Update Terraform github.com/cloudposse/terraform-aws-ec2-instance to v1 (main) - abandoned

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
github.com/cloudposse/terraform-aws-ec2-instance	module	major	tags/0.4.0 -> 1.2.1

---

Release Notes

cloudposse/terraform-aws-ec2-instance (github.com/cloudposse/terraform-aws-ec2-instance)

v1.2.1

Compare Source

🚀 Enhancements

feat(aws_instance): treat missing data on cloudwatchmetric @​haidargit (#​184)

what

The PR enables the treat_missing_data argument for the cloudwatch metric alarm resource on this ec2 module.
https://github.com/cloudposse/terraform-aws-ec2-instance/blob/bf54345e18c6c2d1d85997d3af3b73a0e03c489f/cloudwatch-alarm.tf#L11

why

Users may have specific run schedules, triggering alerts in CloudWatch, e.g., for missing data during offline periods (instance stopped state, hibernate, restart, etc.).
This treat_missing_data variable will enable the CloudWatch alarms to set custom responses, which are "missing", "ignore", "breaching" and "notBreaching", for the data gaps that occur and keep the EC2 alarms condition in a desired state.

references

• closes feature request #​130

Kindly review this PR for any possible improvements. Thank you

v1.2.0

Compare Source

feat(aws_instance): conditional IAM instance profile @​haidargit (#​182)

what

This PR enables a conditional iam_instance_profile variable for the ec2 module.

why

This feature request offers users the flexibility to decide whether to associate an IAM instance profile with their instances.

references

• closes feature request #​180

Kindly review this PR for module improvements. Thank you

v1.1.1

Compare Source

feature/disable-alarm-action @​kris-Nabis (#​145)

what

• Disables the use of Alarm Actions

why

• Unable to create the resource if execution user doesn't have iam:CreateServiceLinkedRole
• Somewhat random reboot triggers. Alarm Action reboot is triggered pretty consistently, even while EC2 Resource is not in an alarm state.

references

• closes #​131

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​175)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.1.0

Compare Source

Correct how the volume_id is selected - Fix #​165 @​it-praktyk (#​171)

what

Fix #​165 - allows create an EC2 instance with additional volumes.

why

The issue was introduced here.

The one Terraform function returns an error, that blocks creating EC2 instances with additional (non-root) volumes.

references

• The one Terraform function docs

closes #​165

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​167)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.0.0

Compare Source

• Support AWS provider V5
• Adding external ENIs

v1

Compare Source

v0.50.0

Compare Source

• AWS provider V4 Compatibility

v0.49.0

Compare Source

Adding external ENIs @​jamengual (#​159)

what

Add the ability to add external ENIs to the instance

why

For ec2 instances deployments clusters where the IPs are required to be unique and not change it is necessary to create ENIs outside of this module so that the instance termination does not change the ENI and IP attached.

references

Sync github @​max-lobur (#​156)

Rebuild github dir from the template

v0.48.0

Compare Source

• No changes

v0.47.1

Compare Source

🚀 Enhancements

Only get data.aws_ami.info if it's actually required @​y3ti (#​151)

what

• Use data.aws_ami.info only if it's actually required

why

• Fix Your query returned no results" error once the AMI ID is not listed within AWS marketplace

references

• closes #​150
• closes #​143

v0.47.0

Compare Source

Do not set iops and throughput for non-supporting volume types @​cinacio (#​142)

what

• Only set iops and throughput arguments for volume types supporting those options.

why

• According to the documentation for the aws_ebs_volume resource, the iops argument is only valid for volumes types io1, io2 & gp3.
• According to the same documentation, the throughput argument is only valid for volume type gp3.
• Setting the throughput of a gp2 volume to "0" triggers the following error

Error: expected throughput to be in the range (125 - 1000), got 0

with module.instance.aws_ebs_volume.default[0],
on .terraform/modules/instance/main.tf line 178, in resource "aws_ebs_volume" "default":
178: throughput = local.ebs_throughput

references

• closes #​137

v0.46.0

Compare Source

Adding support for secondary private ips @​vale21 (#​153)

what

• Adding support for secondary private ips to EC2 instances created with this module

why

• I cannot set secondary private IPs to my EC2 instance using your module

references

• Fixes #​152

v0.45.2

Compare Source

🚀 Enhancements

Support AWS partition for SSM resources @​dlundgren (#​148)

what

• SSM patch is currently hardcoded to aws so this doesn't work when trying to use the role with AWS GovCloud.

why

• This allows the role to work in with AWS GovCloud

references

• The cloudwatch-alarm supports the AWS GovCloud partition

v0.45.1

Compare Source

🚀 Enhancements

Turn tenancy validation message into English prose @​irl (#​144)

Adds a period at the end of the error message.

what

A single character change to make this into English prose.

why

╷
│ Error: Invalid validation error message
│ 
│   on .terraform/modules/instance/variables.tf line 378, in variable "tenancy":
│  378:     error_message = "Tenancy field can only be one of default, dedicated, host"
│ 
│ The validation error message must be at least one full sentence starting with an uppercase letter and ending with a period or question mark.
│ 
│ Your given message will be included as part of a larger Terraform error message, written as English prose. For broadly-shared modules we suggest using a similar writing style so that the overall result will be consistent.
╵

v0.45.0

Compare Source

Add ability to configure instance tenancy @​RothAndrew (#​141)

what

• Add new variable tenancy that allows user to configure instance tenancy (default (default), dedicated, or host)

why

• An organization that I work with has a security policy that requires use of dedicated tenancy. This PR adds the capability to do that when using this module.

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#tenancy
• Closes #​139

v0.44.0

Compare Source

Added support for gp3 and io2 both root and ebs volumes (fixed copy of #​117) @​tbpoetke (#​136)

what

• Added support for io2 and gp3 volumes

why

• original PR had conflicts, this will work hopefully
• io2 and gp3 are new more performant volumes therefore they should be supported

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs-ephemeral-and-root-block-devices
• Closes https://github.com/cloudposse/terraform-aws-ec2-instance/issues/114

git.io->cloudposse.tools update @​dylanbannon (#​126)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

v0.43.0

Compare Source

support-kms-key-id-for-root-volume @​woz5999 (#​128)

what

• Support customer managed kms key for block device

why

• This is supported for other EBS volumes in the module
• CMK should be supported for root device as well

v0.42.0

Compare Source

Adding in support for ec2 metadata_tags @​wschultz (#​122)

what

• This adds in an option to turn on the metadata_tags (or off, the default) inside the aws_instance metadata_options.

why

• There are options for http_endpoint, http_put_response_hop_limit and http_tokens already but not for metadata_tags. This adds that functionality.

v0.41.0

Compare Source

Support aws provider 4+ @​max-lobur (#​119)

what

• Support aws provider 4+

why

• Current default throws an error in provider 4+

on .terraform/modules/ec2\_zscaler/main.tf line 126, in resource "aws_instance" "default":
126:   private_ip                           = var.private_ip

    * for terraform provider below 4 pass `private_ip=""` explicitly

    </details>

### [`v0.40.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.40.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.39.5...0.40.0)

<details>
  <summary>add burstable_mode @&#8203;dmirubtsov (#&#8203;116)</summary>

#### What

Added `burstable_mode` for choose burstable mode for T2/T3/T4g instances. It can be "standard" or "unlimited".

#### Why

I think we should be able to manage this parameter by this module

#### References

-   [AWS docs: Burstable Performance Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html)
-   [Terraform docs: Credit Specification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#cpu_credits)

</details>

### [`v0.39.5`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.39.5)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.39.4...0.39.5)

#### 🚀 Enhancements

<details>
  <summary>Default ssh_key_pair to null @&#8203;nitrocode (#&#8203;115)</summary>

#### what
* Default ssh_key_pair to null

#### why
* If SSM is used, the ssh_key_pair shouldn't be required

#### references
N/A

</details>

### [`v0.39.4`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.39.4)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.39.3...0.39.4)

#### 🤖 Automatic Updates

<details>
  <summary>Update context.tf @&#8203;cloudpossebot (#&#8203;108)</summary>

#### what
This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label`

#### why
To support all the features of the `context` interface.
</details>

### [`v0.39.3`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.39.3)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.39.2...0.39.3)

#### 🤖 Automatic Updates

<details>
  <summary>chore(deps): update terraform cloudposse/security-group/aws to v0.3.3 @&#8203;renovate (#&#8203;109)</summary>

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [cloudposse/security-group/aws](https://registry.terraform.io/modules/cloudposse/security-group/aws) ([source](https://github.com/cloudposse/terraform-aws-security-group)) | module | patch | `0.3.2` -> `0.3.3` |

***

##### Release Notes

<details>
<summary>cloudposse/terraform-aws-security-group</summary>

##### [`v0.3.3`](https://github.com/cloudposse/terraform-aws-security-group/releases/0.3.3)

[Compare Source](https://github.com/cloudposse/terraform-aws-security-group/compare/0.3.2...0.3.3)

##### 🤖 Automatic Updates

<details>
  <summary>Update context.tf @&#8203;&#&#8203;8203;cloudpossebot (#&#&#8203;8203;21)</summary>

##### what
This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label`

##### why
To support all the features of the `context` interface.
</details>

</details>

***

##### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

***

-   \[ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box.

***

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/cloudposse/terraform-aws-ec2-instance).

</details>

### [`v0.39.2`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.39.2)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.39.1...0.39.2)

#### 🤖 Automatic Updates

<details>
  <summary>chore(deps): update terraform cloudposse/label/null to v0.25.0 @&#8203;renovate (#&#8203;107)</summary>

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [cloudposse/label/null](https://registry.terraform.io/modules/cloudposse/label/null) ([source](https://github.com/cloudposse/terraform-null-label)) | module | minor | `0.24.1` -> `0.25.0` |

***

##### Release Notes

<details>
<summary>cloudposse/terraform-null-label</summary>

##### [`v0.25.0`](https://github.com/cloudposse/terraform-null-label/releases/0.25.0)

[Compare Source](https://github.com/cloudposse/terraform-null-label/compare/0.24.1...0.25.0)

<details>
  <summary>Add "tenant", "labels_as_tags", and "descriptors" @&#8203;&#&#8203;8203;Nuru (#&#&#8203;8203;132)</summary>

##### what
- Add additional label and `id` component: `tenant`
- New input `labels_as_tags` controls which labels are exported as tags
- New input `descriptor_formats` generates new output `descriptors`
- Update README, remove link to obsolete `terraform-terraform-label`

##### why
- Support users that host resources on behalf of and/or dedicated to single customers
- Supersedes and closes #&#&#8203;8203;131, giving people control over which tags the module generates
- Simple mechanism for creating multiple identifiers from the same inputs, reducing the need to create multiple instances of `null-label`
- Document `tenant`, `labels_as_tags`, `descriptor_formats`, add additional clarification, stop promoting obsolete module

</details>

<details>
  <summary>Fix: Update README Snippets @&#8203;&#&#8203;8203;korenyoni (#&#&#8203;8203;130)</summary>

##### what
* Update README snippets to reflect use of Terraform Registry.

##### why
* Including snippets that reflect use of the Terraform Registry make it easier for users to quickly instantiate a null_label module.
* README is out of date and does not include snippets that reflect use of the Terraform Registry.

##### references
* N/A

</details>

<details>
  <summary>Bridgecrew compliance @&#8203;&#&#8203;8203;Nuru (#&#&#8203;8203;125)</summary>

##### what
- Resolve Bridgecrew compliance complaint about example Autoscaling Group (BC_AWS_GENERAL_31)
- Fix typo in README
- Include Terraform lock file in `.gitignore`

##### why
- Get clean Bridgecrew badge
- Correct confusing error
- Ensure lock files are not checked into GitHub

##### note
The PR can and should be merged into `master` to update README and Bridgecrew without triggering a new release/version. These changes have no effect on the actual module in use and a release will create unnecessary ripple effects. However, merging to `master` will update the README and badges, so is worthwhile, and the changes will move forward into the next release.

</details>

</details>

***

##### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

***

-   \[ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box.

***

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/cloudposse/terraform-aws-ec2-instance).

</details>

### [`v0.39.1`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.39.1)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.39.0...0.39.1)

#### 🤖 Automatic Updates

<details>
  <summary>chore(deps): update terraform cloudposse/security-group/aws to v0.3.2 @&#8203;renovate (#&#8203;106)</summary>

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [cloudposse/security-group/aws](https://registry.terraform.io/modules/cloudposse/security-group/aws) ([source](https://github.com/cloudposse/terraform-aws-security-group)) | module | patch | `0.3.1` -> `0.3.2` |

***

##### Release Notes

<details>
<summary>cloudposse/terraform-aws-security-group</summary>

##### [`v0.3.2`](https://github.com/cloudposse/terraform-aws-security-group/releases/0.3.2)

[Compare Source](https://github.com/cloudposse/terraform-aws-security-group/compare/0.3.1...0.3.2)

##### 🚀 Enhancements

<details>
  <summary>add missing required input (vpc_id) in the example @&#8203;&#&#8203;8203;Zaargh (#&#&#8203;8203;20)</summary>

##### what
* add missing required input `vpc_id` in the example

</details>

</details>

***

##### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

***

-   \[ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box.

***

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/cloudposse/terraform-aws-ec2-instance).

</details>

### [`v0.39.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.39.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.38.0...0.39.0)

<details>
  <summary>add iam role arn output @&#8203;sebastianmacarescu (#&#8203;105)</summary>

#### what
* Add iam role arn output

#### why
* for cross account reference in iam/bucket policies

</details>

### [`v0.38.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.38.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.37.0...0.38.0)

<details>
  <summary>Add ssm patch support @&#8203;jamengual (#&#8203;104)</summary>

#### what
* move ssm to its own file
* fix invalid resource reference

#### why
* patch fix

</details>

### [`v0.37.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.37.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.36.0...0.37.0)

<details>
  <summary>Adding SSM patch support @&#8203;jamengual (#&#8203;103)</summary>

#### what
* Add SSM log bucket access
* Add SSM policy for Patch Manager
* Allow for Custom SSM policy

#### why
* To be able to integrate with SSM patch and log the patch logs to an S3 bucket.

</details>

### [`v0.36.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.36.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.35.0...0.36.0)

<details>
  <summary>feat: add missed vars for SG module and update deps @&#8203;SweetOps (#&#8203;100)</summary>

#### what
* add missed vars for SG
* bump to SG module to 0.3.1
* update tests

#### why
* bring configuration of security group/rules to one standard

#### references
* CPCO-409

</details>

### [`v0.35.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.35.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.34.0...0.35.0)

<details>
  <summary>Fix for EBS volumes created when the instance has been disabled, plus some vars description improvement @&#8203;nnsense (#&#8203;102)</summary>

-   Fixing [#&#8203;74](https://github.com/cloudposse/terraform-aws-ec2-instance/issues/74) (EBS volumes will be created if enabled = false)
-   Fixing a wrong description provided for ebs_volume_encrypted in variables.tf
-   Changing some EBS related description to be clear those are "additional volumes"

#### what

Adding a local variable and a `&&` to the creation of the EBS volumes we can avoid the creation of the additional volumes if the instance creation has been disabled.

#### references

-   Closes [#&#8203;74](https://github.com/cloudposse/terraform-aws-ec2-instance/issues/74)

</details>

### [`v0.34.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.34.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.33.0...0.34.0)

<details>
  <summary>change network_interface to instance in aws_eip resource @&#8203;ByJacob (#&#8203;96)</summary>

#### what
* Change network_interfface to instance in aws_eip

#### why
* Unable to modify the network interface while the instance is in 'terminate' state

#### references
*  #&#8203;95

</details>

### [`v0.33.0`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.33.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.32.2...0.33.0)

<details>
  <summary>Feat: Add instance_initiated_shutdown_behavior Variable @&#8203;korenyoni (#&#8203;101)</summary>

#### what
* Add `instance_initiated_shutdown_behavior` variable

#### why
* This variable allows for more fine-grained `aws_instance` resource customization

#### references
* N/A

</details>

### [`v0.32.2`](https://github.com/cloudposse/terraform-aws-ec2-instance/releases/tag/0.32.2)

[Compare Source](https://github.com/cloudposse/terraform-aws-ec2-instance/compare/0.32.1...0.32.2)

#### 🤖 Automatic Updates

<details>
  <summary>chore(deps): update terraform cloudposse/security-group/aws to v0.3.1 @&#8203;renovate (#&#8203;99)</summary>

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [cloudposse/security-group/aws](https://registry.terraform.io/modules/cloudposse/security-group/aws) ([source](https://github.com/cloudposse/terraform-aws-security-group)) | module | minor | `0.1.4` -> `0.3.1` |

***

##### Release Notes

<details>
<summary>cloudposse/terraform-aws-security-group</summary>

##### [`v0.3.1`](https://github.com/cloudposse/terraform-aws-security-group/releases/0.3.1)

[Compare Source](https://github.com/cloudposse/terraform-aws-security-group/compare/0.3.0...0.3.1)

##### 🐛 Bug Fixes

<details>
  <summary>Restore Terraform 0.13 support, fix #&#&#8203;8203;12 @&#8203;&#&#8203;8203;Nuru (#&#&#8203;8203;15)</summary>

##### what
- Restore Terraform 0.13 support
- Fix #&#&#8203;8203;12
- Add additional tests

##### why
- Lots of people still using Terraform 0.13
- Useful, requested functionality
- Ensure against reversion of #&#&#8203;8203;12 or #&#&#8203;8203;13, protect against future issues with null values

</details>

##### [`v0.3.0`](https://github.com/cloudposse/terraform-aws-security-group/releases/0.3.0)

[Compare Source](https://github.com/cloudposse/terraform-aws-security-group/compare/0.2.0...0.3.0)

<details>
  <summary>refactor: rework value mapping for for_each and update dependencies  @&#8203;&#&#8203;8203;SweetOps (#&#&#8203;8203;11)</summary>

##### what
* rework value mapping for `for_each`
* bump minimal required version of TF to `0.14.0`
* bump terratest to `v0.32.8`

##### why
* terraform has weird limitation which blocks using of dynamic values inside the `for_each` loop 
```sh
The "for_each" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the for_each depends on.

v0.2.0

Compare Source

self conflicts with cidr_blocks error fix @​&#​8203;maximmi (#&#​8203;14)

what

• default value for self field of security group rule changed to null

why

• With the provider hashicorp/aws v3.38.0 new restrictions have been added to aws_security_group_rule resource

references

• closes #&#​8203;13
• https://github.com/hashicorp/terraform-provider-aws/issues/15606
• https://github.com/hashicorp/terraform-provider-aws/pull/18467

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

v0.32.1

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/security-group/aws to v0.1.4 @​renovate (#​88)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/security-group/aws (source)	terraform	patch	0.1.2 -> 0.1.4

---

Release Notes

cloudposse/terraform-aws-security-group

v0.1.4

Compare Source

🚀 Enhancements

Add some missing TF 0.14 updates @​&#​8203;Nuru (#&#​8203;10)

what

• Some updates included in the general TF 0.14 updates were missed. This brings the module up-to-date.

why

• Closes #&#​8203;9

v0.1.3

Compare Source

🚀 Enhancements

create md5 from sec group rule description in order to allow multiple… @​&#​8203;1david5 (#&#​8203;6)

… rules with the same port and different descriptions.

what

• This PR generates the md5 hash from the security group rule description when creating the rule map keys.

why

• This change prevents key map duplication when generating the security group rule map and there are rules with the same port and different descriptions. Example below:

main.tf

module "security_groups" 
  source = "github.com/cloudposse/terraform-aws-security-group"

  name        =  "sg_name"
  vpc_id      = "vpc-0000111122223333"
  rules       = [
        {
          type        = "ingress"
          from_port   = 22
          to_port     = 22
          protocol    = "tcp"
          cidr_blocks = "10.10.0.0/16"
          description = "Allow ssh from main office"
        },
        {
          type        = "ingress"
          from_port   = 22
          to_port     = 22
          protocol    = "tcp"
          cidr_blocks = "192.168.0.0/24"
          description = "Allow ssh from management VPC"
        },
        {
          type        = "egress"
          from_port   = 0
          to_port     = 65535
          protocol    = "all"
          cidr_blocks = ["0.0.0.0/0"]
          description = "Allow all outbound"
        }
      ]
  description = "sg_descrition"
}

ERROR

Error: Duplicate object key

  on .terraform/modules/security_groups/main.tf line 11, in locals:
   9:   rules = module.this.enabled && var.rules != null ? {
  10:     for rule in flatten(distinct(var.rules)) :
  11:     format("%s-%s-%s-%s-%s-%s-%s-%s-%s-%s",
  12:       rule.type,
  13:       rule.protocol,
  14:       rule.from_port,
  15:       rule.to_port,
  16:       lookup(rule, "cidr_blocks", null) == null ? "no_ipv4" : "ipv4",
  17:       lookup(rule, "ipv6_cidr_blocks", null) == null ? "no_ipv6" : "ipv6",
  18:       lookup(rule, "security_group_id", null) == null ? "no_ssg" : "ssg",
  19:       lookup(rule, "prefix_list_ids", null) == null ? "no_pli" : "pli",
  20:       lookup(rule, "self", null) == null ? "no_self" : "self",
  21:       lookup(rule, "description", null) == null ? "no_desc" : "desc"
  22:     ) => rule
  23:   } : {}
    |----------------
    | rule.from_port is 22
    | rule.protocol is "tcp"
    | rule.to_port is 22
    | rule.type is "ingress"

Two different items produced the key
"ingress-tcp-22-22-ipv4-no_ipv6-no_ssg-no_pli-no_self-desc" in this 'for'
expression. If duplicates are expected, use the ellipsis (...) after the value
expression to enable grouping by key.

references

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

v0.32.0

Compare Source

Add var.volume_tags_enabled @​gregnphe (#​92)

what

• Volumes are tagged the same as the EC2 instance they're created for

why

• It's helpful to tag volumes like the instance they're used on
• Untagged volumes can accumulate and become difficult to manage

references

• closes #​90

v0.31.0

Compare Source

Remove use of deprecated null_data_source @​bwmetcalf (#​94)

Moved logic from null_data_source into definition of locals.public_dns.

null_data_source is now deprecated (using tf 0.14.5) and throws warnings. See PR below.

https://registry.terraform.io/providers/hashicorp/null/latest/docs/data-sources/data_source

https://github.com/cloudposse/terraform-aws-ec2-instance/issues/93

v0.30.4

Compare Source

🚀 Enhancements

Adding metadata hop limit @​jamengual (#​89)

what

• Adding metadata hop limit

why

• when metadata option tokens enable the max hop needs to be higher than 1 for an instance to be able to call the metadata endpoint

v0.30.3

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/security-group/aws to v0.1.2 @​renovate (#​87)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/security-group/aws (source)	terraform	patch	0.1.1 -> 0.1.2

---

Release Notes

cloudposse/terraform-aws-security-group

v0.1.2

Compare Source

🤖 Automatic Updates

Update context.tf @​&#​8203;cloudpossebot (#&#​8203;3)

what

This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label

why

To support all the features of the context interface.

v0.30.2

Compare Source

🤖 Automatic Updates

context.tf updated to v0.24.1, minimum required Terraform version bumped to 0.13.0 when needed, readme updated @​maximmi (#​85)

what

• update context.tf to v0.24.1
• minimum required Terraform version bumped to 0.13.0
• readme updated, Bridgecrew compliance badges added

why

• It allows for setting the letter case of tag names and labels, back compatibility with context v0.22.0 and below
• we have dropped support for Terraform 0.12
• To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant

v0.30.1

Compare Source

🤖 Automatic Updates

Update context.tf @​cloudpossebot (#​86)

what

This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label

why

To support all the features of the context interface.

v0.30.0

Compare Source

minimum required Terraform version bumped to 0.13.0, context.tf updated, readme updated @​maximmi (#​83)

what

• update context.tf to v0.23.0
• minimum required Terraform version bumped to 0.13.0
• readme updated, Bridgecrew compliance badges added

why

• It allows for setting the letter case of tag names and labels
• we have dropped support for Terraform 0.12
• To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant

v0.29.0

Compare Source

feat: use security-group module to provision AWS SG @​SweetOps (#​82)

what

• use security-group module to provision AWS SG

why

• module is much more flexible than current implementation
• CPCO-386

v0.28.0

Compare Source

readme updated, BridgeCrew compliance fixes @​maximmi (#​81)

what

• BridgeCrew compliance checks fix
• readme updated
• default behaviour changed: Public IP for EC2 instance disabled by default
• default behaviour changed: Instance Metadata Service Version 2 forced by default
• default behaviour changed: Encryption of the root block device enabled by default
• default behaviour changed: Encrypt EBS Volume enabled by default

why

• To be able to position our modules as standards compliant
• stay in sync with code
• To comply BridgeCrew check

references

• https://docs.bridgecrew.io/docs/public_12
• https://docs.bridgecrew.io/docs/general_13
• https://docs.bridgecrew.io/docs/bc_aws_general_31
• https://docs.bridgecrew.io/docs/general_3-encrypt-eps-volume

v0.27.1

Compare Source

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​78)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.27.0

Compare Source

Terraform 0.14 upgrade @​maximmi (#​80)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.26.0

Compare Source

update context and tf .14 support @​woz5999 (#​77)

what

fixes and updates for tf 0.14 compatibility

v0.25.0

Compare Source

Wait for en external instance profile to be created before attempting to read it using data source @​aknysh (#​73)

what

• Wait for en external instance profile to be created before attempting to read it using data source

why

• When creating an instance profile and passing it into this module, the data lookup fails because the instance profile has not yet been created. The following error occurs when running terraform plan:

Error: Error getting instance profiles: NoSuchEntity: Instance Profile test cannot be found.
	status code: 404, request id: fcf2a09c-bfb3-4041-babd-95133304cf34

  on .terraform/modules/ec2_bug/main.tf line 73, in data "aws_iam_instance_profile" "given":
  73: data "aws_iam_instance_profile" "given" {

related

• Closes #​72

references

• https://github.com/hashicorp/terraform-guides/tree/master/infrastructure-as-code/terraform-0.13-examples/module-depends-on

note

• Same result could be achieved using TF 0.13 depends_on for modules, but we support TF 0.12 as well, that's why we added "Fake Resource/Module Dependencies"

v0.24.0

Compare Source

Add `user_data_base64` to inputs. Add `arn` to outputs @​aknysh (#​71)

what

• Add user_data_base64 to inputs
• Add arn to outputs

why

• user_data_base64 can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption

• Instance ARN is required for https://aws.amazon.com/backup/

v0.23.0

Compare Source

Update the example to `context.tf` @​aknysh (#​70)

what

• Update the example to context.tf

why

• Missed in the last PR

v0.22.0

Compare Source

Update to `context.tf`. Update provider pinning. Update Terratest. Update GitHub Actions. Add UDP ingress rule @​aknysh (#​69)

what

• Update to context.tf
• Update provider pinning
• Update Terratest
• Update GitHub Actions
• Add UDP ingress rule

why

• Standardization and interoperability
• Keep the module up to date

related

• Closes #​59
• Closes #​62
• Closes #​68

v0.21.1

Compare Source

v0.21.0

Compare Source

v0.20.0

Compare Source

v0.19.0

Compare Source

v0.18.0

Compare Source

v0.17.0: don't lookup default ami if ami specified

Compare Source

what

• skips the default ami data source lookup if the variable ami is specified.

why

• The default AMI doesn't exist in govcloud regions. The module currently always looks up the default AMI, resulting in an whenever the module is used in a govcloud account

v0.16.0: use datasource for aws partition

Compare Source

what

• use datasource to retrieve aws_partition

why

• the hardcoded aws partition breaks when creating resources in govcloud

v0.15.0: Fix IPv6 aws_instance default value

Compare Source

what

• Using null rather than 0 or an empty set allows the defaults to stick safely

why

• Currently, instances being launched on subnets that have a default of assigning an ipv6 address find themselves in a situation where terraform believes they need to be recreated at each run

v0.14.0: Fix broken public_ip output

Compare Source

what

• Changing the handling of the public_ip-output to use concat instead of coalesce

why

• Coalesce breaks with 0.12 when the resource returns an empty tuple.

v0.13.0: Allow a permissions boundary to be attached; "name" output added

Compare Source

what

• name output added
• Allow a permissions boundary to be attached

why

• name is sometimes useful to have in output
• as these things are useful, but must be attached to the role at creation

v0.12.0: Fix comparison

Compare Source

what

• Fix comparison

why

• Typo (leftover from TF 0.11 code)

v0.11.0: Convert to TF 0.12. Add tests. Add Codefresh test pipeline

Compare Source

what

• Port module to Terraform 0.12
• Pin all providers
• Add example for testing
• Add bats and terratest for the example
• Add Codefresh badge to point to the test pipeline in terraform-modules project
• Update README

why

• Module currently does not work with 0.12. Much easier syntax
• Better regression control
• Automatically test the example on every commit and pull request
• Provision resources on AWS in the test account and check the outputs for the correct values
• terraform-modules project contains pipelines for all terraform modules

v0.10.0: Add tags to EIP

Compare Source

what

• Add tags to EIP

why

• EIP support tags and are now correctly tagged

v0.9.0: Remove network_interface_id output

Compare Source

what

• Remove network_interface_id output

why

• No longer supported https://www.terraform.io/docs/providers/aws/r/instance.html
• Closes #​37

v0.8.0: Use owners with data.aws_ami.info

Compare Source

what

• Use owners with data.aws_ami.info

why

• The latest terraform-aws-provider appears to require this, either supply it in case we're using the default AMI, or allow the user to provide it

v0.7.6: Update readme yaml file and rebuild md

Compare Source

what

• updated README.yaml file
• add tags and categories
• rebuild README.md file

why

• need to add categories and tags so we can pull them into the documentation

v0.7.5: Regenerate README.md

Compare Source

what

• Regenerate README.md

why

• Previous version of build-harness has some typos

v0.7.4: Migrate to README.yaml format

Compare Source

what

• Add README.yaml

why

• Standardize README

v0.7.3

Compare Source

what

Update Ubuntu default version to Bionic

why

It's the newest Ubuntu LTS version

v0.7.2

Compare Source

what

• Remove map from the tags

why

• maps in dynamically calculated counts introduce circular dependencies across TF modules

references

hashicorp/terraform#13980
hashicorp/terraform#10857
hashicorp/terraform#12570
hashicorp/terraform#17048

I know this issue has been discussed time and again (Ex: #​12570) and that if a module has a map variable and has interpolation inside this map variable, count inside a module results in value of ‘count’ cannot be computed. What puzzles me is that this error occurs when terraforming a new environment but not any existing environment!

v0.7.1

Compare Source

What

• Fix outputs
• Update README

Why

• Use splat+join pattern for outputs from the modules with counts

v0.7.0

Compare Source

Allow associating a public IP to the instance without assigning an Elastic IP

what

• Allow associating a public IP to the instance without assigning an Elastic IP

why

• To separately control public and Elastic IPs
• A public IP could be associated to the instance without assigning an Elastic IP

v0.6.1

Compare Source

Use string comparison for booleans

what

• Use string comparison for booleans

why

• Terraform does not work correctly with boolean values
• Using strings instead of booleans is recommended

v0.6.0

Compare Source

v0.5.1

Compare Source

v0.5.0: Inherit aws_instance inputs and outputs

Compare Source

What

• Utilize all aws_instance attributes and arguments

Why

• We want to be compatible with TF resources

v0.4.1: Add additional ENIs with EIPs capability

Compare Source

What

• Add additional ENIs with EIPs capability
• Add .travis.yml manifest

Why

• In case we're using terraform-aws-ec2-instance we need option to have additional ENIs with EIPs for full NAT

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

[hans-d]

see #34

[renovate]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.