v0.21.0

context.tf updated to v0.24.1, minimum required Terraform version bumped to 0.13.0 when needed, readme updated @maximmi (#62)

what

• update context.tf to v0.24.1
• update terraform cloudposse/route53-cluster-hostname/aws to v0.12.0 (#60)
• minimum required Terraform version bumped to 0.13.0
• readme updated, Bridgecrew compliance badges added

why

• It allows for setting the letter case of tag names and labels, back compatibility with context v0.22.0 and below
• we have dropped support for Terraform 0.12
• To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant

Supersedes and closes #41
Supersedes and closes #58
Supersedes and closes #61

v0.20.1

🤖 Automatic Updates

Update README.md and docs @cloudpossebot (#59)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.20.0

readme updated, BridgeCrew compliance fixes @maximmi (#57)

what

• BridgeCrew compliance checks fix
• readme updated
• code clean up
• default behaviour changed: Instance Metadata Service Version 2 forced by default
• default behaviour changed: Encryption of the root block device enabled by default

why

• To be able to position our modules as standards compliant
• Providing explicit note about NAT instance with public IP
• removed unnecessary providers dependencies
• To comply BridgeCrew check
• To comply BridgeCrew check

references

• https://docs.bridgecrew.io/docs/public_12
• https://docs.bridgecrew.io/docs/general_13
• https://docs.bridgecrew.io/docs/bc_aws_general_31

v0.19.0

Terraform 0.14 upgrade @maximmi (#55)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.18.1

🤖 Automatic Updates

Update README.md and docs @cloudpossebot (#54)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.18.0

fix: use short hostname for dns record @syphernl (#53)

what

• Add a host_name variable to revert the namechange introduced in v0.17.0.

why

• Since v0.17.0 context is being passed to the route53-cluster-hostname module, which results in the hostname to be changed to the value of module.this.id (namespace-env-bastion) rather than bastion

references

• As similarly applied to terraform-aws-rds

v0.17.0

Terraform 0.14 upgrade @sfc-gh-pkommini (#51)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.16.0

sg: make ingress blocks optional, add egress block @joe-niland (#49)

'Forked' from #29

what

• Resurrect abandoned PR #29 created by @DeividasJackus
• Tweaked aws_security_group definition to:
• Only create ingress rules if allowed_cidr_blocks variable is specified.
• Create an egress rule allowing all outbound traffic, if variable egress_allowed is set to true.
• Defined description for ingress/egress blocks.

why

• Conditional blocks: Terraform would repeatedly try to create empty ingress rules if either of the variables wasn't used (AWS will ignore these). Every consequent run would have Terraform think that there's changes in infrastructure to be applied.
• Egress: see #19

references

• Closes #19

v0.15.1

🚀 Enhancements

Fix typo in the description of instance_type var @alexandrusavin (#44)

what

• Fix typo in the description of instance_type var

why

• Avoids confusion

references

v0.15.0

Conditionally configure security group ingress @alexandrusavin (#45)

what

• Conditionally configure default security group ingress only when length(var.ingress_security_groups) > 0

why

• Otherwise, it detects an update on every plan run even if applied (which whould not do anythink because security_groups is empty). Ex:

   Terraform will perform the following actions:
   
     # module.ec2_bastion.aws_security_group.default[0] will be updated in-place
     ~ resource "aws_security_group" "default" {
           arn                    = "XXX"
           description            = "Bastion security group (only SSH inbound access is allowed)"
           egress                 = []
           id                     = "XXX"
         ~ ingress                = [
               {
                   cidr_blocks      = [
                       "0.0.0.0/0",
                   ]
                   description      = "Allow ingress to groups listed in var.allowed_cidr_blocks"
                   from_port        = 22
                   ipv6_cidr_blocks = []
                   prefix_list_ids  = []
                   protocol         = "tcp"
                   security_groups  = []
                   self             = false
                   to_port          = 22
               },
             + {
                 + cidr_blocks      = []
                 + description      = "Allow ingress to groups listed in var.ingress_security"
                 + from_port        = 0
                 + ipv6_cidr_blocks = []
                 + prefix_list_ids  = []
                 + protocol         = "-1"
                 + security_groups  = []
                 + self             = false
                 + to_port          = 0
               },
           ]
           name                   = "a-bastion"
           ...
       }
   
  

references

• Please, close this PR if you merge #29 which also fixes this issue.