Skip to content

Releases: cloudposse/terraform-aws-cloudfront-cdn

v1.2.0

25 Jul 01:29
cfebe9f
Compare
Choose a tag to compare

🚀 Enhancements

Add origin_access_control_id feature @Genesys05 (#112) ## what
  • add origin_access_control_id optional variable to define origin_access_control on Cloudfront
  • add origin_access_control_id argument on cloudfront_distribution resource
  • Update the Readme with new vars

why

I done that because before you can't use Origin access control with this module.

🤖 Automatic Updates

Update .github/settings.yml @osterman (#135) ## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update release workflow to allow pull-requests: write @osterman (#134) ## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

  • So we can support commenting on PRs with a link to the release
Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#133) ## what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repo

why

  • Reduce nested levels of reusable workflows
Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#132) ## what - Update workflows (`.github/workflows`) to add `issue: write` permission needed by ReviewDog `tflint` action

why

  • The ReviewDog action will comment with line-level suggestions based on linting failures
Update GitHub workflows @osterman (#131) ## what - Update workflows (`.github/workflows/settings.yaml`)

why

  • Support new readme generation workflow.
  • Generate banners

v1.1.0

11 Apr 04:10
70d58a8
Compare
Choose a tag to compare

🚀 Enhancements

feat: allow aws_cloudfront_origin_access_identity to be toggled on/off @venkatamutyala (#127)

what

Even when i'm using an external origin (ex. a GCP IP) it appears aws_cloudfront_origin_access_identity always gets created. This is to provide a toggle to disable it.

why

The aws_cloudfront_origin_access_identity resource isn't required for all use cases Ex. using cloudfront in front of non-AWS resources.

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_identity

🤖 Automatic Updates

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#128)

what

  • Install latest GitHub Action Workflows

why

  • Use shared workflows from cldouposse/.github repository
  • Simplify management of workflows from centralized hub of configuration

v1.0.1

19 Mar 02:53
8b9ca79
Compare
Choose a tag to compare

🚀 Enhancements

Update default minimum viewer protocol to TLSv1.2_2021 @venkatamutyala (#117)

what

By default deprecated protocols are being supported:

image

This change would disable support for viewers using TLS 1.1 and TLS 1.0.

why

1.0 and 1.1 are known to be deprecated/insecure. To save folks trouble by their security teams using the latest version seems the most appropriate.

references

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html

🤖 Automatic Updates

Bump golang.org/x/net from 0.0.0-20210614182718-04defd469f4e to 0.17.0 in /test/src @dependabot (#122)

Bumps golang.org/x/net from 0.0.0-20210614182718-04defd469f4e to 0.17.0.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.
Add GitHub Settings @osterman (#118)

what

  • Install a repository config (.github/settings.yaml)

why

  • Programmatically manage GitHub repo settings
Update Scaffolding @osterman (#115)

what

  • Reran make readme to rebuild README.md from README.yaml
  • Migrate to square badges
  • Add scaffolding for repo settings and Mergify

why

  • Upstream template changed in the .github repo
  • Work better with repository rulesets
  • Modernize look & feel

v1.0.0

26 Jun 21:13
d30421a
Compare
Choose a tag to compare
Support AWS Provider V5 @max-lobur (#103)

what

Support AWS Provider V5
Major release due to breaking change in S3 upgraded module
Linter fixes

why

Maintenance

references

https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.0.0

Sync .github @max-lobur (#98)

Rebuild github dir from the template

v0.26.0

16 May 19:44
d4a8989
Compare
Choose a tag to compare
  • No changes

v0.25.0

19 Nov 17:48
d4a8989
Compare
Choose a tag to compare
Add response_headers_policy_id to ordered cache options @adamcrews (#93)

what

  • Add the ability to specify the response_headers_policy_id in the ordered cache

why

  • This setting is available for the default cache config, and should also be available for ordered cache config.

references

v0.24.2

26 Aug 20:43
43b5746
Compare
Choose a tag to compare
enable http3 @kevcube (#90)

what

  • Enable HTTP/3 support in CloudFront

why

  • It's faster, and shinier than http/2

references

git.io->cloudposse.tools update @dylanbannon (#87)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

  • DEV-143

🤖 Automatic Updates

Update Terraform cloudposse/route53-alias/aws to v0.13.0 @renovate (#81)

This PR contains the following updates:

Package Type Update Change
cloudposse/route53-alias/aws (source) module minor 0.12.1 -> 0.13.0

Release Notes

cloudposse/terraform-aws-route53-alias

v0.13.0

Compare Source

BREAKING CHANGE: Because this release changes resource addresses, it will result in Terraform destroying and recreating some resources. Please consider removing aws_route53_record resources from the state and importing them to the new resource addresses if you do not with for any destructive changes.

Fix: Add BridgeCrew Suppressions @​korenyoni (#​39) ##### what
  • Add BridgeCrew suppressions
why

Add suppressions appearing in #​37

CleanShot 2022-01-27 at 23 08 27@​2x ##### references * #​37
Chore: Run 'make github/init' @​korenyoni (#​38) ##### what * Run `make github/init` ##### why * Updates GHA-workflow-related files to their latest distribution in https://github.com/cloudposse/build-harness * Allows using `no-release` label for consolidating multiple PRs into a single release. ##### references * N/A
##### 🐛 Bug Fixes
Fix: create records using `for_each` instead of `count` @​1david5 (#​37) ##### what * Modify `default` and `ipv6` `aws_route53_record` resources to use `for_each` instead of `count`. ##### why * Prevent destroying and recreating DNS records when removing elements from `aliases` list.

Update Terraform cloudposse/s3-log-storage/aws to v0.26.0 @renovate (#71)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module minor 0.24.1 -> 0.26.0

Release Notes

cloudposse/terraform-aws-s3-log-storage

v0.26.0

Compare Source

Add S3 bucket ownership controls @​max-lobur (#​61) #### what * Set aws_s3_bucket_ownership_controls to BucketOwnerPreferred #### why * Per [docs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) this setting will let object uploader decide ownership. If `bucket-owner-full-control` ACL is specified, the bucket account take ownership, otherwise the writer account keeps ownership. Bucket on its side may enforce presence of the `bucket-owner-full-control` ACL which we already do when needed. So this setting was the only missing piece to make ownership work like we expected * I found no use cases for the other value of this resource: `ObjectWriter`. It corresponds to legacy S3 behavior which was broken for us. Decided to always set to `BucketOwnerPreferred` and not allow to customize. If the owner must be preserved, we should not pass `bucket-owner-full-control` - this is a more clear way to control the behavior. #### references * https://aws.amazon.com/blogs/storage/enforcing-ownership-of-amazon-s3-objects-in-a-multi-account-environment/ * https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html * https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls#ObjectWriter

v0.25.0

Compare Source

Add support for bucket notifications @​max-lobur (#​60) #### what * Add support for bucket notifications * Only SQS destination for now #### why * To enable log collection

v0.24.1

03 Jan 17:35
9f0b065
Compare
Choose a tag to compare

🚀 Enhancements

Dont send ssl_support_method for default certificate @rusowyler (#80)

what

  • Don't send ssl_support_method when using cloudfront_default_certificate

why

  • It's only required if you specify acm_certificate_arn or iam_certificate_id
  • Sending it will cause Terraform to try to update CF on every deploy
  ~ viewer_certificate {
      + ssl_support_method             = "sni-only"
        # (2 unchanged attributes hidden)
    }
    # (5 unchanged blocks hidden)

v0.24.0

23 Dec 18:35
e5622af
Compare
Choose a tag to compare
Adding origin shield variables @justnom (#78)

what

  • Add variables to enable the Origin Shield for the CloudFront distribution

why

  • Using Origin Shield can help reduce the load on your origin.

references

v0.23.1

20 Nov 05:27
b945936
Compare
Choose a tag to compare

🤖 Automatic Updates

Update Terraform cloudposse/route53-alias/aws to v0.12.1 @renovate (#77)

This PR contains the following updates:

Package Type Update Change
cloudposse/route53-alias/aws (source) module patch 0.12.0 -> 0.12.1

Release Notes

cloudposse/terraform-aws-route53-alias

v0.12.1

Compare Source

🤖 Automatic Updates
Update context.tf @​cloudpossebot (#​36) ##### what This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label` ##### why To support all the features of the `context` interface.

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.