root | Release notes

  • Updated dependency terraform-aws-data-storage from v0.24.0 to v0.24.2
  • Exposed new parameters to pass through permission boundaries to IAM Roles managed by the account-baseline modules.

v0.94.1

Published: 8/2/2022 | Modules affected: data-stores/aurora, services/public-static-website | Release notes

  • Updated aurora module to output the generated security group ID.
  • Updated the website S3 bucket created in the public-static-website module with additional security configurations when operating in private bucket mode. The following changes are backward compatible with existing websites.
    • The bucket will now configure blocking of public access for the objects.
    • The bucket will now enforce encryption of data in transit (only accessible over TLS).
  • Added support for configuring CloudFront Functions, a more performant and lightweight alternative to Lambda@Edge, with static websites.
  • Added support for implementing default directory indexing for private S3 bucket backed static websites.
  • Added instructions to README on how to perform a blue-green deployment of Aurora.

terraform-aws-static-assets

v0.15.8

Published: 8/16/2022 | Modules affected: s3-cloudfront | Release notes

  • Add support for s3 buckets with v4 Auth