Releases: cloudposse-archives/terraform-aws-teleport-storage
Releases · cloudposse-archives/terraform-aws-teleport-storage
0.4.0: Added IAM role session duration (#9)
* Added IAM role session duration
* Added IAM role session duration
* Added descriptions
* Update README
* Update README
0.3.0
Teleport 4 requires stream view for cluster state table (#8)
0.2.0
Use separate Dynamo tables for cluster state and audit event logs (#6)
0.1.4
what
- Provision a DynamoDB table for Teleport storage backend
why
- We need to provision and control all AWS resources from the same TF config
0.1.3
what
- Remove
dynamodb_table_name variable
why
0.1.2
what
- Autogenerate DynamoDB table name
- Add
dynamodb_table_name output
why
- The generated table name will be used in Teleport to create the table automatically
- Use the
label pattern to generate resource names
0.1.1
what
- Add S3 IAM role and policy
- Add DynamoDB IAM role and policy
why
- To allow
Teleport Auth services to use the S3 bucket as session logs storage
- To allow
Teleport to create and access a DynamoDB table to use as storage backend
0.1.0
what
Terraform module to provision DynamoDB and S3 storage for Gravitational's Teleport
why
Using DynamoDB as a storage backend allows highly available deployments.
Using S3 for session storage in Teleport has many advantages:
- Encryption at rest
- Versioned objects
- Lifecycle Support to expunge old sessions (e.g. after 2 years)
- Extreme Availability & Durability
- Zero Maintenance
- Glacier
- Cross Region Replication
- S3 Bucket could be owned by tamper-proof AWS Audit Account
- Easily prevent deletions
- Audit Trails, Access Logs via Cloud Trails
