Skip to content

Releases: cloudposse/terraform-aws-cloudtrail-s3-bucket

v0.26.4

15 Apr 18:38
@github-actions github-actions
0.26.4
91595d9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.26.4 Latest
Latest

🐛 Bug Fixes

Fix Race Condition between the Creation of the S3 Bucket Policy and the CloudTrail Trail @X-Guardian (#91)

what

Fix the race condition between the creation of the S3 Bucket policy and the CloudTrail trail by adding a depends_on argument to the bucket_id output which is used as input to the CloudTrail module. This ensures that all the resources in the CloudTrail S3 Bucket module, including the S3 Bucket Policy have been created before the CloudTrail trail is created.

The example used for the tests has also been updated to include the creation of the CloudTrail Trail to verify that this is working.

why

🤖 Automatic Updates

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#89)

what

  • Install latest GitHub Action Workflows

why

  • Use shared workflows from cldouposse/.github repository
  • Simplify management of workflows from centralized hub of configuration
Add GitHub Settings @osterman (#84)

what

  • Install a repository config (.github/settings.yaml)

why

  • Programmatically manage GitHub repo settings
Update Scaffolding @osterman (#82)

what

  • Reran make readme to rebuild README.md from README.yaml
  • Migrate to square badges
  • Add scaffolding for repo settings and Mergify

why

  • Upstream template changed in the .github repo
  • Work better with repository rulesets
  • Modernize look & feel

Contributors

osterman and X-Guardian
Assets 2
Loading

v0.26.3

08 Mar 19:18
@github-actions github-actions
0.26.3
a81d0a8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.26.3

🤖 Automatic Updates

Update Terraform cloudposse/s3-log-storage/aws to v1.4.3 (main) @renovate (#81)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module patch 1.4.2 -> 1.4.3

Release Notes

cloudposse/terraform-aws-s3-log-storage (cloudposse/s3-log-storage/aws)

v1.4.3

Compare Source

🤖 Automatic Updates

Update Terraform cloudposse/s3-bucket/aws to v3.1.3 (main) @​renovate (#​95)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.2 -> 3.1.3
Release Notes
cloudposse/terraform-aws-s3-bucket (cloudposse/s3-bucket/aws)
v3.1.3

Compare Source

Unfortunately, this change makes count unknown at plan time in certain situations. In general, you cannot use the output of compact() in count.

The solution is to stop using the deprecated policy input and revert to 3.1.2 or upgrade to 4.0.

🚀 Enhancements
Fix `source_policy_documents` combined with `var.policy` being ignored @​&#​8203;johncblandii (#&#​8203;201)
what
  • Changed var.source_policy_documents to local.source_policy_documents so var.policy usage was still supported
why
  • The ternary check uses var,source_policy_documents so var.policy being combined with var.source_policy_documents into local.source_policy_documents does not provide true for the ternary to execute
references
Update README.md and docs @​cloudpossebot (#​94)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Contributors

renovate
Assets 2
Loading

v0.26.2

28 Jun 14:04
@github-actions github-actions
0.26.2
c94212c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.26.2

🚀 Enhancements

Update Terraform cloudposse/s3-log-storage/aws to v1.4.2 (main) @renovate (#78)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module patch 1.4.1 -> 1.4.2

Release Notes

cloudposse/terraform-aws-s3-log-storage

v1.4.2

Compare Source

🚀 Enhancements
Add `grants` input @​Nuru (#​93)
what
  • Add grants input
why
  • Some AWS services, such at Cloudfront, require specific grants for log delivery
references

🤖 Automatic Updates

Update Terraform cloudposse/s3-log-storage/aws to v1.4.2 (main) @renovate (#78)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module patch 1.4.1 -> 1.4.2

Release Notes

cloudposse/terraform-aws-s3-log-storage

v1.4.2

Compare Source

🚀 Enhancements
Add `grants` input @​Nuru (#​93)
what
  • Add grants input
why
  • Some AWS services, such at Cloudfront, require specific grants for log delivery
references

Contributors

renovate
Assets 2
Loading

v0.26.1

13 Jun 17:16
@github-actions github-actions
0.26.1
f8d9894
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.26.1

🚀 Enhancements

Update Terraform cloudposse/s3-log-storage/aws to v1.4.1 (main) @renovate (#77)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module patch 1.4.0 -> 1.4.1

Release Notes

cloudposse/terraform-aws-s3-log-storage

v1.4.1

Compare Source

Sync .github @​max-lobur (#​89)

Rebuild '.github' dir from the template

🚀 Enhancements
Update Terraform cloudposse/s3-bucket/aws to v3.1.2 (main) @​renovate (#​91)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.1 -> 3.1.2
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.2: Fix Public Bucket Creation

Compare Source

What's Changed
New Contributors

Full Changelog: cloudposse/terraform-aws-s3-bucket@3.1.1...3.1.2

🤖 Automatic Updates
Update Terraform cloudposse/s3-bucket/aws to v3.1.2 (main) @​renovate (#​91)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.1 -> 3.1.2
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.2: Fix Public Bucket Creation

Compare Source

What's Changed
New Contributors

Full Changelog: cloudposse/terraform-aws-s3-bucket@3.1.1...3.1.2

🤖 Automatic Updates

Update Terraform cloudposse/s3-log-storage/aws to v1.4.1 (main) @renovate (#77)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module patch 1.4.0 -> 1.4.1

Release Notes

cloudposse/terraform-aws-s3-log-storage

v1.4.1

Compare Source

Sync .github @​max-lobur (#​89)

Rebuild '.github' dir from the template

🚀 Enhancements
Update Terraform cloudposse/s3-bucket/aws to v3.1.2 (main) @​renovate (#​91)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.1 -> 3.1.2
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.2: Fix Public Bucket Creation

Compare Source

What's Changed
New Contributors

Full Changelog: cloudposse/terraform-aws-s3-bucket@3.1.1...3.1.2

🤖 Automatic Updates
Update Terraform cloudposse/s3-bucket/aws to v3.1.2 (main) @​renovate (#​91)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.1 -> 3.1.2
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.2: Fix Public Bucket Creation

Compare Source

What's Changed
Read more

Contributors

renovate
Assets 2
Loading

v0.26.0

07 Jun 18:02
@max-lobur max-lobur
0.26.0
fd9815f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.26.0 
Update Terraform cloudposse/s3-log-storage/aws to v1.4.0 (main) (#75)

* Update Terraform cloudposse/s3-log-storage/aws to v1.4.0

* Auto-update README.md

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Assets 2
Loading

v0.25.0

16 May 19:19
@cloudpossebot cloudpossebot
0.25.0
9c8a833
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.25.0
  • No changes
Assets 2
Loading

v0.24.0

16 May 01:34
@cloudpossebot cloudpossebot
0.24.0
9c8a833
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.24.0

🤖 Automatic Updates

Update Terraform cloudposse/s3-log-storage/aws to v1 @renovate (#67)

Note

  • Minimum AWS Provider version is now 4.9.0
  • Minimum Terraform version is now 1.3.0

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module major 0.26.0 -> 1.3.1

Release Notes

cloudposse/terraform-aws-s3-log-storage

v1.3.1

Compare Source

🚀 Enhancements
Update Terraform cloudposse/s3-bucket/aws to v3.1.1 (master) @​renovate (#​88)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.0 -> 3.1.1
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.1

Compare Source

🐛 Bug Fixes
Revert change to Transfer Acceleration from #&#​8203;178 @​&#​8203;Nuru (#&#​8203;180)
what
  • Revert change to Transfer Acceleration from #​178
why
  • Transfer Acceleration is not available in every region, and the change in #​178 (meant to detect and correct drift) does not work (throws API errors) in regions where Transfer Acceleration is not supported
🤖 Automatic Updates
Update Terraform cloudposse/s3-bucket/aws to v3.1.1 (master) @​renovate (#​88)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module patch 3.1.0 -> 3.1.1
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.1

Compare Source

🐛 Bug Fixes
Revert change to Transfer Acceleration from #&#​8203;178 @​&#​8203;Nuru (#&#​8203;180)
what
  • Revert change to Transfer Acceleration from #​178
why
  • Transfer Acceleration is not available in every region, and the change in #​178 (meant to detect and correct drift) does not work (throws API errors) in regions where Transfer Acceleration is not supported

v1.3.0

Compare Source

🚀 Enhancements

Enhance lifecycle object with optionals, limit length of bucket name @​Nuru (#​87)

what

  • Limit length of auto-generated bucket name to match AWS-imposed limit
  • Enhance lifecycle_configuration_rules to be fully defined with optional members

why

  • Avoid situation where module fails because auto-generated bucket name is too long
  • Make it easier to build a list of rules

references

v1.2.0: Support new AWS S3 defaults (ACL prohibited)

Compare Source

🤖 Automatic Updates

Update Terraform cloudposse/s3-bucket/aws to v3.1.0 @​renovate (#​85)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-bucket/aws (source) module minor 3.0.0 -> 3.1.0
Release Notes
cloudposse/terraform-aws-s3-bucket
v3.1.0

Compare Source

Make compatible with new S3 defaults. Add user permissions boundary. @​&#​8203;Nuru (#&#​8203;178)
what
  • Make compatible with new S3 defaults by setting S3 Object Ownership before setting ACL and disabling ACL if Ownership is "BucketOwnerEnforced"
  • Add optional permissions boundary input for IAM user created by this module
  • Create aws_s3_bucket_accelerate_configuration and aws_s3_bucket_versioning resources even when the feature is disabled, to enable drift detection
why
  • S3 buckets with ACLs were failing to be provisioned because the ACL was set before the bucket ownership was changed
  • Requested feature
  • See #​171
references
Always include `aws_s3_bucket_versioning` resource @​&#​8203;mviamari (#&#​8203;172)
what
  • Always create an aws_s3_bucket_versioning resource to track changes made to bucket versioning configuration
why
  • When there is no aws_s3_bucket_versioning, the expectation is that the bucket versioning is disabled/suspend for the bucket. If bucket versioning is turned on outside of terraform (e.g. through the console), the change is not detected by terraform unless the aws_s3_bucket_versioning resource exists.
references
  • Closes #​171
Add support for permission boundaries on replication IAM role @​&#​8203;mchristopher (#&#​8203;170)
what
why
  • Our AWS environment enforces permission boundaries on all IAM roles to follow AWS best practices with security.
references
🤖 Automatic Updates
Update README.md and docs @​&#​8203;cloudpossebot (#&#​8203;164)
what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.1.0

Compare Source

Adding "object_lock_configuration" variable @​ramses999 (#​84)

what

Adding "object_lock_configuration" variable which is used in module "cloudposse/s3-bucket/aws"

why

Must be able to use the Object Lock option for S3 in this module

references

https://github.com/cloudposse/terraform-aws-s3-bucket/blob/6837ed7b2f2460043d6be3981f16ed90563fd12a/main.tf#L5

v1.0.0

Compare Source

Important Notes

  • Terraform version 1.3.0 and Terraform AWS version 4.9.0 or later are required
  • The new bucket_key_enabled flag defaults to false for backward compatibility. At one point we recommend setting it to true for significant savings on KMS usage, but since bucket keys are only reused within a user session, it is not clear if it provides any savings at all. See [AWS docs](https://docs.aws.amazon.com/A...
Read more

Contributors

renovate
Assets 2
Loading

v0.23.1

29 Oct 12:50
@cloudpossebot cloudpossebot
0.23.1
93050ec
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.23.1

🤖 Automatic Updates

Update Terraform cloudposse/s3-log-storage/aws to v0.26.0 @renovate (#58)

This PR contains the following updates:

Package Type Update Change
cloudposse/s3-log-storage/aws (source) module minor 0.25.0 -> 0.26.0

Release Notes

cloudposse/terraform-aws-s3-log-storage

v0.26.0

Compare Source

Add S3 bucket ownership controls @​max-lobur (#​61) #### what * Set aws_s3_bucket_ownership_controls to BucketOwnerPreferred #### why * Per [docs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) this setting will let object uploader decide ownership. If `bucket-owner-full-control` ACL is specified, the bucket account take ownership, otherwise the writer account keeps ownership. Bucket on its side may enforce presence of the `bucket-owner-full-control` ACL which we already do when needed. So this setting was the only missing piece to make ownership work like we expected * I found no use cases for the other value of this resource: `ObjectWriter`. It corresponds to legacy S3 behavior which was broken for us. Decided to always set to `BucketOwnerPreferred` and not allow to customize. If the owner must be preserved, we should not pass `bucket-owner-full-control` - this is a more clear way to control the behavior. #### references * https://aws.amazon.com/blogs/storage/enforcing-ownership-of-amazon-s3-objects-in-a-multi-account-environment/ * https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html * https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls#ObjectWriter

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

Contributors

renovate
Assets 2
Loading

v0.23.0

29 Oct 12:08
@cloudpossebot cloudpossebot
0.23.0
61802ef
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.23.0
Make use of S3 bucket ownership @max-lobur (#57)

Inherit cloudposse/terraform-aws-s3-log-storage#61

Contributors

max-lobur
Assets 2
Loading

v0.22.0

29 Sep 14:16
@cloudpossebot cloudpossebot
0.22.0
f85b9b0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.22.0
Enable SSL only by default @max-lobur (#56)

what

  • Enable SSL flag by default

why

references

cloudposse/terraform-aws-s3-log-storage#60

Contributors

max-lobur
Assets 2
Loading