Releases: cloudposse/terraform-aws-s3-bucket
v4.9.0
feat: add s3 request payment config @nitrocode (#259)
## what- add s3 request payment config
why
- make requester pay
references
v4.8.0
feat: support eventbridge bucket notification @nitrocode (#255)
## what- support eventbridge bucket notification
why
- Emit s3 events to eventbridge
references
- Closes #254
v4.7.3
🚀 Enhancements
fix: use new destination.bucket key in policy @nitrocode (#256)
## what- use new destination.bucket key in policy
why
- Support both deprecated
destination_bucket
and newdestination.bucket
- Previous changes created
destination.bucket
and leftdestination_bucket
for backwards compatibility, as stated in variables.tf, and forgot to include the new value in the IAM policy
references
- Closes #215
🐛 Bug Fixes
fix: use new destination.bucket key in policy @nitrocode (#256)
## what- use new destination.bucket key in policy
why
- Support both deprecated
destination_bucket
and newdestination.bucket
- Previous changes created
destination.bucket
and leftdestination_bucket
for backwards compatibility, as stated in variables.tf, and forgot to include the new value in the IAM policy
references
- Closes #215
v4.7.2
🚀 Enhancements
fix: correct bucket name to fix broken `-replication` role @amila-ku (#250)
## what- Fixes replication IAM role name that gets created as '-replication'
why
- Replication IAM role name gets created as '-replication'. This made the replication role unsusable.
- Used Terraform version: 1.8.0
references
- Resolves #251
v4.7.1
🚀 Enhancements
fix: s3 lambda event notification assignments @mpajuelofernandez (#253)
## whatIt seems there is a typo kind if error here
dynamic "lambda_function" {
for_each = var.event_notification_details.lambda_list
content {
lambda_function_arn = lambda_function.value.arn
events = lambda.value.events
filter_prefix = lambda_function.value.filter_prefix
filter_suffix = lambda_function.value.filter_suffix
}
}
I think it should be
dynamic "lambda_function" {
for_each = var.event_notification_details.lambda_list
content {
lambda_function_arn = lambda_function.value.arn
events = lambda_function.value.events
filter_prefix = lambda_function.value.filter_prefix
filter_suffix = lambda_function.value.filter_suffix
}
}
why
The S3 notification can not be created unless this is fixed
references
This should fix #252
🐛 Bug Fixes
fix: s3 lambda event notification assignments @mpajuelofernandez (#253)
## whatIt seems there is a typo kind if error here
dynamic "lambda_function" {
for_each = var.event_notification_details.lambda_list
content {
lambda_function_arn = lambda_function.value.arn
events = lambda.value.events
filter_prefix = lambda_function.value.filter_prefix
filter_suffix = lambda_function.value.filter_suffix
}
}
I think it should be
dynamic "lambda_function" {
for_each = var.event_notification_details.lambda_list
content {
lambda_function_arn = lambda_function.value.arn
events = lambda_function.value.events
filter_prefix = lambda_function.value.filter_prefix
filter_suffix = lambda_function.value.filter_suffix
}
}
why
The S3 notification can not be created unless this is fixed
references
This should fix #252
🤖 Automatic Updates
Update terratest to '>= 0.46.0' @osterman (#235)
## what - Update terratest `>= 0.46.0`why
- Support OpenTofu for testing
References
- https://github.com/gruntwork-io/terratest/releases/tag/v0.46.0
- DEV-374 Add opentofu to all our Terragrunt Testing GHA matrix
Migrate new test account @osterman (#248)
## what - Update `.github/settings.yml` - Update `.github/chatops.yml` fileswhy
- Re-apply
.github/settings.yml
from org level to getterratest
environment - Migrate to new
test
account
References
- DEV-388 Automate clean up of test account in new organization
- DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
- DEV-386 Update terratest to use new testing account with GitHub OIDC
v4.7.0
v4.6.0
Addition of S3 bucket event notification resource and Addition of S3 directory optional resource @mayank0202 (#240)
Issue - GH-239
what
This feature will make s3 event notifications which will have 3 options to trigger lambda or queue or topic so we can define a resource from this documentation.
aws_s3_bucket_notification
we also added s3 directory bucket which is a new feature in aws so addition of optional resource can be done if someone needs to use that with the help of terraform
aws_s3_directory_bucket
why
-
Enhanced Event-Driven Architecture: The introduction of S3 event notifications allows the S3 bucket to trigger Lambda functions, SQS queues, or SNS topics. This facilitates seamless integration with other AWS services and enables real-time processing of data, which is crucial for building event-driven architectures.
-
New AWS Feature Adoption: The addition of the aws_s3_directory_bucket resource reflects the latest AWS capabilities, ensuring that our infrastructure is up-to-date with current AWS offerings. This optional resource allows users to leverage new AWS features as they become available, promoting flexibility and future-proofing our Terraform configurations.
-
Improved Flexibility: By providing options to trigger different AWS services (Lambda, SQS, SNS), the solution becomes more versatile, catering to a wide range of use cases and workflows. This flexibility can lead to more efficient and effective data processing pipelines.
-
Reduced Operational Overhead: Automating responses to S3 events using Lambda functions, queues, or topics can significantly reduce manual intervention and operational overhead. This leads to improved efficiency and allows teams to focus on higher-value tasks.
references
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_notification
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_directory_bucket
https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html
v4.5.0
v4.4.0
226: Add Expected Bucket Owner @houserx-ioannis (#238)
what
This PR addresses #226 about not being able to specify expected bucket owner in various S3 resources.
why
From AWS docs:
Because Amazon S3 identifies buckets based on their names, an application that uses an incorrect bucket name in a request could inadvertently perform operations against a different bucket than expected. To help avoid unintentional bucket interactions in situations like this, you can use bucket owner condition. Bucket owner condition enables you to verify that the target bucket is owned by the expected AWS account, providing an additional layer of assurance that your S3 operations are having the effects you intend.
references
v4.3.0
Enforce the usage of modern TLS versions (1.2 or higher) for S3 connections @amontalban (#237)
what
This variables adds a policy to the bucket to deny connections that do not use TLS 1.2 or higher.
why
This is required by our security team.
references
🚀 Enhancements
Bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.4 in /test/src @dependabot (#230)
Bumps github.com/hashicorp/go-getter from 1.7.1 to 1.7.4.
Release notes
Sourced from github.com/hashicorp/go-getter's releases.
v1.7.4
What's Changed
- Escape user-provided strings in
git
commands hashicorp/go-getter#483- Fixed a bug in
.netrc
handling if the file does not exist hashicorp/go-getter#433Full Changelog: hashicorp/go-getter@v1.7.3...v1.7.4
v1.7.3
What's Changed
- SEC-090: Automated trusted workflow pinning (2023-04-21) by
@hashicorp-tsccr
in hashicorp/go-getter#432- SEC-090: Automated trusted workflow pinning (2023-09-11) by
@hashicorp-tsccr
in hashicorp/go-getter#454- SEC-090: Automated trusted workflow pinning (2023-09-18) by
@hashicorp-tsccr
in hashicorp/go-getter#458- don't change GIT_SSH_COMMAND when there is no sshKeyFile by
@jbardin
in hashicorp/go-getter#459New Contributors
@hashicorp-tsccr
made their first contribution in hashicorp/go-getter#432Full Changelog: hashicorp/go-getter@v1.7.2...v1.7.3
v1.7.2
What's Changed
- Don't override
GIT_SSH_COMMAND
when not needed by@nl-brett-stime
hashicorp/go-getter#300Full Changelog: hashicorp/go-getter@v1.7.1...v1.7.2
Commits
268c11c
escape user provide string to git (#483)975961f
Merge pull request #433 from adrian-bl/netrc-fix0298a22
Merge pull request #459 from hashicorp/jbardin/setup-git-envc70d9c9
don't change GIT_SSH_COMMAND if there's no keyfile3d5770f
Merge pull request #458 from hashicorp/tsccr-auto-pinning/trusted/2023-09-180688979
Result of tsccr-helper -log-level=info -pin-all-workflows .e66f244
Merge pull request #454 from hashicorp/tsccr-auto-pinning/trusted/2023-09-11e80b3dc
Result of tsccr-helper -log-level=info -pin-all-workflows .2d49e24
Merge pull request #432 from hashicorp/tsccr-auto-pinning/trusted/2023-04-215ccb39a
Make addAuthFromNetrc ignore ENOTDIR errors- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
🤖 Automatic Updates
Bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.4 in /test/src @dependabot (#230)
Bumps github.com/hashicorp/go-getter from 1.7.1 to 1.7.4.
Release notes
Sourced from github.com/hashicorp/go-getter's releases.
v1.7.4
What's Changed
- Escape user-provided strings in
git
commands hashicorp/go-getter#483- Fixed a bug in
.netrc
handling if the file does not exist hashicorp/go-getter#433Full Changelog: hashicorp/go-getter@v1.7.3...v1.7.4
v1.7.3
What's Changed
- SEC-090: Automated trusted workflow pinning (2023-04-21) by
@hashicorp-tsccr
in hashicorp/go-getter#432- SEC-090: Automated trusted workflow pinning (2023-09-11) by
@hashicorp-tsccr
in hashicorp/go-getter#454- SEC-090: Automated trusted workflow pinning (2023-09-18) by
@hashicorp-tsccr
in hashicorp/go-getter#458- don't change GIT_SSH_COMMAND when there is no sshKeyFile by
@jbardin
in