Skip to content

v2.0.0

Choose a tag to compare

@cloudposse-releaser cloudposse-releaser released this 21 May 14:47
e27a78d
feat: expose `egress_enabled` to tighten security group egress @aknysh (#98) ## what
  • Expose new egress_enabled input on the aurora-postgres component (default: true, preserves current behavior).
  • Pass it through to the underlying cloudposse/rds-cluster/aws module so consumers can opt into restricted outbound traffic on the cluster's security group.
  • Add test coverage in TestBasic: deploys with egress_enabled = false and asserts the resulting security group has zero egress rules.
  • Bump test dependencies in test/go.mod to the latest available versions (including test-helpers v1.0.0, terratest v1.0.0, testify v1.11.1, full AWS SDK v2 family, and the Go directive to 1.26.3).
  • Regenerate README.md / src/README.md inputs tables.

why

  • Tighten security group egress rules across our infrastructure. Mirrors the allow_all_egress pattern already exposed in the elasticache-redis component, applied here using the upstream module's native variable name (egress_enabled).
  • Defaulting to true keeps every existing stack unchanged — consumers opt in to restricted egress by setting egress_enabled: false.
  • The test bump aligns this component with the rest of the fleet's tooling and keeps CI on currently supported library versions.

Summary by CodeRabbit

  • New Features

    • Added egress_enabled option (default: true) to control outbound traffic behavior.
  • Documentation

    • README tables reformatted and docs updated for the new option.
  • Chores

    • Bumped Aurora PostgreSQL cluster module to v2.6.0 and referenced remote-state modules to v2.0.0.
    • Updated test toolchain/dependencies and test fixtures to target PostgreSQL 17.9.

Review Change Stack

🚀 Enhancements

chore(deps): bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#82) Bumps [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) from 1.1.0 to 1.1.1.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🤖 Automatic Updates

chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0.46.0 @[renovate[bot]](https://github.com/apps/renovate) (#84) This PR contains the following updates:
Package Type Update Change
terraform-linters/tflint-ruleset-aws plugin minor 0.45.00.46.0

Release Notes

terraform-linters/tflint-ruleset-aws (terraform-linters/tflint-ruleset-aws)

v0.46.0

Compare Source

What's Changed

Enhancements
Chores

New Contributors

Full Changelog: terraform-linters/tflint-ruleset-aws@v0.45.0...v0.46.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

chore(deps): bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 in /test @[dependabot[bot]](https://github.com/apps/dependabot) (#82) Bumps [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) from 1.1.0 to 1.1.1.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.