Releases: cloudposse/terraform-aws-cloudfront-cdn
v1.2.0
🚀 Enhancements
Add origin_access_control_id feature @Genesys05 (#112)
## what- add origin_access_control_id optional variable to define origin_access_control on Cloudfront
- add origin_access_control_id argument on cloudfront_distribution resource
- Update the Readme with new vars
why
I done that because before you can't use Origin access control with this module.
🤖 Automatic Updates
Update .github/settings.yml @osterman (#135)
## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` fileswhy
- Re-apply
.github/settings.yml
from org level - Use organization level auto-release settings
references
- DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update release workflow to allow pull-requests: write @osterman (#134)
## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PRwhy
- So we can support commenting on PRs with a link to the release
Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#133)
## what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repowhy
- Reduce nested levels of reusable workflows
v1.1.0
🚀 Enhancements
feat: allow aws_cloudfront_origin_access_identity to be toggled on/off @venkatamutyala (#127)
what
Even when i'm using an external origin (ex. a GCP IP) it appears aws_cloudfront_origin_access_identity always gets created. This is to provide a toggle to disable it.
why
The aws_cloudfront_origin_access_identity resource isn't required for all use cases Ex. using cloudfront in front of non-AWS resources.
references
🤖 Automatic Updates
v1.0.1
🚀 Enhancements
Update default minimum viewer protocol to TLSv1.2_2021 @venkatamutyala (#117)
what
By default deprecated protocols are being supported:
This change would disable support for viewers using TLS 1.1 and TLS 1.0.
why
1.0 and 1.1 are known to be deprecated/insecure. To save folks trouble by their security teams using the latest version seems the most appropriate.
references
🤖 Automatic Updates
Bump golang.org/x/net from 0.0.0-20210614182718-04defd469f4e to 0.17.0 in /test/src @dependabot (#122)
Bumps golang.org/x/net from 0.0.0-20210614182718-04defd469f4e to 0.17.0.
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
v1.0.0
Support AWS Provider V5 @max-lobur (#103)
what
Support AWS Provider V5
Major release due to breaking change in S3 upgraded module
Linter fixes
why
Maintenance
references
https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.0.0
Sync .github @max-lobur (#98)
Rebuild github dir from the template
v0.26.0
- No changes
v0.25.0
Add response_headers_policy_id to ordered cache options @adamcrews (#93)
what
- Add the ability to specify the
response_headers_policy_id
in the ordered cache
why
- This setting is available for the default cache config, and should also be available for ordered cache config.
references
v0.24.2
enable http3 @kevcube (#90)
what
- Enable HTTP/3 support in CloudFront
why
- It's faster, and shinier than http/2
references
git.io->cloudposse.tools update @dylanbannon (#87)
what and why
Change all references to git.io/build-harness
into cloudposse.tools/build-harness
, since git.io
redirects will stop working on April 29th, 2022.
References
- DEV-143
🤖 Automatic Updates
Update Terraform cloudposse/route53-alias/aws to v0.13.0 @renovate (#81)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/route53-alias/aws (source) | module | minor | 0.12.1 -> 0.13.0 |
Release Notes
cloudposse/terraform-aws-route53-alias
v0.13.0
BREAKING CHANGE: Because this release changes resource addresses, it will result in Terraform destroying and recreating some resources. Please consider removing
aws_route53_record
resources from the state and importing them to the new resource addresses if you do not with for any destructive changes.
Fix: Add BridgeCrew Suppressions @korenyoni (#39)
##### what- Add BridgeCrew suppressions
why
Add suppressions appearing in #37
##### references * #37Chore: Run 'make github/init' @korenyoni (#38)
##### what * Run `make github/init` ##### why * Updates GHA-workflow-related files to their latest distribution in https://github.com/cloudposse/build-harness * Allows using `no-release` label for consolidating multiple PRs into a single release. ##### references * N/AFix: create records using `for_each` instead of `count` @1david5 (#37)
##### what * Modify `default` and `ipv6` `aws_route53_record` resources to use `for_each` instead of `count`. ##### why * Prevent destroying and recreating DNS records when removing elements from `aliases` list.Update Terraform cloudposse/s3-log-storage/aws to v0.26.0 @renovate (#71)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/s3-log-storage/aws (source) | module | minor | 0.24.1 -> 0.26.0 |
Release Notes
cloudposse/terraform-aws-s3-log-storage
v0.26.0
Add S3 bucket ownership controls @max-lobur (#61)
#### what * Set aws_s3_bucket_ownership_controls to BucketOwnerPreferred #### why * Per [docs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) this setting will let object uploader decide ownership. If `bucket-owner-full-control` ACL is specified, the bucket account take ownership, otherwise the writer account keeps ownership. Bucket on its side may enforce presence of the `bucket-owner-full-control` ACL which we already do when needed. So this setting was the only missing piece to make ownership work like we expected * I found no use cases for the other value of this resource: `ObjectWriter`. It corresponds to legacy S3 behavior which was broken for us. Decided to always set to `BucketOwnerPreferred` and not allow to customize. If the owner must be preserved, we should not pass `bucket-owner-full-control` - this is a more clear way to control the behavior. #### references * https://aws.amazon.com/blogs/storage/enforcing-ownership-of-amazon-s3-objects-in-a-multi-account-environment/ * https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html * https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls#ObjectWriterv0.25.0
Add support for bucket notifications @max-lobur (#60)
#### what * Add support for bucket notifications * Only SQS destination for now #### why * To enable log collectionv0.24.1
🚀 Enhancements
Dont send ssl_support_method for default certificate @rusowyler (#80)
what
- Don't send ssl_support_method when using cloudfront_default_certificate
why
- It's only required if you specify acm_certificate_arn or iam_certificate_id
- Sending it will cause Terraform to try to update CF on every deploy
~ viewer_certificate {
+ ssl_support_method = "sni-only"
# (2 unchanged attributes hidden)
}
# (5 unchanged blocks hidden)
v0.24.0
v0.23.1
🤖 Automatic Updates
Update Terraform cloudposse/route53-alias/aws to v0.12.1 @renovate (#77)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/route53-alias/aws (source) | module | patch | 0.12.0 -> 0.12.1 |
Release Notes
cloudposse/terraform-aws-route53-alias
v0.12.1
🤖 Automatic Updates
Update context.tf @cloudpossebot (#36)
##### what This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label` ##### why To support all the features of the `context` interface.Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by WhiteSource Renovate. View repository job log here.