Release v0.64.0 Undo Breaking Change · cloudposse/terraform-aws-cloudfront-s3-cdn

There is no (recent) breaking change if you update from a version prior to 0.61.0 to this version (0.64.0) or later.

Breaking change:

If you had set website_enabled = true prior to v0.61.0, this module would create a publicly accessible S3 website. v0.61.0 introduced a change to attempt to block that public access (see README for details). If you wanted the S3 website to be publicly available (bypassing Cloudfront), that release broke it.

Breaking back:

Release v0.64.0 preserves the feature, but makes it optional with the variable s3_website_password_enabled and by setting that to default to false, restores the previous default.

Add deployers, bug fixes, general cleanup @Nuru (#160)

what

Add deployment_principal_arns and deployment_actions
Add s3_website_password_enabled
Restore template parsing of additional_bucket_policy removed by #141. Closes #153
Only create referer password when needed. Supersedes and closes #159
General cleanup, enhance README. Fixes #151

Along with creating the S3 bucket, enable selected IAM Principals (such as CI/CD) to upload content to it.
PR #105 made it difficult to directly access the S3 Website created with website_enabled = true. This was a breaking change, as before the S3 Website was public. Adding s3_website_password_enabled to make the #105 change optional and default it to false to retain backward compatibility.
PR #141 was only supposed to remove the obsolete implementation of the feature, not the feature itself.
Best practice is not to create unneeded resources.
The effect of website_enabled was not well documented. The code was quite confusing to follow due to conditionals scattered throughout.