Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove awsutils provider and dependent feature, fix bugs #70

Merged
merged 2 commits into from
Sep 3, 2022
Merged

remove awsutils provider and dependent feature, fix bugs #70

merged 2 commits into from
Sep 3, 2022

Conversation

Nuru
Copy link
Contributor

@Nuru Nuru commented Sep 3, 2022
edited
Loading

what

  • Remove iam_access_key_max_age and the ability to create AWS Access Keys of predefined lifetime
  • Output secrets only when not using SSM Parameter Store
  • Enhance testing

why

  • We are removing this feature due to the confusion to the community of our terraform users that has been caused by requiring the cloudposse/awsutils Terraform provider to provide the feature. The error messages stemming from the missing provider block configuration are causing more of a support headache than it is worth. Since we implemented this feature, most CI/CD providers have implemented a better way to obtain short-lived CI/CD credentials (e.g. GitHub Actions and CircleCI both support OIDC with AWS, GCP, Azure, etc)
  • Secrets that are output from a module, even if marked sensitive, are still stored in plaintext in the Terraform state file, which makes them less secure than AWS Parameter Store.
  • Prevent regression of fixed bugs

references

@Nuru Nuru added the major Breaking changes (or first stable release) label Sep 3, 2022
@Nuru Nuru requested review from mcalhoun, Gowiem and aknysh September 3, 2022 21:00
@Nuru Nuru requested review from a team as code owners September 3, 2022 21:00
@Nuru Nuru requested review from RothAndrew and removed request for a team September 3, 2022 21:00
@Nuru
Copy link
Contributor Author

Nuru commented Sep 3, 2022

/test all

aknysh
aknysh reviewed Sep 3, 2022
View reviewed changes
examples/complete/outputs.tf Outdated Show resolved Hide resolved
aknysh
aknysh reviewed Sep 3, 2022
View reviewed changes
test/src/aws_helpers.go Outdated Show resolved Hide resolved
aknysh
aknysh reviewed Sep 3, 2022
View reviewed changes
Copy link
Member

@aknysh aknysh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a few nitpicks

@Nuru Nuru requested a review from aknysh September 3, 2022 22:33
@Nuru
Copy link
Contributor Author

Nuru commented Sep 3, 2022

/test all

@Nuru Nuru merged commit 7069480 into master Sep 3, 2022
@Nuru Nuru deleted the remove-awsutils branch September 3, 2022 23:29
@Nuru Nuru mentioned this pull request Sep 7, 2022
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aknysh aknysh aknysh approved these changes

@mcalhoun mcalhoun Awaiting requested review from mcalhoun

@Gowiem Gowiem Awaiting requested review from Gowiem

@RothAndrew RothAndrew Awaiting requested review from RothAndrew RothAndrew was automatically assigned from cloudposse/contributors

Assignees
No one assigned
Labels
major Breaking changes (or first stable release)
Projects
None yet
Milestone
No milestone
2 participants
@Nuru @aknysh