Releases: cloudposse/terraform-aws-cloudfront-s3-cdn
v0.96.0
Adding origin_access_control_id to custom_origins @jjchiw (#326)
Adding Origin Access Control Id to Custom Originswhat
Custom Origins didn't have Origin Access Control
Implements this infrastructure
why
Custom Origins didn't have Origin Access Control
if we wanted to invoke a lambda
we were not able to do it
references
Summary by CodeRabbit
-
New Features
- Enhanced configuration options for custom origins in CloudFront with the addition of
origin_access_control_id
. - Updated variable definitions for
custom_origins
ands3_origins
to include access control ID.
- Enhanced configuration options for custom origins in CloudFront with the addition of
-
Bug Fixes
- Deprecated certain variables to streamline configuration and encourage best practices.
-
Documentation
- Updated documentation to reflect changes in variable structures and configurations.
v0.95.1
Add support for origin-access-control @rankin-tr (#319)
## what- add Origin Access Control feature
- add
var.origin_access_type
to enable Origin Access Identity or Origina Access Control policy - add
aws_cloudfront_origin_access_control.default
resource - add
origin_access_control_id
argument to origin config onaws_cloudfront_distribution.default
- add
- update example code
- update README
why
- provide the ability to make use of an Origin Access Control
- retain default origin access identity behavior
- AWS recommends using origin access control
- Origin Access Identities are flagged in AWS Security Hub
references
🤖 Automatic Updates
Migrate new test account @osterman (#322)
## what - Update `.github/settings.yml` - Update `.github/chatops.yml` fileswhy
- Re-apply
.github/settings.yml
from org level to getterratest
environment - Migrate to new
test
account
References
- DEV-388 Automate clean up of test account in new organization
- DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
- DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @osterman (#321)
## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` fileswhy
- Re-apply
.github/settings.yml
from org level - Use organization level auto-release settings
references
- DEV-1242 Add protected tags with Repository Rulesets on GitHub
v0.95.0
What's Changed
- Update README.md by @keithrozario in #308
- fix: private policies cannot use wildcard principal by @dudymas in #311
New Contributors
- @keithrozario made their first contribution in #308
- @dudymas made their first contribution in #311
Full Changelog: 0.94.0...0.95.0
v0.94.0
v0.93.1
BucketOwnerEnforced s3 buckets can't have an acl @mfuhrmeisterDM (#301)
what
disable creating acl resource in that case.
why
BucketOwnerEnforeced s3 bucket can't have an acl.
references
🤖 Automatic Updates
Add GitHub Settings @osterman (#302)
what
- Install a repository config (
.github/settings.yaml
)
why
- Programmatically manage GitHub repo settings
Update README.md and docs @cloudpossebot (#297)
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
v0.93.0
Fixed deprecated aws_s3_bucket attributes @andruccho (#293)
The following options were deprecated, and have either been updated, or replaced with the new necessary resources:
server_side_encryption_configuration
replaced withaws_s3_bucket_server_side_encryption_configuration
resourceversioning
replaced withaws_s3_bucket_versioning resource
cors_rule
replaced withaws_s3_bucket_cors_configuration resource
acl
replaced withaws_s3_bucket_acl resource
bucket_versioning
input added
Pull request is almost the same with #266, exclude override_json
replaced with override_policy_documents
option, because for me it breaks logs
submodule behavior.
I'm getting no deprecation warnings without this change (my aws
provider version is 5.30.0
).
v0.92.1
🚀 Enhancements
Readme/example fix @samcrudge (#229)
what
- Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
- Example of 'Origin Group with the origin created by this module as a primary origin and an additional
S3 bucket as a failover origin' showed the s3_origins & origin_group as a map(any) rather than a list(map) causing builds to fail when using said example.
why
- Provide the justifications for the changes (e.g. business case).
- Describe why these changes were made (e.g. why do these commits fix the problem?)
- Examples that reflect the required schema.
references
- Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow).
- README.md & README.yaml
🤖 Automatic Updates
chore(deps): update terraform cloudposse/iam-role/aws to v0.19.0 (main) @renovate (#271)
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/iam-role/aws (source) | module | minor | 0.16.0 -> 0.19.0 |
Release Notes
cloudposse/terraform-aws-iam-role (cloudposse/iam-role/aws)
v0.19.0
IAM Role name length limit @goruha (#58)
what
- Fix IAM role name length limit
why
- Fix IAM role name length limited to 64
Sync github @max-lobur (#54)
Rebuild github dir from the template
v0.18.0
- No changes
v0.17.0
Update main.tf @karinatitov (#50)
have a chance to configure the name of the policy
what
- With this change i want to have an ability to provide a custom name for the policy
why
- the resources i'm working with were not created in the same way this module assumes
- to have a chance to configure the name of the policy
git.io->cloudposse.tools update @dylanbannon (#46)
what and why
Change all references to git.io/build-harness
into cloudposse.tools/build-harness
, since git.io
redirects will stop working on April 29th, 2022.
References
- DEV-143
v0.16.2
🚀 Enhancements
Add enabled check to data source @nitrocode (#45)
what
- Add enabled check to data source
- Add TestExamplesCompleteDisabled check
why
- Prevent creation if enabled is false
references
v0.16.1
🚀 Enhancements
Disabling all tags in all iam resources @jamengual (#44)
what
- In https://github.com/cloudposse/terraform-aws-iam-role/pull/43 I added the option to disable role tags but in environments where roles are created under very strict controls, the policy tags for the roles sometimes can't be tagged. This change disable tags for all IAM related resources.
why
- to disable tags for role-related things. Use one variable instead of two.
references
v0.92.0
Allow Public Bucket Policy @milldr (#288)
what
- Set restrict_public_buckets to the same value as
var.block_origin_public_access_enabled
why
- Only restrict public access on the bucket if we're blocking public access. Otherwise Cloudfront will not be able to access the bucket
references
- Corrects bug created by #284
v0.91.1
🚀 Enhancements
Correct a comment @alexjurkiewicz (#239)
var.comment
is for the distribution, not Origin Access Identity.
v0.91.0
Support AWS Provider V5 @max-lobur (#284)
what
Support AWS Provider V5
Linter fixes
why
Maintenance
references
https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.0.0
Sync github @max-lobur (#273)
Rebuild github dir from the template