Skip to content

Latest commit

 

History

History
1010 lines (513 loc) · 52.7 KB

CHANGELOG.md

File metadata and controls

1010 lines (513 loc) · 52.7 KB

Changelog

0.87.5 (2024-11-19)

Bug Fixes

0.87.4 (2024-11-19)

Bug Fixes

  • add an optional redirect bucket variable for the redirect module (#678) (4e24726)

0.87.3 (2024-11-06)

Bug Fixes

  • CDI-3508 - Databricks volume bucket name output (#676) (c522ec8)

0.87.2 (2024-11-01)

Bug Fixes

  • concat two list of strings then turn it into set (#674) (8cd5290)

0.87.1 (2024-10-31)

Bug Fixes

0.87.0 (2024-10-31)

Features

Bug Fixes

  • add oidc input to assume role policy (#671) (4d41154)

0.86.1 (2024-10-25)

Bug Fixes

  • Ensure Databricks external location role exists before making it self-referential (#667) (6834b5b)

0.86.0 (2024-10-24)

Features

Bug Fixes

  • databricks-catalog-external-location - Make role self-assuming (#664) (7ff6b93)

0.85.0 (2024-10-17)

Features

0.84.1 (2024-10-17)

Bug Fixes

0.84.0 (2024-10-16)

Features

  • Add groups to databricks-default-cluster-policies module (#655) (94ed7e5)

0.83.5 (2024-10-16)

Bug Fixes

  • CDI-3452 - Fix references for dbx volumes to allow creating volume on existing catalog and bucket (#656) (09ad9c8)

0.83.4 (2024-10-14)

Bug Fixes

  • remove read_file permissions from dbx volume (#653) (3ef78e5)

0.83.3 (2024-10-14)

Bug Fixes

  • refine and downscope UC grants for volume (#651) (617cb81)

0.83.2 (2024-10-11)

Bug Fixes

0.83.1 (2024-10-01)

Bug Fixes

0.83.0 (2024-10-01)

Features

  • New module volumes on existing catalogs (#645) (ae60a9c)

0.82.2 (2024-09-11)

Bug Fixes

  • Add depends_on to databricks_catalog (#641) (dac9a81)

0.82.1 (2024-09-04)

Bug Fixes

  • resolve small clusters compute policy and legacy shared policy (#639) (cc3643b)

0.82.0 (2024-09-03)

Features

  • create service account role module for EKS (#636) (d6ecfd3)

0.81.0 (2024-09-03)

Features

0.80.0 (2024-08-27)

Features

0.79.0 (2024-08-22)

Features

0.78.2 (2024-08-21)

Bug Fixes

  • update READMEs for aws-aurora, aws-aurora-postgres, aws-aurora-mysql (#626) (7eed8f0)

0.78.1 (2024-08-21)

Bug Fixes

  • move the auth token generation out of the redis module for integration reasons (#623) (a3c33dd)

0.78.0 (2024-08-20)

⚠ BREAKING CHANGES

  • update redis replication group to use new aws provider (#613)

Features

  • update redis replication group to use new aws provider (#613) (eca5fd0)

Bug Fixes

0.77.2 (2024-08-19)

Bug Fixes

  • Allow dbx storage credentials roles to be self-assuming (#620) (47970b3)

0.77.1 (2024-08-19)

Bug Fixes

  • missing dollar sign for text interpolation (#617) (2f27356)

0.77.0 (2024-08-19)

Features

  • Create databricks catalog ext loc modules (#614) (8b47a1c)

Bug Fixes

0.76.0 (2024-07-24)

Features

  • add condition_operator field to allow overriding StringEquals with StringLike (#610) (86bab99)

0.75.0 (2024-07-24)

Features

  • add jwt_condition option to oidc variable for IAM trust relationships (#608) (5320504)

0.74.0 (2024-07-18)

Features

  • CDI-3149 - Allow use of existing catalogs and schemas for databricks volumes (#606) (7735218)

0.73.3 (2024-07-03)

Bug Fixes

  • CDI-3123 - fix service principal TF type (#604) (06858ca)

0.73.2 (2024-07-03)

Bug Fixes

0.73.1 (2024-07-03)

Bug Fixes

0.73.0 (2024-07-02)

Features

  • add service principal to workspace module (#598) (e9ea41a)

0.72.1 (2024-06-25)

Bug Fixes

  • add wait for race condition and clean up names (#595) (61c5437)

0.72.0 (2024-06-25)

Features

  • CDI-3103 - New databricks volume module (#593) (2d72a6c)

0.71.0 (2024-06-03)

Features

  • Update default CA identifier for aws-aurora modules to rds-ca-rsa2048-g1 (#591) (61cf124)

0.70.0 (2024-05-31)

Features

0.69.4 (2024-05-02)

Bug Fixes

0.69.3 (2024-05-01)

Bug Fixes

  • don't allow dashes in sids (7959ea0)

0.69.2 (2024-04-30)

Bug Fixes

  • key the sid so they are unique (219cc4c)

0.69.1 (2024-04-24)

Bug Fixes

  • update custom job policy to work with jobs (#581) (2539942)

0.69.0 (2024-04-23)

Features

  • Add a new single node policy to databricks-default-cluster-policies (#579) (2723df6)

0.68.0 (2024-04-19)

Features

  • Allowing on demand instances for Job Compoute databricks compute policy (#577) (639a9ac)

0.67.1 (2024-04-11)

Bug Fixes

  • make aws-iam-role adaptable to oidc & saml changes (#574) (173f2da)

0.67.0 (2024-03-27)

Features

0.66.0 (2024-03-22)

Features

  • Add kms_encryption variable to cloudfront logs bucket (#570) (eea7209)

0.65.5 (2024-03-21)

Bug Fixes

  • Choose one type of encryption for buckets (#568) (125b37b)

0.65.4 (2024-03-07)

Bug Fixes

  • add counter to resource (0ab051a)

0.65.3 (2024-03-07)

Bug Fixes

  • CDI-2604 Databricks cluster policy permission grants not being applied correctly (#563) (d85282f)

0.65.2 (2024-01-26)

Bug Fixes

0.65.1 (2024-01-26)

Bug Fixes

0.65.0 (2024-01-26)

Features

  • Export aws_rds_cluster_instance in aurora postgres module (#557) (e2ef7d0)

0.64.0 (2024-01-26)

Features

0.63.4 (2024-01-19)

Bug Fixes

  • [ONCALL-693] Trigger release of databricks-default-cluster-policies (#552) (3080122)

0.63.3 (2024-01-10)

Bug Fixes

  • remove deprecated overwrite param in this module (#548) (a47c396)

0.63.1 (2023-11-16)

Bug Fixes

  • personal instance pools var for databricks compute policies (#543) (541f8d3)

0.63.0 (2023-11-15)

Features

  • add pool use to personal compute Databricks policy (#542) (9d4cd22)

0.62.3 (2023-11-03)

Bug Fixes

0.62.2 (2023-11-03)

Bug Fixes

  • Split out job compute policy between single and multi node (#537) (770b19e)

0.62.1 (2023-10-31)

Bug Fixes

  • remove unused databricks-workspace-e2 variable (#535) (a21509b)

0.62.0 (2023-10-31)

Features

  • CDI-2182 Add databricks-default-cluster-policy module (#531) (4c70f29)
  • CDI-2183 Add databricks-cluster-log-permissions module (#532) (2e5974a)

Bug Fixes

0.61.0 (2023-10-30)

Features

  • all more options when creating the trust relationship (#525) (edfff23)

0.60.1 (2023-10-03)

Bug Fixes

  • trigger release for S3 default KMS encryption fix (#521) (8bf754e)

0.60.0 (2023-09-22)

Features

  • Remove deprecated overwrite parameter (#519) (2dc7203)

0.59.0 (2023-08-28)

Features

  • Support image tag mutability and scan settings (#517) (64e5e47)

0.58.0 (2023-06-28)

Features

  • AWS provider version bump to support BucketOwnerEnforced object ownership value (#512) (9053640)
  • CDI-1607 Add KMS encryption key var to s3 bucket (#514) (c946dd0)

0.57.4 (2023-06-14)

Bug Fixes

  • Use id and not resource itself as value (#510) (c039cf6)

0.57.3 (2023-06-12)

Bug Fixes

  • Ternary operator for variable validation check against null (#508) (e25a681)

0.57.2 (2023-06-12)

Bug Fixes

0.57.1 (2023-06-12)

Bug Fixes

0.57.0 (2023-06-12)

Features

  • aws-s3-private-bucket Allow specifying bucket object blanket ownership (#502) (f7f45b8)

0.56.2 (2023-05-30)

Bug Fixes

  • Handle empty and blank source policies (#498) (6ac0451)

0.56.1 (2023-05-30)

Bug Fixes

  • Replace a deprecated source_json attribute (#495) (93381a4)

0.56.0 (2023-05-26)

Features

  • output additional info from aws-aurora-postgres (#491) (4d131c5)

Bug Fixes

  • address issue with public access block on public s3 bucket (#492) (e1c5c5c)
  • cut out cztack-ci-2 from workflow, use standard way to authorize cztack-ci-1 (#486) (ce8e47b)
  • fixing acl issue on cloudfront buckets (#493) (22187dd)
  • rotator deprecation - oidc auth to aws in cztack workflow runs (#488) (c72fa79)
  • Source_json is removed in aws provider 5.0.x (#494) (70a6dae)

0.55.1 (2023-05-03)

Bug Fixes

0.55.0 (2023-05-02)

Features

0.54.0 (2023-04-25)

Features

0.53.2 (2023-04-21)

Bug Fixes

0.53.1 (2023-04-18)

Bug Fixes

0.53.0 (2023-03-31)

Features

  • Allow lambda resource collection to be turned off (per account) - [CCIE-1198] (#471) (1882eb8)

0.52.0 (2023-03-18)

Features

  • allow force_destroy option on s3 buckets (#461) (3a0b34f)

0.51.1 (2023-03-06)

Bug Fixes

0.51.0 (2023-03-05)

Features

0.50.1 (2023-02-22)

Bug Fixes

  • update docs and add ALB ARNs to ECS services (#457) (f052fd6)

0.50.0 (2023-02-15)

Features

  • configure log retention in aws-lambda-edge-add-security-headers module (#454) (3cf7dc1)

0.49.2 (2022-12-14)

Bug Fixes

0.49.1 (2022-11-16)

Bug Fixes

  • Add mission permission to allow ECS Fargate container exec (#440) (24b3036)

0.49.0 (2022-11-03)

Features

0.48.0 (2022-10-17)

Features

0.47.0 (2022-09-19)

Features

0.46.0 (2022-09-06)

Features

  • Add ability to pass size of ephemeral storage to ECS (#417) (d87e56e)
  • limit the number of character to the maximum 32 chars (#420) (f0aa9d3)

0.45.0 (2022-07-07)

Features

  • Attach ssm permissions to ecs fargate job module (#407) (5696d1d)

0.44.1 (2022-06-07)

Bug Fixes

  • Update Snowflake Terraform provider source to Snowflake-Labs (#400) (fb7b329)

0.44.0 (2022-05-16)

⚠ BREAKING CHANGES

  • Delete deprecated aws-acm-cert module (#379)

Features

  • adding conventional commit requirement (#394) (39b962c)
  • Update aws-aurora module to not use params_engine_version (#396) (d560e42)
  • Variablize deletion_protection for aurora-postgres module (#385) (6aea3cb)

Bug Fixes

Miscellaneous Chores

  • Delete deprecated aws-acm-cert module (#379) (1c75374)

0.43.3 (2021-11-01)

Bug Fixes

0.42.0 2021-07-20

  • 8e3894ed aws-single-page-static-site remove region from provider

0.41.0 2021-07-08

  • ae62854c [fix] Various fixes for TF AWS 3.0 compatibility (#324)
  • 9991541d [feature] Add 'snapshot_identifier' to all aws-aurora modules (#323)

0.40.0 2021-07-07

  • 118ad1c4 [feature] Terraform AWS Provider 3.0 compatibility (#322)
  • d49054c9 [feature] aws-acm-certificate module compatible with TF AWS Provider >3.0 (#321)

0.39.0 2021-06-25

  • 5b963f73 Update CODEOWNERS
  • b71a885f remove vestiges of interpolation syntax that was deprecated in TF v0.12+ (#316)
  • 408e99d5 Bump github.com/aws/aws-sdk-go from 1.37.25 to 1.38.64 (#315)
  • f1550ece Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1 (#310)
  • 12793de6 [breaking] aws-aurora-postgres: Disable auto minor version upgrade by default. (#311)
  • 98fca6f2 Fix running aws cli on GH Actions/Azure, get modules dynamically (#309)
  • e68091be Auto merge main branch on update for branches with auto-merge enabled (#306)
  • 14ec2cc7 Update docs to use Terraform docs v0.12.1 (#308)
  • b8bacdb7 [feature] aws-s3-private-bucket add canned acl variable (#307)
  • be13877f fix[version]: updating min versions for lambda and cx role (#305)
  • c0c5731e Initial updates for supporting s3 bucket logging targets. (#302)
  • 83e12bc7 [feature]: lambda vpc_config and memory_size (#301)
  • 9df43950 [feature] Allow specifying aws-iam-role max_session_duration (#299)
  • 06c61e51 Bump github.com/aws/aws-sdk-go from 1.37.16 to 1.37.25 (#294)
  • fa775364 Bump github.com/gruntwork-io/terratest from 0.32.7 to 0.32.8 (#293)
  • 63a0a896 Bump github.com/sirupsen/logrus from 1.7.0 to 1.8.0 (#287)
  • 7d3323d1 Bump github.com/aws/aws-sdk-go from 1.36.3 to 1.37.16 (#292)
  • f58ea191 Bump github.com/aws/aws-sdk-go from 1.36.3 to 1.37.15 (#288)
  • 9479aa8a Create Dependabot config file (#291)
  • cd1e33c1 Bump github.com/gruntwork-io/terratest from 0.31.1 to 0.32.7 (#290)
  • 234300b7 Bump github.com/stretchr/testify from 1.6.1 to 1.7.0 (#289)
  • 55c16ef9 add go mods auto-tidy workflow
  • 298ee9dc [feature] Add CIDR blocks based security group to Redis (#286)
  • 488c4ea9 [fix] s3-private-bucket more lenient aws provider version (#285)
  • e4738500 [refactor] rm unneeded vars (#281)
  • 9be9388a [fix] aws-single-page-static site to work outside us-east-1 (#280)
  • ecdcc6f9 enable clouldwatch log exports for aurora postgresql (#279)
  • 62f0981e [feature]Snowflake: ALL modules output privileges granted (#277)

0.38.0 2021-01-12

  • ae34a726 [feature] aws-s3-public-bucket require https, allow disabling versioning (#278)
  • 1b53806c [feature] Add aws-redis-replication-group (#267)
  • 68ab717a fix: Snowflake Provider version less strict

0.35.0 2020-07-08

0.33.1 2020-05-21

  • 9d289b25 [fix] Use index when referring to a dependency with a count

0.33.0 2020-05-21

  • 8b5df1fb [feature] Optionally disable poweruser role iam actions (#194)
  • d411f6fa [feature] Readonly role OIDC federation enabled + kms decrypt optional (#195)

0.32.0 2020-05-20

0.31.1 2020-05-01

  • e2c9d0b5 Include TagSession privilege for assumed roles. (#189)

0.30.0 2020-03-31

  • 50ef023c [feature] aws-iam-role-*: Allow multiple accounts to assume role, deprecate source_account_id (#185)
  • 4fcd6f92 upgraded to go 1.14 (#184)
  • b31cd721 [breaking] [feature] aws-iam-instance-profile reuse existing role and remove SSM support (#183)
  • 8d7f1ff8 Update docstrings (#182)

0.29.0 2020-03-17

  • 72fe3a70 [feature] Allow the aws-iam-role-crossacct for OIDC federation (#179)
  • 968da0b0 retry downloading dependencies (#178)
  • b770f3df add git push to release

0.25.0 2019-12-10

0.24.0 2019-11-27

0.23.0 2019-10-17

0.22.2 2019-10-10

  • 61d294b5 Add UpdateRoleDescription perms to aws-iam-role-poweruser (#145)
  • 4dee504e [bugfix] Fix secretsmanager execution role IAM policy in aws-ecs-job (#144)
  • 3f3b0f55 Make aws-redis-node match internal lib, upgrade default (#146)

0.22.1 2019-10-09

  • 133cb5c3 [bugfix] fix permissions on aws-ecs-service secrets (#143)

0.22.0 2019-10-08

0.21.3 2019-10-02

0.21.2 2019-09-27

0.21.1 2019-09-26

  • 57354a7f Fix aws-ecs-* task execution role permissions (#133)

0.21.0 2019-09-25

0.20.0 2019-09-23

  • 9bcd84c7 [breaking] Modified infraci role to accept a list of dyanmodb table arns (#130)

0.19.5 2019-09-23

  • 04f67e0f Adding terraform statefile policy to infraci role (#126)

0.19.4 2019-09-18

  • fbfaf513 Add internal features to aws-single-page-static-site (#125)

0.19.3 2019-09-17

  • 2faeae6c aws-s3-private-bucket set ignore_public_acls and restrict_public_buckets (#124)

0.19.2 2019-09-16

  • 6923e1b6 Support disabling versioning in private buckets (#122)
  • 96ea06d9 Support multiple services in params reader policy (#121)
  • 6765b83c Fix typo in aws-s3-private-bucket (#120)

0.19.1 2019-09-12

  • af52ae6e Make Aurora engine version configurable (#118)
  • ddf566a2 Add Aurora deletion protection variable (#116)
  • 384ed745 Add cloudfront outputs for single-page-static-site (#115)

0.19.0 2019-08-20

  • f827caa5 [fix] Added more information to the github webhooks collector Readme (#113)
  • 22e21f1a [feature] Add GitHub Webhooks archiver and S3 private bucket modules (#112)

0.18.2 2019-08-13

  • c3f8d58e Add aws-ssm-params and aws-ssm-params-writer (#111)
  • 5c845fff set engine_version for aws-aurora-postgres (#110)

0.18.1 2019-08-08

0.18.0 2019-07-29

  • 4f94667 Release 0.18.0
  • 878f367 [breaking] Terraform 0.12 compatibility (breaks 0.11 compatibility) (#105)
  • f6e470b Fixed Typo in Readme (#102)
  • b9000b8 Add a .gitattributes to collapsed vendored code during github pull requests (#106)
  • d0e53fc add force_detach_policies to aws_iam_role (#100)
  • 982ff3b ACM certificate route53 overwrite (#99)

0.17.1 2019-05-15

  • bdad602 adding in route53 Read Only Access (#96)
  • a361c8d Create pull request template.md

0.17.0 2019-05-01

  • 1fc4a19 New route53 poweruser (#94)
  • 8fc7bf0 [breaking] Removing ability of power users to register domains via route53 (#92)

0.16.0 2019-04-22

  • 9d5798e Update aws-params-writer to explicitly take a parameters count (#90)
  • 57261e8 Add iam:ListServerCertificates permission to poweruser (#89)
  • cbaa829 Fix a bug with missing param group connection to the Aurora resource (#88)

0.15.3 2019-01-30

  • 00061db [Bugfix] Limit SSM s3 policies (#85)
  • 418e527 [Bugfix] Changed policy for readonly to include secrets policy (#84)
  • 60203ad Add iam:TagRole to poweruser (#83)

0.15.2 2018-12-05

  • aws-iam-ec2-poweruser-role Add iam_path
  • aws-iam-ecs-task-role Add iam_path
  • aws-iam-instance-profile Add option to disable attach SSM policy
  • aws-iam-role-infraci Add secrets manager read access to secrets tagged with allowCI=true
  • aws-aurora-* Expose the reader endpoint*

0.15.1 2018-11-09

  • Bugfix for aws_iam_policy_document in aws-iam-group-assume-role

0.15.0 2018-11-08

  • [new] aws single page app static site
  • [new] aws-iam-instance-profile
  • [new] bless-ca
  • [breaking] KMS key tags
  • [breaking] aws-iam-ecs-task-role remove policy argument
  • Poweruser delete/update policy permissions
  • Convert raw JSON policy to aws_iam_policy_document

0.14.0 2018-09-04

  • [breaking] Parameter store reader policy inline, region support
  • Poweruser instance profile and policy permissions
  • Testing for aws-redis-node and aurora

0.13.0 2018-08-21

  • [breaking] cloudfront poweruser allow for multiple bucket prefixes
  • [new] cloudwatch log group module
  • [new] blessclient aws role

0.12.0 2018-08-15

  • added a suite of tests via Terratest
  • [new] module for ec2 poweruser role
  • [new] modules for aws aurora
  • better docs for our taggging approach
  • [breaking] refactor of params/secrets modules
  • [new] AWS ACM cert module

0.11.0 2018-07-30

Initial release of open source modules. Number is kept in-sync with internal repo.

Currently moved to this repo are all our IAM and secrets modules.