v0.44.1

🤖 Automatic Updates

chore(deps): update terraform cloudposse/s3-log-storage/aws to v0.18.0 @renovate (#124)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-log-storage/aws (source)	terraform	minor	0.17.0 -> 0.18.0

---

Release Notes

cloudposse/terraform-aws-s3-log-storage

v0.18.0

Compare Source

Bc compliance @​maximmi (#​49)

#### what * BridgeCrew compliance checks fix * readme updated * default behaviour changed: `S3 bucket MFA delete` enabled by default * default behaviour changed: `S3 Bucket Versioning` enabled by default * default behaviour changed: `Encryption of the S3 bucket` enabled by default #### why * To be able to position our modules as standards compliant * stay in sync with code * To comply BridgeCrew check #### references * https://docs.bridgecrew.io/docs/s3_16-enable-versioning * https://docs.bridgecrew.io/docs/s3_13-enable-logging * https://docs.bridgecrew.io/docs/s3_14-data-encrypted-at-rest

v0.44.0

mfa_delete removed @maximmi (#123)

what

• mfa_delete removed
• Bridgecrew check Ensure S3 bucket has MFA delete enabled skipped

why

• Because terraform doesn't support this argument to be toggled (hashicorp/terraform-provider-aws#629).
• To satisfy Bridgecrew compliance scan

references

• hashicorp/terraform-provider-aws#629

v0.43.0

readme updated, BridgeCrew compliance checks fixes, code cleaned @maximmi (#121)

what

• BridgeCrew compliance checks fix
• readme updated
• default behaviour changed: S3 bucket MFA delete enabled by default
• default behaviour changed: S3 Bucket Versioning enabled by default
• default behaviour changed: Encryption of the S3 bucket enabled by default

why

• To be able to position our modules as standards compliant
• stay in sync with code
• To comply BridgeCrew check

references

• https://docs.bridgecrew.io/docs/s3_16-enable-versioning
• https://docs.bridgecrew.io/docs/s3_13-enable-logging
• https://docs.bridgecrew.io/docs/s3_14-data-encrypted-at-rest

v0.42.0

• No changes

v0.41.1

🤖 Automatic Updates

chore(deps): update terraform cloudposse/label/null to v0.22.1 @renovate (#119)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/label/null (source)	terraform	patch	0.22.0 -> 0.22.1

---

Release Notes

cloudposse/terraform-null-label

v0.22.1

Compare Source

Add var.attributes to end of context.attributes, not vice versa @​Nuru (#​114)

#### what - Add `var.attributes` to end of `context.attributes`, not vice versa - Update to current workflows (with some exceptions) #### why - Modules should append to attributes passed in, not insert themselves ahead of others - New features, like auto-format (but holding back some, because this is a special module) #### references - closes #​113 - closes #​108

chore(deps): update terraform cloudposse/route53-alias/aws to v0.10.0 @renovate (#120)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/route53-alias/aws (source)	terraform	minor	0.8.2 -> 0.10.0

---

Release Notes

cloudposse/terraform-aws-route53-alias

v0.10.0

Compare Source

Terraform 0.14 upgrade @​dmattia (#​30)

##### what - Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard ##### why - Support Terraform 0.14

v0.9.0

Compare Source

Update to context.tf. Use `go` modules. Update GitHub Actions @​aknysh (#​28)

#### what * Update to context.tf * Use `go` modules * Update GitHub Actions #### why * Standardization * Keep the module up to date

v0.41.0

Terraform 0.14 upgrade @maximmi (#118)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

supersedes and closes #114

v0.40.0

add option for aws_s3_bucket_public_access_block for origin @juliusdanielherreraglomm (#113)

what

• This change allows you to add a aws_s3_bucket_public_access_block
  resource for the origin s3 bucket.

why

• On "Amazon S3 Preventative Security Best Practices" it is recommended
  to use Amazon S3 block public access.

references

• https://docs.aws.amazon.com/AmazonS3/latest/dev/security-best-practices.html

v0.39.0

update context and tf .14 support @woz5999 (#117)

what

fixes and updates for tf 0.14 compatibility

v0.38.0

Add cloudfront origin identity iam arn output @bkero (#116)

This adds an output to access the Cloudfront distribution's Origin
Access identity, if it is enabled, else a blank string.

We need this to provide access to the Cloudfront distribution from an externally-written bucket policy.

Closes: #115

v0.37.0

Add custom header block into distribution origin block @byron-hom (#108)

what

• add custom_origin_headers variable

• Updated README.md

• Update variables.tf

• Update main.tf

• Updated README.md

• Executed 'terraform fmt'

why

Use case : LambdaEdge does not allow environment variables, so if you want use multiple distributions to call same lambdaEdge function you can use a custom_headers block into distribution to pass some variables that the lambda function can read and execute some logic depends of a distribution.

references

https://stackoverflow.com/questions/54828808/aws-lambdaedge-nodejs-environment-variables-are-not-supported#:~:text=Environment%20variables%20are%20not%20supported%20by%20Lambda%40Edge%20as%20specified,with%20CloudFront%20Origin%20Custom%20Headers.