From 20ecb0a935d31302950cec69f247860cbe2dfeba Mon Sep 17 00:00:00 2001 From: "docs-sourcer[bot]" <99042413+docs-sourcer[bot]@users.noreply.github.com> Date: Fri, 16 Jun 2023 20:41:51 +0000 Subject: [PATCH] Updated with the [latest changes](https://github.com/gruntwork-io/terraform-aws-lambda/releases/tag/v0.21.12) from the `terraform-aws-lambda@v0.21.12` source branch. --- .../aurora/aurora.md | 20 +- .../backup-plan/backup-plan.md | 20 +- .../backup-vault/backup-vault.md | 16 +- .../terraform-aws-data-storage/efs/efs.md | 20 +- .../lambda-cleanup-snapshots.md | 18 +- .../lambda-copy-shared-snapshot.md | 22 +- .../lambda-create-snapshot.md | 28 +- .../lambda-share-snapshot.md | 20 +- .../rds-proxy/rds-proxy.md | 18 +- .../rds-replicas/rds-replicas.md | 778 ++++++++++++++++++ .../terraform-aws-data-storage/rds/rds.md | 43 +- .../redshift/redshift.md | 16 +- .../eks-alb-ingress-controller-iam-policy.md | 22 +- .../eks-alb-ingress-controller.md | 24 +- .../eks-aws-auth-merger.md | 40 +- .../eks-cloudwatch-agent.md | 16 +- .../eks-cluster-control-plane.md | 26 +- .../eks-cluster-managed-workers.md | 24 +- .../eks-cluster-workers-cross-access.md | 16 +- .../eks-cluster-workers.md | 32 +- .../eks-container-logs/eks-container-logs.md | 18 +- .../eks-fargate-container-logs.md | 18 +- ...-assume-role-policy-for-service-account.md | 18 +- .../eks-k8s-cluster-autoscaler-iam-policy.md | 20 +- .../eks-k8s-cluster-autoscaler.md | 20 +- .../eks-k8s-external-dns-iam-policy.md | 20 +- .../eks-k8s-external-dns.md | 20 +- .../eks-k8s-karpenter/eks-k8s-karpenter.md | 24 +- .../eks-k8s-role-mapping.md | 20 +- .../eks-scripts/eks-scripts.md | 16 +- .../eks-vpc-tags/eks-vpc-tags.md | 16 +- .../api-gateway-account-settings.md | 18 +- .../api-gateway-proxy-methods.md | 22 +- .../api-gateway-proxy/api-gateway-proxy.md | 36 +- .../keep-warm/keep-warm.md | 18 +- .../lambda-edge-log-group.md | 20 +- .../lambda-edge-multi-region-log-groups.md | 22 +- .../lambda-edge/lambda-edge.md | 18 +- .../lambda-http-api-gateway.md | 20 +- .../terraform-aws-lambda/lambda/lambda.md | 39 +- .../run-lambda-entrypoint.md | 18 +- .../scheduled-lambda-job.md | 20 +- 42 files changed, 1226 insertions(+), 454 deletions(-) create mode 100644 docs/reference/modules/terraform-aws-data-storage/rds-replicas/rds-replicas.md diff --git a/docs/reference/modules/terraform-aws-data-storage/aurora/aurora.md b/docs/reference/modules/terraform-aws-data-storage/aurora/aurora.md index a88d02e9b7..fe5b1b3dfd 100644 --- a/docs/reference/modules/terraform-aws-data-storage/aurora/aurora.md +++ b/docs/reference/modules/terraform-aws-data-storage/aurora/aurora.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Aurora Module -View Source +View Source Release Notes @@ -59,7 +59,7 @@ Cluster](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Managing.h ## How do you configure this module? This module allows you to configure a number of parameters, such as backup windows, maintenance window, port number, -and encryption. For a list of all available variables and their descriptions, see [variables.tf](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/aurora/variables.tf). +and encryption. For a list of all available variables and their descriptions, see [variables.tf](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/aurora/variables.tf). ## How do you create a cross-region read replica cluster? @@ -77,7 +77,7 @@ module "replica" { } ``` -See the example [here](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/examples/aurora-with-cross-region-replica) for more details. +See the example [here](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/examples/aurora-with-cross-region-replica) for more details. ## How do you destroy a cross-region read replica? @@ -137,7 +137,7 @@ see [Limitations of Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/lat module "aurora" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/aurora?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/aurora?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -477,7 +477,7 @@ module "aurora" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/aurora?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/aurora?ref=v0.28.0" } inputs = { @@ -1475,11 +1475,11 @@ Timeout for DB updating diff --git a/docs/reference/modules/terraform-aws-data-storage/backup-plan/backup-plan.md b/docs/reference/modules/terraform-aws-data-storage/backup-plan/backup-plan.md index c22eeabbbb..bd55f0b38e 100644 --- a/docs/reference/modules/terraform-aws-data-storage/backup-plan/backup-plan.md +++ b/docs/reference/modules/terraform-aws-data-storage/backup-plan/backup-plan.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Backup Plan Module -View Source +View Source Release Notes @@ -22,7 +22,7 @@ This Terraform Module creates the following AWS Backup resources: 1. Backup plans - specifying **how and when** to back things up 2. Resource selections - specifying **which resources** to back up -You associate your plans with a [Backup vault](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/backup-vault). +You associate your plans with a [Backup vault](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/backup-vault). ## What is a Backup Plan? @@ -91,7 +91,7 @@ module "backup_plan" { ## How do you troubleshoot Backup jobs? -See [Troubleshooting AWS Backup](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/core-concepts.md#troubleshooting-aws-backup) in the core-concepts guide. +See [Troubleshooting AWS Backup](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/core-concepts.md#troubleshooting-aws-backup) in the core-concepts guide. ## Sample Usage @@ -106,7 +106,7 @@ See [Troubleshooting AWS Backup](https://github.com/gruntwork-io/terraform-aws-d module "backup_plan" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-plan?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-plan?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -137,7 +137,7 @@ module "backup_plan" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-plan?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-plan?ref=v0.28.0" } inputs = { @@ -245,11 +245,11 @@ The ARN of the IAM service role used by Backup plans diff --git a/docs/reference/modules/terraform-aws-data-storage/backup-vault/backup-vault.md b/docs/reference/modules/terraform-aws-data-storage/backup-vault/backup-vault.md index a94281a487..ef48b8cae5 100644 --- a/docs/reference/modules/terraform-aws-data-storage/backup-vault/backup-vault.md +++ b/docs/reference/modules/terraform-aws-data-storage/backup-vault/backup-vault.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Backup Vault Module -View Source +View Source Release Notes @@ -96,7 +96,7 @@ then you will end up with many potentially large recovery points that you cannot module "backup_vault" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-vault?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-vault?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -136,7 +136,7 @@ module "backup_vault" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-vault?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/backup-vault?ref=v0.28.0" } inputs = { @@ -287,11 +287,11 @@ A map of tags assigned to the vault resources, including those inherited from th diff --git a/docs/reference/modules/terraform-aws-data-storage/efs/efs.md b/docs/reference/modules/terraform-aws-data-storage/efs/efs.md index 41535c408a..a71552c5c0 100644 --- a/docs/reference/modules/terraform-aws-data-storage/efs/efs.md +++ b/docs/reference/modules/terraform-aws-data-storage/efs/efs.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EFS Module -View Source +View Source Release Notes @@ -45,13 +45,13 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr If you just want to try this repo out for experimenting and learning, check out the following resources: -* [examples folder](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). +* [examples folder](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). ### Production deployment If you want to deploy this repo in production, check out the following resources: -* [efs module variables](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/efs/variables.tf): Configuration variables available for the EFS module. At minimum, you should configure the `allow_connections_from_cidr_blocks` and `allow_connections_from_security_groups` values to only allow access from your private VPC(s). You may also want to enable `storage_encrypted` to encrypt data at-rest. +* [efs module variables](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/efs/variables.tf): Configuration variables available for the EFS module. At minimum, you should configure the `allow_connections_from_cidr_blocks` and `allow_connections_from_security_groups` values to only allow access from your private VPC(s). You may also want to enable `storage_encrypted` to encrypt data at-rest. ## Manage @@ -74,7 +74,7 @@ If you want to deploy this repo in production, check out the following resources module "efs" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/efs?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/efs?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -176,7 +176,7 @@ module "efs" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/efs?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/efs?ref=v0.28.0" } inputs = { @@ -547,11 +547,11 @@ The IDs of the security groups created for the file system. diff --git a/docs/reference/modules/terraform-aws-data-storage/lambda-cleanup-snapshots/lambda-cleanup-snapshots.md b/docs/reference/modules/terraform-aws-data-storage/lambda-cleanup-snapshots/lambda-cleanup-snapshots.md index 62ee58c14c..efcae14993 100644 --- a/docs/reference/modules/terraform-aws-data-storage/lambda-cleanup-snapshots/lambda-cleanup-snapshots.md +++ b/docs/reference/modules/terraform-aws-data-storage/lambda-cleanup-snapshots/lambda-cleanup-snapshots.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Delete Snapshots Lambda Module -View Source +View Source Release Notes @@ -29,7 +29,7 @@ Note that to use this module, you must have access to the Gruntwork [Continuous This module allows you to configure a number of parameters, such as which database to backup, how often to run the backups, what account to share the backups with, and more. For a list of all available variables and their -descriptions, see [variables.tf](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-cleanup-snapshots/variables.tf). +descriptions, see [variables.tf](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-cleanup-snapshots/variables.tf). ## Sample Usage @@ -44,7 +44,7 @@ descriptions, see [variables.tf](https://github.com/gruntwork-io/terraform-aws-d module "lambda_cleanup_snapshots" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-cleanup-snapshots?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-cleanup-snapshots?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -114,7 +114,7 @@ module "lambda_cleanup_snapshots" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-cleanup-snapshots?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-cleanup-snapshots?ref=v0.28.0" } inputs = { @@ -293,11 +293,11 @@ Namespace of snapshots that will be cleaned up by this module. If specified then diff --git a/docs/reference/modules/terraform-aws-data-storage/lambda-copy-shared-snapshot/lambda-copy-shared-snapshot.md b/docs/reference/modules/terraform-aws-data-storage/lambda-copy-shared-snapshot/lambda-copy-shared-snapshot.md index 0078455f59..9645fca01b 100644 --- a/docs/reference/modules/terraform-aws-data-storage/lambda-copy-shared-snapshot/lambda-copy-shared-snapshot.md +++ b/docs/reference/modules/terraform-aws-data-storage/lambda-copy-shared-snapshot/lambda-copy-shared-snapshot.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Copy Snapshot Lambda Module -View Source +View Source Release Notes @@ -58,10 +58,10 @@ account 222222222222. To be able to make a copy of that snapshot in account 2222 # (Other params omitted) } - + module "copy_snapshot" { source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-copy-shared-snapshot?ref=" - + # Tell this copy snapshot module to use this key to encrypt the copied snapshot kms_key_id = "${module.kms_master_key.key_arn}" @@ -108,7 +108,7 @@ account 222222222222. To be able to make a copy of that snapshot in account 2222 ## Background info For more info on how to backup RDS snapshots to a separate AWS account, check out the [lambda-create-snapshot module -documentation](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-create-snapshot). +documentation](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-create-snapshot). ## Sample Usage @@ -123,7 +123,7 @@ documentation](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v module "lambda_copy_shared_snapshot" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-copy-shared-snapshot?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-copy-shared-snapshot?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -199,7 +199,7 @@ module "lambda_copy_shared_snapshot" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-copy-shared-snapshot?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-copy-shared-snapshot?ref=v0.28.0" } inputs = { @@ -394,11 +394,11 @@ Namespace all Lambda scheduling resources created by this module with this name. diff --git a/docs/reference/modules/terraform-aws-data-storage/lambda-create-snapshot/lambda-create-snapshot.md b/docs/reference/modules/terraform-aws-data-storage/lambda-create-snapshot/lambda-create-snapshot.md index 499d3ca4a5..1b3ecd0dc4 100644 --- a/docs/reference/modules/terraform-aws-data-storage/lambda-create-snapshot/lambda-create-snapshot.md +++ b/docs/reference/modules/terraform-aws-data-storage/lambda-create-snapshot/lambda-create-snapshot.md @@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Database backup -View Source +View Source Release Notes -This module, along with the [lambda-share-snapshot](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-share-snapshot) and [lambda-copy-shared-snapshot](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-copy-shared-snapshot) modules, can be used to backup your RDS database to another AWS account (e.g., for disaster recovery) on a configurable schedule. Under the hood, each module runs a Lambda function that instructs your database to take a snapshot (this module), share the snapshot with another account (the `lambda-share-snapshot` module), and make a copy of the snapshot (`lambda-copy-shared-snapshot`). +This module, along with the [lambda-share-snapshot](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-share-snapshot) and [lambda-copy-shared-snapshot](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-copy-shared-snapshot) modules, can be used to backup your RDS database to another AWS account (e.g., for disaster recovery) on a configurable schedule. Under the hood, each module runs a Lambda function that instructs your database to take a snapshot (this module), share the snapshot with another account (the `lambda-share-snapshot` module), and make a copy of the snapshot (`lambda-copy-shared-snapshot`). ![RDS architecture](/img/reference/modules/terraform-aws-data-storage/lambda-create-snapshot/data-backup-architecture.png) @@ -29,7 +29,7 @@ This module, along with the [lambda-share-snapshot](https://github.com/gruntwork * Configurable backup schedule (e.g., using cron expressions) -* Clean up old snapshots automatically using the [lambda-cleanup-snapshots](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-cleanup-snapshots) module. +* Clean up old snapshots automatically using the [lambda-cleanup-snapshots](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-cleanup-snapshots) module. ## Learn @@ -39,9 +39,9 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr ### Core concepts -* [What is Amazon RDS?](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/rds/core-concepts.md#what-is-amazon-rds) +* [What is Amazon RDS?](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/rds/core-concepts.md#what-is-amazon-rds) -* [How does this differ from RDS automatic snapshots?](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-create-snapshot/core-concepts.md#how-does-this-differ-from-rds-automatic-snapshots) +* [How does this differ from RDS automatic snapshots?](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-create-snapshot/core-concepts.md#how-does-this-differ-from-rds-automatic-snapshots) * [RDS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html): Amazon’s docs for RDS that cover core concepts such as the types of databases supported, security, backup & restore, and monitoring. @@ -53,7 +53,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr If you just want to try this repo out for experimenting and learning, check out the following resources: -* [examples folder](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). +* [examples folder](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). ### Production deployment @@ -65,7 +65,7 @@ If you want to deploy this repo in production, check out the following resources ### Day-to-day operations -* [How to backup RDS snapshots to a separate AWS account](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-create-snapshot/core-concepts.md#how-do-you-backup-your-rds-snapshots-to-a-separate-aws-account) +* [How to backup RDS snapshots to a separate AWS account](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-create-snapshot/core-concepts.md#how-do-you-backup-your-rds-snapshots-to-a-separate-aws-account) ### Major changes @@ -84,7 +84,7 @@ If you want to deploy this repo in production, check out the following resources module "lambda_create_snapshot" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-create-snapshot?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-create-snapshot?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -181,7 +181,7 @@ module "lambda_create_snapshot" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-create-snapshot?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-create-snapshot?ref=v0.28.0" } inputs = { @@ -442,11 +442,11 @@ Namespace all snapshots created by this module's jobs with this suffix. If not s diff --git a/docs/reference/modules/terraform-aws-data-storage/lambda-share-snapshot/lambda-share-snapshot.md b/docs/reference/modules/terraform-aws-data-storage/lambda-share-snapshot/lambda-share-snapshot.md index adbed61e98..ec6c6bb0b2 100644 --- a/docs/reference/modules/terraform-aws-data-storage/lambda-share-snapshot/lambda-share-snapshot.md +++ b/docs/reference/modules/terraform-aws-data-storage/lambda-share-snapshot/lambda-share-snapshot.md @@ -9,23 +9,23 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Share Snapshot Lambda Module -View Source +View Source Release Notes This module creates an [AWS Lambda](https://aws.amazon.com/lambda/) function that can share snapshots of an [Amazon Relational Database (RDS)](https://aws.amazon.com/rds/) database with another AWS account. Typically, the snapshots -are created by the [lambda-create-snapshot module](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-create-snapshot), which can be configured to +are created by the [lambda-create-snapshot module](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-create-snapshot), which can be configured to automatically trigger this lambda function after each run. ## Background info For more info on how to backup RDS snapshots to a separate AWS account, check out the [lambda-create-snapshot module -documentation](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/modules/lambda-create-snapshot). +documentation](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/modules/lambda-create-snapshot). ## Sample Usage @@ -40,7 +40,7 @@ documentation](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v module "lambda_share_snapshot" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-share-snapshot?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-share-snapshot?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -85,7 +85,7 @@ module "lambda_share_snapshot" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-share-snapshot?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/lambda-share-snapshot?ref=v0.28.0" } inputs = { @@ -198,11 +198,11 @@ The amount of time, in seconds, between retries. diff --git a/docs/reference/modules/terraform-aws-data-storage/rds-proxy/rds-proxy.md b/docs/reference/modules/terraform-aws-data-storage/rds-proxy/rds-proxy.md index 02ea8500db..48859e7e6f 100644 --- a/docs/reference/modules/terraform-aws-data-storage/rds-proxy/rds-proxy.md +++ b/docs/reference/modules/terraform-aws-data-storage/rds-proxy/rds-proxy.md @@ -9,16 +9,16 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # How to use RDS Proxy Module -View Source +View Source Release Notes In order to setup a RDS proxy, you need to setup database credentials in AWS Secrets Manager and pass it to this module. -Refer to the [examples/rds-proxy](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.27.2/examples/rds-proxy) or https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy-setup.html#rds-proxy-secrets-arns for more information. +Refer to the [examples/rds-proxy](https://github.com/gruntwork-io/terraform-aws-data-storage/tree/v0.28.0/examples/rds-proxy) or https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy-setup.html#rds-proxy-secrets-arns for more information. Setting up a RDS proxy requires the following steps, which is handled by this module: @@ -39,7 +39,7 @@ Setting up a RDS proxy requires the following steps, which is handled by this mo module "rds_proxy" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds-proxy?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds-proxy?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -119,7 +119,7 @@ module "rds_proxy" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds-proxy?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds-proxy?ref=v0.28.0" } inputs = { @@ -328,11 +328,11 @@ The number of seconds that a connection to the proxy can be inactive before the diff --git a/docs/reference/modules/terraform-aws-data-storage/rds-replicas/rds-replicas.md b/docs/reference/modules/terraform-aws-data-storage/rds-replicas/rds-replicas.md new file mode 100644 index 0000000000..1e450ad34f --- /dev/null +++ b/docs/reference/modules/terraform-aws-data-storage/rds-replicas/rds-replicas.md @@ -0,0 +1,778 @@ +--- +title: "RDS Read Replicas Module" +hide_title: true +--- + +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; +import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; +import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; +import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; + + + +# RDS Read Replicas Module + +View Source + +Release Notes + +This module creates a read replica (read-only copy) of a DB instance. + +## About RDS Read Replicas + +A read replica is a read-only copy of a DB instance. You can reduce the load on your primary DB instance by routing +queries from your applications to the read replica. Refer to +[Working with DB instance read replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html) +for more information. + +## Sample Usage + + + + +```hcl title="main.tf" + +# ------------------------------------------------------------------------------------------------------ +# DEPLOY GRUNTWORK'S RDS-REPLICAS MODULE +# ------------------------------------------------------------------------------------------------------ + +module "rds_replicas" { + + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds-replicas?ref=v0.28.0" + + # ---------------------------------------------------------------------------------------------------- + # REQUIRED VARIABLES + # ---------------------------------------------------------------------------------------------------- + + # The instance type to use for the db (e.g. db.t2.micro) + instance_type = + + # The name used to namespace all resources created by these templates, + # including the DB instance (e.g. drupaldb). Must be unique for this region. + # May contain only lowercase alphanumeric characters, hyphens, underscores, + # periods, and spaces. + name = + + # The port the DB will listen on (e.g. 3306) + port = + + # An ID of the primary DB instance to create read replicas from + primary_instance_id = + + # The id of the VPC in which this DB should be deployed. + vpc_id = + + # ---------------------------------------------------------------------------------------------------- + # OPTIONAL VARIABLES + # ---------------------------------------------------------------------------------------------------- + + # List of IDs of AWS Security Groups to attach to the read replica RDS + # instance. + additional_security_group_ids = [] + + # A list of CIDR-formatted IP address ranges that can connect to read replica + # instances. If not set read replica instances will use the same security + # group as master instance. + allow_connections_from_cidr_blocks = [] + + # A list of Security Groups that can connect to read replica instances. If not + # set read replica instances will use the same security group as master + # instance. + allow_connections_from_security_groups = [] + + # Indicates whether major version upgrades (e.g. 9.4.x to 9.5.x) will ever be + # permitted. Note that these updates must always be manually performed and + # will never automatically applied. + allow_major_version_upgrade = true + + # The availability zones within which it should be possible to spin up + # replicas + allowed_replica_zones = [] + + # Specifies whether any cluster modifications are applied immediately, or + # during the next maintenance window. Note that cluster modifications may + # cause degraded performance or downtime. + apply_immediately = false + + # Indicates that minor engine upgrades will be applied automatically to the DB + # instance during the maintenance window. If set to true, you should set + # var.engine_version to MAJOR.MINOR and omit the .PATCH at the end (e.g., use + # 5.7 and not 5.7.11); otherwise, you'll get Terraform state drift. See + # https://www.terraform.io/docs/providers/aws/r/db_instance.html#engine_version + # for more details. + auto_minor_version_upgrade = true + + # How many days to keep backup snapshots around before cleaning them up. Must + # be 1 or greater to support read replicas. 0 means disable automated backups. + backup_retention_period = 21 + + # The Certificate Authority (CA) certificates bundle to use on the RDS + # instance. + ca_cert_identifier = null + + # Copy all the RDS instance tags to snapshots. Default is false. + copy_tags_to_snapshot = false + + # Timeout for DB creating + creating_timeout = "40m" + + # A map of custom tags to apply to the RDS Instance and the Security Group + # created for it. The key is the tag name and the value is the tag value. + custom_tags = {} + + # Timeout for DB deleting + deleting_timeout = "60m" + + # The database can't be deleted when this value is set to true. The default is + # false. + deletion_protection = false + + # List of log types to enable for exporting to CloudWatch logs. If omitted, no + # logs will be exported. Valid values (depending on engine): alert, audit, + # error, general, listener, slowquery, trace, postgresql (PostgreSQL) and + # upgrade (PostgreSQL). + enabled_cloudwatch_logs_exports = [] + + # Specifies whether IAM database authentication is enabled. This option is + # only available for MySQL and PostgreSQL engines. + iam_database_authentication_enabled = null + + # The amount of provisioned IOPS for the primary instance. Setting this + # implies a storage_type of 'io1','io2, or 'gp3'. Set to 0 to disable. + iops = 0 + + # The ARN of a KMS key that should be used to encrypt data on disk. Only used + # if var.storage_encrypted is true. If you leave this blank, the default RDS + # KMS key for the account will be used. + kms_key_arn = null + + # When configured, the upper limit to which Amazon RDS can automatically scale + # the storage of the DB instance. Configuring this will automatically ignore + # differences to allocated_storage. Must be greater than or equal to + # allocated_storage or 0 to disable Storage Autoscaling. + max_allocated_storage = 0 + + # The interval, in seconds, between points when Enhanced Monitoring metrics + # are collected for the DB instance. To disable collecting Enhanced Monitoring + # metrics, specify 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. Enhanced + # Monitoring metrics are useful when you want to see how different processes + # or threads on a DB instance use the CPU. + monitoring_interval = 0 + + # The ARN for the IAM role that permits RDS to send enhanced monitoring + # metrics to CloudWatch Logs. If monitoring_interval is greater than 0, but + # monitoring_role_arn is let as an empty string, a default IAM role that + # allows enhanced monitoring will be created. + monitoring_role_arn = null + + # The number of read replicas to create. RDS will asynchronously replicate all + # data from the master to these replicas, which you can use to horizontally + # scale reads traffic. + num_read_replicas = 0 + + # Name of a DB parameter group to associate. + parameter_group_name = null + + # Specifies whether Performance Insights are enabled. Performance Insights can + # be enabled for specific versions of database engines. See + # https://aws.amazon.com/rds/performance-insights/ for more details. + performance_insights_enabled = false + + # The ARN for the KMS key to encrypt Performance Insights data. When + # specifying performance_insights_kms_key_id, performance_insights_enabled + # needs to be set to true. Once KMS key is set, it can never be changed. When + # set to `null` default aws/rds KMS for given region is used. + performance_insights_kms_key_id = null + + # The amount of time in days to retain Performance Insights data. Either 7 (7 + # days) or 731 (2 years). When specifying + # performance_insights_retention_period, performance_insights_enabled needs to + # be set to true. Defaults to `7`. + performance_insights_retention_period = null + + # WARNING: - In nearly all cases a database should NOT be publicly accessible. + # Only set this to true if you want the database open to the internet. + publicly_accessible = false + + # Determines whether a final DB snapshot is created before the DB instance is + # deleted. Be very careful setting this to true; if you do, and you delete + # this DB instance, you will not have any backups of the data! + skip_final_snapshot = false + + # Specifies whether the DB instance is encrypted. + storage_encrypted = true + + # The type of storage to use for the primary instance. Must be one of + # 'standard' (magnetic), 'gp2' (general purpose SSD), 'gp3' (general purpose + # SSD), io1' (provisioned IOPS SSD), or 'io2' (2nd gen provisioned IOPS SSD). + storage_type = "gp2" + + # Timeout for DB updating + updating_timeout = "80m" + +} + + +``` + + + + +```hcl title="terragrunt.hcl" + +# ------------------------------------------------------------------------------------------------------ +# DEPLOY GRUNTWORK'S RDS-REPLICAS MODULE +# ------------------------------------------------------------------------------------------------------ + +terraform { + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds-replicas?ref=v0.28.0" +} + +inputs = { + + # ---------------------------------------------------------------------------------------------------- + # REQUIRED VARIABLES + # ---------------------------------------------------------------------------------------------------- + + # The instance type to use for the db (e.g. db.t2.micro) + instance_type = + + # The name used to namespace all resources created by these templates, + # including the DB instance (e.g. drupaldb). Must be unique for this region. + # May contain only lowercase alphanumeric characters, hyphens, underscores, + # periods, and spaces. + name = + + # The port the DB will listen on (e.g. 3306) + port = + + # An ID of the primary DB instance to create read replicas from + primary_instance_id = + + # The id of the VPC in which this DB should be deployed. + vpc_id = + + # ---------------------------------------------------------------------------------------------------- + # OPTIONAL VARIABLES + # ---------------------------------------------------------------------------------------------------- + + # List of IDs of AWS Security Groups to attach to the read replica RDS + # instance. + additional_security_group_ids = [] + + # A list of CIDR-formatted IP address ranges that can connect to read replica + # instances. If not set read replica instances will use the same security + # group as master instance. + allow_connections_from_cidr_blocks = [] + + # A list of Security Groups that can connect to read replica instances. If not + # set read replica instances will use the same security group as master + # instance. + allow_connections_from_security_groups = [] + + # Indicates whether major version upgrades (e.g. 9.4.x to 9.5.x) will ever be + # permitted. Note that these updates must always be manually performed and + # will never automatically applied. + allow_major_version_upgrade = true + + # The availability zones within which it should be possible to spin up + # replicas + allowed_replica_zones = [] + + # Specifies whether any cluster modifications are applied immediately, or + # during the next maintenance window. Note that cluster modifications may + # cause degraded performance or downtime. + apply_immediately = false + + # Indicates that minor engine upgrades will be applied automatically to the DB + # instance during the maintenance window. If set to true, you should set + # var.engine_version to MAJOR.MINOR and omit the .PATCH at the end (e.g., use + # 5.7 and not 5.7.11); otherwise, you'll get Terraform state drift. See + # https://www.terraform.io/docs/providers/aws/r/db_instance.html#engine_version + # for more details. + auto_minor_version_upgrade = true + + # How many days to keep backup snapshots around before cleaning them up. Must + # be 1 or greater to support read replicas. 0 means disable automated backups. + backup_retention_period = 21 + + # The Certificate Authority (CA) certificates bundle to use on the RDS + # instance. + ca_cert_identifier = null + + # Copy all the RDS instance tags to snapshots. Default is false. + copy_tags_to_snapshot = false + + # Timeout for DB creating + creating_timeout = "40m" + + # A map of custom tags to apply to the RDS Instance and the Security Group + # created for it. The key is the tag name and the value is the tag value. + custom_tags = {} + + # Timeout for DB deleting + deleting_timeout = "60m" + + # The database can't be deleted when this value is set to true. The default is + # false. + deletion_protection = false + + # List of log types to enable for exporting to CloudWatch logs. If omitted, no + # logs will be exported. Valid values (depending on engine): alert, audit, + # error, general, listener, slowquery, trace, postgresql (PostgreSQL) and + # upgrade (PostgreSQL). + enabled_cloudwatch_logs_exports = [] + + # Specifies whether IAM database authentication is enabled. This option is + # only available for MySQL and PostgreSQL engines. + iam_database_authentication_enabled = null + + # The amount of provisioned IOPS for the primary instance. Setting this + # implies a storage_type of 'io1','io2, or 'gp3'. Set to 0 to disable. + iops = 0 + + # The ARN of a KMS key that should be used to encrypt data on disk. Only used + # if var.storage_encrypted is true. If you leave this blank, the default RDS + # KMS key for the account will be used. + kms_key_arn = null + + # When configured, the upper limit to which Amazon RDS can automatically scale + # the storage of the DB instance. Configuring this will automatically ignore + # differences to allocated_storage. Must be greater than or equal to + # allocated_storage or 0 to disable Storage Autoscaling. + max_allocated_storage = 0 + + # The interval, in seconds, between points when Enhanced Monitoring metrics + # are collected for the DB instance. To disable collecting Enhanced Monitoring + # metrics, specify 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. Enhanced + # Monitoring metrics are useful when you want to see how different processes + # or threads on a DB instance use the CPU. + monitoring_interval = 0 + + # The ARN for the IAM role that permits RDS to send enhanced monitoring + # metrics to CloudWatch Logs. If monitoring_interval is greater than 0, but + # monitoring_role_arn is let as an empty string, a default IAM role that + # allows enhanced monitoring will be created. + monitoring_role_arn = null + + # The number of read replicas to create. RDS will asynchronously replicate all + # data from the master to these replicas, which you can use to horizontally + # scale reads traffic. + num_read_replicas = 0 + + # Name of a DB parameter group to associate. + parameter_group_name = null + + # Specifies whether Performance Insights are enabled. Performance Insights can + # be enabled for specific versions of database engines. See + # https://aws.amazon.com/rds/performance-insights/ for more details. + performance_insights_enabled = false + + # The ARN for the KMS key to encrypt Performance Insights data. When + # specifying performance_insights_kms_key_id, performance_insights_enabled + # needs to be set to true. Once KMS key is set, it can never be changed. When + # set to `null` default aws/rds KMS for given region is used. + performance_insights_kms_key_id = null + + # The amount of time in days to retain Performance Insights data. Either 7 (7 + # days) or 731 (2 years). When specifying + # performance_insights_retention_period, performance_insights_enabled needs to + # be set to true. Defaults to `7`. + performance_insights_retention_period = null + + # WARNING: - In nearly all cases a database should NOT be publicly accessible. + # Only set this to true if you want the database open to the internet. + publicly_accessible = false + + # Determines whether a final DB snapshot is created before the DB instance is + # deleted. Be very careful setting this to true; if you do, and you delete + # this DB instance, you will not have any backups of the data! + skip_final_snapshot = false + + # Specifies whether the DB instance is encrypted. + storage_encrypted = true + + # The type of storage to use for the primary instance. Must be one of + # 'standard' (magnetic), 'gp2' (general purpose SSD), 'gp3' (general purpose + # SSD), io1' (provisioned IOPS SSD), or 'io2' (2nd gen provisioned IOPS SSD). + storage_type = "gp2" + + # Timeout for DB updating + updating_timeout = "80m" + +} + + +``` + + + + + + + +## Reference + + + + +### Required + + + + +The instance type to use for the db (e.g. db.t2.micro) + + + + + + + +The name used to namespace all resources created by these templates, including the DB instance (e.g. drupaldb). Must be unique for this region. May contain only lowercase alphanumeric characters, hyphens, underscores, periods, and spaces. + + + + + + + +The port the DB will listen on (e.g. 3306) + + + + + + + +An ID of the primary DB instance to create read replicas from + + + + + + + +The id of the VPC in which this DB should be deployed. + + + + +### Optional + + + + +List of IDs of AWS Security Groups to attach to the read replica RDS instance. + + + + + + + + +A list of CIDR-formatted IP address ranges that can connect to read replica instances. If not set read replica instances will use the same security group as master instance. + + + + + + + + +A list of Security Groups that can connect to read replica instances. If not set read replica instances will use the same security group as master instance. + + + + + + + + +Indicates whether major version upgrades (e.g. 9.4.x to 9.5.x) will ever be permitted. Note that these updates must always be manually performed and will never automatically applied. + + + + + + + + +The availability zones within which it should be possible to spin up replicas + + + + + + + + +Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Note that cluster modifications may cause degraded performance or downtime. + + + + + + + + +Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. If set to true, you should set engine_version to MAJOR.MINOR and omit the .PATCH at the end (e.g., use 5.7 and not 5.7.11); otherwise, you'll get Terraform state drift. See https://www.terraform.io/docs/providers/aws/r/db_instance.html#engine_version for more details. + + + + + + + + +How many days to keep backup snapshots around before cleaning them up. Must be 1 or greater to support read replicas. 0 means disable automated backups. + + + + + + + + +The Certificate Authority (CA) certificates bundle to use on the RDS instance. + + + + + + + + +Copy all the RDS instance tags to snapshots. Default is false. + + + + + + + + +Timeout for DB creating + + + + + + + + +A map of custom tags to apply to the RDS Instance and the Security Group created for it. The key is the tag name and the value is the tag value. + + + + + + + + +Timeout for DB deleting + + + + + + + + +The database can't be deleted when this value is set to true. The default is false. + + + + + + + + +List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL) and upgrade (PostgreSQL). + + + + + + + + +Specifies whether IAM database authentication is enabled. This option is only available for MySQL and PostgreSQL engines. + + + + + + + + +The amount of provisioned IOPS for the primary instance. Setting this implies a storage_type of 'io1','io2, or 'gp3'. Set to 0 to disable. + + + + + + + + +The ARN of a KMS key that should be used to encrypt data on disk. Only used if storage_encrypted is true. If you leave this blank, the default RDS KMS key for the account will be used. + + + + + + + + +When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to allocated_storage. Must be greater than or equal to allocated_storage or 0 to disable Storage Autoscaling. + + + + + + + + +The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. Enhanced Monitoring metrics are useful when you want to see how different processes or threads on a DB instance use the CPU. + + + + + + + + +The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. If monitoring_interval is greater than 0, but monitoring_role_arn is let as an empty string, a default IAM role that allows enhanced monitoring will be created. + + + + + + + + +The number of read replicas to create. RDS will asynchronously replicate all data from the master to these replicas, which you can use to horizontally scale reads traffic. + + + + + + + + +Name of a DB parameter group to associate. + + + + + + + + +Specifies whether Performance Insights are enabled. Performance Insights can be enabled for specific versions of database engines. See https://aws.amazon.com/rds/performance-insights/ for more details. + + + + + + + + +The ARN for the KMS key to encrypt Performance Insights data. When specifying performance_insights_kms_key_id, performance_insights_enabled needs to be set to true. Once KMS key is set, it can never be changed. When set to `null` default aws/rds KMS for given region is used. + + + + + + + + +The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). When specifying performance_insights_retention_period, performance_insights_enabled needs to be set to true. Defaults to `7`. + + + + + + + + +WARNING: - In nearly all cases a database should NOT be publicly accessible. Only set this to true if you want the database open to the internet. + + + + + + + + +Determines whether a final DB snapshot is created before the DB instance is deleted. Be very careful setting this to true; if you do, and you delete this DB instance, you will not have any backups of the data! + + + + + + + + +Specifies whether the DB instance is encrypted. + + + + + + + + +The type of storage to use for the primary instance. Must be one of 'standard' (magnetic), 'gp2' (general purpose SSD), 'gp3' (general purpose SSD), io1' (provisioned IOPS SSD), or 'io2' (2nd gen provisioned IOPS SSD). + + + + + + + + +Timeout for DB updating + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/reference/modules/terraform-aws-data-storage/rds/rds.md b/docs/reference/modules/terraform-aws-data-storage/rds/rds.md index 10ef5dfdeb..9d1acf3040 100644 --- a/docs/reference/modules/terraform-aws-data-storage/rds/rds.md +++ b/docs/reference/modules/terraform-aws-data-storage/rds/rds.md @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # RDS Module -View Source +View Source -Release Notes +Release Notes This module creates an Amazon Relational Database Service (RDS) cluster that can run MySQL, Postgres, MariaDB, Oracle, or SQL Server. The cluster is managed by AWS and automatically handles standby failover, read replicas, backups, @@ -95,7 +95,7 @@ Tunneling) before you can connect to the database. module "rds" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -401,14 +401,6 @@ module "rds" { # disable automated backups. replica_backup_retention_period = 0 - # Specifies that this resource is a Replicate database, and to use this value - # as the source database. This correlates to the identifier of another Amazon - # RDS Database to replicate (if replicating within a single region) or ARN of - # the Amazon RDS Database to replicate (if replicating cross-region). Note - # that if you are creating a cross-region replica of an encrypted database you - # will also need to specify a kms_key_arn. - replicate_source_db = null - # Determines whether a final DB snapshot is created before the DB instance is # deleted. Be very careful setting this to true; if you do, and you delete # this DB instance, you will not have any backups of the data! @@ -451,7 +443,7 @@ module "rds" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/rds?ref=v0.28.0" } inputs = { @@ -760,14 +752,6 @@ inputs = { # disable automated backups. replica_backup_retention_period = 0 - # Specifies that this resource is a Replicate database, and to use this value - # as the source database. This correlates to the identifier of another Amazon - # RDS Database to replicate (if replicating within a single region) or ARN of - # the Amazon RDS Database to replicate (if replicating cross-region). Note - # that if you are creating a cross-region replica of an encrypted database you - # will also need to specify a kms_key_arn. - replicate_source_db = null - # Determines whether a final DB snapshot is created before the DB instance is # deleted. Be very careful setting this to true; if you do, and you delete # this DB instance, you will not have any backups of the data! @@ -1411,15 +1395,6 @@ How many days to keep backup snapshots around before cleaning them up on the rea - - - -Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate (if replicating within a single region) or ARN of the Amazon RDS Database to replicate (if replicating cross-region). Note that if you are creating a cross-region replica of an encrypted database you will also need to specify a kms_key_arn. - - - - - @@ -1520,11 +1495,11 @@ Timeout for DB updating diff --git a/docs/reference/modules/terraform-aws-data-storage/redshift/redshift.md b/docs/reference/modules/terraform-aws-data-storage/redshift/redshift.md index f080f7d8f7..317b5e6214 100644 --- a/docs/reference/modules/terraform-aws-data-storage/redshift/redshift.md +++ b/docs/reference/modules/terraform-aws-data-storage/redshift/redshift.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Redshift Module -View Source +View Source Release Notes @@ -63,7 +63,7 @@ workaround, you can re-run the destroy command once the workspace gets deleted c module "redshift" { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/redshift?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/redshift?ref=v0.28.0" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -259,7 +259,7 @@ module "redshift" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/redshift?ref=v0.27.2" + source = "git::git@github.com:gruntwork-io/terraform-aws-data-storage.git//modules/redshift?ref=v0.28.0" } inputs = { @@ -923,11 +923,11 @@ The ID of the Security Group that controls access to the cluster diff --git a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md index 4288884cab..8b34ce4ea2 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md +++ b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # ALB Ingress Controller IAM Policy Module -View Source +View Source -Release Notes +Release Notes This Terraform Module defines an [IAM policy](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/QuickStartEC2Instance.html#d0e22325) that @@ -23,14 +23,14 @@ defines the minimal set of permissions necessary for the [AWS ALB Ingress Controller](https://github.com/kubernetes-sigs/aws-alb-ingress-controller). This policy can then be attached to EC2 instances or IAM roles so that the controller deployed has enough permissions to manage an ALB. -See [the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-alb-ingress-controller) for a module that deploys the Ingress +See [the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-alb-ingress-controller) for a module that deploys the Ingress Controller on to your EKS cluster. ## Attaching IAM policy to workers To allow the ALB Ingress Controller to manage ALBs, it needs IAM permissions to use the AWS API to manage ALBs. Currently, the way to grant Pods IAM privileges is to use the worker IAM profiles provisioned by [the -eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies). +eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies). The Terraform templates in this module create an IAM policy that has the required permissions. You then need to use an [aws_iam_policy_attachment](https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html) to attach that @@ -64,7 +64,7 @@ resource "aws_iam_role_policy_attachment" "attach_alb_ingress_controller_iam_pol module "eks_alb_ingress_controller_iam_policy" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -100,7 +100,7 @@ module "eks_alb_ingress_controller_iam_policy" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.1" } inputs = { @@ -195,11 +195,11 @@ The name of the IAM policy created with the permissions for the ALB ingress cont diff --git a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md index 6eee80a515..a1a83ac5ae 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md +++ b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # ALB Ingress Controller Module -View Source +View Source -Release Notes +Release Notes This Terraform Module installs and configures the [AWS ALB Ingress Controller](https://github.com/kubernetes-sigs/aws-alb-ingress-controller) on an EKS cluster, so that you can configure @@ -110,7 +110,7 @@ correctly. You can use the `alb.ingress.kubernetes.io/subnets` annotation on `Ingress` resources to specify which subnets the controller should configure the ALB for. -You can also omit the `alb.ingress.kubernetes.io/subnets` annotation, and the controller will [automatically discover subnets](https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/controller/config/#subnet-auto-discovery) based on their tags. This method should work "out of the box", so long as you are using the [`eks-vpc-tags`](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-vpc-tags) module to tag your VPC subnets. +You can also omit the `alb.ingress.kubernetes.io/subnets` annotation, and the controller will [automatically discover subnets](https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/controller/config/#subnet-auto-discovery) based on their tags. This method should work "out of the box", so long as you are using the [`eks-vpc-tags`](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-vpc-tags) module to tag your VPC subnets. ### Security Groups @@ -125,7 +125,7 @@ nodes. ### IAM permissions The container deployed in this module requires IAM permissions to manage ALB resources. See [the -eks-alb-ingress-controller-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-alb-ingress-controller-iam-policy) for more information. +eks-alb-ingress-controller-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-alb-ingress-controller-iam-policy) for more information. ## Using the Ingress Controller @@ -200,7 +200,7 @@ nature of the controller in provisioning the ALBs. The AWS ALB Ingress Controller has first class support for [external-dns](https://github.com/kubernetes-incubator/external-dns), a third party tool that configures external DNS providers with domains to route to `Services` and `Ingresses` in Kubernetes. See our [eks-k8s-external-dns -module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-external-dns) for more information on how to setup the tool. +module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-external-dns) for more information on how to setup the tool. ## How do I deploy the Pods to Fargate? @@ -234,7 +234,7 @@ instances under the hood, and thus the ALB can not be configured to route by ins module "eks_alb_ingress_controller" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -361,7 +361,7 @@ module "eks_alb_ingress_controller" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.1" } inputs = { @@ -488,11 +488,11 @@ inputs = { diff --git a/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md b/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md index 71b442c508..eb0a34b8d3 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md +++ b/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS AWS Auth Merger -View Source +View Source Release Notes @@ -35,21 +35,21 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr ### Core concepts -* *[What is Kubernetes RBAC?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-role-mapping/README.md#what-is-kubernetes-role-based-access-control-rbac)*: overview of Kubernetes RBAC, the underlying system managing authentication and authorization in Kubernetes. +* *[What is Kubernetes RBAC?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#what-is-kubernetes-role-based-access-control-rbac)*: overview of Kubernetes RBAC, the underlying system managing authentication and authorization in Kubernetes. -* *[What is AWS IAM role?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-role-mapping/README.md#what-is-aws-iam-role)*: overview of AWS IAM Roles, the underlying system managing authentication and authorization in AWS. +* *[What is AWS IAM role?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#what-is-aws-iam-role)*: overview of AWS IAM Roles, the underlying system managing authentication and authorization in AWS. * *[Managing users or IAM roles for your cluster](https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html)*: The official AWS docs on how the `aws-auth` Kubernetes `ConfigMap` works. -* *[What is the aws-auth-merger?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-aws-auth-merger/core-concepts.md#what-is-the-aws-auth-merger)*: overview of the `aws-auth-merger` and how it works to manage the `aws-auth` Kubernetes `ConfigMap`. +* *[What is the aws-auth-merger?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger/core-concepts.md#what-is-the-aws-auth-merger)*: overview of the `aws-auth-merger` and how it works to manage the `aws-auth` Kubernetes `ConfigMap`. ### Repo organization -* [modules](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules. +* [modules](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules. -* [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/examples): This folder contains working examples of how to use the submodules. +* [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples): This folder contains working examples of how to use the submodules. -* [test](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/test): Automated tests for the modules and examples. +* [test](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/test): Automated tests for the modules and examples. ## Deploy @@ -57,7 +57,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr If you just want to try this repo out for experimenting and learning, check out the following resources: -* [examples folder](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). +* [examples folder](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). ### Production deployment @@ -69,15 +69,15 @@ If you want to deploy this repo in production, check out the following resources ## Manage -* [How to deploy and use the aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-use-the-aws-auth-merger) +* [How to deploy and use the aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-use-the-aws-auth-merger) -* [How to handle conflicts with automatic updates to the aws-auth ConfigMap by EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-handle-conflicts-with-automatic-updates-by-eks) +* [How to handle conflicts with automatic updates to the aws-auth ConfigMap by EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-handle-conflicts-with-automatic-updates-by-eks) -* [How to restrict users to specific actions on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-role-mapping/README.md#restricting-specific-actions) +* [How to restrict users to specific actions on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#restricting-specific-actions) -* [How to restrict users to specific namespaces on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-role-mapping/README.md#restricting-by-namespace) +* [How to restrict users to specific namespaces on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#restricting-by-namespace) -* [How to authenticate kubectl to EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/core-concepts.md#how-to-authenticate-kubectl) +* [How to authenticate kubectl to EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/core-concepts.md#how-to-authenticate-kubectl) ## Sample Usage @@ -92,7 +92,7 @@ If you want to deploy this repo in production, check out the following resources module "eks_aws_auth_merger" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -207,7 +207,7 @@ module "eks_aws_auth_merger" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.1" } inputs = { @@ -627,11 +627,11 @@ The name of the namespace that is used. If create_namespace is true, this output diff --git a/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md b/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md index d018ec68a9..728fa30273 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md +++ b/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS CloudWatch Agent Module -View Source +View Source Release Notes @@ -67,7 +67,7 @@ docs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContainerIn module "eks_cloudwatch_agent" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -150,7 +150,7 @@ module "eks_cloudwatch_agent" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.1" } inputs = { @@ -233,11 +233,11 @@ inputs = { diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md index dd305eccf2..42a411a51f 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md +++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Cluster Control Plane Module -View Source +View Source Release Notes @@ -22,7 +22,7 @@ Cluster](https://docs.aws.amazon.com/eks/latest/userguide/clusters.html). This module is responsible for the EKS Control Plane in [the EKS cluster topology](#what-is-an-eks-cluster). You must launch worker nodes in order to be able to schedule pods on your cluster. See the [eks-cluster-workers -module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers) for managing EKS worker nodes. +module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers) for managing EKS worker nodes. ## What is the EKS Control Plane? @@ -46,7 +46,7 @@ Specifically, the control plane consists of: This includes resources like the [`LoadBalancers`](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/). -You can read more about the different components of EKS in [the project README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/core-concepts.md#what-is-an-eks-cluster). +You can read more about the different components of EKS in [the project README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/core-concepts.md#what-is-an-eks-cluster). ## What security group rules are created? @@ -134,7 +134,7 @@ role that is being assumed. Specifically, you need to: that role). You can use the -[eks-iam-role-assume-role-policy-for-service-account module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-iam-role-assume-role-policy-for-service-account) to +[eks-iam-role-assume-role-policy-for-service-account module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-iam-role-assume-role-policy-for-service-account) to construct the policy using a more convenient interface. Refer to the module documentation for more info. Once you have an IAM Role that can be assumed by the Kubernetes Service Account, you can configure your Pods to exchange @@ -242,7 +242,7 @@ Some additional notes on using Fargate: [the `aws_eks_fargate_profile` resource](https://www.terraform.io/docs/providers/aws/r/eks_fargate_profile.html) to provision Fargate Profiles with Terraform). The Pod Execution Role created by the module may be reused for other Fargate Profiles. -* Fargate does not support DaemonSets. This means that you can't rely on the [eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-container-logs) +* Fargate does not support DaemonSets. This means that you can't rely on the [eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-container-logs) module to forward logs to CloudWatch. Instead, you need to manually configure a sidecar `fluentd` container that forwards the log entries to CloudWatch Logs. Refer to [this AWS blog post](https://aws.amazon.com/blogs/containers/how-to-capture-application-logs-when-using-amazon-eks-on-aws-fargate/) @@ -284,7 +284,7 @@ If you omit the `addon_version`, correct versions are automatically applied. Note that you must update the nodes to use the corresponding `kubelet` version as well. This means that when you update minor versions, you will also need to update the AMIs used by the worker nodes to match the version and rotate the workers. For more information on rotating worker nodes, refer to [How do I roll out an update to the -instances?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers/README.md#how-do-i-roll-out-an-update-to-the-instances) in the `eks-cluster-workers` +instances?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-i-roll-out-an-update-to-the-instances) in the `eks-cluster-workers` module README. ### Detailed upgrade steps @@ -383,7 +383,7 @@ approaches: module "eks_cluster_control_plane" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -673,7 +673,7 @@ module "eks_cluster_control_plane" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.1" } inputs = { @@ -1617,11 +1617,11 @@ The path to the kubergrunt binary, if in use. diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md index 615eceaa01..76da73ddc4 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md +++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md @@ -9,23 +9,23 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Cluster Managed Workers Module -View Source +View Source Release Notes -**This module provisions [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html), as opposed to self managed ASGs. See the [eks-cluster-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers) module for a module to provision self managed worker groups.** +**This module provisions [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html), as opposed to self managed ASGs. See the [eks-cluster-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers) module for a module to provision self managed worker groups.** This Terraform module launches worker nodes using [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html) that you can use to run Kubernetes Pods and Deployments. This module is responsible for the EKS Worker Nodes in [the EKS cluster -topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order -for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane) for +topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order +for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane) for managing an EKS control plane. ## Differences with self managed workers @@ -61,7 +61,7 @@ Here is a list of additional tradeoffs to consider between the two flavors: This module will not automatically scale in response to resource usage by default, the `autoscaling_group_configurations.*.max_size` option is only used to give room for new instances during rolling updates. -To enable auto-scaling in response to resource utilization, deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-cluster-autoscaler). +To enable auto-scaling in response to resource utilization, deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-cluster-autoscaler). Note that the cluster autoscaler supports ASGs that manage nodes in a single availability zone or ASGs that manage nodes in multiple availability zones. However, there is a caveat: @@ -159,7 +159,7 @@ The following are the steps you can take to perform a blue-green release for thi module "eks_cluster_managed_workers" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -316,7 +316,7 @@ module "eks_cluster_managed_workers" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.1" } inputs = { @@ -936,11 +936,11 @@ Map of Node Group names to ARNs of the created EKS Node Groups diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md index ac1ffac56c..6b16c8a9de 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md +++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Cluster Workers Cross Access Module -View Source +View Source Release Notes @@ -63,7 +63,7 @@ module. module "eks_cluster_workers_cross_access" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -101,7 +101,7 @@ module "eks_cluster_workers_cross_access" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.1" } inputs = { @@ -139,11 +139,11 @@ inputs = { diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md index 2bd95c5fcd..c2a237ae69 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md +++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md @@ -9,39 +9,39 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Cluster Workers Module -View Source +View Source Release Notes -**This module provisions self managed ASGs, in contrast to [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html). See the [eks-cluster-managed-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-managed-workers) module for a module to deploy Managed Node Groups.** +**This module provisions self managed ASGs, in contrast to [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html). See the [eks-cluster-managed-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-managed-workers) module for a module to deploy Managed Node Groups.** This Terraform Module launches worker nodes for an [Elastic Container Service for Kubernetes Cluster](https://docs.aws.amazon.com/eks/latest/userguide/clusters.html) that you can use to run Kubernetes Pods and Deployments. This module is responsible for the EKS Worker Nodes in [the EKS cluster -topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order -for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane) for +topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order +for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane) for managing an EKS control plane. ## Differences with managed node groups See the \[Differences with self managed workers] section in the documentation for [eks-cluster-managed-workers -module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-managed-workers) for a detailed overview of differences with EKS Managed Node Groups. +module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-managed-workers) for a detailed overview of differences with EKS Managed Node Groups. ## What should be included in the user-data script? In order for the EKS worker nodes to function, it must register itself to the Kubernetes API run by the EKS control plane. This is handled by the bootstrap script provided in the EKS optimized AMI. The user-data script should call the bootstrap script at some point during its execution. You can get this information from the [eks-cluster-control-plane -module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane). +module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane). For an example of a user data script, see the [eks-cluster example's user-data.sh -script](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/examples/eks-cluster-with-iam-role-mappings/user-data/user-data.sh). +script](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/eks-cluster-with-iam-role-mappings/user-data/user-data.sh). You can read more about the bootstrap script in [the official documentation for EKS](https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html). @@ -144,7 +144,7 @@ EOF ``` **Note**: The IAM policies you add will apply to ALL Pods running on these EC2 Instances. See the [How do I associate -IAM roles to the Pods?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) section of the +IAM roles to the Pods?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) section of the `eks-cluster-control-plane` module README for more fine-grained allocation of IAM credentials to Pods. ## How do I SSH into the nodes? @@ -228,7 +228,7 @@ The following are the steps you can take to perform a blue-green release for thi This module will not automatically scale in response to resource usage by default, the `autoscaling_group_configurations.*.max_size` option is only used to give room for new instances during rolling updates. To enable auto-scaling in response to resource utilization, you must set the `include_autoscaler_discovery_tags` input -variable to `true` and also deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-cluster-autoscaler). +variable to `true` and also deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-cluster-autoscaler). Note that the cluster autoscaler supports ASGs that manage nodes in a single availability zone or ASGs that manage nodes in multiple availability zones. However, there is a caveat: @@ -253,7 +253,7 @@ Refer to the [Kubernetes Autoscaler](https://github.com/kubernetes/autoscaler) d module "eks_cluster_workers" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -530,7 +530,7 @@ module "eks_cluster_workers" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.1" } inputs = { @@ -1503,11 +1503,11 @@ AWS ID of the security group created for the EKS worker nodes. diff --git a/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md b/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md index d2f2ce9357..9f989e256b 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md +++ b/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Container Logs Module -View Source +View Source Release Notes @@ -25,7 +25,7 @@ Kinesis Firehose. This module uses the community helm chart, with a set of best practices inputs. **This module is for setting up log aggregation for EKS Pods on EC2 workers (self-managed or managed node groups). For -Fargate pods, take a look at the [eks-fargate-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-fargate-container-logs) module.** +Fargate pods, take a look at the [eks-fargate-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-fargate-container-logs) module.** ## How does this work? @@ -105,7 +105,7 @@ fields @timestamp, @message module "eks_container_logs" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -232,7 +232,7 @@ module "eks_container_logs" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.1" } inputs = { @@ -359,11 +359,11 @@ inputs = { diff --git a/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md b/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md index 413165e62a..1b565b6fb8 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md +++ b/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Fargate Container Logs Module -View Source +View Source Release Notes @@ -25,7 +25,7 @@ Bit](https://fluentbit.io/) instance that runs on Fargate worker nodes. This all aggregation on Fargate Pods in EKS without setting up a side car container. **This module is for setting up log aggregation for EKS Fargate Pods. For other pods, take a look at the -[eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-container-logs) module.** +[eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-container-logs) module.** ## How does this work? @@ -106,7 +106,7 @@ fields @timestamp, @message module "eks_fargate_container_logs" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -203,7 +203,7 @@ module "eks_fargate_container_logs" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.1" } inputs = { @@ -633,11 +633,11 @@ The ID of the Kubernetes ConfigMap containing the logging configuration. This ca diff --git a/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md b/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md index 13cc2cf861..2e1d166f79 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md +++ b/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS IAM Role Assume Role Policy for Kubernetes Service Accounts -View Source +View Source Release Notes @@ -22,7 +22,7 @@ Kubernetes Service Accounts. This requires a compatible EKS cluster that support Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) feature. See the [corresponding section of the eks-cluster-control-plane module -README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) for information on how to set +README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) for information on how to set up IRSA and how it works. ## Sample Usage @@ -38,7 +38,7 @@ up IRSA and how it works. module "eks_iam_role_assume_role_policy_for_service_account" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -89,7 +89,7 @@ module "eks_iam_role_assume_role_policy_for_service_account" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.1" } inputs = { @@ -217,11 +217,11 @@ JSON value for IAM Role Assume Role Policy that allows Kubernetes Service Accoun diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md index cc3ec255c1..4bd093cb04 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md +++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # K8S Cluster Autoscaler IAM Policy Module -View Source +View Source Release Notes @@ -24,14 +24,14 @@ Autoscaler](https://github.com/kubernetes/autoscaler/blob/b6d53e8/cluster-autosc attached to the EC2 instance profile of the worker nodes in a Kubernetes cluster which will allow the autoscaler to manage scaling up and down EC2 instances in targeted Auto Scaling Groups in response to resource utilization. -See [the eks-k8s-cluster-autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-cluster-autoscaler) for a module that deploys the Cluster +See [the eks-k8s-cluster-autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-cluster-autoscaler) for a module that deploys the Cluster Autoscaler to your EKS cluster. ## Attaching IAM policy to workers To allow the Cluster Autoscaler to manage Auto Scaling Groups, it needs IAM permissions to monitor and adjust them. Currently, the way to grant Pods IAM privileges is to use the worker IAM profiles provisioned by [the -eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies). +eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies). The Terraform templates in this module create an IAM policy that has the required permissions. You then need to use an [aws_iam_policy_attachment](https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html) to attach that @@ -66,7 +66,7 @@ resource "aws_iam_role_policy_attachment" "attach_k8s_cluster_autoscaler_iam_pol module "eks_k_8_s_cluster_autoscaler_iam_policy" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -107,7 +107,7 @@ module "eks_k_8_s_cluster_autoscaler_iam_policy" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.1" } inputs = { @@ -216,11 +216,11 @@ The name of the IAM policy created with the permissions for the Kubernetes clust diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md index 046e9a0280..b1bd1a2e4a 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md +++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # K8S Cluster Autoscaler Module -View Source +View Source Release Notes @@ -21,9 +21,9 @@ This Terraform Module installs a [Cluster Autoscaler](https://github.com/kuberne to automatically scale up and down the nodes in a cluster in response to resource utilization. This module is responsible for manipulating each Auto Scaling Group (ASG) that was created by the [EKS cluster -workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers) module. By default, the ASG is configured to allow zero-downtime +workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers) module. By default, the ASG is configured to allow zero-downtime deployments but is not configured to scale automatically. You must launch an [EKS control -plane](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-control-plane) with worker nodes for this module to function. +plane](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane) with worker nodes for this module to function. ## Important Considerations @@ -57,7 +57,7 @@ variables. module "eks_k_8_s_cluster_autoscaler" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -208,7 +208,7 @@ module "eks_k_8_s_cluster_autoscaler" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.1" } inputs = { @@ -359,11 +359,11 @@ inputs = { diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md index 6cd7285af1..22bb9591df 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md +++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # K8S External DNS IAM Policy Module -View Source +View Source Release Notes @@ -23,14 +23,14 @@ defines the minimal set of permissions necessary for the [external-dns application](https://github.com/kubernetes-incubator/external-dns). This policy can then be attached to EC2 instances or IAM roles so that the app deployed has enough permissions to manage Route 53 Hosted Zones. -See [the eks-k8s-external-dns module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-external-dns) for a module that deploys the external-dns +See [the eks-k8s-external-dns module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-external-dns) for a module that deploys the external-dns application on to your EKS cluster. ## Attaching IAM policy to workers To allow the external-dns app to manage Route 53 Hosted Zones, it needs IAM permissions to use the AWS API to manage the zones. Currently, the way to grant Pods IAM privileges is to use the worker IAM profiles provisioned by [the -eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies). +eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies). The Terraform templates in this module create an IAM policy that has the required permissions. You then need to use an [aws_iam_policy_attachment](https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html) to attach that @@ -64,7 +64,7 @@ resource "aws_iam_role_policy_attachment" "attach_k8s_external_dns_iam_policy" { module "eks_k_8_s_external_dns_iam_policy" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -103,7 +103,7 @@ module "eks_k_8_s_external_dns_iam_policy" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.1" } inputs = { @@ -210,11 +210,11 @@ The name of the IAM policy created with the permissions for the external-dns Kub diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md index c1a5fc9752..78b3804c45 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md +++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # K8S External DNS Module -View Source +View Source Release Notes @@ -35,7 +35,7 @@ work, you need to map the domain name to the `Ingress` endpoint, so that request been created and provisioned. However, this can be cumbersome due to the asynchronous nature of Kubernetes operations. For example, if you are using an `Ingress` controller that maps to actual physical loadbalancers in the cloud (e.g the -[ALB Ingress Controller deployed using the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-alb-ingress-controller)), the +[ALB Ingress Controller deployed using the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-alb-ingress-controller)), the endpoint may take several minutes before it is available. You will have to wait for that time, continuously polling the `Ingress` resource until the underlying resource is provisioned and the endpoint is available before you can configure the DNS setting. @@ -61,7 +61,7 @@ This module uses [`helm` v3](https://helm.sh/docs/) to deploy the controller to ### IAM permissions The container deployed in this module requires IAM permissions to manage Route 53 Hosted Zones. See [the -eks-k8s-external-dns-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-external-dns-iam-policy) for more information. +eks-k8s-external-dns-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-external-dns-iam-policy) for more information. ## How do I restrict which Hosted Zones the app should manage? @@ -116,7 +116,7 @@ zones_cache_duration = "3h" module "eks_k_8_s_external_dns" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -290,7 +290,7 @@ module "eks_k_8_s_external_dns" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.1" } inputs = { @@ -464,11 +464,11 @@ inputs = { diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md index fc6046be8a..00fed1eacb 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md +++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md @@ -9,24 +9,24 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS K8s Karpenter Module -View Source +View Source Release Notes This Module can be used to deploy [Karpenter](https://karpenter.sh/) as an alternative to the [Cluster Autoscaler](https://github.com/kubernetes/autoscaler/tree/b6d53e8/cluster-autoscaler) for autoscaling capabilities of an EKS cluster. -This module will create all of the necessary resources for a functional installation of Karpenter as well as the installation of Karpenter. This module does not create Karpenter [Provisioners](https://karpenter.sh/v0.27.0/concepts/provisioners/) or [Node Templates](https://karpenter.sh/v0.27.0/concepts/node-templates/), only the installation of the Karpenter Controller. See the [Karpenter Example](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/examples/eks-cluster-with-karpenter/) for an example of how to deploy the additional `CRDs` (Provisioners, Node Templates, etc) to the EKS cluster. +This module will create all of the necessary resources for a functional installation of Karpenter as well as the installation of Karpenter. This module does not create Karpenter [Provisioners](https://karpenter.sh/v0.27.0/concepts/provisioners/) or [Node Templates](https://karpenter.sh/v0.27.0/concepts/node-templates/), only the installation of the Karpenter Controller. See the [Karpenter Example](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/eks-cluster-with-karpenter/) for an example of how to deploy the additional `CRDs` (Provisioners, Node Templates, etc) to the EKS cluster. -> Note: For EKS cluster autoscaling capabilities, either `Karpenter` OR the `cluster-autoscaler` should be used; not both. To migrate to using `karpenter` instead of the `cluster-autoscaler` see [Migrating to Karpenter from the Cluster Autoscaler](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-karpenter/migrating-to-karpenter-from-cas.md) +> Note: For EKS cluster autoscaling capabilities, either `Karpenter` OR the `cluster-autoscaler` should be used; not both. To migrate to using `karpenter` instead of the `cluster-autoscaler` see [Migrating to Karpenter from the Cluster Autoscaler](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-karpenter/migrating-to-karpenter-from-cas.md) -To leverage the full power and potential of Karpenter, one must understand the [Karpenter Core Concepts](https://karpenter.sh/v0.27.0/concepts/). Deploying this module without additional configuration (ie deploying Karpenter CRDs) will not enable EKS cluster autoscaling. As use-cases are presented, we will do our best effort to continue to add meaningful examples to the [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/examples/) folder to help ease the complexities of configuring Karpenter. At minimum, one should configure and deploy a default `Provisioner` and `Node Template` for just in time node provisioning via Karpenter. +To leverage the full power and potential of Karpenter, one must understand the [Karpenter Core Concepts](https://karpenter.sh/v0.27.0/concepts/). Deploying this module without additional configuration (ie deploying Karpenter CRDs) will not enable EKS cluster autoscaling. As use-cases are presented, we will do our best effort to continue to add meaningful examples to the [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/) folder to help ease the complexities of configuring Karpenter. At minimum, one should configure and deploy a default `Provisioner` and `Node Template` for just in time node provisioning via Karpenter. ### Resources Created -This module will create the following core resources, some of which are optional which are noted in the [input variables](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-k8s-karpenter/variables.tf): +This module will create the following core resources, some of which are optional which are noted in the [input variables](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-karpenter/variables.tf): | AWS Resource | Description | | --- | --- | @@ -69,7 +69,7 @@ For additional details and in-depth information on Karpenter, please see the [Ka module "eks_k_8_s_karpenter" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -186,7 +186,7 @@ module "eks_k_8_s_karpenter" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.1" } inputs = { @@ -582,11 +582,11 @@ The name of the Karpenter Node IAM Role. diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md index 8007a44002..6a8eb91fe7 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md +++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md @@ -9,17 +9,17 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS K8S Role Mapping Module -View Source +View Source Release Notes **NOTE: This module manages a single ConfigMap to use with Kubernetes AWS IAM authentication. If you wish to break up the ConfigMap across multiple smaller ConfigMaps to manage entries in isolated modules (e.g., when you add a new IAM -role in a separate module from the EKS cluster), refer to the [eks-aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-aws-auth-merger).** +role in a separate module from the EKS cluster), refer to the [eks-aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger).** This Module can be used to manage the mapping of AWS IAM roles and users to Kubernetes RBAC groups for finer grained access control of your EKS Cluster. @@ -59,7 +59,7 @@ as much or as little permissions as necessary when accessing resources in the AW This Module provides code for you to manage the mapping between AWS IAM roles and Kubernetes RBAC roles so that you can maintain a consistent set of mappings between the two systems. This works hand in hand with the [EKS authentication -system](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/core-concepts.md#how-do-i-authenticate-kubectl-to-the-eks-cluster), providing the information to Kubernetes to resolve the user to the right RBAC group based on the provided IAM role credentials. +system](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/core-concepts.md#how-do-i-authenticate-kubectl-to-the-eks-cluster), providing the information to Kubernetes to resolve the user to the right RBAC group based on the provided IAM role credentials. ## Examples @@ -335,7 +335,7 @@ ConfigMap and as such does not have the cyclic dependency problem of Helm. module "eks_k_8_s_role_mapping" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -388,7 +388,7 @@ module "eks_k_8_s_role_mapping" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.1" } inputs = { @@ -543,11 +543,11 @@ The name of the ConfigMap created to store the mapping. This exists so that down diff --git a/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md b/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md index 13ae9a8881..f04032f8a3 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md +++ b/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS Scripts Module -View Source +View Source Release Notes @@ -31,7 +31,7 @@ gruntwork-install --module-name "eks-scripts" --repo "https://github.com/gruntwo ``` For an example, see the [Packer](https://www.packer.io/) template under -[examples/eks-cluster-with-supporting-services/packer/build.json](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/examples/eks-cluster-with-supporting-services/packer/build.json). +[examples/eks-cluster-with-supporting-services/packer/build.json](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/eks-cluster-with-supporting-services/packer/build.json). ## Using the map-ec2-tags-to-node-labels helper @@ -96,7 +96,7 @@ and you specified `ec2.gruntwork.io/` as your tag prefix (`map-ec2-tags-to-node- In order for the script to be able to successfully retrieve the tags for EC2 instance, the instances need to be associated with an IAM profile that grants it access to retrieve the EC2 tags on the instance. If you launch the workers -using the [eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.0/modules/eks-cluster-workers), this is automatically attached to the worker IAM role. +using the [eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers), this is automatically attached to the worker IAM role. ### map_ec2\_tags_to_node_labels.py symlink @@ -108,11 +108,11 @@ tests. diff --git a/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md b/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md index 4c9f6494c9..54300db82e 100644 --- a/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md +++ b/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # EKS VPC Tags Module -View Source +View Source Release Notes @@ -39,7 +39,7 @@ with EKS. module "eks_vpc_tags" { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.1" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -63,7 +63,7 @@ module "eks_vpc_tags" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.0" + source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.1" } inputs = { @@ -143,11 +143,11 @@ Tags for public subnets in the VPC to use for integration with EKS. diff --git a/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md b/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md index 489e77fa45..0dad11d079 100644 --- a/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md +++ b/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # API Gateway Account Settings Module -View Source +View Source Release Notes @@ -34,7 +34,7 @@ The corresponding screen from the AWS Console is shown below: ## Quick start -Check out the [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples) for sample code that demonstrates how to use this module. +Check out the [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples) for sample code that demonstrates how to use this module. ## Sample Usage @@ -49,7 +49,7 @@ Check out the [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tr module "api_gateway_account_settings" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # OPTIONAL VARIABLES @@ -91,7 +91,7 @@ module "api_gateway_account_settings" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v0.21.12" } inputs = { @@ -191,11 +191,11 @@ When true, all IAM policies will be managed as dedicated policies rather than in diff --git a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md index cf14e246c3..cee5d8823f 100644 --- a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md +++ b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md @@ -9,20 +9,20 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # API Gateway Lambda Function Proxy Methods Module -View Source +View Source Release Notes -This module must be used in conjunction with [the api-gateway-proxy module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy) to configure an API +This module must be used in conjunction with [the api-gateway-proxy module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy) to configure an API Gateway REST API to route all requests from a root path to a lambda function. -Refer to [the module docs](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/README.md) for the `api-gateway-proxy` module for more details on how to +Refer to [the module docs](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/README.md) for the `api-gateway-proxy` module for more details on how to use this module. Specifically, see the section [Can I expose additional lambda functions in a decentralized -manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner) +manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner) ## Sample Usage @@ -37,7 +37,7 @@ manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modu module "api_gateway_proxy_methods" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -85,7 +85,7 @@ module "api_gateway_proxy_methods" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v0.21.12" } inputs = { @@ -293,11 +293,11 @@ ID of the API Gateway method for the root proxy (only created if path_prefix is diff --git a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md index fdb883c4dd..535a064d11 100644 --- a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md +++ b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # API Gateway Proxy Module -View Source +View Source Release Notes @@ -34,7 +34,7 @@ recommend using a framework like Serverless to avoid the verbose configuration o :::note If you are looking for a module to route different requests and methods to different Lambda functions, refer to the -[lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda-http-api-gateway) module. +[lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda-http-api-gateway) module. ::: @@ -58,33 +58,33 @@ before, make sure to read [How to use the Gruntwork Infrastructure as Code Libra ### Core concepts -* [What is API Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/core-concepts.md#what-is-api-gateway) +* [What is API Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/core-concepts.md#what-is-api-gateway) * [What is the difference between the different endpoint - types?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/core-concepts.md#what-is-the-difference-between-the-different-endpoint-types) + types?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/core-concepts.md#what-is-the-difference-between-the-different-endpoint-types) * [API Gateway Documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html): Amazon's docs on API Gateway covering core concepts such as security, monitoring, and invoking APIs. ### Repo organization -* [modules](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules. -* [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples): This folder contains working examples of how to use the submodules. -* [test](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/test): Automated tests for the modules and examples. +* [modules](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules. +* [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples): This folder contains working examples of how to use the submodules. +* [test](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/test): Automated tests for the modules and examples. ## Deploy If you just want to try this repo out for experimenting and learning, check out the following resources: -* [examples folder](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). +* [examples folder](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage). ## Manage ### Day-to-day operations * [How do I expose AWS Lambda functions using API - Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/core-concepts.md#how-do-i-expose-aws-lambda-functions-using-api-gateway) + Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/core-concepts.md#how-do-i-expose-aws-lambda-functions-using-api-gateway) * [Can I expose additional lambda functions in a decentralized - manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner) -* [How do I pass in the us_east\_1 aws provider?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy/core-concepts.md#how-do-i-pass-in-the-us_east\_1-aws-provider) + manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner) +* [How do I pass in the us_east\_1 aws provider?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy/core-concepts.md#how-do-i-pass-in-the-us_east\_1-aws-provider) ## Sample Usage @@ -99,7 +99,7 @@ If you just want to try this repo out for experimenting and learning, check out module "api_gateway_proxy" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -253,7 +253,7 @@ module "api_gateway_proxy" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v0.21.12" } inputs = { @@ -740,11 +740,11 @@ The URL of the API Gateway that you can use to invoke it. diff --git a/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md b/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md index e412cc0bc4..c74c4629a7 100644 --- a/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md +++ b/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Keep Warm Module -View Source +View Source -Release Notes +Release Notes This is a Lambda function you can use to invoke your other Lambda functions on a scheduled basis to keep those functions "warm." This is necessary for Lambda functions that require a low response time (e.g., if you're using Lambda API Gateway as a web service), as Lambda functions that have not been executed in a while will be shut down (that is, @@ -60,7 +60,7 @@ level](#concurrency) for your functions. module "keep_warm" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -133,7 +133,7 @@ module "keep_warm" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v0.21.12" } inputs = { @@ -340,11 +340,11 @@ When true, all IAM policies will be managed as dedicated policies rather than in diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md b/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md index 5922a08637..f592fffe58 100644 --- a/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md +++ b/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md @@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Log group for Lambda Edge -View Source +View Source Release Notes -This module creates a Cloudwatch log group to receive Lambda Edge function logs in one single AWS Region. This module is meant to be used as a building block for the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda-edge-multi-region-log-groups). +This module creates a Cloudwatch log group to receive Lambda Edge function logs in one single AWS Region. This module is meant to be used as a building block for the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda-edge-multi-region-log-groups). ## Why are the resources in this module not created within the Lambda Edge Module? @@ -28,7 +28,7 @@ region that have [Regional Edge Caches](https://aws.amazon.com/blogs/networking- Unfortunately, it is not possible to use a `for_each` on provider blocks and there are multiple issues related to using nested providers. That means that, currently, the only way to create multi-regional modules is by code generating each block and passing down the providers. A full example of creating the providers and using this module can be found at the -[lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples/lambda-edge). +[lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples/lambda-edge). ## Which regions have regional edge caches? @@ -81,7 +81,7 @@ More information: module "lambda_edge_log_group" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -148,7 +148,7 @@ module "lambda_edge_log_group" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v0.21.12" } inputs = { @@ -316,11 +316,11 @@ When true, precreate the CloudWatch Log Group to use for log aggregation from th diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md b/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md index 3d397b25eb..942080ba2b 100644 --- a/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md +++ b/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md @@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Multiregional Log groups for Lambda Edge -View Source +View Source Release Notes -This module uses the [`lambda-edge-log-group` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda-edge-log-group) to create a Cloudwatch log group to receive Lambda Edge function logs in multiple AWS Regions. +This module uses the [`lambda-edge-log-group` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda-edge-log-group) to create a Cloudwatch log group to receive Lambda Edge function logs in multiple AWS Regions. ## Why are the resources in this module not created within the Lambda Edge Module? @@ -27,8 +27,8 @@ region that have [Regional Edge Caches](https://aws.amazon.com/blogs/networking- Unfortunately, it is not possible to use a `for_each` on provider blocks and there are multiple issues related to using nested providers. That means that, currently, the only way to create multi-regional modules is by code generating each -block and passing down the providers using the [`codegen`](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/codegen/) module. A full example of creating the providers and using -this module can be found at the [lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples/lambda-edge). +block and passing down the providers using the [`codegen`](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/codegen/) module. A full example of creating the providers and using +this module can be found at the [lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples/lambda-edge). ## Which regions have regional edge caches? @@ -81,7 +81,7 @@ More information: module "lambda_edge_multi_region_log_groups" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -141,7 +141,7 @@ module "lambda_edge_multi_region_log_groups" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v0.21.12" } inputs = { @@ -298,11 +298,11 @@ Map of log group names per region diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md b/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md index 399ce00610..489edad22d 100644 --- a/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md +++ b/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md @@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Lambda@Edge Function Module -View Source +View Source Release Notes @@ -65,7 +65,7 @@ resource "aws_lambda_permission" "with_sns" { Lambda@Edge stores CloudWatch Logs in the AWS Regions closest to the location where the function receives traffic and is executed. That means a log group must be created in every region that have [Regional Edge Caches](https://aws.amazon.com/blogs/networking-and-content-delivery/aggregating-lambdaedge-logs/). -Instructions on how to do this can be found at the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda-edge-multi-region-log-groups). To see which regions are receiving traffic, you can find graphs of metrics for the +Instructions on how to do this can be found at the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda-edge-multi-region-log-groups). To see which regions are receiving traffic, you can find graphs of metrics for the function on the CloudFront console and choose your region there. ## How to trigger this Lambda function from Cloudfront @@ -94,7 +94,7 @@ triggers: module "lambda_edge" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -276,7 +276,7 @@ module "lambda_edge" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v0.21.12" } inputs = { @@ -820,11 +820,11 @@ Name of the (optionally) created CloudWatch log groups for the lambda function. diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md b/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md index 593591c2f5..dbe9a39346 100644 --- a/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md +++ b/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md @@ -9,7 +9,7 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + -View Source +View Source Release Notes @@ -39,7 +39,7 @@ they can be invoked on HTTP calls. :::note If you are looking for a simple proxy to route all requests to a Lambda function, refer to the -[api-gateway-proxy](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/api-gateway-proxy) module. +[api-gateway-proxy](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/api-gateway-proxy) module. ::: @@ -70,7 +70,7 @@ If you’ve never used the Gruntwork Modules before, make sure to read If you just want to try this repo out for experimenting and learning, check out the following resources: -* [examples/lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples/lambda-http-api-gateway): This example contains sample code that uses +* [examples/lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples/lambda-http-api-gateway): This example contains sample code that uses this module to route two different requests to two different Lambda functions. ## Manage @@ -94,7 +94,7 @@ information on route syntax that API Gateway expects. module "lambda_http_api_gateway" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -215,7 +215,7 @@ module "lambda_http_api_gateway" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v0.21.12" } inputs = { @@ -727,11 +727,11 @@ A map from the route keys to the IDs of the corresponding API Gateway V2 Route r diff --git a/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md b/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md index d1da01f4e9..d3fa60bb7d 100644 --- a/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md +++ b/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Lambda Function Module -View Source +View Source -Release Notes +Release Notes This module makes it easy to deploy and manage an [AWS Lambda](https://aws.amazon.com/lambda/) function. Lambda gives you a way to run code on-demand in AWS without having to manage servers. @@ -105,7 +105,7 @@ Lambda function are still in use. If necessary, the variable `enable_eni_cleanup of the function from the VPC during `terraform destroy` and unblock the Security Group for destruction. Note: this requires the [`aws` cli tool](https://aws.amazon.com/cli/) to be installed. -Check out the [lambda-vpc example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples/lambda-vpc) for working sample code. Make sure to note the Known Issues +Check out the [lambda-vpc example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples/lambda-vpc) for working sample code. Make sure to note the Known Issues section in that example's README. ## How do you share Lambda functions across multiple AWS accounts? @@ -153,7 +153,7 @@ If you want to have a central S3 bucket that you use as a repository for your La module "lambda" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -267,6 +267,11 @@ module "lambda" { # function. environment_variables = {"EnvVarPlaceHolder":"Placeholder"} + # The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in + # MB. This parameter is used to expand the total amount of Ephemeral storage + # available, beyond the default amount of 512MB. + ephemeral_storage = null + # The ARN of existing IAM role that will be used for the Lambda function. If # set, the module will not create any IAM entities and fully relies on caller # to provide correct IAM role and its policies. Using the variable allows the @@ -448,7 +453,7 @@ module "lambda" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v0.21.12" } inputs = { @@ -565,6 +570,11 @@ inputs = { # function. environment_variables = {"EnvVarPlaceHolder":"Placeholder"} + # The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in + # MB. This parameter is used to expand the total amount of Ephemeral storage + # available, beyond the default amount of 512MB. + ephemeral_storage = null + # The ARN of existing IAM role that will be used for the Lambda function. If # set, the module will not create any IAM entities and fully relies on caller # to provide correct IAM role and its policies. Using the variable allows the @@ -958,6 +968,15 @@ A map of environment variables to pass to the Lambda function. AWS will automati + + + +The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. + + + + + @@ -1306,11 +1325,11 @@ Name of the (optionally) created CloudWatch log group for the lambda function. diff --git a/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md b/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md index abe6152e33..21664bbf1c 100644 --- a/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md +++ b/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md @@ -9,7 +9,7 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + -View Source +View Source Release Notes @@ -34,7 +34,7 @@ to the lambda runtime. This entrypoint will pull the provided secrets manager en secrets manager entry to environment variables that are injected into the lambda runtime. This module only includes an entrypoint CLI. If you are looking for a module to deploy container based Lambda functions, -refer to the [lambda](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda) module. +refer to the [lambda](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda) module. ## Motivation @@ -78,7 +78,7 @@ If you’ve never used the Gruntwork Modules before, make sure to read If you just want to try this repo out for experimenting and learning, check out the following resources: -* [examples/lambda-docker](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples/lambda-docker): This example contains a sample `Dockerfile` that uses this +* [examples/lambda-docker](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples/lambda-docker): This example contains a sample `Dockerfile` that uses this entrypoint to expose secrets to a python based Lambda function. ## Manage @@ -133,7 +133,7 @@ To support this use case, the `run-lambda-entrypoint` CLI includes the ability t is not running in a Lambda environment. When `run-lambda-entrypoint` is invoked with the arg `--rie-path`, it will wrap the provided entrypoint script with the RIE when running in local mode. -Refer to the [secret-reflector-go](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/examples/lambda-docker/secret-reflector-go) example for an example of how to set +Refer to the [secret-reflector-go](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/examples/lambda-docker/secret-reflector-go) example for an example of how to set this up with a Go based Lambda function. ### How do I pass in Secrets Manager ARNs for environment variable lookup? @@ -184,11 +184,11 @@ will assume it is the name of a Secrets Manager entry in the same region as the diff --git a/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md b/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md index e2d1f36c88..79146a18aa 100644 --- a/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md +++ b/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md @@ -9,22 +9,22 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx'; import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx'; import { ModuleUsage } from "../../../../../src/components/ModuleUsage"; - + # Scheduled Lambda Job Module -View Source +View Source Release Notes This module makes it easy to run an [AWS Lambda](https://aws.amazon.com/lambda/) function (such as one created with the -[lambda module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda)) on a scheduled basis. This is useful for periodic background jobs, such as taking a +[lambda module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda)) on a scheduled basis. This is useful for periodic background jobs, such as taking a daily snapshot of your servers. ## Background info For more information on AWS Lambda, how it works, and how to configure your functions, check out the [lambda module -documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.10/modules/lambda). +documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.12/modules/lambda). ## Sample Usage @@ -39,7 +39,7 @@ documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v0.21.1 module "scheduled_lambda_job" { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v0.21.12" # ---------------------------------------------------------------------------------------------------- # REQUIRED VARIABLES @@ -90,7 +90,7 @@ module "scheduled_lambda_job" { # ------------------------------------------------------------------------------------------------------ terraform { - source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v0.21.10" + source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v0.21.12" } inputs = { @@ -235,11 +235,11 @@ Cloudwatch Event Rule schedule expression