v1.1.0

🚀 Enhancements

feat: Add cloudwatch and security group outputs @adamcrews (#121)

## what

This adds the outputs for the optionally created cloudwatch logs and the security group.

why

In my use case, this information is useful to pass on to other modules, thus adding the outputs helps expose that information.

This also supersedes PR #116
and closes issue #91

v1.0.1

feat: allow passing in a permissions boundary @joelmccoy (#115)

## what

Allows a permissions_boundary to be passed in to this module.

why

The cloudwatch logs module being referenced in this module creates an IAM role. Currently there is no way to set a permissions boundary for this role (which make's it impossible to use this module in an environment that requires permission boundaries). This PR allows a boundary to be set and then passed into the sub module that contains IAM resources.

references

🤖 Automatic Updates

Migrate new test account @osterman (#114)

## what - Update `.github/settings.yml` - Update `.github/chatops.yml` files

why

• Re-apply .github/settings.yml from org level to get terratest environment
• Migrate to new test account

References

• DEV-388 Automate clean up of test account in new organization
• DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
• DEV-386 Update terratest to use new testing account with GitHub OIDC

Update .github/settings.yml @osterman (#113)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @osterman (#111)

## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

• So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#110)

## what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repo

why

• Reduce nested levels of reusable workflows

Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#109)

## what - Update workflows (`.github/workflows`) to add `issue: write` permission needed by ReviewDog `tflint` action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @osterman (#108)

## what - Update workflows (`.github/workflows/settings.yaml`)

why

• Support new readme generation workflow.
• Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#103)

## what

• Install latest GitHub Action Workflows

why

• Use shared workflows from cldouposse/.github repository
• Simplify management of workflows from centralized hub of configuration

Add GitHub Settings @osterman (#98)

## what - Install a repository config (`.github/settings.yaml`)

why

• Programmatically manage GitHub repo settings

Update README.md and docs @cloudpossebot (#94)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @osterman (#95)

## what - Reran `make readme` to rebuild `README.md` from `README.yaml` - Migrate to square badges - Add scaffolding for repo settings and Mergify

why

• Upstream template changed in the .github repo
• Work better with repository rulesets
• Modernize look & feel

Update README.md and docs @cloudpossebot (#88)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.0.0

Support AWS Provider v5, TLS provider v4 @max-lobur (#74)

what

• Update dependencies, including security-group 1.0.1 -> 2.2.0 (see security group migration notes)
• Support AWS Provider V5
• Linter fixes

why

• Earlier problems with TLS provider v4 caused earlier versions of this module to reject it, but now we are ready to use it.
• Maintenance

references

• https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.0.0
• Security group migration. Note that this module made create_before_destroy = true the default, so the transition should be painless unless you explicitly set security_group_create_before_destroy = false

Supercedes these PRs

• Closes #45
• Closes #60
• Closes #65
• Closes #70
• Closes #77
• Closes #80

Issues: closes #79

git.io->cloudposse.tools update @dylanbannon (#41)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

Sync github @max-lobur (#69)

Rebuild github dir from the template

v0.16.0

• No changes

v0.15.0

Add support for transport_protocol variable in aws_ec2_client_vpn_endpoint @s1rc (#61)

what

The aws_ec2_client_vpn_endpoint supports variables for defining the transport_protocol as tcp or udp. Without adding this variable to this module, it will always default to udp.

why

To be able to add tcp as a transport_protocol for Client VPN Endpoints in Terraform as you would be able to configure in the AWS console.

references

• closes #44
• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_client_vpn_endpoint#transport_protocol

v0.14.0 Prohibit TLS provider v4

update tls submodule version @Benbentwo (#58)

what

• update tls submodule version to 1.1.0

why

• locks version of provider to 3.X

references

• cloudposse/terraform-aws-ssm-tls-self-signed-cert#20

v0.13.0

Updating security group attachment location due to deprecation @bengaywins (#53)

what

• This addresses the deprecation notice currently being output as a result of using this module.

why

• The argument is deprecated on the aws_ec2_client_vpn_network_association resource and will be removed in the near future.

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_client_vpn_network_association
• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_client_vpn_endpoint

v0.12.6

🤖 Automatic Updates

Update Terraform cloudposse/ssm-tls-self-signed-cert/aws to v1 @renovate (#50)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/ssm-tls-self-signed-cert/aws (source)	module	major	0.5.0 -> 1.0.0

---

v0.12.5

🚀 Enhancements

Mark 'full_client_configuration' output as sensitive value @VladStarr (#47)

what

• Add sensitive=true option to full_client_configuration in outputs.tf.

why

• While using export_client_certificate = true we're unable to retrieve the full_client_configuration output, because in newer versions of Terraform there is a strict requirement for sensitive outputs to be configured as sensitive=true.

v0.12.4

🤖 Automatic Updates

Update Terraform cloudposse/cloudwatch-logs/aws to v0.6.6 @renovate (#46)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/cloudwatch-logs/aws (source)	module	patch	0.6.5 -> 0.6.6

---