Skip to main content

Gruntwork release 2023-04

Guides / Update Guides / Releases / 2023-04

This page is lists all the updates to the Gruntwork Infrastructure as Code Library that were released in 2023-04. For instructions on how to use these updates in your code, check out the updating documentation.

Here are the repos that were updated:

aws-sample-app

v0.1.0

Published: 4/28/2023 | Release notes

The Docker Compose YAML files in this repository have been patched to be compatible with Docker Compose V2, since Docker Compose V1 will be deprecated as of June 2023. As part of migrating to Docker Compose V2, you MUST stop using the V1 docker-compose command (note the hyphen between docker and compose) and instead install the Docker Compose plugin separately.

The new signature for Docker Compose is docker compose <command> (Not the absence of a hyphen between docker and compose).

Full Changelog: https://github.com/gruntwork-io/aws-sample-app/compare/v0.0.7...v0.1.0

gruntwork

v0.4.17

Published: 4/18/2023 | Release notes

Full Changelog: https://github.com/gruntwork-io/gruntwork/compare/v0.4.16...v0.4.17

v0.4.16

Published: 4/7/2023 | Release notes

Full Changelog: https://github.com/gruntwork-io/gruntwork/compare/v0.4.15...v0.4.16

v0.4.15

Published: 4/3/2023 | Release notes

patcher-cli

v0.2.2

Published: 4/28/2023 | Release notes

  • Remove limitation of Patcher only scanning modules where the source is from gruntwork-io.
  • Add new context variable PATCHER_IS_CIS_CUSTOMER, so CIS patches can be skipped for non-CIS customers
  • Performance enhancements: extract dependencies in parallel.

v0.2.0

Published: 4/4/2023 | Release notes

  • This release adds the patcher report command that checks which Gruntwork maintained modules you are using, whether there are newer versions available for those modules, and lets you view the change log for those modules.
  • This release also introduces a new and improved UI
  • Note: this version does not support patcher upgrade cis, if you are a CIS customer looking to upgrade then you should use Patcher v0.1.2

repo-copier

v0.2.3

Published: 4/27/2023 | Release notes

v0.2.2

Published: 4/17/2023 | Release notes

Full Changelog: https://github.com/gruntwork-io/repo-copier/compare/v0.2.1...v0.2.2

terraform-aws-architecture-catalog

v0.0.35

Published: 4/27/2023 | Release notes

v0.0.34

Published: 4/11/2023 | Release notes

terraform-aws-asg

v0.21.5

Published: 4/26/2023 | Modules affected: server-group | Release notes

  • Added existing_iam_role_name variable to allow a pre-existing role instead of creating a new role for each server-group instance.

v0.21.4

Published: 4/25/2023 | Modules affected: server-group | Release notes

  • Allow Changing Role Name Prefixes

v0.21.3

Published: 4/24/2023 | Modules affected: server-group | Release notes

  • Add 'Depends On' for the rolling_deployment

v0.21.2

Published: 4/10/2023 | Modules affected: server-group, asg-rolling-deploy | Release notes

  • server-group: Make aws_region optional
  • asg-rolling-deploy: add support for static ASG names

terraform-aws-cache

v0.19.3

Published: 4/12/2023 | Modules affected: memcached, redis, elastic-cache | Release notes

  • Simplify the example for memcache module.
  • Simplify the example for redis module
  • Enable RBAC group id for replication groups/clusters
  • Fix inverse check prevented user group attachment
  • Explicitly set aws_elasticache_replication_group depends on aws_elast…
  • Remove deleted variables from the upgrade tests.
  • Create a new variable to configure log_delivery_configuration
  • Refactor elastic cache
  • Enhance default user group handling

v0.19.2

Published: 4/7/2023 | Modules affected: redis | Release notes

Full Changelog: https://github.com/gruntwork-io/terraform-aws-cache/compare/v0.19.1...v0.19.2

terraform-aws-ci

v0.51.8

Published: 4/26/2023 | Modules affected: monorepo-helpers | Release notes

  • Fix default value for --target-ref flag

v0.51.7

Published: 4/26/2023 | Modules affected: monorepo-helpers | Release notes

  • Implement target_ref flag and plumb through commands

v0.51.6

Published: 4/6/2023 | Modules affected: install-jenkins, jenkins-server | Release notes

  • Add drop_invalid_header_fields parameter to jenkins-server

v0.51.5

Published: 4/5/2023 | Modules affected: infrastructure-deploy-script | Release notes

  • Include error when DeployError is thrown in infrastructure-deploy-script

v0.51.4

Published: 4/4/2023 | Modules affected: ecs-deploy-runner, gruntwork-module-circleci-helpers | Release notes

  • Add usage of tgswitch to install terragrunt in ECS Deploy Runner
  • Docker images building documentation update
  • CICD contexts update

terraform-aws-cis-service-catalog

v0.46.0

Published: 4/27/2023 | Modules affected: observability/cloudtrail | Release notes

  • Update terraform-aws-security version for observability/cloudtrail module to v0.68.1, which fixes S3 ACL issues for new buckets

v0.45.1

Published: 4/27/2023 | Modules affected: None | Release notes

  • Pass the new --target-ref flag with a value of origin/master. This is required as terraform-aws-cis-service-catalog uses the master branch as its default, but the monorepo helper find-tf-monorepo-tests defaults to using origin/main for the target-ref which caused an error in this repository.

v0.45.0

Published: 4/25/2023 | Modules affected: security | Release notes

  • Explicitly set bucket ownership and ACL for Macie S3 bucket

v0.44.3

Published: 4/17/2023 | Modules affected: data-stores | Release notes

  • Add missing variable for SNS topic ARNs to provision RDS Cloudwatch alarms
  • Refactor CI contexts
  • Ignore CHANGELOG.md file when comparing generated modules
  • Update for-production examples for architecture catalog
  • Remove Patcher references at renovate config

terraform-aws-data-storage

v0.27.0

Published: 4/20/2023 | Modules affected: lambda-cleanup-snapshots, lambda-copy-shared-snapshot, lambda-create-snapshot, lambda-share-snapshot | Release notes

  • lambda-cleanup-snapshots
  • lambda-copy-shared-snapshot
  • lambda-create-snapshot
  • lambda-share-snapshot
  • aurora
  • rds
  • redshift

Full Changelog: https://github.com/gruntwork-io/terraform-aws-data-storage/compare/v0.26.0...v0.27.0

terraform-aws-ecs

v0.35.2

Published: 4/25/2023 | Modules affected: ecs-cluster, ecs-service | Release notes

  • Explicitly cast --timeout as integer, to avoid TypeError between float and str in roll-out-ecs-cluster-update script
  • Expose ability to set ephemeral_storage on ecs-service module

terraform-aws-eks

v0.58.2

Published: 4/20/2023 | Modules affected: eks-container-logs | Release notes

  • Update default eks-container-logs module helm chart version to 0.1.23

v0.58.1

Published: 4/20/2023 | Modules affected: eks-cluster-control-plane | Release notes

  • Expose kubernetes_network_config configuration on EKS control plane module

v0.58.0

Published: 4/15/2023 | Modules affected: eks-k8s-karpenter | Release notes

v0.57.3

Published: 4/15/2023 | Modules affected: eks-aws-auth-merger | Release notes

v0.57.2

Published: 4/15/2023 | Modules affected: eks-aws-auth-merger | Release notes

v0.57.1

Published: 4/15/2023 | Modules affected: tests | Release notes

  • Kubernetes has removed policy/v1beta1 in 1.25 PodDisruptionBudget. Updates to the nginx deployment sample.

terraform-aws-lambda

v0.21.8

Published: 4/7/2023 | Modules affected: lambda-edge, lambda | Release notes

  • Added optional properties for security group replacement. This can improve deletion speed in some cases.

terraform-aws-load-balancer

v0.29.6

Published: 4/25/2023 | Modules affected: alb | Release notes

  • Add enable_waf_fail_open variable to alb

v0.29.5

Published: 4/24/2023 | Release notes

  • chore(CORE-842): Update load-balancer-access-logs version to latest (in order to fix an issues with S3 ACL creation)

v0.29.4

Published: 4/11/2023 | Modules affected: lb-listener-rules, alb | Release notes

  • Add missing descriptions for LB-listener-rules + fix outputs
  • Add xff-header variables to ALB module

terraform-aws-messaging

v0.11.0

Published: 4/7/2023 | Release notes

Full Changelog: https://github.com/gruntwork-io/terraform-aws-messaging/compare/v0.10.0...v0.10.2

terraform-aws-monitoring

v0.36.0

Published: 4/21/2023 | Modules affected: logs/load-balancer-access-logs | Release notes

  • Explicitly set bucket ownership and ACL for load balancer access logs S3 bucket

terraform-aws-openvpn

v0.26.0

Published: 4/21/2023 | Modules affected: openvpn-server | Release notes

  • Update openvpn-server module to explicitly set the ACL to private and object ownership to BucketOwnerPreferred on the backups bucket

terraform-aws-security

v0.68.1

Published: 4/27/2023 | Modules affected: ntp | Release notes

  • Update chrony startup command

v0.68.0

Published: 4/25/2023 | Modules affected: aws-config-bucket, cloudtrail-bucket, private-s3-bucket | Release notes

  • Make ACL required to combat bucket AccessControlListNotSupported errors

v0.67.10

Published: 4/25/2023 | Modules affected: cross-account-iam-roles, iam-groups, iam-policies, ssh-grunt | Release notes

  • Remove references to Gruntwork Houston

v0.67.9

Published: 4/20/2023 | Modules affected: aws-config-bucket, cloudtrail-bucket, cloudtrail, private-s3-bucket | Release notes

  • Fix S3 ACLs test failures

v0.67.8

Published: 4/11/2023 | Modules affected: ssh-grunt | Release notes

  • Increment installed version of go to 1.18.6 in CI

v0.67.7

Published: 4/5/2023 | Modules affected: os-hardening, ssh-grunt | Release notes

  • Update OS hardening logic
  • Increase root volume size to fix ssh-grunt tests
  • Remove billing policy that breaks tests
  • Update to golang 1.18

terraform-aws-service-catalog

v0.104.1

Published: 4/28/2023 | Modules affected: mgmt, base, services | Release notes

  • Add tests for Gruntwork Pipelines examples
  • Update CICD pipeline image to cimg/python:v3.11.2
  • Update Helm to v3.11.2
  • Update terraform-aws-utilities to v0.9.1
  • Update terraform cloudinit provider to v2.3.2
  • Update to Packer to v1.8.6
  • Update terraform helm provider to < 2.9.1
  • Update lambda example test docker image to public.ecr.aws/lambda/python:v3.10

v0.104.0

Published: 4/27/2023 | Modules affected: data-stores/aurora, data-stores/backup-plan, data-stores/backup-vault, data-stores/lambda-cleanup-snapshots | Release notes

  • Update terraform-aws-data-storage to v0.26.0
    • Upgrade the AWS provider version to 4.22.0
    • Convert Security Group Rules for Aurora to use for_each
    • Added support for custom final snapshot for Aurora
    • Added boundary policy in creation of enhancement monitoring IAM role for RDS
  • Fixed the find-all-tests-to-run script
  • Updated the for-production examples for architecture catalog
  • Updated Tailscale README

v0.103.2

Published: 4/27/2023 | Modules affected: services | Release notes

  • Updates fluentbit modules to eks-container-logs v0.58.2. This fixes a compatibility issue for Kubernetes 1.25 due to an older version of the aws-for-fluent-bit Helm chart referencing PodSecurityPolicy in policy/v1beta1.

v0.103.1

Published: 4/27/2023 | Modules affected: mgmt, services, data-stores | Release notes

  • Update kubergrunt version to latest in SC
  • Bump s3-bucket module ref

v0.103.0

Published: 4/26/2023 | Modules affected: mgmt, networking, services | Release notes

  • Updates to latest versions of modules that were impacted by S3 ACL issues

v0.102.16

Published: 4/25/2023 | Modules affected: mgmt, networking, services | Release notes

  • Update EKS module to release v0.57.0 which supports Kubernetes 1.25
  • Prevent CIS RDS Patch to switch for non-CIS subscribers

v0.102.15

Published: 4/20/2023 | Release notes

  • Pipelines example (for-learning-testing/gruntwork-pipelines): Refactor GitHub PAT secret management to simplify deployment.

v0.102.14

Published: 4/20/2023 | Modules affected: data-stores | Release notes

  • Support aurora severless v2
  • Update data stores examples to latest version of terraform-aws-security

v0.102.13

Published: 4/19/2023 | Modules affected: mgmt | Release notes

  • Add ability to optionally pass Tailscale tags in to tailscale subnet router which will be advertised to allow for tag based ACLs

v0.102.12

Published: 4/18/2023 | Modules affected: networking, services | Release notes

  • Update terraform github.com/gruntwork-io/terraform-aws-eks to v0.56.4

v0.102.11

Published: 4/12/2023 | Modules affected: data-stores/s3-bucket | Release notes

v0.102.10

Published: 4/6/2023 | Modules affected: services | Release notes

  • [CORE-669] Update version for k8s-namespace. Add networking permissions to helm's services-access role.

v0.102.9

Published: 4/6/2023 | Modules affected: mgmt, services, data-stores, base | Release notes

  • allow overriding bucket name for public website service
  • [CORE-522] Expose s3 bucket's versioning config
  • Extended tag support for a few data-stores related modules
  • chore(deps): update terraform github.com/gruntwork-io/terraform-aws-monitoring to v0.35.8
  • chore(deps): update gh orb to v2.2.0
  • chore(deps): update module github.com/mattn/go-zglob to v0.0.4
  • chore(deps): update module github.com/stretchr/testify to v1.8.2

v0.102.8

Published: 4/4/2023 | Modules affected: data-stores, mgmt, networking, services | Release notes

  • Update for-production examples from architecture catalog
  • Patcher 121, Patcher-122 change log updates
  • Remove Patcher references at renovate config
  • Add lookup for ebs_volume size in ec2-server module aws_ebs_volume resource

terraform-aws-static-assets

V0.17.0

Published: 4/25/2023 | Modules affected: s3-static-website, s3-cloudfront | Release notes

  • Upgrade lambda runtime to python 3.9 in cloudfront-s3-public example
  • Update modules for S3 ACL changes

terraform-aws-vpc

v0.23.0

Published: 4/21/2023 | Modules affected: vpc-flow-logs | Release notes

  • Update vpc-flow-logs module to explicitly set ACL to private and object ownership to BucketOwnerPreferred on the S3 bucket for vpc flow logs.

v0.22.8

Published: 4/17/2023 | Modules affected: vpc-app | Release notes

  • vpc-app: Add output for default route table

v0.22.7

Published: 4/11/2023 | Modules affected: vpc-app | Release notes

  • Add var for IPAM pool id