From 833d1e59babbfa14516014fdcaef0690e38b13e7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Nov 2021 16:51:09 -0600 Subject: [PATCH] chore(deps): update terraform cloudposse/s3-bucket/aws to v0.44.1 (#13) * chore(deps): update terraform cloudposse/s3-bucket/aws to v0.44.1 * Fix terratest Co-authored-by: Renovate Bot Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: nitrocode --- README.md | 191 +++++++++++++++++++--------------- README.yaml | 179 +++++++++++++++++-------------- docs/terraform.md | 8 +- examples/complete/outputs.tf | 4 +- examples/complete/versions.tf | 6 +- firehose.tf | 2 +- versions.tf | 5 +- 7 files changed, 219 insertions(+), 176 deletions(-) diff --git a/README.md b/README.md index 3a25ed6..b4ed8fa 100644 --- a/README.md +++ b/README.md @@ -99,101 +99,118 @@ For automated tests of the complete example using [bats](https://github.com/bats (which tests and deploys the example on AWS), see [test](test). ```hcl - - module "label" { - source = "cloudposse/label/null" - # Cloud Posse recommends pinning every module to a specific version - # version = "x.x.x" - namespace = "eg" - stage = "prod" - name = "fms" - delimiter = "-" - - tags = { - "BusinessUnit" = "XYZ", - } +module "label" { + source = "cloudposse/label/null" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" + + namespace = "eg" + stage = "prod" + name = "fms" + delimiter = "-" + + tags = { + "BusinessUnit" = "XYZ", } +} + +module "vpc" { + source = "cloudposse/vpc/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" - module "vpc" { - source = "cloudposse/vpc/aws" - # Cloud Posse recommends pinning every module to a specific version - # version = "x.x.x" + cidr_block = "10.0.0.0/16" - cidr_block = "10.0.0.0/16" + context = module.label.context +} - context = module.label.context +provider "aws" { + region = "us-east-2" +} + +provider "aws" { + region = "us-east-2" + alias = "admin" + assume_role { + role_arn = "arn:aws:xyz" } +} + +module "fms" { + source = "cloudposse/firewall-manager/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" - module "fms" { - source = "cloudposse/firewall-manager/aws" - # Cloud Posse recommends pinning every module to a specific version - # version = "x.x.x" + providers = { + aws.admin = aws.admin + aws = aws + } - security_groups_usage_audit_policies = [ - { - name = "unused-sg" - resource_type_list = ["AWS::EC2::SecurityGroup"] + security_groups_usage_audit_policies = [ + { + name = "unused-sg" + resource_type_list = ["AWS::EC2::SecurityGroup"] - policy_data = { - delete_unused_security_groups = false - coalesce_redundant_security_groups = false - } + policy_data = { + delete_unused_security_groups = false + coalesce_redundant_security_groups = false } - ] + } + ] - security_groups_content_audit_policies = [ - { - name = "maxmimum-allowed" - resource_type_list = ["AWS::EC2::SecurityGroup"] + security_groups_content_audit_policies = [ + { + name = "maxmimum-allowed" + resource_type_list = ["AWS::EC2::SecurityGroup"] - policy_data = { - security_group_action = "allow" - security_groups = [module.vpc.security_group_id] - } + policy_data = { + security_group_action = "allow" + security_groups = [module.vpc.security_group_id] } - ] - - security_groups_common_policies = [ - { - name = "disabled-all" - resource_type_list = ["AWS::EC2::SecurityGroup"] - - policy_data = { - revert_manual_security_group_changes = false - exclusive_resource_security_group_management = false - apply_to_all_ec2_instance_enis = false - security_groups = [module.vpc.security_group_id] - } + } + ] + + security_groups_common_policies = [ + { + name = "disabled-all" + resource_type_list = ["AWS::EC2::SecurityGroup"] + + policy_data = { + revert_manual_security_group_changes = false + exclusive_resource_security_group_management = false + apply_to_all_ec2_instance_enis = false + security_groups = [module.vpc.security_group_id] } - ] - - waf_v2_policies = [ - { - name = "linux-policy" - resource_type_list = ["AWS::ElasticLoadBalancingV2::LoadBalancer", "AWS::ApiGateway::Stage"] - - policy_data = { - default_action = "allow" - override_customer_web_acl_association = false - pre_process_rule_groups = [ - { - "managedRuleGroupIdentifier" : { - "vendorName" : "AWS", - "managedRuleGroupName" : "AWSManagedRulesLinuxRuleSet", - "version" : null - }, - "overrideAction" : { "type" : "NONE" }, - "ruleGroupArn" : null, - "excludeRules" : [], - "ruleGroupType" : "ManagedRuleGroup" - } - ] - } + } + ] + + waf_v2_policies = [ + { + name = "linux-policy" + resource_type_list = ["AWS::ElasticLoadBalancingV2::LoadBalancer", "AWS::ApiGateway::Stage"] + + policy_data = { + default_action = "allow" + override_customer_web_acl_association = false + pre_process_rule_groups = [ + { + "managedRuleGroupIdentifier" : { + "vendorName" : "AWS", + "managedRuleGroupName" : "AWSManagedRulesLinuxRuleSet", + "version" : null + }, + "overrideAction" : { "type" : "NONE" }, + "ruleGroupArn" : null, + "excludeRules" : [], + "ruleGroupType" : "ManagedRuleGroup" + } + ] } - ] + } + ] - context = module.label.context - } + context = module.label.context +} ``` @@ -225,14 +242,14 @@ Available targets: | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.15.0 | -| [aws](#requirement\_aws) | >= 2.0 | +| [aws](#requirement\_aws) | >= 3.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 2.0 | -| [aws.admin](#provider\_aws.admin) | >= 2.0 | +| [aws](#provider\_aws) | >= 3.0 | +| [aws.admin](#provider\_aws.admin) | >= 3.0 | ## Modules @@ -240,7 +257,7 @@ Available targets: |------|--------|---------| | [dns\_firewall\_label](#module\_dns\_firewall\_label) | cloudposse/label/null | 0.25.0 | | [firehose\_label](#module\_firehose\_label) | cloudposse/label/null | 0.25.0 | -| [firehose\_s3\_bucket](#module\_firehose\_s3\_bucket) | cloudposse/s3-bucket/aws | 0.38.0 | +| [firehose\_s3\_bucket](#module\_firehose\_s3\_bucket) | cloudposse/s3-bucket/aws | 0.44.1 | | [network\_firewall\_label](#module\_network\_firewall\_label) | cloudposse/label/null | 0.25.0 | | [security\_groups\_common\_label](#module\_security\_groups\_common\_label) | cloudposse/label/null | 0.25.0 | | [security\_groups\_content\_audit\_label](#module\_security\_groups\_content\_audit\_label) | cloudposse/label/null | 0.25.0 | @@ -468,14 +485,16 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply ### Contributors -| [![Vladimir Syromyatnikov][SweetOps_avatar]][SweetOps_homepage]
[Vladimir Syromyatnikov][SweetOps_homepage] | [![Benjamin Smith][Benbentwo_avatar]][Benbentwo_homepage]
[Benjamin Smith][Benbentwo_homepage] | -|---|---| +| [![Vladimir Syromyatnikov][SweetOps_avatar]][SweetOps_homepage]
[Vladimir Syromyatnikov][SweetOps_homepage] | [![Benjamin Smith][Benbentwo_avatar]][Benbentwo_homepage]
[Benjamin Smith][Benbentwo_homepage] | [![RB][nitrocode_avatar]][nitrocode_homepage]
[RB][nitrocode_homepage] | +|---|---|---| [SweetOps_homepage]: https://github.com/SweetOps [SweetOps_avatar]: https://img.cloudposse.com/150x150/https://github.com/SweetOps.png [Benbentwo_homepage]: https://github.com/Benbentwo [Benbentwo_avatar]: https://img.cloudposse.com/150x150/https://github.com/Benbentwo.png + [nitrocode_homepage]: https://github.com/nitrocode + [nitrocode_avatar]: https://img.cloudposse.com/150x150/https://github.com/nitrocode.png [![README Footer][readme_footer_img]][readme_footer_link] [![Beacon][beacon]][website] diff --git a/README.yaml b/README.yaml index 051737e..1e6ad5d 100644 --- a/README.yaml +++ b/README.yaml @@ -81,101 +81,118 @@ usage: |- (which tests and deploys the example on AWS), see [test](test). ```hcl - - module "label" { - source = "cloudposse/label/null" - # Cloud Posse recommends pinning every module to a specific version - # version = "x.x.x" - namespace = "eg" - stage = "prod" - name = "fms" - delimiter = "-" - - tags = { - "BusinessUnit" = "XYZ", - } + module "label" { + source = "cloudposse/label/null" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" + + namespace = "eg" + stage = "prod" + name = "fms" + delimiter = "-" + + tags = { + "BusinessUnit" = "XYZ", } + } + + module "vpc" { + source = "cloudposse/vpc/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" - module "vpc" { - source = "cloudposse/vpc/aws" - # Cloud Posse recommends pinning every module to a specific version - # version = "x.x.x" + cidr_block = "10.0.0.0/16" - cidr_block = "10.0.0.0/16" + context = module.label.context + } - context = module.label.context + provider "aws" { + region = "us-east-2" + } + + provider "aws" { + region = "us-east-2" + alias = "admin" + assume_role { + role_arn = "arn:aws:xyz" } + } + + module "fms" { + source = "cloudposse/firewall-manager/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" - module "fms" { - source = "cloudposse/firewall-manager/aws" - # Cloud Posse recommends pinning every module to a specific version - # version = "x.x.x" + providers = { + aws.admin = aws.admin + aws = aws + } - security_groups_usage_audit_policies = [ - { - name = "unused-sg" - resource_type_list = ["AWS::EC2::SecurityGroup"] + security_groups_usage_audit_policies = [ + { + name = "unused-sg" + resource_type_list = ["AWS::EC2::SecurityGroup"] - policy_data = { - delete_unused_security_groups = false - coalesce_redundant_security_groups = false - } + policy_data = { + delete_unused_security_groups = false + coalesce_redundant_security_groups = false } - ] + } + ] - security_groups_content_audit_policies = [ - { - name = "maxmimum-allowed" - resource_type_list = ["AWS::EC2::SecurityGroup"] + security_groups_content_audit_policies = [ + { + name = "maxmimum-allowed" + resource_type_list = ["AWS::EC2::SecurityGroup"] - policy_data = { - security_group_action = "allow" - security_groups = [module.vpc.security_group_id] - } + policy_data = { + security_group_action = "allow" + security_groups = [module.vpc.security_group_id] } - ] - - security_groups_common_policies = [ - { - name = "disabled-all" - resource_type_list = ["AWS::EC2::SecurityGroup"] - - policy_data = { - revert_manual_security_group_changes = false - exclusive_resource_security_group_management = false - apply_to_all_ec2_instance_enis = false - security_groups = [module.vpc.security_group_id] - } + } + ] + + security_groups_common_policies = [ + { + name = "disabled-all" + resource_type_list = ["AWS::EC2::SecurityGroup"] + + policy_data = { + revert_manual_security_group_changes = false + exclusive_resource_security_group_management = false + apply_to_all_ec2_instance_enis = false + security_groups = [module.vpc.security_group_id] } - ] - - waf_v2_policies = [ - { - name = "linux-policy" - resource_type_list = ["AWS::ElasticLoadBalancingV2::LoadBalancer", "AWS::ApiGateway::Stage"] - - policy_data = { - default_action = "allow" - override_customer_web_acl_association = false - pre_process_rule_groups = [ - { - "managedRuleGroupIdentifier" : { - "vendorName" : "AWS", - "managedRuleGroupName" : "AWSManagedRulesLinuxRuleSet", - "version" : null - }, - "overrideAction" : { "type" : "NONE" }, - "ruleGroupArn" : null, - "excludeRules" : [], - "ruleGroupType" : "ManagedRuleGroup" - } - ] - } + } + ] + + waf_v2_policies = [ + { + name = "linux-policy" + resource_type_list = ["AWS::ElasticLoadBalancingV2::LoadBalancer", "AWS::ApiGateway::Stage"] + + policy_data = { + default_action = "allow" + override_customer_web_acl_association = false + pre_process_rule_groups = [ + { + "managedRuleGroupIdentifier" : { + "vendorName" : "AWS", + "managedRuleGroupName" : "AWSManagedRulesLinuxRuleSet", + "version" : null + }, + "overrideAction" : { "type" : "NONE" }, + "ruleGroupArn" : null, + "excludeRules" : [], + "ruleGroupType" : "ManagedRuleGroup" + } + ] } - ] + } + ] - context = module.label.context - } + context = module.label.context + } ``` # Example usage @@ -198,3 +215,5 @@ contributors: github: SweetOps - name: Benjamin Smith github: Benbentwo + - name: RB + github: nitrocode diff --git a/docs/terraform.md b/docs/terraform.md index 7c9bee1..edadc9c 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -4,14 +4,14 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.15.0 | -| [aws](#requirement\_aws) | >= 2.0 | +| [aws](#requirement\_aws) | >= 3.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 2.0 | -| [aws.admin](#provider\_aws.admin) | >= 2.0 | +| [aws](#provider\_aws) | >= 3.0 | +| [aws.admin](#provider\_aws.admin) | >= 3.0 | ## Modules @@ -19,7 +19,7 @@ |------|--------|---------| | [dns\_firewall\_label](#module\_dns\_firewall\_label) | cloudposse/label/null | 0.25.0 | | [firehose\_label](#module\_firehose\_label) | cloudposse/label/null | 0.25.0 | -| [firehose\_s3\_bucket](#module\_firehose\_s3\_bucket) | cloudposse/s3-bucket/aws | 0.38.0 | +| [firehose\_s3\_bucket](#module\_firehose\_s3\_bucket) | cloudposse/s3-bucket/aws | 0.44.1 | | [network\_firewall\_label](#module\_network\_firewall\_label) | cloudposse/label/null | 0.25.0 | | [security\_groups\_common\_label](#module\_security\_groups\_common\_label) | cloudposse/label/null | 0.25.0 | | [security\_groups\_content\_audit\_label](#module\_security\_groups\_content\_audit\_label) | cloudposse/label/null | 0.25.0 | diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf index 5a6705d..0068e75 100644 --- a/examples/complete/outputs.tf +++ b/examples/complete/outputs.tf @@ -1,4 +1,4 @@ -output "firewall_manager_admin_account_id" { - value = module.firewall_manager.admin_account.account_id +output "firewall_manager_admin_account" { + value = module.firewall_manager.admin_account description = "AWS Account ID of the designated admin account." } diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index bd00e3e..60cc520 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -4,7 +4,11 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 2.0" + version = ">= 3.0" + configuration_aliases = [ + aws.admin, + aws + ] } } } diff --git a/firehose.tf b/firehose.tf index 8a19cc7..fd14f46 100644 --- a/firehose.tf +++ b/firehose.tf @@ -10,7 +10,7 @@ module "firehose_label" { module "firehose_s3_bucket" { count = local.enabled && var.firehose_enabled ? 1 : 0 source = "cloudposse/s3-bucket/aws" - version = "0.38.0" + version = "0.44.1" acl = "private" enabled = true user_enabled = true diff --git a/versions.tf b/versions.tf index 326f335..60cc520 100644 --- a/versions.tf +++ b/versions.tf @@ -4,9 +4,10 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 2.0" + version = ">= 3.0" configuration_aliases = [ - aws.admin + aws.admin, + aws ] } }