From 3f3f28aad0cbf2118e65c54898f46eaef49d9bd4 Mon Sep 17 00:00:00 2001
From: "docs-sourcer[bot]"
<99042413+docs-sourcer[bot]@users.noreply.github.com>
Date: Thu, 29 Jun 2023 13:30:24 +0000
Subject: [PATCH] Updated with the [latest
changes](https://github.com/gruntwork-io/terraform-aws-ci/releases/tag/v0.52.5)
from the `terraform-aws-ci@v0.52.5` source branch.
---
.../aws-helpers/aws-helpers.md | 12 ++---
.../build-helpers/build-helpers.md | 14 ++---
.../terraform-aws-ci/check-url/check-url.md | 12 ++---
.../circleci-helpers/circleci-helpers.md | 12 ++---
.../terraform-aws-ci/ec2-backup/ec2-backup.md | 20 +++----
.../ecs-deploy-runner-invoke-iam-policy.md | 18 +++----
...cs-deploy-runner-standard-configuration.md | 22 ++++----
.../ecs-deploy-runner/ecs-deploy-runner.md | 50 +++++++++---------
.../git-helpers/git-helpers.md | 12 ++---
.../gruntwork-module-circleci-helpers.md | 12 ++---
.../iam-policies/iam-policies.md | 20 +++----
.../infrastructure-deploy-script.md | 28 +++++-----
.../infrastructure-deployer.md | 32 ++++++------
.../install-jenkins/install-jenkins.md | 24 ++++-----
.../jenkins-server/jenkins-server.md | 24 ++++-----
.../kubernetes-circleci-helpers.md | 12 ++---
.../monorepo-helpers/monorepo-helpers.md | 30 +++++------
.../sign-binary-helpers.md | 12 ++---
.../terraform-helpers/terraform-helpers.md | 14 ++---
.../ecs-cluster/ecs-cluster.md | 6 +--
.../eks-alb-ingress-controller-iam-policy.md | 20 +++----
.../eks-alb-ingress-controller.md | 22 ++++----
.../eks-aws-auth-merger.md | 40 +++++++-------
.../eks-cloudwatch-agent.md | 16 +++---
.../eks-cluster-control-plane.md | 26 +++++-----
.../eks-cluster-managed-workers.md | 24 ++++-----
.../eks-cluster-workers-cross-access.md | 16 +++---
.../eks-cluster-workers.md | 32 ++++++------
.../eks-container-logs/eks-container-logs.md | 18 +++----
.../eks-fargate-container-logs.md | 18 +++----
...-assume-role-policy-for-service-account.md | 18 +++----
.../eks-k8s-cluster-autoscaler-iam-policy.md | 20 +++----
.../eks-k8s-cluster-autoscaler.md | 20 +++----
.../eks-k8s-external-dns-iam-policy.md | 20 +++----
.../eks-k8s-external-dns.md | 20 +++----
.../eks-k8s-karpenter/eks-k8s-karpenter.md | 52 ++++++++++++++-----
.../eks-k8s-role-mapping.md | 20 +++----
.../eks-scripts/eks-scripts.md | 16 +++---
.../eks-vpc-tags/eks-vpc-tags.md | 16 +++---
.../auto-update/auto-update.md | 30 +++++------
.../aws-auth/aws-auth.md | 14 ++---
.../aws-config-bucket/aws-config-bucket.md | 20 +++----
.../aws-config-multi-region.md | 32 ++++++------
.../aws-config-rules/aws-config-rules.md | 42 +++++++--------
.../aws-config/aws-config.md | 34 ++++++------
.../aws-organizations/aws-organizations.md | 36 ++++++-------
.../cloudtrail-bucket/cloudtrail-bucket.md | 22 ++++----
.../cloudtrail/cloudtrail.md | 44 ++++++++--------
.../cross-account-iam-roles.md | 24 ++++-----
.../custom-iam-entity/custom-iam-entity.md | 24 ++++-----
.../ebs-encryption-multi-region.md | 28 +++++-----
.../ebs-encryption/ebs-encryption.md | 18 +++----
.../fail2ban/fail2ban.md | 12 ++---
.../github-actions-iam-role.md | 16 +++---
.../guardduty-multi-region.md | 32 ++++++------
.../guardduty/guardduty.md | 42 +++++++--------
.../iam-access-analyzer-multi-region.md | 34 ++++++------
.../iam-groups/iam-groups.md | 22 ++++----
.../iam-policies/iam-policies.md | 20 +++----
.../iam-user-password-policy.md | 16 +++---
.../iam-users/iam-users.md | 16 +++---
.../ip-lockdown/ip-lockdown.md | 14 ++---
.../kms-cmk-replica/kms-cmk-replica.md | 18 +++----
.../kms-grant-multi-region.md | 34 ++++++------
.../kms-master-key-multi-region.md | 40 +++++++-------
.../kms-master-key/kms-master-key.md | 16 +++---
.../modules/terraform-aws-security/ntp/ntp.md | 12 ++---
.../os-hardening/os-hardening.md | 30 +++++------
.../private-s3-bucket/private-s3-bucket.md | 18 +++----
.../saml-iam-roles/saml-iam-roles.md | 18 +++----
.../secrets-manager-resource-policies.md | 16 +++---
.../ssh-grunt-selinux-policy.md | 14 ++---
.../ssh-grunt/ssh-grunt.md | 32 ++++++------
.../terraform-aws-security/ssh-iam/ssh-iam.md | 16 +++---
.../ssm-healthchecks-iam-permissions.md | 16 +++---
.../tls-cert-private/tls-cert-private.md | 14 ++---
76 files changed, 866 insertions(+), 840 deletions(-)
diff --git a/docs/reference/modules/terraform-aws-ci/aws-helpers/aws-helpers.md b/docs/reference/modules/terraform-aws-ci/aws-helpers/aws-helpers.md
index 0b4dbe4382..a5d6cfb571 100644
--- a/docs/reference/modules/terraform-aws-ci/aws-helpers/aws-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/aws-helpers/aws-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Helpers
-View Source
+View Source
Release Notes
@@ -45,11 +45,11 @@ dependencies:
diff --git a/docs/reference/modules/terraform-aws-ci/build-helpers/build-helpers.md b/docs/reference/modules/terraform-aws-ci/build-helpers/build-helpers.md
index 671942cd37..6dbeea32bd 100644
--- a/docs/reference/modules/terraform-aws-ci/build-helpers/build-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/build-helpers/build-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Build Helpers
-View Source
+View Source
Release Notes
@@ -72,7 +72,7 @@ job using the [Jenkins Parameterized Trigger
Plugin](https://wiki.jenkins-ci.org/display/JENKINS/Parameterized+Trigger+Plugin). The `deploy-app` CI job, in turn,
would be a [parameterized build](https://wiki.jenkins-ci.org/display/JENKINS/Parameterized+Build) that takes as input
a parameter called `ARTIFACT_ID` (the same parameter name that's in the `artifacts.properties` file) and use it, along
-with the scripts in the [terraform-helpers module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/terraform-helpers) to automatically deploy the new AMI:
+with the scripts in the [terraform-helpers module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/terraform-helpers) to automatically deploy the new AMI:
```bash
cd templates
@@ -187,11 +187,11 @@ Note that the following conditions must be true in order to use this feature:
diff --git a/docs/reference/modules/terraform-aws-ci/check-url/check-url.md b/docs/reference/modules/terraform-aws-ci/check-url/check-url.md
index 4c3bfb0cba..0d229574e0 100644
--- a/docs/reference/modules/terraform-aws-ci/check-url/check-url.md
+++ b/docs/reference/modules/terraform-aws-ci/check-url/check-url.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Check Url
-View Source
+View Source
Release Notes
@@ -81,11 +81,11 @@ Success! Got expected status code '200' and text '2.0.0' from URL http://www.my-
diff --git a/docs/reference/modules/terraform-aws-ci/circleci-helpers/circleci-helpers.md b/docs/reference/modules/terraform-aws-ci/circleci-helpers/circleci-helpers.md
index 7ceac3cab2..8f0a0d99c0 100644
--- a/docs/reference/modules/terraform-aws-ci/circleci-helpers/circleci-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/circleci-helpers/circleci-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# CircleCI Helpers
-View Source
+View Source
Release Notes
@@ -67,11 +67,11 @@ dependencies:
diff --git a/docs/reference/modules/terraform-aws-ci/ec2-backup/ec2-backup.md b/docs/reference/modules/terraform-aws-ci/ec2-backup/ec2-backup.md
index 8a8de869a8..6b9acd0e5c 100644
--- a/docs/reference/modules/terraform-aws-ci/ec2-backup/ec2-backup.md
+++ b/docs/reference/modules/terraform-aws-ci/ec2-backup/ec2-backup.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EC2 Backup Lambda Function Module
-View Source
+View Source
Release Notes
@@ -51,8 +51,8 @@ DLM:
## Example code
-* Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples/jenkins) for working sample code.
-* See [vars.tf](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ec2-backup/vars.tf) for all parameters you can configure on this module.
+* Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples/jenkins) for working sample code.
+* See [vars.tf](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ec2-backup/vars.tf) for all parameters you can configure on this module.
## Specifying an instance
@@ -103,7 +103,7 @@ automatically delete older snapshots. You can specify two parameters to control
module "ec_2_backup" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ec2-backup?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ec2-backup?ref=v0.52.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -173,7 +173,7 @@ module "ec_2_backup" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ec2-backup?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ec2-backup?ref=v0.52.5"
}
inputs = {
@@ -346,11 +346,11 @@ When true, all IAM policies will be managed as dedicated policies rather than in
diff --git a/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-invoke-iam-policy/ecs-deploy-runner-invoke-iam-policy.md b/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-invoke-iam-policy/ecs-deploy-runner-invoke-iam-policy.md
index d732eb19d5..e2581146db 100644
--- a/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-invoke-iam-policy/ecs-deploy-runner-invoke-iam-policy.md
+++ b/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-invoke-iam-policy/ecs-deploy-runner-invoke-iam-policy.md
@@ -9,18 +9,18 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ECS Deploy Runner Invoke IAM Policies module
-View Source
+View Source
Release Notes
This Terraform Module defines an [IAM
policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) that
defines the minimal set of permissions necessary to trigger a deployment event for the deployment pipeline implemented
-in the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner).
+in the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner).
## Attaching IAM policy to IAM roles
@@ -58,7 +58,7 @@ resource "aws_iam_role_policy_attachment" "example" {
module "ecs_deploy_runner_invoke_iam_policy" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-invoke-iam-policy?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-invoke-iam-policy?ref=v0.52.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -97,7 +97,7 @@ module "ecs_deploy_runner_invoke_iam_policy" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-invoke-iam-policy?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-invoke-iam-policy?ref=v0.52.5"
}
inputs = {
@@ -211,11 +211,11 @@ The name of the IAM policy created with the permissions for invoking the ECS Dep
diff --git a/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-standard-configuration/ecs-deploy-runner-standard-configuration.md b/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-standard-configuration/ecs-deploy-runner-standard-configuration.md
index 24c97b8271..054a034cbc 100644
--- a/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-standard-configuration/ecs-deploy-runner-standard-configuration.md
+++ b/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner-standard-configuration/ecs-deploy-runner-standard-configuration.md
@@ -9,16 +9,16 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ECS Deploy Runner Standard Configuration module
-View Source
+View Source
Release Notes
This Terraform Module provides a streamlined interface to configure the [ecs-deploy-runner
-module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner) for a standard infrastructure and applications pipeline. This includes:
+module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner) for a standard infrastructure and applications pipeline. This includes:
* Base pipeline of build image, update variables, deploy infrastructure with Terraform/Terragrunt.
* Restricting git repos that can deploy infrastructure.
@@ -100,8 +100,8 @@ for more information).
## How do I invoke scripts in a given container?
-You can use the [infrastructure-deployer CLI](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer) to invoke a deployed ECS deploy runner. Refer
-to [How do I invoke the ECS deploy runner](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer/core-concepts.md#how-do-i-invoke-the-ecs-deploy-runner)
+You can use the [infrastructure-deployer CLI](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer) to invoke a deployed ECS deploy runner. Refer
+to [How do I invoke the ECS deploy runner](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer/core-concepts.md#how-do-i-invoke-the-ecs-deploy-runner)
for more information.
## Sample Usage
@@ -117,7 +117,7 @@ for more information.
module "ecs_deploy_runner_standard_configuration" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-standard-configuration?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-standard-configuration?ref=v0.52.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -221,7 +221,7 @@ module "ecs_deploy_runner_standard_configuration" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-standard-configuration?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner-standard-configuration?ref=v0.52.5"
}
inputs = {
@@ -916,11 +916,11 @@ Configuration map for the ecs-deploy-runner module that can be passed straight i
diff --git a/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner/ecs-deploy-runner.md b/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner/ecs-deploy-runner.md
index 0b4a12ed74..d7396d4ab6 100644
--- a/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner/ecs-deploy-runner.md
+++ b/docs/reference/modules/terraform-aws-ci/ecs-deploy-runner/ecs-deploy-runner.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Infrastructure Pipeline: ECS Deploy Runner
-View Source
+View Source
Release Notes
@@ -29,7 +29,7 @@ This module can be used to set up a secure CI/CD pipeline for your infrastructur
These workflows can be implemented without directly running the steps from your CI servers. Instead, the CI server can coordinate the CI / CD flow, and for anything that requires sensitive / powerful IAM permissions, it can trigger pre-defined, locked-down jobs in an isolated ECS task, and stream the logs from that task as if it’s running locally.
-Refer to the [infrastructure-deployer CLI](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer) to integrate this with existing CI servers. You can also refer to the [infrastructure-deploy-script module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deploy-script) for more information on the underlying deployment scripts.
+Refer to the [infrastructure-deployer CLI](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer) to integrate this with existing CI servers. You can also refer to the [infrastructure-deploy-script module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deploy-script) for more information on the underlying deployment scripts.
@@ -53,17 +53,17 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [Overview](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#overview): An overview of the architecture deployed by in this module, including how to implement a CI/CD pipeline for infrastructure code.
+* [Overview](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#overview): An overview of the architecture deployed by in this module, including how to implement a CI/CD pipeline for infrastructure code.
-* [Threat model of the deploy runner](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#threat-model-of-the-deploy-runner): An overview of the threat model used to design the security features of the solution, including a description of the potential attack vectors that are mitigated by the solution, and those attacks that require policy and behavioral changes to mitigate.
+* [Threat model of the deploy runner](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#threat-model-of-the-deploy-runner): An overview of the threat model used to design the security features of the solution, including a description of the potential attack vectors that are mitigated by the solution, and those attacks that require policy and behavioral changes to mitigate.
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/test): Automated tests for the modules and examples.
## Deploy
@@ -71,29 +71,29 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
-* [What configuration is recommended for container_images?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#what-configuration-is-recommended-for-container_images)
+* [What configuration is recommended for container_images?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#what-configuration-is-recommended-for-container_images)
-* [How do I restrict what args can be passed into the scripts?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#how-do-i-restrict-what-args-can-be-passed-into-the-scripts)
+* [How do I restrict what args can be passed into the scripts?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#how-do-i-restrict-what-args-can-be-passed-into-the-scripts)
-* [How do I trigger a deployment?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#how-do-i-trigger-a-deployment)
+* [How do I trigger a deployment?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#how-do-i-trigger-a-deployment)
-* [How do I trigger a deployment from CI?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#how-do-i-trigger-a-deployment-from-ci)
+* [How do I trigger a deployment from CI?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#how-do-i-trigger-a-deployment-from-ci)
-* [How do I customize the deployment task runtime environment?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#what-container-is-used-for-the-deploy-task)
+* [How do I customize the deployment task runtime environment?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#what-container-is-used-for-the-deploy-task)
-* [How do I use the deployment task container with a private VCS system such as GitHub Enterprise?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#how-do-i-use-the-ecs-deploy-runner-with-a-private-vcs-system-such-as-github-enterprise)
+* [How do I use the deployment task container with a private VCS system such as GitHub Enterprise?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#how-do-i-use-the-ecs-deploy-runner-with-a-private-vcs-system-such-as-github-enterprise)
-* [How do I stream logs from the deployment task?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#how-do-i-stream-logs-from-the-deployment-task)
+* [How do I stream logs from the deployment task?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#how-do-i-stream-logs-from-the-deployment-task)
-* [How do I access the stdout and stderr output from the underlying scripts?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#how-do-i-access-the-stdout-and-stderr-output-from-the-underlying-scripts)
+* [How do I access the stdout and stderr output from the underlying scripts?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#how-do-i-access-the-stdout-and-stderr-output-from-the-underlying-scripts)
-* [What are the IAM permissions necessary to trigger a deployment?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner/core-concepts.md#what-are-the-iam-permissions-necessary-to-trigger-a-deployment)
+* [What are the IAM permissions necessary to trigger a deployment?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner/core-concepts.md#what-are-the-iam-permissions-necessary-to-trigger-a-deployment)
-* [How do I see the list of supported containers?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer/core-concepts.md#how-do-i-see-the-list-of-supported-containers)
+* [How do I see the list of supported containers?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer/core-concepts.md#how-do-i-see-the-list-of-supported-containers)
## Sample Usage
@@ -108,7 +108,7 @@ If you just want to try this repo out for experimenting and learning, check out
module "ecs_deploy_runner" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner?ref=v0.52.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -320,7 +320,7 @@ module "ecs_deploy_runner" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/ecs-deploy-runner?ref=v0.52.5"
}
inputs = {
@@ -1269,11 +1269,11 @@ Security Group ID of the ECS task
diff --git a/docs/reference/modules/terraform-aws-ci/git-helpers/git-helpers.md b/docs/reference/modules/terraform-aws-ci/git-helpers/git-helpers.md
index 3186e283f0..3b185c76dd 100644
--- a/docs/reference/modules/terraform-aws-ci/git-helpers/git-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/git-helpers/git-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Git Helpers
-View Source
+View Source
Release Notes
@@ -72,11 +72,11 @@ The main options to pass to `git-add-commit-push` are:
diff --git a/docs/reference/modules/terraform-aws-ci/gruntwork-module-circleci-helpers/gruntwork-module-circleci-helpers.md b/docs/reference/modules/terraform-aws-ci/gruntwork-module-circleci-helpers/gruntwork-module-circleci-helpers.md
index 035196e16c..d891f6b6c8 100644
--- a/docs/reference/modules/terraform-aws-ci/gruntwork-module-circleci-helpers/gruntwork-module-circleci-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/gruntwork-module-circleci-helpers/gruntwork-module-circleci-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Gruntwork Module CircleCI Helpers
-View Source
+View Source
Release Notes
@@ -192,11 +192,11 @@ variables](https://circleci.com/docs/environment-variables/).
diff --git a/docs/reference/modules/terraform-aws-ci/iam-policies/iam-policies.md b/docs/reference/modules/terraform-aws-ci/iam-policies/iam-policies.md
index b37aee1f0a..4a5ee52d63 100644
--- a/docs/reference/modules/terraform-aws-ci/iam-policies/iam-policies.md
+++ b/docs/reference/modules/terraform-aws-ci/iam-policies/iam-policies.md
@@ -9,21 +9,21 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# IAM Policies
-View Source
+View Source
Release Notes
This folder contains modules that create an IAM Policy with the minimum permissions needed to support specific CI use
cases. It includes:
-* [ecr-docker-push](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/iam-policies/ecr-docker-push): An IAM Policy that enables checking for an existing Docker image in Amazon ECR and pushing a new one.
-* [ecs-service-deployment](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/iam-policies/ecs-service-deployment): An IAM Policy that enables deploying a new Docker image to the ECS Cluster.
-* [terraform-remote-state-s3](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/iam-policies/terraform-remote-state-s3): An IAM Policy that enables using Terraform Remote State with S3.
-* [terragrunt](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/iam-policies/terragrunt): An IAM Policy that enables using the locking and user-identity features of Terragrunt.
+* [ecr-docker-push](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/iam-policies/ecr-docker-push): An IAM Policy that enables checking for an existing Docker image in Amazon ECR and pushing a new one.
+* [ecs-service-deployment](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/iam-policies/ecs-service-deployment): An IAM Policy that enables deploying a new Docker image to the ECS Cluster.
+* [terraform-remote-state-s3](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/iam-policies/terraform-remote-state-s3): An IAM Policy that enables using Terraform Remote State with S3.
+* [terragrunt](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/iam-policies/terragrunt): An IAM Policy that enables using the locking and user-identity features of Terragrunt.
## Background
@@ -67,11 +67,11 @@ Some modules are configurable to support whatever level of
diff --git a/docs/reference/modules/terraform-aws-ci/infrastructure-deploy-script/infrastructure-deploy-script.md b/docs/reference/modules/terraform-aws-ci/infrastructure-deploy-script/infrastructure-deploy-script.md
index 520615e686..708b155119 100644
--- a/docs/reference/modules/terraform-aws-ci/infrastructure-deploy-script/infrastructure-deploy-script.md
+++ b/docs/reference/modules/terraform-aws-ci/infrastructure-deploy-script/infrastructure-deploy-script.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Infrastructure Pipeline: Infrastructure Deploy Scripts
-View Source
+View Source
Release Notes
-This module contains a script for deploying arbitrary infrastructure code stored in version control using [Terraform](https://www.terraform.io) and [Terragrunt](https://terragrunt.gruntwork.io). The deployment script can be used to set up secure CI/CD pipelines for infrastructure code. The deployment script can run in any environment (e.g directly in CI servers, ECS task, EKS pod) to remotely run infrastructure code based on version control events. Refer to the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner) to run the deployment in an isolated ECS task, separate from the CI servers.
+This module contains a script for deploying arbitrary infrastructure code stored in version control using [Terraform](https://www.terraform.io) and [Terragrunt](https://terragrunt.gruntwork.io). The deployment script can be used to set up secure CI/CD pipelines for infrastructure code. The deployment script can run in any environment (e.g directly in CI servers, ECS task, EKS pod) to remotely run infrastructure code based on version control events. Refer to the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner) to run the deployment in an isolated ECS task, separate from the CI servers.
## Features
@@ -33,15 +33,15 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [Overview of scripts](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deploy-script/core-concepts.md#overview): An overview of the scripts included in this module, including how to deploy and use the scripts to implement a CI/CD pipeline for IaC code.
+* [Overview of scripts](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deploy-script/core-concepts.md#overview): An overview of the scripts included in this module, including how to deploy and use the scripts to implement a CI/CD pipeline for IaC code.
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/test): Automated tests for the modules and examples.
## Deploy
@@ -49,23 +49,23 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
-* [Where do I run the deploy script?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deploy-script/core-concepts.md#where-do-i-run-the-deploy-script)
+* [Where do I run the deploy script?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deploy-script/core-concepts.md#where-do-i-run-the-deploy-script)
-* [What are the system requirements for the deploy script?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deploy-script/core-concepts.md#system-requirements)
+* [What are the system requirements for the deploy script?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deploy-script/core-concepts.md#system-requirements)
diff --git a/docs/reference/modules/terraform-aws-ci/infrastructure-deployer/infrastructure-deployer.md b/docs/reference/modules/terraform-aws-ci/infrastructure-deployer/infrastructure-deployer.md
index e7f48c2f4c..8dc247f42c 100644
--- a/docs/reference/modules/terraform-aws-ci/infrastructure-deployer/infrastructure-deployer.md
+++ b/docs/reference/modules/terraform-aws-ci/infrastructure-deployer/infrastructure-deployer.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Infrastructure Pipeline: Infrastructure Deployer CLI
-View Source
+View Source
Release Notes
@@ -27,9 +27,9 @@ This module contains a CLI that can be used to set up a secure CI/CD pipeline fo
* Automatically update infrastructure configurations and deploying them
-These workflows can be invoked on an isolated ECS task setup by the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner).
+These workflows can be invoked on an isolated ECS task setup by the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner).
-Refer to the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ecs-deploy-runner) for more information on the ECS task.
+Refer to the [ecs-deploy-runner module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ecs-deploy-runner) for more information on the ECS task.
## Features
@@ -51,15 +51,15 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [Overview](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer/core-concepts.md#overview): An overview of the CLI and how to use it within CI jobs to implement an automated workflow for infrastructure code.
+* [Overview](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer/core-concepts.md#overview): An overview of the CLI and how to use it within CI jobs to implement an automated workflow for infrastructure code.
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/test): Automated tests for the modules and examples.
## Deploy
@@ -67,25 +67,25 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
-* [How do I install the infrastructure-deployer CLI?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer/core-concepts.md#how-do-i-install-the-infrastructure-deployer-cli)
+* [How do I install the infrastructure-deployer CLI?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer/core-concepts.md#how-do-i-install-the-infrastructure-deployer-cli)
-* [What are the IAM permissions](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer/core-concepts.md#what-are-the-iam-permissions-necessary-to-trigger-a-deployment)
+* [What are the IAM permissions](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer/core-concepts.md#what-are-the-iam-permissions-necessary-to-trigger-a-deployment)
-* [How do I invoke the ECS deploy runner?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/infrastructure-deployer/core-concepts.md#how-do-i-invoke-the-ecs-deploy-runner)
+* [How do I invoke the ECS deploy runner?](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/infrastructure-deployer/core-concepts.md#how-do-i-invoke-the-ecs-deploy-runner)
diff --git a/docs/reference/modules/terraform-aws-ci/install-jenkins/install-jenkins.md b/docs/reference/modules/terraform-aws-ci/install-jenkins/install-jenkins.md
index 870efe0133..30fdd5003d 100644
--- a/docs/reference/modules/terraform-aws-ci/install-jenkins/install-jenkins.md
+++ b/docs/reference/modules/terraform-aws-ci/install-jenkins/install-jenkins.md
@@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Install Jenkins Module
-View Source
+View Source
-Release Notes
+Release Notes
This module contains two scripts for working with [Jenkins CI server](https://jenkins.io):
@@ -26,8 +26,8 @@ This module contains two scripts for working with [Jenkins CI server](https://je
## Example code
-* Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples/jenkins) for working sample code.
-* See [install.sh](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/install-jenkins/install.sh) and [run-jenkins.sh](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/install-jenkins/run-jenkins) for all options you can pass to these scripts.
+* Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples/jenkins) for working sample code.
+* See [install.sh](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/install-jenkins/install.sh) and [run-jenkins.sh](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/install-jenkins/run-jenkins) for all options you can pass to these scripts.
## Install Jenkins
@@ -45,13 +45,13 @@ gruntwork-install \
The command above will copy `install.sh` to your server, run it, install Jenkins 2.164.3, and copy the `run-jenkins`
script into `/usr/local/bin`. We recommend running this command in a [Packer template](https://www.packer.io/) so you
-can create an AMI with Jenkins installed. Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples/jenkins) for an example of such a
+can create an AMI with Jenkins installed. Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples/jenkins) for an example of such a
Packer template.
## Run Jenkins
Once you have an AMI with Jenkins installed, you need to deploy it on an EC2 Instance in AWS. The easiest way to do
-this is with the [jenkins-server module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/jenkins-server). When the EC2 Instance is booting, you should
+this is with the [jenkins-server module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/jenkins-server). When the EC2 Instance is booting, you should
typically do two things in [User Data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html):
1. Mount an EBS volume for the Jenkins home directory. You want to use an EBS volume so that your Jenkins data is
@@ -68,17 +68,17 @@ typically do two things in [User Data](https://docs.aws.amazon.com/AWSEC2/latest
--jenkins-home "/jenkins"
```
-Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples/jenkins) for an example of such a User Data script.
+Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples/jenkins) for an example of such a User Data script.
diff --git a/docs/reference/modules/terraform-aws-ci/jenkins-server/jenkins-server.md b/docs/reference/modules/terraform-aws-ci/jenkins-server/jenkins-server.md
index 74d2f217ea..cba0309bca 100644
--- a/docs/reference/modules/terraform-aws-ci/jenkins-server/jenkins-server.md
+++ b/docs/reference/modules/terraform-aws-ci/jenkins-server/jenkins-server.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Jenkins server
-View Source
+View Source
Release Notes
@@ -29,17 +29,17 @@ to run an ASG for Jenkins that can correctly reattach an EBS volume.
## Example code
-* Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples/jenkins) for working sample code.
-* See [vars.tf](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/jenkins-server/vars.tf) for all parameters you can configure on this module.
+* Check out the [jenkins example](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples/jenkins) for working sample code.
+* See [vars.tf](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/jenkins-server/vars.tf) for all parameters you can configure on this module.
## Jenkins AMI
-See the [install-jenkins module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/install-jenkins) for a way to create an AMI with Jenkins installed and a
+See the [install-jenkins module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/install-jenkins) for a way to create an AMI with Jenkins installed and a
script you can run in User Data to start Jenkins while the server is booting.
## Backing up Jenkins
-See the [ec2-backup module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/ec2-backup) for an automatic way to take scheduled backups of Jenkins and its EBS
+See the [ec2-backup module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/ec2-backup) for an automatic way to take scheduled backups of Jenkins and its EBS
volume.
## IAM permissions
@@ -112,7 +112,7 @@ data "aws_iam_policy_document" "example" {
module "jenkins_server" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/jenkins-server?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/jenkins-server?ref=v0.52.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -363,7 +363,7 @@ module "jenkins_server" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/jenkins-server?ref=v0.52.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-ci.git//modules/jenkins-server?ref=v0.52.5"
}
inputs = {
@@ -1173,11 +1173,11 @@ A maximum duration to wait for each server to be healthy before timing out (e.g.
diff --git a/docs/reference/modules/terraform-aws-ci/kubernetes-circleci-helpers/kubernetes-circleci-helpers.md b/docs/reference/modules/terraform-aws-ci/kubernetes-circleci-helpers/kubernetes-circleci-helpers.md
index 83f29ae22d..e2102af8bf 100644
--- a/docs/reference/modules/terraform-aws-ci/kubernetes-circleci-helpers/kubernetes-circleci-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/kubernetes-circleci-helpers/kubernetes-circleci-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Kubernetes CircleCI Helpers
-View Source
+View Source
Release Notes
@@ -99,11 +99,11 @@ job:
diff --git a/docs/reference/modules/terraform-aws-ci/monorepo-helpers/monorepo-helpers.md b/docs/reference/modules/terraform-aws-ci/monorepo-helpers/monorepo-helpers.md
index 1f67ae5978..64c7188bc6 100644
--- a/docs/reference/modules/terraform-aws-ci/monorepo-helpers/monorepo-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/monorepo-helpers/monorepo-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Infrastructure Pipeline: Monorepo Helpers
-View Source
+View Source
Release Notes
@@ -41,15 +41,15 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [Overview of scripts](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/monorepo-helpers/core-concepts.md#overview): An overview of the scripts included in this module, including how they work.
+* [Overview of scripts](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/monorepo-helpers/core-concepts.md#overview): An overview of the scripts included in this module, including how they work.
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/test): Automated tests for the modules and examples.
## Deploy
@@ -57,7 +57,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this module out for experimenting and learning, check out the following resources:
-* [CircleCI Quickstart](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/monorepo-helpers/core-concepts.md#circleci-quickstart): Quickstart guide for integrating the scripts into CircleCI to setup dynamic test selection.
+* [CircleCI Quickstart](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/monorepo-helpers/core-concepts.md#circleci-quickstart): Quickstart guide for integrating the scripts into CircleCI to setup dynamic test selection.
### Production deployment
@@ -65,23 +65,23 @@ If you just want to try this module out for experimenting and learning, check ou
## Manage
-* [How to configure direct test mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/monorepo-helpers/core-concepts.md#how-to-configure-direct-test-mappings)
+* [How to configure direct test mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/monorepo-helpers/core-concepts.md#how-to-configure-direct-test-mappings)
-* [How to override the files checked by validate-monorepo-test-mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/monorepo-helpers/core-concepts.md#how-to-override-the-files-checked-by-validate-monorepo-test-mappings)
+* [How to override the files checked by validate-monorepo-test-mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/monorepo-helpers/core-concepts.md#how-to-override-the-files-checked-by-validate-monorepo-test-mappings)
-* [Adding a new module to a repo with validate-monorepo-test-mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/monorepo-helpers/core-concepts.md#adding-a-new-module-to-a-repo-with-validate-monorepo-test-mappings)
+* [Adding a new module to a repo with validate-monorepo-test-mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/monorepo-helpers/core-concepts.md#adding-a-new-module-to-a-repo-with-validate-monorepo-test-mappings)
-* [Adding a new file that has no tests to a repo with validate-monorepo-test-mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/monorepo-helpers/core-concepts.md#adding-a-new-file-that-has-no-tests-to-a-repo-with-validate-monorepo-test-mappings)
+* [Adding a new file that has no tests to a repo with validate-monorepo-test-mappings](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/monorepo-helpers/core-concepts.md#adding-a-new-file-that-has-no-tests-to-a-repo-with-validate-monorepo-test-mappings)
diff --git a/docs/reference/modules/terraform-aws-ci/sign-binary-helpers/sign-binary-helpers.md b/docs/reference/modules/terraform-aws-ci/sign-binary-helpers/sign-binary-helpers.md
index 77ed54e4a9..bcf51432e1 100644
--- a/docs/reference/modules/terraform-aws-ci/sign-binary-helpers/sign-binary-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/sign-binary-helpers/sign-binary-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Binary signing Helpers
-View Source
+View Source
Release Notes
@@ -150,11 +150,11 @@ References:
diff --git a/docs/reference/modules/terraform-aws-ci/terraform-helpers/terraform-helpers.md b/docs/reference/modules/terraform-aws-ci/terraform-helpers/terraform-helpers.md
index 084a4822f2..a8123d2ee4 100644
--- a/docs/reference/modules/terraform-aws-ci/terraform-helpers/terraform-helpers.md
+++ b/docs/reference/modules/terraform-aws-ci/terraform-helpers/terraform-helpers.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Terraform Helpers
-View Source
+View Source
Release Notes
@@ -38,7 +38,7 @@ You can install these scripts using the [Gruntwork Installer](https://github.com
gruntwork-install --module-name "terraform-helpers" --repo "https://github.com/gruntwork-io/terraform-aws-ci" --tag "0.0.1"
```
-Note that `terraform-update-variable` depends on the [git-helpers module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.4/modules/git-helpers) being installed!
+Note that `terraform-update-variable` depends on the [git-helpers module](https://github.com/gruntwork-io/terraform-aws-ci/tree/v0.52.5/modules/git-helpers) being installed!
See the examples in the next section for how to use them.
@@ -341,11 +341,11 @@ and `apply` actions so that Terraform/Terragrunt can run. If you wish to impleme
diff --git a/docs/reference/modules/terraform-aws-ecs/ecs-cluster/ecs-cluster.md b/docs/reference/modules/terraform-aws-ecs/ecs-cluster/ecs-cluster.md
index 415cd109af..6337f39c33 100644
--- a/docs/reference/modules/terraform-aws-ecs/ecs-cluster/ecs-cluster.md
+++ b/docs/reference/modules/terraform-aws-ecs/ecs-cluster/ecs-cluster.md
@@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ECS Cluster Module
View Source
-Release Notes
+Release Notes
This Terraform Module launches an [EC2 Container Service
Cluster](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_clusters.html) that you can use to run
@@ -1346,6 +1346,6 @@ Set this variable to true to enable the use of Instance Metadata Service Version
"https://github.com/gruntwork-io/terraform-aws-ecs/tree/v0.35.8/modules/ecs-cluster/outputs.tf"
],
"sourcePlugin": "module-catalog-api",
- "hash": "962ce5be1c83c7ca41ffd2270c24c9d4"
+ "hash": "989e8022cfd773d0a701ce37e04c3e62"
}
##DOCS-SOURCER-END -->
diff --git a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md
index 8b34ce4ea2..bd04c52927 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller-iam-policy/eks-alb-ingress-controller-iam-policy.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ALB Ingress Controller IAM Policy Module
-View Source
+View Source
Release Notes
@@ -23,14 +23,14 @@ defines the minimal set of permissions necessary for the [AWS ALB Ingress
Controller](https://github.com/kubernetes-sigs/aws-alb-ingress-controller). This policy can then be attached to EC2
instances or IAM roles so that the controller deployed has enough permissions to manage an ALB.
-See [the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-alb-ingress-controller) for a module that deploys the Ingress
+See [the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-alb-ingress-controller) for a module that deploys the Ingress
Controller on to your EKS cluster.
## Attaching IAM policy to workers
To allow the ALB Ingress Controller to manage ALBs, it needs IAM permissions to use the AWS API to manage ALBs.
Currently, the way to grant Pods IAM privileges is to use the worker IAM profiles provisioned by [the
-eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies).
+eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies).
The Terraform templates in this module create an IAM policy that has the required permissions. You then need to use an
[aws_iam_policy_attachment](https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html) to attach that
@@ -64,7 +64,7 @@ resource "aws_iam_role_policy_attachment" "attach_alb_ingress_controller_iam_pol
module "eks_alb_ingress_controller_iam_policy" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -100,7 +100,7 @@ module "eks_alb_ingress_controller_iam_policy" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller-iam-policy?ref=v0.59.2"
}
inputs = {
@@ -195,11 +195,11 @@ The name of the IAM policy created with the permissions for the ALB ingress cont
diff --git a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md
index a1a83ac5ae..2d3380f685 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-alb-ingress-controller/eks-alb-ingress-controller.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ALB Ingress Controller Module
-View Source
+View Source
Release Notes
@@ -110,7 +110,7 @@ correctly.
You can use the `alb.ingress.kubernetes.io/subnets` annotation on `Ingress` resources to specify which subnets the controller should configure the ALB for.
-You can also omit the `alb.ingress.kubernetes.io/subnets` annotation, and the controller will [automatically discover subnets](https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/controller/config/#subnet-auto-discovery) based on their tags. This method should work "out of the box", so long as you are using the [`eks-vpc-tags`](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-vpc-tags) module to tag your VPC subnets.
+You can also omit the `alb.ingress.kubernetes.io/subnets` annotation, and the controller will [automatically discover subnets](https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/controller/config/#subnet-auto-discovery) based on their tags. This method should work "out of the box", so long as you are using the [`eks-vpc-tags`](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-vpc-tags) module to tag your VPC subnets.
### Security Groups
@@ -125,7 +125,7 @@ nodes.
### IAM permissions
The container deployed in this module requires IAM permissions to manage ALB resources. See [the
-eks-alb-ingress-controller-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-alb-ingress-controller-iam-policy) for more information.
+eks-alb-ingress-controller-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-alb-ingress-controller-iam-policy) for more information.
## Using the Ingress Controller
@@ -200,7 +200,7 @@ nature of the controller in provisioning the ALBs.
The AWS ALB Ingress Controller has first class support for
[external-dns](https://github.com/kubernetes-incubator/external-dns), a third party tool that configures external DNS
providers with domains to route to `Services` and `Ingresses` in Kubernetes. See our [eks-k8s-external-dns
-module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-external-dns) for more information on how to setup the tool.
+module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-external-dns) for more information on how to setup the tool.
## How do I deploy the Pods to Fargate?
@@ -234,7 +234,7 @@ instances under the hood, and thus the ALB can not be configured to route by ins
module "eks_alb_ingress_controller" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -361,7 +361,7 @@ module "eks_alb_ingress_controller" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-alb-ingress-controller?ref=v0.59.2"
}
inputs = {
@@ -488,11 +488,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md b/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md
index eb0a34b8d3..e99f58cee1 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-aws-auth-merger/eks-aws-auth-merger.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS AWS Auth Merger
-View Source
+View Source
Release Notes
@@ -35,21 +35,21 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* *[What is Kubernetes RBAC?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#what-is-kubernetes-role-based-access-control-rbac)*: overview of Kubernetes RBAC, the underlying system managing authentication and authorization in Kubernetes.
+* *[What is Kubernetes RBAC?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-role-mapping/README.md#what-is-kubernetes-role-based-access-control-rbac)*: overview of Kubernetes RBAC, the underlying system managing authentication and authorization in Kubernetes.
-* *[What is AWS IAM role?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#what-is-aws-iam-role)*: overview of AWS IAM Roles, the underlying system managing authentication and authorization in AWS.
+* *[What is AWS IAM role?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-role-mapping/README.md#what-is-aws-iam-role)*: overview of AWS IAM Roles, the underlying system managing authentication and authorization in AWS.
* *[Managing users or IAM roles for your cluster](https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html)*: The official AWS docs on how the `aws-auth` Kubernetes `ConfigMap` works.
-* *[What is the aws-auth-merger?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger/core-concepts.md#what-is-the-aws-auth-merger)*: overview of the `aws-auth-merger` and how it works to manage the `aws-auth` Kubernetes `ConfigMap`.
+* *[What is the aws-auth-merger?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-aws-auth-merger/core-concepts.md#what-is-the-aws-auth-merger)*: overview of the `aws-auth-merger` and how it works to manage the `aws-auth` Kubernetes `ConfigMap`.
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/test): Automated tests for the modules and examples.
## Deploy
@@ -57,7 +57,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
### Production deployment
@@ -69,15 +69,15 @@ If you want to deploy this repo in production, check out the following resources
## Manage
-* [How to deploy and use the aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-use-the-aws-auth-merger)
+* [How to deploy and use the aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-use-the-aws-auth-merger)
-* [How to handle conflicts with automatic updates to the aws-auth ConfigMap by EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-handle-conflicts-with-automatic-updates-by-eks)
+* [How to handle conflicts with automatic updates to the aws-auth ConfigMap by EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-aws-auth-merger/core-concepts.md#how-do-i-handle-conflicts-with-automatic-updates-by-eks)
-* [How to restrict users to specific actions on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#restricting-specific-actions)
+* [How to restrict users to specific actions on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-role-mapping/README.md#restricting-specific-actions)
-* [How to restrict users to specific namespaces on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-role-mapping/README.md#restricting-by-namespace)
+* [How to restrict users to specific namespaces on the EKS cluster](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-role-mapping/README.md#restricting-by-namespace)
-* [How to authenticate kubectl to EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/core-concepts.md#how-to-authenticate-kubectl)
+* [How to authenticate kubectl to EKS](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/core-concepts.md#how-to-authenticate-kubectl)
## Sample Usage
@@ -92,7 +92,7 @@ If you want to deploy this repo in production, check out the following resources
module "eks_aws_auth_merger" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -207,7 +207,7 @@ module "eks_aws_auth_merger" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-aws-auth-merger?ref=v0.59.2"
}
inputs = {
@@ -627,11 +627,11 @@ The name of the namespace that is used. If create_namespace is true, this output
diff --git a/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md b/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md
index 728fa30273..1f974e441a 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-cloudwatch-agent/eks-cloudwatch-agent.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS CloudWatch Agent Module
-View Source
+View Source
Release Notes
@@ -67,7 +67,7 @@ docs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContainerIn
module "eks_cloudwatch_agent" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -150,7 +150,7 @@ module "eks_cloudwatch_agent" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cloudwatch-agent?ref=v0.59.2"
}
inputs = {
@@ -233,11 +233,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md
index 42a411a51f..be992751a2 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-control-plane/eks-cluster-control-plane.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Cluster Control Plane Module
-View Source
+View Source
Release Notes
@@ -22,7 +22,7 @@ Cluster](https://docs.aws.amazon.com/eks/latest/userguide/clusters.html).
This module is responsible for the EKS Control Plane in [the EKS cluster topology](#what-is-an-eks-cluster). You must
launch worker nodes in order to be able to schedule pods on your cluster. See the [eks-cluster-workers
-module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers) for managing EKS worker nodes.
+module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers) for managing EKS worker nodes.
## What is the EKS Control Plane?
@@ -46,7 +46,7 @@ Specifically, the control plane consists of:
This includes resources like the
[`LoadBalancers`](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/).
-You can read more about the different components of EKS in [the project README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/core-concepts.md#what-is-an-eks-cluster).
+You can read more about the different components of EKS in [the project README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/core-concepts.md#what-is-an-eks-cluster).
## What security group rules are created?
@@ -134,7 +134,7 @@ role that is being assumed. Specifically, you need to:
that role).
You can use the
-[eks-iam-role-assume-role-policy-for-service-account module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-iam-role-assume-role-policy-for-service-account) to
+[eks-iam-role-assume-role-policy-for-service-account module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-iam-role-assume-role-policy-for-service-account) to
construct the policy using a more convenient interface. Refer to the module documentation for more info.
Once you have an IAM Role that can be assumed by the Kubernetes Service Account, you can configure your Pods to exchange
@@ -242,7 +242,7 @@ Some additional notes on using Fargate:
[the `aws_eks_fargate_profile` resource](https://www.terraform.io/docs/providers/aws/r/eks_fargate_profile.html) to
provision Fargate Profiles with Terraform). The Pod Execution Role created by the module may be reused for other
Fargate Profiles.
-* Fargate does not support DaemonSets. This means that you can't rely on the [eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-container-logs)
+* Fargate does not support DaemonSets. This means that you can't rely on the [eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-container-logs)
module to forward logs to CloudWatch. Instead, you need to manually configure a sidecar `fluentd` container that
forwards the log entries to CloudWatch Logs. Refer to [this AWS blog
post](https://aws.amazon.com/blogs/containers/how-to-capture-application-logs-when-using-amazon-eks-on-aws-fargate/)
@@ -284,7 +284,7 @@ If you omit the `addon_version`, correct versions are automatically applied.
Note that you must update the nodes to use the corresponding `kubelet` version as well. This means that when you update
minor versions, you will also need to update the AMIs used by the worker nodes to match the version and rotate the
workers. For more information on rotating worker nodes, refer to [How do I roll out an update to the
-instances?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-i-roll-out-an-update-to-the-instances) in the `eks-cluster-workers`
+instances?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers/README.md#how-do-i-roll-out-an-update-to-the-instances) in the `eks-cluster-workers`
module README.
### Detailed upgrade steps
@@ -383,7 +383,7 @@ approaches:
module "eks_cluster_control_plane" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -673,7 +673,7 @@ module "eks_cluster_control_plane" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-control-plane?ref=v0.59.2"
}
inputs = {
@@ -1617,11 +1617,11 @@ The path to the kubergrunt binary, if in use.
diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md
index 76da73ddc4..d066509763 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-managed-workers/eks-cluster-managed-workers.md
@@ -9,23 +9,23 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Cluster Managed Workers Module
-View Source
+View Source
Release Notes
-**This module provisions [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html), as opposed to self managed ASGs. See the [eks-cluster-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers) module for a module to provision self managed worker groups.**
+**This module provisions [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html), as opposed to self managed ASGs. See the [eks-cluster-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers) module for a module to provision self managed worker groups.**
This Terraform module launches worker nodes using [EKS Managed Node
Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html) that you can use to run Kubernetes
Pods and Deployments.
This module is responsible for the EKS Worker Nodes in [the EKS cluster
-topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order
-for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane) for
+topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order
+for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane) for
managing an EKS control plane.
## Differences with self managed workers
@@ -61,7 +61,7 @@ Here is a list of additional tradeoffs to consider between the two flavors:
This module will not automatically scale in response to resource usage by default, the
`autoscaling_group_configurations.*.max_size` option is only used to give room for new instances during rolling updates.
-To enable auto-scaling in response to resource utilization, deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-cluster-autoscaler).
+To enable auto-scaling in response to resource utilization, deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-cluster-autoscaler).
Note that the cluster autoscaler supports ASGs that manage nodes in a single availability zone or ASGs that manage nodes in multiple availability zones. However, there is a caveat:
@@ -159,7 +159,7 @@ The following are the steps you can take to perform a blue-green release for thi
module "eks_cluster_managed_workers" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -316,7 +316,7 @@ module "eks_cluster_managed_workers" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-managed-workers?ref=v0.59.2"
}
inputs = {
@@ -936,11 +936,11 @@ Map of Node Group names to ARNs of the created EKS Node Groups
diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md
index 6b16c8a9de..376fb68c18 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers-cross-access/eks-cluster-workers-cross-access.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Cluster Workers Cross Access Module
-View Source
+View Source
Release Notes
@@ -63,7 +63,7 @@ module.
module "eks_cluster_workers_cross_access" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -101,7 +101,7 @@ module "eks_cluster_workers_cross_access" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers-cross-access?ref=v0.59.2"
}
inputs = {
@@ -139,11 +139,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md
index c2a237ae69..275a8cc2d3 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-cluster-workers/eks-cluster-workers.md
@@ -9,39 +9,39 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Cluster Workers Module
-View Source
+View Source
Release Notes
-**This module provisions self managed ASGs, in contrast to [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html). See the [eks-cluster-managed-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-managed-workers) module for a module to deploy Managed Node Groups.**
+**This module provisions self managed ASGs, in contrast to [EKS Managed Node Groups](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html). See the [eks-cluster-managed-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-managed-workers) module for a module to deploy Managed Node Groups.**
This Terraform Module launches worker nodes for an [Elastic Container Service for Kubernetes
Cluster](https://docs.aws.amazon.com/eks/latest/userguide/clusters.html) that you can use to run Kubernetes Pods and
Deployments.
This module is responsible for the EKS Worker Nodes in [the EKS cluster
-topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order
-for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane) for
+topology](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane/README.md#what-is-an-eks-cluster). You must launch a control plane in order
+for the worker nodes to function. See the [eks-cluster-control-plane module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane) for
managing an EKS control plane.
## Differences with managed node groups
See the \[Differences with self managed workers] section in the documentation for [eks-cluster-managed-workers
-module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-managed-workers) for a detailed overview of differences with EKS Managed Node Groups.
+module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-managed-workers) for a detailed overview of differences with EKS Managed Node Groups.
## What should be included in the user-data script?
In order for the EKS worker nodes to function, it must register itself to the Kubernetes API run by the EKS control
plane. This is handled by the bootstrap script provided in the EKS optimized AMI. The user-data script should call the
bootstrap script at some point during its execution. You can get this information from the [eks-cluster-control-plane
-module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane).
+module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane).
For an example of a user data script, see the [eks-cluster example's user-data.sh
-script](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/eks-cluster-with-iam-role-mappings/user-data/user-data.sh).
+script](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/examples/eks-cluster-with-iam-role-mappings/user-data/user-data.sh).
You can read more about the bootstrap script in [the official documentation for EKS](https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html).
@@ -144,7 +144,7 @@ EOF
```
**Note**: The IAM policies you add will apply to ALL Pods running on these EC2 Instances. See the [How do I associate
-IAM roles to the Pods?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) section of the
+IAM roles to the Pods?](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) section of the
`eks-cluster-control-plane` module README for more fine-grained allocation of IAM credentials to Pods.
## How do I SSH into the nodes?
@@ -228,7 +228,7 @@ The following are the steps you can take to perform a blue-green release for thi
This module will not automatically scale in response to resource usage by default, the
`autoscaling_group_configurations.*.max_size` option is only used to give room for new instances during rolling updates.
To enable auto-scaling in response to resource utilization, you must set the `include_autoscaler_discovery_tags` input
-variable to `true` and also deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-cluster-autoscaler).
+variable to `true` and also deploy the [Kubernetes Cluster Autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-cluster-autoscaler).
Note that the cluster autoscaler supports ASGs that manage nodes in a single availability zone or ASGs that manage nodes in multiple availability zones. However, there is a caveat:
@@ -253,7 +253,7 @@ Refer to the [Kubernetes Autoscaler](https://github.com/kubernetes/autoscaler) d
module "eks_cluster_workers" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -530,7 +530,7 @@ module "eks_cluster_workers" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-cluster-workers?ref=v0.59.2"
}
inputs = {
@@ -1503,11 +1503,11 @@ AWS ID of the security group created for the EKS worker nodes.
diff --git a/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md b/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md
index 9f989e256b..6999ce946e 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-container-logs/eks-container-logs.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Container Logs Module
-View Source
+View Source
Release Notes
@@ -25,7 +25,7 @@ Kinesis Firehose.
This module uses the community helm chart, with a set of best practices inputs.
**This module is for setting up log aggregation for EKS Pods on EC2 workers (self-managed or managed node groups). For
-Fargate pods, take a look at the [eks-fargate-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-fargate-container-logs) module.**
+Fargate pods, take a look at the [eks-fargate-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-fargate-container-logs) module.**
## How does this work?
@@ -105,7 +105,7 @@ fields @timestamp, @message
module "eks_container_logs" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -232,7 +232,7 @@ module "eks_container_logs" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-container-logs?ref=v0.59.2"
}
inputs = {
@@ -359,11 +359,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md b/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md
index 1b565b6fb8..fa1cf85920 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-fargate-container-logs/eks-fargate-container-logs.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Fargate Container Logs Module
-View Source
+View Source
Release Notes
@@ -25,7 +25,7 @@ Bit](https://fluentbit.io/) instance that runs on Fargate worker nodes. This all
aggregation on Fargate Pods in EKS without setting up a side car container.
**This module is for setting up log aggregation for EKS Fargate Pods. For other pods, take a look at the
-[eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-container-logs) module.**
+[eks-container-logs](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-container-logs) module.**
## How does this work?
@@ -106,7 +106,7 @@ fields @timestamp, @message
module "eks_fargate_container_logs" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -203,7 +203,7 @@ module "eks_fargate_container_logs" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-fargate-container-logs?ref=v0.59.2"
}
inputs = {
@@ -633,11 +633,11 @@ The ID of the Kubernetes ConfigMap containing the logging configuration. This ca
diff --git a/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md b/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md
index 2e1d166f79..448b5373f9 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-iam-role-assume-role-policy-for-service-account/eks-iam-role-assume-role-policy-for-service-account.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS IAM Role Assume Role Policy for Kubernetes Service Accounts
-View Source
+View Source
Release Notes
@@ -22,7 +22,7 @@ Kubernetes Service Accounts. This requires a compatible EKS cluster that support
Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) feature.
See the [corresponding section of the eks-cluster-control-plane module
-README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) for information on how to set
+README](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane/README.md#how-do-i-associate-iam-roles-to-the-pods) for information on how to set
up IRSA and how it works.
## Sample Usage
@@ -38,7 +38,7 @@ up IRSA and how it works.
module "eks_iam_role_assume_role_policy_for_service_account" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -89,7 +89,7 @@ module "eks_iam_role_assume_role_policy_for_service_account" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-iam-role-assume-role-policy-for-service-account?ref=v0.59.2"
}
inputs = {
@@ -217,11 +217,11 @@ JSON value for IAM Role Assume Role Policy that allows Kubernetes Service Accoun
diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md
index 4bd093cb04..055f954658 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler-iam-policy/eks-k8s-cluster-autoscaler-iam-policy.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# K8S Cluster Autoscaler IAM Policy Module
-View Source
+View Source
Release Notes
@@ -24,14 +24,14 @@ Autoscaler](https://github.com/kubernetes/autoscaler/blob/b6d53e8/cluster-autosc
attached to the EC2 instance profile of the worker nodes in a Kubernetes cluster which will allow the autoscaler to
manage scaling up and down EC2 instances in targeted Auto Scaling Groups in response to resource utilization.
-See [the eks-k8s-cluster-autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-cluster-autoscaler) for a module that deploys the Cluster
+See [the eks-k8s-cluster-autoscaler module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-cluster-autoscaler) for a module that deploys the Cluster
Autoscaler to your EKS cluster.
## Attaching IAM policy to workers
To allow the Cluster Autoscaler to manage Auto Scaling Groups, it needs IAM permissions to monitor and adjust them.
Currently, the way to grant Pods IAM privileges is to use the worker IAM profiles provisioned by [the
-eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies).
+eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies).
The Terraform templates in this module create an IAM policy that has the required permissions. You then need to use an
[aws_iam_policy_attachment](https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html) to attach that
@@ -66,7 +66,7 @@ resource "aws_iam_role_policy_attachment" "attach_k8s_cluster_autoscaler_iam_pol
module "eks_k_8_s_cluster_autoscaler_iam_policy" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -107,7 +107,7 @@ module "eks_k_8_s_cluster_autoscaler_iam_policy" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler-iam-policy?ref=v0.59.2"
}
inputs = {
@@ -216,11 +216,11 @@ The name of the IAM policy created with the permissions for the Kubernetes clust
diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md
index b1bd1a2e4a..140e2cc12e 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-cluster-autoscaler/eks-k8s-cluster-autoscaler.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# K8S Cluster Autoscaler Module
-View Source
+View Source
Release Notes
@@ -21,9 +21,9 @@ This Terraform Module installs a [Cluster Autoscaler](https://github.com/kuberne
to automatically scale up and down the nodes in a cluster in response to resource utilization.
This module is responsible for manipulating each Auto Scaling Group (ASG) that was created by the [EKS cluster
-workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers) module. By default, the ASG is configured to allow zero-downtime
+workers](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers) module. By default, the ASG is configured to allow zero-downtime
deployments but is not configured to scale automatically. You must launch an [EKS control
-plane](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-control-plane) with worker nodes for this module to function.
+plane](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-control-plane) with worker nodes for this module to function.
## Important Considerations
@@ -57,7 +57,7 @@ variables.
module "eks_k_8_s_cluster_autoscaler" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -208,7 +208,7 @@ module "eks_k_8_s_cluster_autoscaler" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-cluster-autoscaler?ref=v0.59.2"
}
inputs = {
@@ -359,11 +359,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md
index 22bb9591df..bdc682354f 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns-iam-policy/eks-k8s-external-dns-iam-policy.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# K8S External DNS IAM Policy Module
-View Source
+View Source
Release Notes
@@ -23,14 +23,14 @@ defines the minimal set of permissions necessary for the [external-dns
application](https://github.com/kubernetes-incubator/external-dns). This policy can then be attached to EC2
instances or IAM roles so that the app deployed has enough permissions to manage Route 53 Hosted Zones.
-See [the eks-k8s-external-dns module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-external-dns) for a module that deploys the external-dns
+See [the eks-k8s-external-dns module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-external-dns) for a module that deploys the external-dns
application on to your EKS cluster.
## Attaching IAM policy to workers
To allow the external-dns app to manage Route 53 Hosted Zones, it needs IAM permissions to use the AWS API to manage the
zones. Currently, the way to grant Pods IAM privileges is to use the worker IAM profiles provisioned by [the
-eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies).
+eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers/README.md#how-do-you-add-additional-iam-policies).
The Terraform templates in this module create an IAM policy that has the required permissions. You then need to use an
[aws_iam_policy_attachment](https://www.terraform.io/docs/providers/aws/r/iam_policy_attachment.html) to attach that
@@ -64,7 +64,7 @@ resource "aws_iam_role_policy_attachment" "attach_k8s_external_dns_iam_policy" {
module "eks_k_8_s_external_dns_iam_policy" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -103,7 +103,7 @@ module "eks_k_8_s_external_dns_iam_policy" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns-iam-policy?ref=v0.59.2"
}
inputs = {
@@ -210,11 +210,11 @@ The name of the IAM policy created with the permissions for the external-dns Kub
diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md
index 78b3804c45..e4e9e71f52 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-external-dns/eks-k8s-external-dns.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# K8S External DNS Module
-View Source
+View Source
Release Notes
@@ -35,7 +35,7 @@ work, you need to map the domain name to the `Ingress` endpoint, so that request
been created and provisioned. However, this can be cumbersome due to the asynchronous nature of Kubernetes operations.
For example, if you are using an `Ingress` controller that maps to actual physical loadbalancers in the cloud (e.g the
-[ALB Ingress Controller deployed using the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-alb-ingress-controller)), the
+[ALB Ingress Controller deployed using the eks-alb-ingress-controller module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-alb-ingress-controller)), the
endpoint may take several minutes before it is available. You will have to wait for that time, continuously polling the
`Ingress` resource until the underlying resource is provisioned and the endpoint is available before you can configure the
DNS setting.
@@ -61,7 +61,7 @@ This module uses [`helm` v3](https://helm.sh/docs/) to deploy the controller to
### IAM permissions
The container deployed in this module requires IAM permissions to manage Route 53 Hosted Zones. See [the
-eks-k8s-external-dns-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-external-dns-iam-policy) for more information.
+eks-k8s-external-dns-iam-policy module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-external-dns-iam-policy) for more information.
## How do I restrict which Hosted Zones the app should manage?
@@ -116,7 +116,7 @@ zones_cache_duration = "3h"
module "eks_k_8_s_external_dns" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -290,7 +290,7 @@ module "eks_k_8_s_external_dns" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-external-dns?ref=v0.59.2"
}
inputs = {
@@ -464,11 +464,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md
index 00fed1eacb..a350a97120 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-karpenter/eks-k8s-karpenter.md
@@ -9,24 +9,24 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS K8s Karpenter Module
-View Source
+View Source
-Release Notes
+Release Notes
This Module can be used to deploy [Karpenter](https://karpenter.sh/) as an alternative to the [Cluster Autoscaler](https://github.com/kubernetes/autoscaler/tree/b6d53e8/cluster-autoscaler) for autoscaling capabilities of an EKS cluster.
-This module will create all of the necessary resources for a functional installation of Karpenter as well as the installation of Karpenter. This module does not create Karpenter [Provisioners](https://karpenter.sh/v0.27.0/concepts/provisioners/) or [Node Templates](https://karpenter.sh/v0.27.0/concepts/node-templates/), only the installation of the Karpenter Controller. See the [Karpenter Example](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/eks-cluster-with-karpenter/) for an example of how to deploy the additional `CRDs` (Provisioners, Node Templates, etc) to the EKS cluster.
+This module will create all of the necessary resources for a functional installation of Karpenter as well as the installation of Karpenter. This module does not create Karpenter [Provisioners](https://karpenter.sh/v0.27.0/concepts/provisioners/) or [Node Templates](https://karpenter.sh/v0.27.0/concepts/node-templates/), only the installation of the Karpenter Controller. See the [Karpenter Example](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/examples/eks-cluster-with-karpenter/) for an example of how to deploy the additional `CRDs` (Provisioners, Node Templates, etc) to the EKS cluster.
-> Note: For EKS cluster autoscaling capabilities, either `Karpenter` OR the `cluster-autoscaler` should be used; not both. To migrate to using `karpenter` instead of the `cluster-autoscaler` see [Migrating to Karpenter from the Cluster Autoscaler](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-karpenter/migrating-to-karpenter-from-cas.md)
+> Note: For EKS cluster autoscaling capabilities, either `Karpenter` OR the `cluster-autoscaler` should be used; not both. To migrate to using `karpenter` instead of the `cluster-autoscaler` see [Migrating to Karpenter from the Cluster Autoscaler](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-karpenter/migrating-to-karpenter-from-cas.md)
-To leverage the full power and potential of Karpenter, one must understand the [Karpenter Core Concepts](https://karpenter.sh/v0.27.0/concepts/). Deploying this module without additional configuration (ie deploying Karpenter CRDs) will not enable EKS cluster autoscaling. As use-cases are presented, we will do our best effort to continue to add meaningful examples to the [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/) folder to help ease the complexities of configuring Karpenter. At minimum, one should configure and deploy a default `Provisioner` and `Node Template` for just in time node provisioning via Karpenter.
+To leverage the full power and potential of Karpenter, one must understand the [Karpenter Core Concepts](https://karpenter.sh/v0.27.0/concepts/). Deploying this module without additional configuration (ie deploying Karpenter CRDs) will not enable EKS cluster autoscaling. As use-cases are presented, we will do our best effort to continue to add meaningful examples to the [examples](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/examples/) folder to help ease the complexities of configuring Karpenter. At minimum, one should configure and deploy a default `Provisioner` and `Node Template` for just in time node provisioning via Karpenter.
### Resources Created
-This module will create the following core resources, some of which are optional which are noted in the [input variables](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-k8s-karpenter/variables.tf):
+This module will create the following core resources, some of which are optional which are noted in the [input variables](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-k8s-karpenter/variables.tf):
| AWS Resource | Description |
| --- | --- |
@@ -69,7 +69,7 @@ For additional details and in-depth information on Karpenter, please see the [Ka
module "eks_k_8_s_karpenter" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -108,6 +108,11 @@ module "eks_k_8_s_karpenter" {
# Conditional flag to optionally create resources in this module.
create_resources = true
+ # Additional Helm chart values to pass to the Karpenter Helm chart. See the
+ # official Karpenter Helm chart values file and documentation for available
+ # configuration options.
+ karpenter_chart_additional_values = {}
+
# The Helm chart name for the Karpenter chart.
karpenter_chart_name = "karpenter"
@@ -186,7 +191,7 @@ module "eks_k_8_s_karpenter" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-karpenter?ref=v0.59.2"
}
inputs = {
@@ -228,6 +233,11 @@ inputs = {
# Conditional flag to optionally create resources in this module.
create_resources = true
+ # Additional Helm chart values to pass to the Karpenter Helm chart. See the
+ # official Karpenter Helm chart values file and documentation for available
+ # configuration options.
+ karpenter_chart_additional_values = {}
+
# The Helm chart name for the Karpenter chart.
karpenter_chart_name = "karpenter"
@@ -378,6 +388,22 @@ Conditional flag to optionally create resources in this module.
+
+
+
+Additional Helm chart values to pass to the Karpenter Helm chart. See the official Karpenter Helm chart values file and documentation for available configuration options.
+
+
+
+
+```hcl
+Any types represent complex values of variable type. For details, please consult `variables.tf` in the source repo.
+```
+
+
+
+
+
@@ -582,11 +608,11 @@ The name of the Karpenter Node IAM Role.
diff --git a/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md b/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md
index 6a8eb91fe7..4ea155b72b 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-k8s-role-mapping/eks-k8s-role-mapping.md
@@ -9,17 +9,17 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS K8S Role Mapping Module
-View Source
+View Source
Release Notes
**NOTE: This module manages a single ConfigMap to use with Kubernetes AWS IAM authentication. If you wish to break up
the ConfigMap across multiple smaller ConfigMaps to manage entries in isolated modules (e.g., when you add a new IAM
-role in a separate module from the EKS cluster), refer to the [eks-aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-aws-auth-merger).**
+role in a separate module from the EKS cluster), refer to the [eks-aws-auth-merger](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-aws-auth-merger).**
This Module can be used to manage the mapping of AWS IAM roles and users to Kubernetes RBAC groups for finer grained
access control of your EKS Cluster.
@@ -59,7 +59,7 @@ as much or as little permissions as necessary when accessing resources in the AW
This Module provides code for you to manage the mapping between AWS IAM roles and Kubernetes RBAC roles so that you can
maintain a consistent set of mappings between the two systems. This works hand in hand with the [EKS authentication
-system](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/core-concepts.md#how-do-i-authenticate-kubectl-to-the-eks-cluster), providing the information to Kubernetes to resolve the user to the right RBAC group based on the provided IAM role credentials.
+system](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/core-concepts.md#how-do-i-authenticate-kubectl-to-the-eks-cluster), providing the information to Kubernetes to resolve the user to the right RBAC group based on the provided IAM role credentials.
## Examples
@@ -335,7 +335,7 @@ ConfigMap and as such does not have the cyclic dependency problem of Helm.
module "eks_k_8_s_role_mapping" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -388,7 +388,7 @@ module "eks_k_8_s_role_mapping" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-k8s-role-mapping?ref=v0.59.2"
}
inputs = {
@@ -543,11 +543,11 @@ The name of the ConfigMap created to store the mapping. This exists so that down
diff --git a/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md b/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md
index f04032f8a3..ccfc0c11e2 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-scripts/eks-scripts.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS Scripts Module
-View Source
+View Source
Release Notes
@@ -31,7 +31,7 @@ gruntwork-install --module-name "eks-scripts" --repo "https://github.com/gruntwo
```
For an example, see the [Packer](https://www.packer.io/) template under
-[examples/eks-cluster-with-supporting-services/packer/build.json](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/examples/eks-cluster-with-supporting-services/packer/build.json).
+[examples/eks-cluster-with-supporting-services/packer/build.json](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/examples/eks-cluster-with-supporting-services/packer/build.json).
## Using the map-ec2-tags-to-node-labels helper
@@ -96,7 +96,7 @@ and you specified `ec2.gruntwork.io/` as your tag prefix (`map-ec2-tags-to-node-
In order for the script to be able to successfully retrieve the tags for EC2 instance, the instances need to be
associated with an IAM profile that grants it access to retrieve the EC2 tags on the instance. If you launch the workers
-using the [eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.1/modules/eks-cluster-workers), this is automatically attached to the worker IAM role.
+using the [eks-cluster-workers module](https://github.com/gruntwork-io/terraform-aws-eks/tree/v0.59.2/modules/eks-cluster-workers), this is automatically attached to the worker IAM role.
### map_ec2\_tags_to_node_labels.py symlink
@@ -108,11 +108,11 @@ tests.
diff --git a/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md b/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md
index 54300db82e..8d5650a566 100644
--- a/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md
+++ b/docs/reference/modules/terraform-aws-eks/eks-vpc-tags/eks-vpc-tags.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EKS VPC Tags Module
-View Source
+View Source
Release Notes
@@ -39,7 +39,7 @@ with EKS.
module "eks_vpc_tags" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.2"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -63,7 +63,7 @@ module "eks_vpc_tags" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.1"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-eks.git//modules/eks-vpc-tags?ref=v0.59.2"
}
inputs = {
@@ -143,11 +143,11 @@ Tags for public subnets in the VPC to use for integration with EKS.
diff --git a/docs/reference/modules/terraform-aws-security/auto-update/auto-update.md b/docs/reference/modules/terraform-aws-security/auto-update/auto-update.md
index 0aef5aa086..f3b7aad652 100644
--- a/docs/reference/modules/terraform-aws-security/auto-update/auto-update.md
+++ b/docs/reference/modules/terraform-aws-security/auto-update/auto-update.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Security Modules
-View Source
+View Source
Release Notes
@@ -37,23 +37,23 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [How to install Auto Update](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/auto-update/core-concepts.md#installation)
+* [How to install Auto Update](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/auto-update/core-concepts.md#installation)
-* [How Auto Update works on Ubuntu](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/auto-update/core-concepts.md#ubuntu-support)
+* [How Auto Update works on Ubuntu](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/auto-update/core-concepts.md#ubuntu-support)
-* [How Auto Update works on Amazon Linux and CentOS](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/auto-update/core-concepts.md#amazon-linux-and-centos-support)
+* [How Auto Update works on Amazon Linux and CentOS](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/auto-update/core-concepts.md#amazon-linux-and-centos-support)
-* [Auto Update Limitations](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/auto-update/core-concepts.md#limitations)
+* [Auto Update Limitations](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/auto-update/core-concepts.md#limitations)
-* [Core Security Concepts](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/README.adoc#core-concepts)
+* [Core Security Concepts](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/README.adoc#core-concepts)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -61,7 +61,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [auto-update example](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/auto-update): The `examples/auto-update` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [auto-update example](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/auto-update): The `examples/auto-update` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
### Production deployment
@@ -73,11 +73,11 @@ If you want to deploy this repo in production, check out the following resources
diff --git a/docs/reference/modules/terraform-aws-security/aws-auth/aws-auth.md b/docs/reference/modules/terraform-aws-security/aws-auth/aws-auth.md
index c566e6b95e..f17815f588 100644
--- a/docs/reference/modules/terraform-aws-security/aws-auth/aws-auth.md
+++ b/docs/reference/modules/terraform-aws-security/aws-auth/aws-auth.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Auth Helper
-View Source
+View Source
Release Notes
@@ -175,7 +175,7 @@ eval $(aws-auth --serial-number arn:aws:iam::123456789011:mfa/jondoe --token-cod
If you store your secrets in a CLI-friendly password manager, such as [pass](https://www.passwordstore.org/),
[lpass](https://github.com/lastpass/lastpass-cli) or
-[1Password CLI](https://support.1password.com/command-line-getting-started/), then you can reduce this even further! Instructions on how to set this up for Lastpass / `lpass` can be found [here](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-auth/AWS-AUTH-LASTPASS.md) and 1Password / `op` [here](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-auth/AWS-AUTH-1PASSWORD.md).
+[1Password CLI](https://support.1password.com/command-line-getting-started/), then you can reduce this even further! Instructions on how to set this up for Lastpass / `lpass` can be found [here](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-auth/AWS-AUTH-LASTPASS.md) and 1Password / `op` [here](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-auth/AWS-AUTH-1PASSWORD.md).
First, store your permanent AWS credentials in `pass`:
@@ -250,11 +250,11 @@ If you you need to run `aws-auth` with a cronjob, you may want to set the `$USER
diff --git a/docs/reference/modules/terraform-aws-security/aws-config-bucket/aws-config-bucket.md b/docs/reference/modules/terraform-aws-security/aws-config-bucket/aws-config-bucket.md
index 9e72b8ac42..da0b0ec6ae 100644
--- a/docs/reference/modules/terraform-aws-security/aws-config-bucket/aws-config-bucket.md
+++ b/docs/reference/modules/terraform-aws-security/aws-config-bucket/aws-config-bucket.md
@@ -9,19 +9,19 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Config Bucket
-View Source
+View Source
Release Notes
This module creates an S3 bucket for storing AWS Config data, including all the appropriate lifecycle, encryption, and
permission settings for AWS Config.
-This module is not meant to be used directly. Instead, it's used under the hood in the [aws-config](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config)
-and [account-baseline-root](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/account-baseline-root) modules. Please see those modules for more information.
+This module is not meant to be used directly. Instead, it's used under the hood in the [aws-config](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config)
+and [account-baseline-root](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/account-baseline-root) modules. Please see those modules for more information.
## Sample Usage
@@ -36,7 +36,7 @@ and [account-baseline-root](https://github.com/gruntwork-io/terraform-aws-securi
module "aws_config_bucket" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-bucket?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-bucket?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -153,7 +153,7 @@ module "aws_config_bucket" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-bucket?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-bucket?ref=v0.68.5"
}
inputs = {
@@ -497,11 +497,11 @@ The name of the S3 bucket used by AWS Config to store configuration items.
diff --git a/docs/reference/modules/terraform-aws-security/aws-config-multi-region/aws-config-multi-region.md b/docs/reference/modules/terraform-aws-security/aws-config-multi-region/aws-config-multi-region.md
index df8f1de3c3..96f24433d1 100644
--- a/docs/reference/modules/terraform-aws-security/aws-config-multi-region/aws-config-multi-region.md
+++ b/docs/reference/modules/terraform-aws-security/aws-config-multi-region/aws-config-multi-region.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Config Multi Region Module
-View Source
+View Source
Release Notes
-This module wraps the [aws-config core module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/README.md) to configure [AWS Config](https://aws.amazon.com/config/) in all enabled regions for the AWS Account, and optionally can aggregate AWS Config across multiple accounts.
+This module wraps the [aws-config core module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/README.md) to configure [AWS Config](https://aws.amazon.com/config/) in all enabled regions for the AWS Account, and optionally can aggregate AWS Config across multiple accounts.
@@ -45,25 +45,25 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* Learn more about AWS Config in the [aws-config core module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/README.adoc).
+* Learn more about AWS Config in the [aws-config core module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/README.adoc).
-* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen/core-concepts.md#how-to-use-a-multi-region-module)
+* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen/core-concepts.md#how-to-use-a-multi-region-module)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen): Code generation utilities that help generate modules in this repo.
+* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen): Code generation utilities that help generate modules in this repo.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
* [How to configure a production-grade AWS account structure](https://gruntwork.io/guides/foundations/how-to-configure-production-grade-aws-account-structure/)
-* [How does Config work with multiple AWS accounts and multiple regions?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-multi-region/core-concepts.md#how-does-config-work-with-multiple-aws-accounts-and-multiple-regions)
+* [How does Config work with multiple AWS accounts and multiple regions?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-multi-region/core-concepts.md#how-does-config-work-with-multiple-aws-accounts-and-multiple-regions)
## Sample Usage
@@ -78,7 +78,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
module "aws_config_multi_region" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-multi-region?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -374,7 +374,7 @@ module "aws_config_multi_region" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-multi-region?ref=v0.68.5"
}
inputs = {
@@ -1311,11 +1311,11 @@ The ARNs of the SNS Topic used by the config notifications.
diff --git a/docs/reference/modules/terraform-aws-security/aws-config-rules/aws-config-rules.md b/docs/reference/modules/terraform-aws-security/aws-config-rules/aws-config-rules.md
index 259429bed1..8546ad942a 100644
--- a/docs/reference/modules/terraform-aws-security/aws-config-rules/aws-config-rules.md
+++ b/docs/reference/modules/terraform-aws-security/aws-config-rules/aws-config-rules.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Organizations Config Rules
-View Source
+View Source
Release Notes
@@ -41,27 +41,27 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is AWS Organizations?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#what-is-aws-organizations)
+* [What is AWS Organizations?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#what-is-aws-organizations)
-* [What is AWS Config?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/core-concepts.md#what-is-aws-config)
+* [What is AWS Config?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/core-concepts.md#what-is-aws-config)
-* [What are Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/core-concepts.md#what-are-config-rules)
+* [What are Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/core-concepts.md#what-are-config-rules)
-* [What are Managed Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-rules/core-concepts.md#what-are-managed-config-rules)
+* [What are Managed Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-rules/core-concepts.md#what-are-managed-config-rules)
-* [How do Organization-Level Config Rules Compare to Account-Level Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-rules/core-concepts.md#how-do-organization-level-config-rules-compare-to-account-level-config-rules)
+* [How do Organization-Level Config Rules Compare to Account-Level Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-rules/core-concepts.md#how-do-organization-level-config-rules-compare-to-account-level-config-rules)
-* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-rules/core-concepts.md#what-resources-does-this-module-create)
+* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-rules/core-concepts.md#what-resources-does-this-module-create)
* [How to configure a production-grade AWS account structure](https://gruntwork.io/guides/foundations/how-to-configure-production-grade-aws-account-structure/)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -69,7 +69,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/aws-config-rules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/aws-config-rules): The `examples/aws-organizations-config-rules` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples/aws-config-rules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/aws-config-rules): The `examples/aws-organizations-config-rules` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
### Production deployment
@@ -83,11 +83,11 @@ If you want to deploy this repo in production, check out the following resources
### Day-to-day operations
-* [How do I configure the rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-rules/core-concepts.md#how-do-i-configure-the-rules)
+* [How do I configure the rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-rules/core-concepts.md#how-do-i-configure-the-rules)
-* [How do I add additional rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-rules/core-concepts.md#how-do-i-add-additional-rules)
+* [How do I add additional rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-rules/core-concepts.md#how-do-i-add-additional-rules)
-* [How do I exclude specific accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-rules/core-concepts.md#how-do-i-exclude-specific-accounts)
+* [How do I exclude specific accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-rules/core-concepts.md#how-do-i-exclude-specific-accounts)
## Sample Usage
@@ -102,7 +102,7 @@ If you want to deploy this repo in production, check out the following resources
module "aws_config_rules" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-rules?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-rules?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
@@ -237,7 +237,7 @@ module "aws_config_rules" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-rules?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config-rules?ref=v0.68.5"
}
inputs = {
@@ -678,11 +678,11 @@ Map of config rule ARNs. Key is rule ID, value is rule ARN
diff --git a/docs/reference/modules/terraform-aws-security/aws-config/aws-config.md b/docs/reference/modules/terraform-aws-security/aws-config/aws-config.md
index 780e485c14..85ef0b38c2 100644
--- a/docs/reference/modules/terraform-aws-security/aws-config/aws-config.md
+++ b/docs/reference/modules/terraform-aws-security/aws-config/aws-config.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Config
-View Source
+View Source
Release Notes
@@ -39,19 +39,19 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is AWS Config?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/core-concepts.md#what-is-aws-config)
+* [What is AWS Config?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/core-concepts.md#what-is-aws-config)
-* [What are Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/core-concepts.md#what-are-config-rules)
+* [What are Config Rules?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/core-concepts.md#what-are-config-rules)
-* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/core-concepts.md#what-resources-does-this-module-create)
+* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/core-concepts.md#what-resources-does-this-module-create)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -59,7 +59,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/aws-config](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/aws-config): The `examples/aws-config` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples/aws-config](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/aws-config): The `examples/aws-config` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
### Production deployment
@@ -71,9 +71,9 @@ If you want to deploy this repo in production, check out the following resources
### Day-to-day operations
-* [What does a configuration item look like, and how do I view it?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config/core-concepts.md#what-does-a-configuration-item-look-like-and-how-do-i-view-it)
+* [What does a configuration item look like, and how do I view it?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config/core-concepts.md#what-does-a-configuration-item-look-like-and-how-do-i-view-it)
-* [How does Config work with multiple AWS accounts and multiple regions?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-config-multi-region/core-concepts.md#how-does-config-work-with-multiple-aws-accounts-and-multiple-regions)
+* [How does Config work with multiple AWS accounts and multiple regions?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-config-multi-region/core-concepts.md#how-does-config-work-with-multiple-aws-accounts-and-multiple-regions)
## Sample Usage
@@ -88,7 +88,7 @@ If you want to deploy this repo in production, check out the following resources
module "aws_config" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -312,7 +312,7 @@ module "aws_config" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-config?ref=v0.68.5"
}
inputs = {
@@ -966,11 +966,11 @@ The ARN of the SNS topic to which Config delivers notifications.
diff --git a/docs/reference/modules/terraform-aws-security/aws-organizations/aws-organizations.md b/docs/reference/modules/terraform-aws-security/aws-organizations/aws-organizations.md
index 8c85fe4a7e..f049b2547b 100644
--- a/docs/reference/modules/terraform-aws-security/aws-organizations/aws-organizations.md
+++ b/docs/reference/modules/terraform-aws-security/aws-organizations/aws-organizations.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS Organizations
-View Source
+View Source
Release Notes
@@ -39,23 +39,23 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is AWS Organizations?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#what-is-aws-organizations)
+* [What is AWS Organizations?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#what-is-aws-organizations)
-* [What is a Root account?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#what-is-a-root-account)
+* [What is a Root account?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#what-is-a-root-account)
-* [What are Organization Accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#what-are-organization-accounts)
+* [What are Organization Accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#what-are-organization-accounts)
-* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#what-resources-does-this-module-create)
+* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#what-resources-does-this-module-create)
* [How to configure a production-grade AWS account structure](https://gruntwork.io/guides/foundations/how-to-configure-production-grade-aws-account-structure/)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -63,7 +63,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/aws-organizations](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/aws-organizations): The `examples/aws-organizations` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples/aws-organizations](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/aws-organizations): The `examples/aws-organizations` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
### Production deployment
@@ -77,9 +77,9 @@ If you want to deploy this repo in production, check out the following resources
### Day-to-day operations
-* [How do I provision new accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#how-do-i-provision-new-accounts)
+* [How do I provision new accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#how-do-i-provision-new-accounts)
-* [How do I remove accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-organizations/core-concepts.md#how-do-i-remove-accounts)
+* [How do I remove accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-organizations/core-concepts.md#how-do-i-remove-accounts)
## Sample Usage
@@ -94,7 +94,7 @@ If you want to deploy this repo in production, check out the following resources
module "aws_organizations" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-organizations?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-organizations?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -153,7 +153,7 @@ module "aws_organizations" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-organizations?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/aws-organizations?ref=v0.68.5"
}
inputs = {
@@ -424,11 +424,11 @@ Identifier of the root of this organization.
diff --git a/docs/reference/modules/terraform-aws-security/cloudtrail-bucket/cloudtrail-bucket.md b/docs/reference/modules/terraform-aws-security/cloudtrail-bucket/cloudtrail-bucket.md
index ad1f35a128..bc6ee4d2b9 100644
--- a/docs/reference/modules/terraform-aws-security/cloudtrail-bucket/cloudtrail-bucket.md
+++ b/docs/reference/modules/terraform-aws-security/cloudtrail-bucket/cloudtrail-bucket.md
@@ -9,21 +9,21 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# CloudTrail Bucket
-View Source
+View Source
Release Notes
This module creates an S3 bucket for storing CloudTrail data and a KMS Customer Master Key (CMK) for encrypting that
data, including all the appropriate lifecycle, encryption, and permission settings for CloudTrail.
-This module is used under the hood in the [cloudtrail](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail)
-and [account-baseline-root](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/account-baseline-root) modules.
+This module is used under the hood in the [cloudtrail](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail)
+and [account-baseline-root](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/account-baseline-root) modules.
-It can also be used directly when configuring cross account access, for example when it is desirable to [have the central Cloudtrail S3 bucket exist outside of the management account.](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#multi-account-cloudtrail-setup-storing-the-cloudtrail-bucket-in-an-account-other-than-the-management-account)
+It can also be used directly when configuring cross account access, for example when it is desirable to [have the central Cloudtrail S3 bucket exist outside of the management account.](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#multi-account-cloudtrail-setup-storing-the-cloudtrail-bucket-in-an-account-other-than-the-management-account)
## Sample Usage
@@ -38,7 +38,7 @@ It can also be used directly when configuring cross account access, for example
module "cloudtrail_bucket" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail-bucket?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail-bucket?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -210,7 +210,7 @@ module "cloudtrail_bucket" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail-bucket?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail-bucket?ref=v0.68.5"
}
inputs = {
@@ -907,11 +907,11 @@ The name of the S3 bucket where cloudtrail logs are delivered.
diff --git a/docs/reference/modules/terraform-aws-security/cloudtrail/cloudtrail.md b/docs/reference/modules/terraform-aws-security/cloudtrail/cloudtrail.md
index 187d5037ea..297835066c 100644
--- a/docs/reference/modules/terraform-aws-security/cloudtrail/cloudtrail.md
+++ b/docs/reference/modules/terraform-aws-security/cloudtrail/cloudtrail.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS CloudTrail
-View Source
+View Source
Release Notes
@@ -39,25 +39,25 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is CloudTrail?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#what-is-cloudtrail)
+* [What is CloudTrail?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#what-is-cloudtrail)
-* [Why use CloudTrail?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#why-use-cloudtrail)
+* [Why use CloudTrail?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#why-use-cloudtrail)
-* [What is a CloudTrail Trail?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#what-is-a-cloudtrail-trail)
+* [What is a CloudTrail Trail?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#what-is-a-cloudtrail-trail)
-* [What’s the difference between CloudTrail and AWS Config?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#whats-the-difference-between-cloudtrail-and-aws-config)
+* [What’s the difference between CloudTrail and AWS Config?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#whats-the-difference-between-cloudtrail-and-aws-config)
-* [CloudTrail Threat Model](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#cloudtrail-threat-model)
+* [CloudTrail Threat Model](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#cloudtrail-threat-model)
-* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#resources-created)
+* [What resources does this module create?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#resources-created)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -65,7 +65,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/cloudtrail](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/cloudtrail): The `examples/cloudtrail` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples/cloudtrail](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/cloudtrail): The `examples/cloudtrail` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
### Production deployment
@@ -81,15 +81,15 @@ If you want to deploy this repo in production, check out the following resources
### Day-to-day operations
-* [Where are CloudTrail logs stored?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#where-are-cloudtrail-logs-stored)
+* [Where are CloudTrail logs stored?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#where-are-cloudtrail-logs-stored)
-* [What kind of data do CloudTrail log entries contain?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#what-kind-of-data-do-cloudtrail-log-entries-contain)
+* [What kind of data do CloudTrail log entries contain?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#what-kind-of-data-do-cloudtrail-log-entries-contain)
-* [What’s the best way to view CloudTrail Log Data?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#whats-the-best-way-to-view-cloudtrail-log-data)
+* [What’s the best way to view CloudTrail Log Data?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#whats-the-best-way-to-view-cloudtrail-log-data)
### Major changes
-* [Can you get alerted when certain API events occur?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cloudtrail/core-concepts.md#can-you-get-alerted-when-certain-api-events-occur)
+* [Can you get alerted when certain API events occur?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cloudtrail/core-concepts.md#can-you-get-alerted-when-certain-api-events-occur)
## Sample Usage
@@ -104,7 +104,7 @@ If you want to deploy this repo in production, check out the following resources
module "cloudtrail" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -361,7 +361,7 @@ Refer to
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cloudtrail?ref=v0.68.5"
}
inputs = {
@@ -1405,11 +1405,11 @@ The name of the cloudtrail trail.
diff --git a/docs/reference/modules/terraform-aws-security/cross-account-iam-roles/cross-account-iam-roles.md b/docs/reference/modules/terraform-aws-security/cross-account-iam-roles/cross-account-iam-roles.md
index 2d2accb4d9..7b6b43a5fb 100644
--- a/docs/reference/modules/terraform-aws-security/cross-account-iam-roles/cross-account-iam-roles.md
+++ b/docs/reference/modules/terraform-aws-security/cross-account-iam-roles/cross-account-iam-roles.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# A best-practices set of IAM roles for cross-account access
-View Source
+View Source
Release Notes
@@ -34,7 +34,7 @@ This module creates the following IAM roles (all optional):
These IAM Roles are intended to be assumed by human users (i.e., IAM Users in another AWS account). The default
maximum session expiration for these roles is 12 hours (configurable via the `var.max_session_duration_human_users`).
Note that these are the *maximum* session expirations; the actual value for session expiration is specified when
-making API calls to assume the IAM role (see [aws-auth](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-auth)).
+making API calls to assume the IAM role (see [aws-auth](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-auth)).
* **allow-read-only-access-from-other-accounts**: Users from the accounts in
`var.allow_read_only_access_from_other_account_arns` will get read-only access to all services in this account.
@@ -65,11 +65,11 @@ making API calls to assume the IAM role (see [aws-auth](https://github.com/grunt
These IAM Roles are intended to be assumed by machine users (i.e., an EC2 Instance in another AWS account). The default
maximum session expiration for these roles is 1 hour (configurable via the `var.max_session_duration_machine_users`).
Note that these are the *maximum* session expirations; the actual value for session expiration is specified when
-making API calls to assume the IAM role (see [aws-auth](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/aws-auth)).
+making API calls to assume the IAM role (see [aws-auth](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/aws-auth)).
* **allow-ssh-grunt-access-from-other-accounts**: Users (or more likely, EC2 Instances) from the accounts in
`var.allow_ssh_grunt_access_from_other_account_arns` will get read access to IAM Groups and public SSH keys. This is
- useful to allow [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt) running on EC2 Instances in other AWS accounts to validate SSH
+ useful to allow [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt) running on EC2 Instances in other AWS accounts to validate SSH
connections against IAM users defined in this AWS account.
* **allow-auto-deploy-access-from-other-accounts**: Users from the accounts in `var.allow_auto_deploy_from_other_account_arns`
@@ -96,7 +96,7 @@ roles with the AWS CLI takes quite a few steps, so use the [aws-auth script](htt
## Background Information
For background information on IAM, IAM users, IAM policies, and more, check out the [background information docs in
-the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-policies#background-information).
+the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-policies#background-information).
## Sample Usage
@@ -111,7 +111,7 @@ the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/
module "cross_account_iam_roles" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cross-account-iam-roles?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cross-account-iam-roles?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -298,7 +298,7 @@ module "cross_account_iam_roles" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cross-account-iam-roles?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/cross-account-iam-roles?ref=v0.68.5"
}
inputs = {
@@ -1087,11 +1087,11 @@ When true, all IAM policies will be managed as dedicated policies rather than in
diff --git a/docs/reference/modules/terraform-aws-security/custom-iam-entity/custom-iam-entity.md b/docs/reference/modules/terraform-aws-security/custom-iam-entity/custom-iam-entity.md
index e0ee7dfb05..8c47969586 100644
--- a/docs/reference/modules/terraform-aws-security/custom-iam-entity/custom-iam-entity.md
+++ b/docs/reference/modules/terraform-aws-security/custom-iam-entity/custom-iam-entity.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Custom IAM Entity
-View Source
+View Source
Release Notes
-This Gruntwork Terraform Module creates an IAM group and/or role and attaches a provided set of IAM managed policies to the group. This can be used in conjunction with the [iam-groups](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-groups), [cross-account-iam-roles](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cross-account-iam-roles), and [saml-iam-roles](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/saml-iam-roles) modules which create a set of groups and roles with smart defaults. Use this module to easily create IAM groups and roles with a defined set of permissions.
+This Gruntwork Terraform Module creates an IAM group and/or role and attaches a provided set of IAM managed policies to the group. This can be used in conjunction with the [iam-groups](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-groups), [cross-account-iam-roles](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cross-account-iam-roles), and [saml-iam-roles](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/saml-iam-roles) modules which create a set of groups and roles with smart defaults. Use this module to easily create IAM groups and roles with a defined set of permissions.
### Requirements
@@ -25,7 +25,7 @@ This Gruntwork Terraform Module creates an IAM group and/or role and attaches a
### Instructions
-Check out the [custom-iam-entity example](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/custom-iam-entity) for a working example.
+Check out the [custom-iam-entity example](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/custom-iam-entity) for a working example.
#### Resources Created
@@ -36,7 +36,7 @@ If neither role nor group are provided, this module does nothing.
#### Resources NOT Created
-* **IAM users** - This module does not create any IAM Users, nor assign any existing IAM Users to IAM Groups. You can use the [iam-users module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-users) to create users.
+* **IAM users** - This module does not create any IAM Users, nor assign any existing IAM Users to IAM Groups. You can use the [iam-users module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-users) to create users.
* **IAM policies** - This module only attaches policies by ARN or by name. It does not create any new policies.
#### MFA support
@@ -51,7 +51,7 @@ The reason for this difference is difficult to explain, but boils down to limita
## Background Information
For background information on IAM, IAM users, IAM policies, and more, check out the [background information docs in
-the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-policies#background-information).
+the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-policies#background-information).
## Sample Usage
@@ -66,7 +66,7 @@ the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/
module "custom_iam_entity" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/custom-iam-entity?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/custom-iam-entity?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -165,7 +165,7 @@ module "custom_iam_entity" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/custom-iam-entity?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/custom-iam-entity?ref=v0.68.5"
}
inputs = {
@@ -486,11 +486,11 @@ The name of the IAM role.
diff --git a/docs/reference/modules/terraform-aws-security/ebs-encryption-multi-region/ebs-encryption-multi-region.md b/docs/reference/modules/terraform-aws-security/ebs-encryption-multi-region/ebs-encryption-multi-region.md
index 8f976e53d2..295640ac1b 100644
--- a/docs/reference/modules/terraform-aws-security/ebs-encryption-multi-region/ebs-encryption-multi-region.md
+++ b/docs/reference/modules/terraform-aws-security/ebs-encryption-multi-region/ebs-encryption-multi-region.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# EBS Encryption Multi Region Module
-View Source
+View Source
Release Notes
-This module wraps the [ebs-encryption core module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ebs-encryption/README.md) to configure [AWS EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) in all enabled regions for the AWS Account.
+This module wraps the [ebs-encryption core module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ebs-encryption/README.md) to configure [AWS EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) in all enabled regions for the AWS Account.
## Features
@@ -37,17 +37,17 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
* [AWS blog: Opt-in to Default Encryption for New EBS Volumes](https://aws.amazon.com/blogs/aws/new-opt-in-to-default-encryption-for-new-ebs-volumes/)
-* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen/core-concepts.md#how-to-use-a-multi-region-module)
+* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen/core-concepts.md#how-to-use-a-multi-region-module)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen): Code generation utilities that help generate modules in this repo.
+* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen): Code generation utilities that help generate modules in this repo.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -66,7 +66,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
module "ebs_encryption_multi_region" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption-multi-region?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -108,7 +108,7 @@ module "ebs_encryption_multi_region" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption-multi-region?ref=v0.68.5"
}
inputs = {
@@ -219,11 +219,11 @@ A map from region to the ARN of the KMS key used for default EBS encryption for
diff --git a/docs/reference/modules/terraform-aws-security/ebs-encryption/ebs-encryption.md b/docs/reference/modules/terraform-aws-security/ebs-encryption/ebs-encryption.md
index 2d3a7db948..1e51a54231 100644
--- a/docs/reference/modules/terraform-aws-security/ebs-encryption/ebs-encryption.md
+++ b/docs/reference/modules/terraform-aws-security/ebs-encryption/ebs-encryption.md
@@ -9,18 +9,18 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Elastic Block Storage Encryption
-View Source
+View Source
Release Notes
This module configures EC2 Elastic Block Storage encryption defaults, allowing encryption to be enabled for all new EBS
volumes and selection of a KMS Customer Managed Key to use by default.
-This module is not meant to be used directly. Instead, it's used under the hood in the [account-baseline-\*](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules)
+This module is not meant to be used directly. Instead, it's used under the hood in the [account-baseline-\*](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules)
modules. Please see those modules for more information.
## Background Information
@@ -42,7 +42,7 @@ modules. Please see those modules for more information.
module "ebs_encryption" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
@@ -81,7 +81,7 @@ module "ebs_encryption" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ebs-encryption?ref=v0.68.5"
}
inputs = {
@@ -188,11 +188,11 @@ The default KMS key used for EBS encryption.
diff --git a/docs/reference/modules/terraform-aws-security/fail2ban/fail2ban.md b/docs/reference/modules/terraform-aws-security/fail2ban/fail2ban.md
index a6f083c1bc..c3e8042966 100644
--- a/docs/reference/modules/terraform-aws-security/fail2ban/fail2ban.md
+++ b/docs/reference/modules/terraform-aws-security/fail2ban/fail2ban.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Fail2Ban Module
-View Source
+View Source
Release Notes
@@ -28,11 +28,11 @@ Instance.
diff --git a/docs/reference/modules/terraform-aws-security/github-actions-iam-role/github-actions-iam-role.md b/docs/reference/modules/terraform-aws-security/github-actions-iam-role/github-actions-iam-role.md
index f97733003d..4a8d9e18c8 100644
--- a/docs/reference/modules/terraform-aws-security/github-actions-iam-role/github-actions-iam-role.md
+++ b/docs/reference/modules/terraform-aws-security/github-actions-iam-role/github-actions-iam-role.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# IAM Role for GitHub Actions
-View Source
+View Source
Release Notes
@@ -182,7 +182,7 @@ jobs:
module "github_actions_iam_role" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/github-actions-iam-role?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/github-actions-iam-role?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -261,7 +261,7 @@ module "github_actions_iam_role" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/github-actions-iam-role?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/github-actions-iam-role?ref=v0.68.5"
}
inputs = {
@@ -537,11 +537,11 @@ The name of the IAM role.
diff --git a/docs/reference/modules/terraform-aws-security/guardduty-multi-region/guardduty-multi-region.md b/docs/reference/modules/terraform-aws-security/guardduty-multi-region/guardduty-multi-region.md
index bc9978cc51..c341a8745a 100644
--- a/docs/reference/modules/terraform-aws-security/guardduty-multi-region/guardduty-multi-region.md
+++ b/docs/reference/modules/terraform-aws-security/guardduty-multi-region/guardduty-multi-region.md
@@ -9,19 +9,19 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS GuardDuty Multi Region Module
-View Source
+View Source
Release Notes
-This module wraps the [guardduty core module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/README.adoc) to configure [AWS GuardDuty](https://aws.amazon.com/guardduty/) in all enabled regions for the AWS Account.
+This module wraps the [guardduty core module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/README.adoc) to configure [AWS GuardDuty](https://aws.amazon.com/guardduty/) in all enabled regions for the AWS Account.
## Features
-* Uses the [guardduty module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty) to enable AWS GuardDuty across all regions (recommended best practice) on your AWS account
+* Uses the [guardduty module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty) to enable AWS GuardDuty across all regions (recommended best practice) on your AWS account
* Continuously monitor your AWS account for malicious activity and unauthorized behavior
@@ -37,19 +37,19 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* Learn more about GuardDuty in the [guardduty core module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/README.adoc).
+* Learn more about GuardDuty in the [guardduty core module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/README.adoc).
-* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen/core-concepts.md#how-to-use-a-multi-region-module)
+* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen/core-concepts.md#how-to-use-a-multi-region-module)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen): Code generation utilities that help generate modules in this repo.
+* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen): Code generation utilities that help generate modules in this repo.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -74,7 +74,7 @@ This module depends on Python being available on your system. Python 2.7, 3.5+ a
module "guardduty_multi_region" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty-multi-region?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -146,7 +146,7 @@ module "guardduty_multi_region" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty-multi-region?ref=v0.68.5"
}
inputs = {
@@ -356,11 +356,11 @@ The IDs of the GuardDuty detectors.
diff --git a/docs/reference/modules/terraform-aws-security/guardduty/guardduty.md b/docs/reference/modules/terraform-aws-security/guardduty/guardduty.md
index bc935930e3..050980b19e 100644
--- a/docs/reference/modules/terraform-aws-security/guardduty/guardduty.md
+++ b/docs/reference/modules/terraform-aws-security/guardduty/guardduty.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS GuardDuty
-View Source
+View Source
Release Notes
@@ -37,29 +37,29 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What Is GuardDuty?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#what-is-guardduty)
+* [What Is GuardDuty?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#what-is-guardduty)
-* [Why Use GuardDuty?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#why-use-guardduty)
+* [Why Use GuardDuty?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#why-use-guardduty)
-* [What Is A Finding?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#what-is-a-finding)
+* [What Is A Finding?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#what-is-a-finding)
-* [Where Should I Enable GuardDuty?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#where-should-i-enable-guardduty)
+* [Where Should I Enable GuardDuty?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#where-should-i-enable-guardduty)
-* [Resources Created](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#resources-created)
+* [Resources Created](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#resources-created)
-* [Gotchas](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#gotchas)
+* [Gotchas](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#gotchas)
-* [Known Issues](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty/core-concepts.md#known-issues)
+* [Known Issues](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty/core-concepts.md#known-issues)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen): Code generation utilities that help generate modules in this repo.
+* [codegen](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen): Code generation utilities that help generate modules in this repo.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -67,7 +67,7 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this module out, check out the following resources:
-* [guardduty example](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/guardduty).
+* [guardduty example](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/guardduty).
### Production deployment
@@ -75,7 +75,7 @@ If you want to deploy this module in production, check out the following resourc
* ***Coming soon***. We have not yet added this module to the [Acme example Reference Architecture](https://github.com/gruntwork-io/infrastructure-modules-multi-account-acme).
-* [Terraform Module to enable GuardDuty in all enabled regions of an AWS Account](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/guardduty-multi-region).
+* [Terraform Module to enable GuardDuty in all enabled regions of an AWS Account](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/guardduty-multi-region).
* [How to configure a production-grade AWS account structure](https://gruntwork.io/guides/foundations/how-to-configure-production-grade-aws-account-structure/)
@@ -92,7 +92,7 @@ If you want to deploy this module in production, check out the following resourc
module "guardduty" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
@@ -154,7 +154,7 @@ module "guardduty" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/guardduty?ref=v0.68.5"
}
inputs = {
@@ -369,11 +369,11 @@ The ID of the GuardDuty detector.
diff --git a/docs/reference/modules/terraform-aws-security/iam-access-analyzer-multi-region/iam-access-analyzer-multi-region.md b/docs/reference/modules/terraform-aws-security/iam-access-analyzer-multi-region/iam-access-analyzer-multi-region.md
index d70f216d84..7326b0ef98 100644
--- a/docs/reference/modules/terraform-aws-security/iam-access-analyzer-multi-region/iam-access-analyzer-multi-region.md
+++ b/docs/reference/modules/terraform-aws-security/iam-access-analyzer-multi-region/iam-access-analyzer-multi-region.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS IAM Access Analyzer
-View Source
+View Source
Release Notes
@@ -35,21 +35,21 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is the AWS IAM Access Analyzer?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-access-analyzer-multi-region/core-concepts.md#what-is-the-aws-iam-access-analyzer?)
+* [What is the AWS IAM Access Analyzer?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-access-analyzer-multi-region/core-concepts.md#what-is-the-aws-iam-access-analyzer?)
-* [What resources does IAM Access Analyzer analyze?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-access-analyzer-multi-region/core-concepts.md#what-resources-does-iam-access-analyzer-analyze?)
+* [What resources does IAM Access Analyzer analyze?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-access-analyzer-multi-region/core-concepts.md#what-resources-does-iam-access-analyzer-analyze?)
* [IAM Access Analyzer documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html)
-* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen/core-concepts.md#how-to-use-a-multi-region-module)
+* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen/core-concepts.md#how-to-use-a-multi-region-module)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -57,13 +57,13 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
-* [Who can manage the analyzer?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-access-analyzer-multi-region/core-concepts.md#who-can-manage-the-analyzer?)
+* [Who can manage the analyzer?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-access-analyzer-multi-region/core-concepts.md#who-can-manage-the-analyzer?)
-* [What to do with the access analyzer findings?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-access-analyzer-multi-region/core-concepts.md#what-to-do-with-the-access-analyzer-findings?)
+* [What to do with the access analyzer findings?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-access-analyzer-multi-region/core-concepts.md#what-to-do-with-the-access-analyzer-findings?)
## Sample Usage
@@ -78,7 +78,7 @@ If you just want to try this out for experimenting and learning, check out the f
module "iam_access_analyzer_multi_region" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-access-analyzer-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-access-analyzer-multi-region?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -118,7 +118,7 @@ module "iam_access_analyzer_multi_region" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-access-analyzer-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-access-analyzer-multi-region?ref=v0.68.5"
}
inputs = {
@@ -158,11 +158,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-security/iam-groups/iam-groups.md b/docs/reference/modules/terraform-aws-security/iam-groups/iam-groups.md
index 0cd8bb714c..3fbd550c3c 100644
--- a/docs/reference/modules/terraform-aws-security/iam-groups/iam-groups.md
+++ b/docs/reference/modules/terraform-aws-security/iam-groups/iam-groups.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# A Best-Practices Set of IAM Groups
-View Source
+View Source
Release Notes
@@ -52,7 +52,7 @@ This module optionally creates the following IAM Groups:
since users can grant arbitrary permissions!
* **use-existing-iam-roles:** IAM Users in this group can pass *existing* IAM Roles to AWS resources to which they have
been granted access. These IAM Users cannot create *new* IAM Roles, only use existing ones. See
- [the three levels of IAM permissions](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-policies#the-three-levels-of-iam-permissions) for more information.
+ [the three levels of IAM permissions](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-policies#the-three-levels-of-iam-permissions) for more information.
* **ssh-grunt-sudo-users:** IAM Users in this group have SSH access with `sudo` privileges to any EC2 Instance configured
to use this group to manage SSH logins.
* **ssh-grunt-users:** IAM Users in this group have SSH access without `sudo` privileges to any EC2 Instance configured
@@ -83,7 +83,7 @@ own account unless this IAM Policy is attached to his account.
### IAM Users
-This module does not create any IAM Users, nor assign any existing IAM Users to IAM Groups. You can use the [iam-users module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-users) to create users.
+This module does not create any IAM Users, nor assign any existing IAM Users to IAM Groups. You can use the [iam-users module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-users) to create users.
### IAM Roles
@@ -108,7 +108,7 @@ otherwise enable IAM Users to access the billing console:
## Background Information
For background information on IAM, IAM users, IAM policies, and more, check out the [background information docs in
-the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-policies#background-information).
+the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-policies#background-information).
## Sample Usage
@@ -123,7 +123,7 @@ the iam-policies module](https://github.com/gruntwork-io/terraform-aws-security/
module "iam_groups" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-groups?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-groups?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -309,7 +309,7 @@ module "iam_groups" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-groups?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-groups?ref=v0.68.5"
}
inputs = {
@@ -954,11 +954,11 @@ Should we create the IAM Group for user self-management? Allows users to manage
diff --git a/docs/reference/modules/terraform-aws-security/iam-policies/iam-policies.md b/docs/reference/modules/terraform-aws-security/iam-policies/iam-policies.md
index bb8969b0f5..88854ff366 100644
--- a/docs/reference/modules/terraform-aws-security/iam-policies/iam-policies.md
+++ b/docs/reference/modules/terraform-aws-security/iam-policies/iam-policies.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# A Best-Practices Set of IAM Policy Documents
-View Source
+View Source
Release Notes
@@ -25,7 +25,7 @@ Note that these documents are Terraform [data sources](https://www.terraform.io/
so they don't create anything themselves and are not intended to be used on their own. The way to use them is to take
the outputs from this module (which are all JSON IAM documents) and plug them into other Terraform resources, such
as `aws_iam_policy`, `aws_iam_user_policy`, `aws_iam_group_policy`, and `aws_iam_role_policy`. See the
-[iam-groups](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/iam-groups) and [cross-account-iam-roles](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/cross-account-iam-roles) modules for examples.
+[iam-groups](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/iam-groups) and [cross-account-iam-roles](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/cross-account-iam-roles) modules for examples.
If you're not familiar with IAM concepts, start with the [Background Information](#background-information) section as a
way to familiarize yourself with the terminology.
@@ -82,7 +82,7 @@ This module creates the following IAM Policy documents:
certain IAM roles in other AWS accounts (e.g. stage, prod). The documents that are created and which IAM roles they
have access to is controlled by the variable `var.allow_access_from_other_account_arns`.
-* **ssh_grunt_permissions**: provides the permissions [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt) needs to validate SSH keys with
+* **ssh_grunt_permissions**: provides the permissions [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt) needs to validate SSH keys with
IAM.
* **auto_deploy_permissions**: provides the permissions in `var.auto_deploy_permissions` to do automated deployment.
@@ -263,7 +263,7 @@ Instead, use these Terraform resources so you don't have to worry about this pro
module "iam_policies" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-policies?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-policies?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -350,7 +350,7 @@ module "iam_policies" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-policies?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-policies?ref=v0.68.5"
}
inputs = {
@@ -681,11 +681,11 @@ If set to true, all the Policies created by this module that are used as Trust P
diff --git a/docs/reference/modules/terraform-aws-security/iam-user-password-policy/iam-user-password-policy.md b/docs/reference/modules/terraform-aws-security/iam-user-password-policy/iam-user-password-policy.md
index 8027746fd7..b2ddebc86a 100644
--- a/docs/reference/modules/terraform-aws-security/iam-user-password-policy/iam-user-password-policy.md
+++ b/docs/reference/modules/terraform-aws-security/iam-user-password-policy/iam-user-password-policy.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Set a Password Policy for IAM Users
-View Source
+View Source
Release Notes
@@ -46,7 +46,7 @@ password policy you already have in place!
module "iam_user_password_policy" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-user-password-policy?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-user-password-policy?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
@@ -102,7 +102,7 @@ module "iam_user_password_policy" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-user-password-policy?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-user-password-policy?ref=v0.68.5"
}
inputs = {
@@ -336,11 +336,11 @@ Whether to require uppercase characters for user passwords.
diff --git a/docs/reference/modules/terraform-aws-security/iam-users/iam-users.md b/docs/reference/modules/terraform-aws-security/iam-users/iam-users.md
index 447b22e3ba..d789e6950a 100644
--- a/docs/reference/modules/terraform-aws-security/iam-users/iam-users.md
+++ b/docs/reference/modules/terraform-aws-security/iam-users/iam-users.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# IAM Users
-View Source
+View Source
Release Notes
@@ -139,7 +139,7 @@ Under the hood, this module uses the [`aws_iam_user` resource](https://registry.
module "iam_users" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-users?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-users?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -200,7 +200,7 @@ module "iam_users" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-users?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/iam-users?ref=v0.68.5"
}
inputs = {
@@ -508,11 +508,11 @@ A map of usernames to that user's AWS SSH Security Credential ID
diff --git a/docs/reference/modules/terraform-aws-security/ip-lockdown/ip-lockdown.md b/docs/reference/modules/terraform-aws-security/ip-lockdown/ip-lockdown.md
index ae29eebd9e..7bf79e84a9 100644
--- a/docs/reference/modules/terraform-aws-security/ip-lockdown/ip-lockdown.md
+++ b/docs/reference/modules/terraform-aws-security/ip-lockdown/ip-lockdown.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ip-lockdown Module
-View Source
+View Source
Release Notes
@@ -33,7 +33,7 @@ In the example below we restrict access to [ec2-instance-metadata endpoint](http
Normally users make a `curl` call to get metadata like the AWS region or credentials associated with this EC2 Instance's IAM Role. Following the invocation of ip-lockdown, only users foo, bar, and root can query that data.
-The complete example of using terraform to deploy a generated AMI into your AWS account and automatically invoke `ip-lockdown` from the `User Data` is also available in the [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/ip-lockdown/aws-example) folder.
+The complete example of using terraform to deploy a generated AMI into your AWS account and automatically invoke `ip-lockdown` from the `User Data` is also available in the [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/ip-lockdown/aws-example) folder.
#### Installation
@@ -62,11 +62,11 @@ gruntwork-install --module-name ip-lockdown --tag --re
diff --git a/docs/reference/modules/terraform-aws-security/kms-cmk-replica/kms-cmk-replica.md b/docs/reference/modules/terraform-aws-security/kms-cmk-replica/kms-cmk-replica.md
index cd84422b2e..7f25e568cc 100644
--- a/docs/reference/modules/terraform-aws-security/kms-cmk-replica/kms-cmk-replica.md
+++ b/docs/reference/modules/terraform-aws-security/kms-cmk-replica/kms-cmk-replica.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# KMS Customer Managed Key Multi-Region Replication module
-View Source
+View Source
Release Notes
@@ -22,7 +22,7 @@ Key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#custome
[the multi-region replication feature of
KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html).
-This module is intended to be used in conjunction with the [kms-master-key module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key) to replicate a KMS
+This module is intended to be used in conjunction with the [kms-master-key module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key) to replicate a KMS
key managed with that module to other regions. Note that the KMS key must be marked as multi-region in order to support
multi-region replication.
@@ -39,7 +39,7 @@ multi-region replication.
module "kms_cmk_replica" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-cmk-replica?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-cmk-replica?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -97,7 +97,7 @@ module "kms_cmk_replica" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-cmk-replica?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-cmk-replica?ref=v0.68.5"
}
inputs = {
@@ -373,11 +373,11 @@ A map of CMK name to CMK ID.
diff --git a/docs/reference/modules/terraform-aws-security/kms-grant-multi-region/kms-grant-multi-region.md b/docs/reference/modules/terraform-aws-security/kms-grant-multi-region/kms-grant-multi-region.md
index 82544e83bf..692c9be20f 100644
--- a/docs/reference/modules/terraform-aws-security/kms-grant-multi-region/kms-grant-multi-region.md
+++ b/docs/reference/modules/terraform-aws-security/kms-grant-multi-region/kms-grant-multi-region.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS KMS Grants
-View Source
+View Source
Release Notes
@@ -31,21 +31,21 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is KMS?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key/README.md#what-is-kms)
+* [What is KMS?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key/README.md#what-is-kms)
-* [What is a Customer Master Key?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key/README.md#what-is-a-customer-master-key)
+* [What is a Customer Master Key?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key/README.md#what-is-a-customer-master-key)
* [KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/overview.html): Amazon’s docs for KMS that cover core concepts such as various key types, how to encrypt and decrypt, deletion of keys, and automatic key rotation.
-* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen/core-concepts.md#how-to-use-a-multi-region-module)
+* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen/core-concepts.md#how-to-use-a-multi-region-module)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -53,13 +53,13 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
-* [What is the difference between KMS Grants and Key Policies?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-grant-multi-region/core-concepts.md#what-is-the-difference-between-kms-grants-and-key-policies)
+* [What is the difference between KMS Grants and Key Policies?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-grant-multi-region/core-concepts.md#what-is-the-difference-between-kms-grants-and-key-policies)
-* [How do I use KMS Grants to share encrypted AMIs across accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-grant-multi-region/core-concepts.md#how-do-i-use-kms-grants-to-share-encrypted-amis-across-accounts)
+* [How do I use KMS Grants to share encrypted AMIs across accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-grant-multi-region/core-concepts.md#how-do-i-use-kms-grants-to-share-encrypted-amis-across-accounts)
## Sample Usage
@@ -74,7 +74,7 @@ If you just want to try this out for experimenting and learning, check out the f
module "kms_grant_multi_region" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-grant-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-grant-multi-region?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -127,7 +127,7 @@ module "kms_grant_multi_region" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-grant-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-grant-multi-region?ref=v0.68.5"
}
inputs = {
@@ -180,11 +180,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-security/kms-master-key-multi-region/kms-master-key-multi-region.md b/docs/reference/modules/terraform-aws-security/kms-master-key-multi-region/kms-master-key-multi-region.md
index 9b432373b1..b4db8c4272 100644
--- a/docs/reference/modules/terraform-aws-security/kms-master-key-multi-region/kms-master-key-multi-region.md
+++ b/docs/reference/modules/terraform-aws-security/kms-master-key-multi-region/kms-master-key-multi-region.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# AWS KMS Customer Master Keys (CMK)
-View Source
+View Source
Release Notes
@@ -37,23 +37,23 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [What is KMS?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key/README.md#what-is-kms)
+* [What is KMS?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key/README.md#what-is-kms)
-* [What is the difference between creating one key in all regions and creating a single all-region key?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key-multi-region/core-concepts.md#what-is-the-difference-between-creating-one-key-in-all-regions-and-creating-a-single-all-region-key)
+* [What is the difference between creating one key in all regions and creating a single all-region key?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key-multi-region/core-concepts.md#what-is-the-difference-between-creating-one-key-in-all-regions-and-creating-a-single-all-region-key)
-* [What is a Customer Master Key?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key/README.md#what-is-a-customer-master-key)
+* [What is a Customer Master Key?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key/README.md#what-is-a-customer-master-key)
* [KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/overview.html): Amazon’s docs for KMS that cover core concepts such as various key types, how to encrypt and decrypt, deletion of keys, and automatic key rotation.
-* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/codegen/core-concepts.md#how-to-use-a-multi-region-module)
+* [How to use a multi-region module](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/codegen/core-concepts.md#how-to-use-a-multi-region-module)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -61,17 +61,17 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
-* [Differences between CMK Administrators vs. CMK Users](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key/README.md#cmk-administrators-vs-cmk-users)
+* [Differences between CMK Administrators vs. CMK Users](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key/README.md#cmk-administrators-vs-cmk-users)
-* [Differences between managing access control with KMS key policies vs. IAM policies](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-master-key/README.md#managing-a-keys-permissions-with-the-key-policy-vs-iam-policies)
+* [Differences between managing access control with KMS key policies vs. IAM policies](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-master-key/README.md#managing-a-keys-permissions-with-the-key-policy-vs-iam-policies)
-* [What is the difference between KMS Grants and Key Policies?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-grant-multi-region/core-concepts.md#what-is-the-difference-between-kms-grants-and-key-policies)
+* [What is the difference between KMS Grants and Key Policies?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-grant-multi-region/core-concepts.md#what-is-the-difference-between-kms-grants-and-key-policies)
-* [How do I use KMS Grants to share encrypted AMIs across accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/kms-grant-multi-region/core-concepts.md#how-do-i-use-kms-grants-to-share-encrypted-amis-across-accounts)
+* [How do I use KMS Grants to share encrypted AMIs across accounts?](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/kms-grant-multi-region/core-concepts.md#how-do-i-use-kms-grants-to-share-encrypted-amis-across-accounts)
## Sample Usage
@@ -86,7 +86,7 @@ If you just want to try this out for experimenting and learning, check out the f
module "kms_master_key_multi_region" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key-multi-region?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -153,7 +153,7 @@ module "kms_master_key_multi_region" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key-multi-region?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key-multi-region?ref=v0.68.5"
}
inputs = {
@@ -522,11 +522,11 @@ A map from region to IDs of the replica KMS CMKs that were created. The value wi
diff --git a/docs/reference/modules/terraform-aws-security/kms-master-key/kms-master-key.md b/docs/reference/modules/terraform-aws-security/kms-master-key/kms-master-key.md
index 11973d27d2..a971cb6a86 100644
--- a/docs/reference/modules/terraform-aws-security/kms-master-key/kms-master-key.md
+++ b/docs/reference/modules/terraform-aws-security/kms-master-key/kms-master-key.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# KMS Master Key Module
-View Source
+View Source
Release Notes
@@ -87,7 +87,7 @@ more onerous.
module "kms_master_key" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -151,7 +151,7 @@ module "kms_master_key" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/kms-master-key?ref=v0.68.5"
}
inputs = {
@@ -448,11 +448,11 @@ A map of CMK name to CMK ID.
diff --git a/docs/reference/modules/terraform-aws-security/ntp/ntp.md b/docs/reference/modules/terraform-aws-security/ntp/ntp.md
index 36a5591823..1cc4caedf2 100644
--- a/docs/reference/modules/terraform-aws-security/ntp/ntp.md
+++ b/docs/reference/modules/terraform-aws-security/ntp/ntp.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# NTP Module
-View Source
+View Source
Release Notes
@@ -35,11 +35,11 @@ Originally, Amazon recommended installing `ntpd` to prevent clock drift. Today,
diff --git a/docs/reference/modules/terraform-aws-security/os-hardening/os-hardening.md b/docs/reference/modules/terraform-aws-security/os-hardening/os-hardening.md
index 58c089f971..9e4393954f 100644
--- a/docs/reference/modules/terraform-aws-security/os-hardening/os-hardening.md
+++ b/docs/reference/modules/terraform-aws-security/os-hardening/os-hardening.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# OS Hardening
-View Source
+View Source
Release Notes
@@ -31,8 +31,8 @@ is mounting multiple partitions. We hope to implement more CIS recommendations o
There are two major components to this module:
-* [ami-builder](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/os-hardening/ami-builder): This is a Terraform template that launches an EC2 Instance with Packer pre-installed.
-* [partition-scripts](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/os-hardening/partition-scripts): This is a set of bash scripts that create multiple disk partitions, format them
+* [ami-builder](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/os-hardening/ami-builder): This is a Terraform template that launches an EC2 Instance with Packer pre-installed.
+* [partition-scripts](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/os-hardening/partition-scripts): This is a set of bash scripts that create multiple disk partitions, format them
as ext4, and mount them to various paths with various mount options such as `noexec` or `nosuid`. These scripts are
meant to be run in a Packer template that uses the Packer [amazon-chroot](https://www.packer.io/docs/builders/amazon-chroot.html)
builder.
@@ -45,7 +45,7 @@ Fundamentally, to generate an AMI you must:
4. SSH into the ami-builder EC2 Instance and run `packer build amazon-linux.json` to build the AMI.
5. Terminate the ami-builder EC2 Instance.
-We recognize that is a lot of manual steps to build a single AMI, so check out the [os-hardening example](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/os-hardening)
+We recognize that is a lot of manual steps to build a single AMI, so check out the [os-hardening example](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/os-hardening)
for a pre-built Packer template plus a script (`packer-build.sh`) that will automate all the above steps.
### Why do I need to launch a separate EC2 Instance to run Packer?
@@ -55,7 +55,7 @@ See below for additional details on what this is and how to use it.
## How to Use this Module
-**The best way to use this module is to substantially copy the [os-hardening example code](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/os-hardening).
+**The best way to use this module is to substantially copy the [os-hardening example code](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/os-hardening).
Unlike most Gruntwork examples, the example for this module contains a full Packer build file plus a wrapper script to
create the AMI with a single command and may be viewed as a "canonical" way to instantiate the os-hardening modules.**
@@ -71,11 +71,11 @@ hardened OS will use. Follow these steps:
and sizes:
* `partition-volume`: For each desired partition, add an argument like `--partition '/home:4G'`. For additional
- details see [partition-volume](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/os-hardening/partition-scripts/bin/partition-volume). Note that for the last `--partition` entry only,
+ details see [partition-volume](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/os-hardening/partition-scripts/bin/partition-volume). Note that for the last `--partition` entry only,
you may specify `*` for the size to tell the script to create the largest possible partition based on remaining
disk space. Also, make sure your partition sizes don't exceed the space available on your EBS Volume!
* `cleanup-volume`: For each desired partition, add an argument like `--mount-point '/home'`. For additional details see
- [cleanup-volume](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/os-hardening/partition-scripts/bin/cleanup-volume)
+ [cleanup-volume](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/os-hardening/partition-scripts/bin/cleanup-volume)
Note that you will redundantly pass the same list of partition paths to each of the above scripts, but only
`partition-volume` needs both the mount point *and* the desired partition size.
@@ -86,10 +86,10 @@ That's it! The Packer template will take care of the rest.
### How to Build the AMI with Packer
-Now we're ready to build the actual AMI. Note: The [os-hardening example](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/os-hardening) contains a script
+Now we're ready to build the actual AMI. Note: The [os-hardening example](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/os-hardening) contains a script
that automates all these steps, but, for the sake of understanding, we'll describe them individually below:
-1. Launch the [ami-builder](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/os-hardening/ami-builder) EC2 Instance. We will execute Packer from this EC2 Instance.
+1. Launch the [ami-builder](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/os-hardening/ami-builder) EC2 Instance. We will execute Packer from this EC2 Instance.
2. On your local machine run `rsync` so that your local directory is continually synced to the ami-builder:
@@ -127,7 +127,7 @@ additional volumes mounted as encrypted volumes.
### Using Your Hardened OS as a "Base AMI"
-A best practice we encourage is to first build your hardened OS Image using these modules and the [os-hardening example](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/os-hardening).
+A best practice we encourage is to first build your hardened OS Image using these modules and the [os-hardening example](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/os-hardening).
You can now view this AMI as your "base AMI", and all other Packer builds can be built on top of this AMI. For example,
you might have:
@@ -270,11 +270,11 @@ needed additional space to build a new AMI was not unreasonable.
diff --git a/docs/reference/modules/terraform-aws-security/private-s3-bucket/private-s3-bucket.md b/docs/reference/modules/terraform-aws-security/private-s3-bucket/private-s3-bucket.md
index 1977b92f20..71d8b13bc6 100644
--- a/docs/reference/modules/terraform-aws-security/private-s3-bucket/private-s3-bucket.md
+++ b/docs/reference/modules/terraform-aws-security/private-s3-bucket/private-s3-bucket.md
@@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Private S3 Bucket
-View Source
+View Source
-Release Notes
+Release Notes
This module can be used to create and manage an [Amazon S3](https://aws.amazon.com/s3/) bucket that enforces
best practices for private access:
@@ -86,7 +86,7 @@ aws-vault exec --no-session root-prod -- ./mfa-delete.sh --account-id 2264865421
module "private_s_3_bucket" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/private-s3-bucket?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/private-s3-bucket?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -288,7 +288,7 @@ module "private_s_3_bucket" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/private-s3-bucket?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/private-s3-bucket?ref=v0.68.5"
}
inputs = {
@@ -1037,11 +1037,11 @@ The name of an IAM role that can be used to configure replication from various s
diff --git a/docs/reference/modules/terraform-aws-security/saml-iam-roles/saml-iam-roles.md b/docs/reference/modules/terraform-aws-security/saml-iam-roles/saml-iam-roles.md
index 18622fa208..1858a30a16 100644
--- a/docs/reference/modules/terraform-aws-security/saml-iam-roles/saml-iam-roles.md
+++ b/docs/reference/modules/terraform-aws-security/saml-iam-roles/saml-iam-roles.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# A best-practices set of IAM roles for SAML access
-View Source
+View Source
Release Notes
@@ -47,7 +47,7 @@ This module creates the following IAM roles (all optional):
* **allow-ssh-grunt-access-from-saml**: Users authenticated by the SAML providers in
`var.allow_ssh_grunt_access_from_saml_provider_arns` will get read access to IAM Groups and public SSH keys. This is
- useful to allow [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt) running on EC2 Instances in other AWS accounts to validate SSH
+ useful to allow [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt) running on EC2 Instances in other AWS accounts to validate SSH
connections against IAM users defined in this AWS account.
* **allow-dev-access-from-saml**:Users authenticated by the SAML providers in
@@ -78,7 +78,7 @@ This module creates the following IAM roles (all optional):
module "saml_iam_roles" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/saml-iam-roles?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/saml-iam-roles?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -237,7 +237,7 @@ module "saml_iam_roles" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/saml-iam-roles?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/saml-iam-roles?ref=v0.68.5"
}
inputs = {
@@ -896,11 +896,11 @@ A map of tags to apply to the IAM roles.
diff --git a/docs/reference/modules/terraform-aws-security/secrets-manager-resource-policies/secrets-manager-resource-policies.md b/docs/reference/modules/terraform-aws-security/secrets-manager-resource-policies/secrets-manager-resource-policies.md
index 4f2a968e5a..2b2a9f2601 100644
--- a/docs/reference/modules/terraform-aws-security/secrets-manager-resource-policies/secrets-manager-resource-policies.md
+++ b/docs/reference/modules/terraform-aws-security/secrets-manager-resource-policies/secrets-manager-resource-policies.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Resource-based policies for Secrets Manager secrets
-View Source
+View Source
Release Notes
@@ -42,7 +42,7 @@ Note also that you should only manage the policy for any given secret one time.
module "secrets_manager_resource_policies" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/secrets-manager-resource-policies?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/secrets-manager-resource-policies?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -71,7 +71,7 @@ module "secrets_manager_resource_policies" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/secrets-manager-resource-policies?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/secrets-manager-resource-policies?ref=v0.68.5"
}
inputs = {
@@ -100,11 +100,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-security/ssh-grunt-selinux-policy/ssh-grunt-selinux-policy.md b/docs/reference/modules/terraform-aws-security/ssh-grunt-selinux-policy/ssh-grunt-selinux-policy.md
index 6604707052..6367255a77 100644
--- a/docs/reference/modules/terraform-aws-security/ssh-grunt-selinux-policy/ssh-grunt-selinux-policy.md
+++ b/docs/reference/modules/terraform-aws-security/ssh-grunt-selinux-policy/ssh-grunt-selinux-policy.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# SSH Grunt SELinux Policy
-View Source
+View Source
Release Notes
-This module installs a SELinux Local Policy Module that is necessary to make [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt) work on
+This module installs a SELinux Local Policy Module that is necessary to make [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt) work on
systems with SELinux, such as CentOS.
The reason we need a policy is that `ssh-grunt` uses is executed on each attempted SSH login by the
@@ -84,11 +84,11 @@ $ sudo semodule -i ssh-grunt.pp
diff --git a/docs/reference/modules/terraform-aws-security/ssh-grunt/ssh-grunt.md b/docs/reference/modules/terraform-aws-security/ssh-grunt/ssh-grunt.md
index 69842161e6..a028514c0a 100644
--- a/docs/reference/modules/terraform-aws-security/ssh-grunt/ssh-grunt.md
+++ b/docs/reference/modules/terraform-aws-security/ssh-grunt/ssh-grunt.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# SSH Grunt
-View Source
+View Source
Release Notes
@@ -47,19 +47,19 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
### Core concepts
-* [How to install ssh-grunt on your servers](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt/core-concepts.md#install-ssh-grunt-on-your-servers)
+* [How to install ssh-grunt on your servers](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt/core-concepts.md#install-ssh-grunt-on-your-servers)
-* [How SSH Grunt works](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt/core-concepts.md#how-it-works)
+* [How SSH Grunt works](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt/core-concepts.md#how-it-works)
-* [Core Security Concepts](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/README.adoc#core-concepts)
+* [Core Security Concepts](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/README.adoc#core-concepts)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [modules](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples): This folder contains working examples of how to use the submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/test): Automated tests for the modules and examples.
+* [test](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/test): Automated tests for the modules and examples.
## Deploy
@@ -67,9 +67,9 @@ This repo is a part of [the Gruntwork Infrastructure as Code Library](https://gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [ssh-grunt examples](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/ssh-grunt): The `examples/ssh-grunt` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [ssh-grunt examples](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/ssh-grunt): The `examples/ssh-grunt` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
-* [Packer template](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/examples/ssh-grunt/packer/ssh-grunt-iam.json)
+* [Packer template](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/examples/ssh-grunt/packer/ssh-grunt-iam.json)
### Production deployment
@@ -85,19 +85,19 @@ If you want to deploy this module in production, check out the following resourc
### Day-to-day operations
-* [How to manage SSH keys](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt/core-concepts.md#upload-public-ssh-keys)
+* [How to manage SSH keys](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt/core-concepts.md#upload-public-ssh-keys)
-* [IAM permissions required for ssh-grunt to work](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt/core-concepts.md#set-up-iam-permissions)
+* [IAM permissions required for ssh-grunt to work](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt/core-concepts.md#set-up-iam-permissions)
diff --git a/docs/reference/modules/terraform-aws-security/ssh-iam/ssh-iam.md b/docs/reference/modules/terraform-aws-security/ssh-iam/ssh-iam.md
index 5f295819e9..4daff0d66f 100644
--- a/docs/reference/modules/terraform-aws-security/ssh-iam/ssh-iam.md
+++ b/docs/reference/modules/terraform-aws-security/ssh-iam/ssh-iam.md
@@ -9,26 +9,26 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# ssh-iam has been renamed!
-View Source
+View Source
Release Notes
-`ssh-iam` has been renamed to [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt). Please update all links to point to
-[ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/ssh-grunt)!
+`ssh-iam` has been renamed to [ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt). Please update all links to point to
+[ssh-grunt](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/ssh-grunt)!
diff --git a/docs/reference/modules/terraform-aws-security/ssm-healthchecks-iam-permissions/ssm-healthchecks-iam-permissions.md b/docs/reference/modules/terraform-aws-security/ssm-healthchecks-iam-permissions/ssm-healthchecks-iam-permissions.md
index ce387e7330..2132a09f24 100644
--- a/docs/reference/modules/terraform-aws-security/ssm-healthchecks-iam-permissions/ssm-healthchecks-iam-permissions.md
+++ b/docs/reference/modules/terraform-aws-security/ssm-healthchecks-iam-permissions/ssm-healthchecks-iam-permissions.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# SSM Healthchecks IAM Permissions
-View Source
+View Source
Release Notes
@@ -46,7 +46,7 @@ We recommend using this module with just about every single EC2 Instance and Aut
module "ssm_healthchecks_iam_permissions" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.68.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -70,7 +70,7 @@ module "ssm_healthchecks_iam_permissions" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.68.4"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.68.5"
}
inputs = {
@@ -94,11 +94,11 @@ inputs = {
diff --git a/docs/reference/modules/terraform-aws-security/tls-cert-private/tls-cert-private.md b/docs/reference/modules/terraform-aws-security/tls-cert-private/tls-cert-private.md
index 503f675c1f..b5ee3838f8 100644
--- a/docs/reference/modules/terraform-aws-security/tls-cert-private/tls-cert-private.md
+++ b/docs/reference/modules/terraform-aws-security/tls-cert-private/tls-cert-private.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Generate a TLS/SSL Certificate for a Private Service
-View Source
+View Source
Release Notes
@@ -35,7 +35,7 @@ using a commercial CA or public, free CA like [Let's Encrypt](https://letsencryp
1. Edit the `docker-compose.yml` file and fill in your desired argument values.
2. Now run `docker-compose up` and your TLS certs will output to a local `output` directory!
-To see documentation on the arguments in `docker-compose.yml`, see the [main.sh](https://github.com/gruntwork-io/terraform-aws-security/tree/pete%2F778%2Fbucket-ownership/modules/tls-cert-private/scripts/main.sh) file.
+To see documentation on the arguments in `docker-compose.yml`, see the [main.sh](https://github.com/gruntwork-io/terraform-aws-security/tree/v0.68.5/modules/tls-cert-private/scripts/main.sh) file.
Note that the Docker Compose file mounts the local machine folder `./output` in the Docker container. Mac and Windows
users sohuld take note that, in some cases, volume mounting may be extremely slow, or even one-way-only if you use an
@@ -177,11 +177,11 @@ TLS certificates for any public services.