feat: (IAC-1259) AWS - Security scan 2024.01

[dhoucgitter]

Changes

Updates 3rd party dependencies to resolve the security vulnerabilities. Users of the Dockerfile will automatically have these updated dependencies installed, and users who directly run this project on the host will need to update the dependencies themselves.

Update summary:

CLI

• terraform 1.6.3 -> 1.6.6
  • updates google.golang.org/grpc from v1.56.1 to v1.59 to remediate High CVE-2023-44487
  • updates golang.org/x/net from v0.8.0 to v0.19.0, remediating multiple high CVEs

Providers

• hashicorp/aws from 5.25.0 to 5.31.0
  • bug fixes, features and enhancements, 5.27.0 includes an update to the AWS SDK for Go v2, provider changes should be transparent to users
• hashicorp/cloudinit from 2.3.2 to 2.3.3
  • no functional changes, does include dependency updates to address upstream CVEs
• hashicorp/external from 2.3.1 to 2.3.2
  • bug fixes
• hashicorp/kubernetes from 2.23.0 to 2.25.1
  • docs, bug fixes and enhancements
• hashicorp/local from 2.4.0 to 2.4.1
  • This release introduces no functional changes. It does however include dependency updates which address upstream CVEs. #273
• hashicorp/null from 3.2.1 to 3.2.2
  • This release introduces no functional changes. It does however include dependency updates which address upstream CVEs. #242
• hashicorp/random from 3.5.1 to 3.6.0
  • one new feature
• hashicorp/time from 0.9.2 to 0.10.0
  • one bug fix

Modules

• update registry.terraform.io/terraform-aws-modules/eks/aws from 19.19.1 to 19.21.0 for eks...
  • 2 added features, no breaking changes
• update registry.terraform.io/terraform-aws-modules/rds/aws from 6.2.0 to 6.3.0 for postgresql ...
  • 1 feature added, no breaking changes
• update terraform-aws-modules/iam/aws/modules/iam-assumable-role-with-oidc from 5.30.2 to 5.33.0
  • bug fixes and new feature

Tests

Scenario	Provider	K8s version	Order	Cadence
1	AWS	1.27.8-eks	****	fast:2020

[thpang]

You all are getting crazy with the version directives ;) Looks good