Terraform Root Modules Versions Save

what

• Add psql helper output to connect to RDS instance

why

• This output is helpful to have preformatted to validate the database after you've created it

references

• Customer engagement

what

• Deleted the feature-branch.yaml workflow

why

• This repo should not have this workflow. It's intended for module, not component, repos.

references

• Internal Slack thread

what

• Updates component sqs-queue to better support dead-letter queues

why

• This is an awkward component currently, it is really just a pass through to an sqs resource. This should probably be broken down into a module and then wrapped with a component. In the meantime, this will allow easier access to other sqs-queues' URL for the redrive policy which is used for deadletter queues

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_redrive_policy

what

• Update SQS Queue component to include an access policy block
• Add IAM Policy variable to make it writeable per queue
• Added helpers to add filters like current account and current queue arn

why

• need an access policy that can allow s3 notifications

what

• Update providers-helm.tf to provide better support for KUBECONFIG file authentication
• Add support for computing the KUBECONFIG context name from the EKS cluster name

why

• Previous support had bugs, and lacked support for alternative access to EKS clusters, such as via a gateway (authenticating) proxy, such as Teleport
• Enable support for KUBECONFIG files which configure access for multiple clusters, selected via "context" setting

Breaking Changes

[!WARNING] This release contains breaking changes to the eks/cluster component. Read the migration guidance in the CHANGELOG

what

• Upgrade the eks/cluster component to use the AWS API for access control

why

• The old mechanism, using a ConfigMap, was unreliable

references

• terraform-aws-eks-cluster v4.0.0 Release Notes
• terraform-aws-eks-cluster v4 Migration Guide
• New API for EKS access control

what

• Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

what

• Adds instance_lifetime variable
• Adds logic for launch_template_version
• Makes AMI filter for architecture extensible

why

• Adds instance_lifetime to enhance security of worker by terminating and replacing long-lived instances

[!NOTE] The addition of this variable is purely for security purposes and can be removed if contributors deem it unnecessary

• A refresh will not start when version = "$Latest" is configured in the launch_template block. To trigger the instance refresh when a launch template is changed, configure version to use the latest_version attribute of the aws_launch_template resource.

references

• Autoscaling Resource

what

• Utilizes ECR credential helper

why

• Spacelift updated their AMI to AL23, resulting in broken packages with the current installation script

what

• Update workflows (.github/workflows/settings.yaml)

why

• Support new readme generation workflow.
• Generate banners

what

• What is and how do you setup ECS Partial task definitions

why

• Documentation for clearing up ECS Partial Task definitions.
• Creates a place for us to update when adding more information for ECS partial task definitions

references

• https://github.com/cloudposse/docs/pull/608

what

Let users specify additional cluster_parameters for their Postgres cluster.

why

Sometimes you gotta do that