Releases: cloudposse/terraform-aws-ec2-client-vpn
v0.12.1
🤖 Automatic Updates
Update Terraform cloudposse/security-group/aws to v1 @renovate (#42)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/security-group/aws (source) | module | major | 0.4.3 -> 1.0.0 |
Contributors
Assets 2
v0.12.0
Add longer timeouts to aws_ec2_client_vpn_route @rpadovani (#40)
Default timeout for aws_ec2_client_vpn_route is 1 minute for all operations.
Trying to attach routes in eu-central-1 for a peered VPC, it constantly fails with:
│ Error: error waiting for EC2 Client VPN Route (cvpn-endpoint-xxx,subnet-yyy,10.100.0.0/16) create: timeout while waiting for state to become 'active' (last state: 'creating', timeout: 1m0s)
│
│ with module.ec2_client_vpn[0].aws_ec2_client_vpn_route.default[0],
│ on .terraform/modules/ec2_client_vpn/main.tf line 242, in resource "aws_ec2_client_vpn_route" "default":
│ 242: resource "aws_ec2_client_vpn_route" "default" {
and
│ Error: error waiting for EC2 Client VPN Route (cvpn-endpoint-xxx,subnet-yyy,10.100.0.0/16) delete: timeout while waiting for resource to be gone (last state: 'deleting', timeout: 1m0s)
With this commit, we increment the timeout to 5 minutes. In my experiments, the route is always available in around 90 seconds. 5 minutes gives us plenty of time, and still is not too long to wait in case of problems.
Upstream issue: hashicorp/terraform-provider-aws#23787
I think fixing here is good, until we wait for an upstream improvement, because I am currently blocked
what
- Increase Terraform timeouts for
aws_ec2_client_vpn_route
why
- Route creation fails constantly due to timeout, leaving the resources tainted
references
Contributors
Assets 2
v0.11.2
🤖 Automatic Updates
Update Terraform cloudposse/cloudwatch-logs/aws to v0.6.5 @renovate (#39)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/cloudwatch-logs/aws (source) | module | patch | 0.6.4 -> 0.6.5 |
Release Notes
cloudposse/terraform-aws-cloudwatch-logs
v0.6.5
🚀 Enhancements
Add policy boundary and enable_tags for iam resouces @jamengual (#32)
#### what * Add policy boundary to cloudwatch IAM resources * Updating to new tags_enabled variable from I am role module #### why * to pass policy_boundary and to add the ability to disable tags for IAM resources #### references * https://github.com/cloudposse/terraform-aws-iam-role/pull/44Contributors
Assets 2
v0.11.1
Add `session_timeout_hours` option @rpadovani (#38)
what
Add session_timeout_hours option, to be able to define after how many hours clients should reauthenticate.
why
- I need such an option
references
Restore automatic github/update @Nuru (#36)
what
- Restore automatic github/update
why
- Included in #35 was an update to
auto-readmeto be used to validate the fix. In order to keep the fix from being reverted bypr/auto-format, the PR included a file to prevent auto-updates to workflows. Now that the fix is part of the auto update, we can and should restore auto-updates to this project.
references
Contributors
Assets 2
v0.11.0
Add self service portal @nitrocode (#35)
what
- Add self service portal
- Update tests to current standard for
go1.17 - Update workflows
why
- Allow users to customize the portal when connecting to the client vpn
- Routine maintenance
references
- Closes #34
- https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_client_vpn_endpoint
module "client_vpn" {
source = "git::https://github.com/cloudposse/terraform-aws-ec2-client-vpn.git?ref=portal"
# ...
}Contributors
Assets 2
v0.10.10
🚀 Enhancements
Removed var.internet_access_enabled @pwilczynskiclearcode (#32)
what
- Removed
var.internet_access_enabledfrom documentation. It is a leftover from code changes done in many commits behind.
Contributors
Assets 2
v0.10.9
🚀 Enhancements
fix dns_servers description @kpankonen (#27)
what
- The default for
dns_serversis to use the client's DNS not the VPC
references
Contributors
Assets 2
v0.10.8
🚀 Enhancements
Fix: Change Type of `authorization_rules` to `any` @nitrocode (#29)
what
- Change auth rules interface to any instead of an explicit object
why
- Requests came in so we dont have to set
access_group_idandauthorize_all_groupsif one of them has to explicitly be set tonull. With this PR merged, we can omit the unused key completely.
references
N/A
Contributors
Assets 2
v0.10.7
🚀 Enhancements
Self Signed Certs all have hardcoded names, not allowing for multiple Client VPNs in a region @garrinmf (#24)
what
The certificate names are all hardcoded, not allowing modification via context.
why
In order to have multiple Client VPNs in the same region, the keys stored in SSM need to be unique, the hardcoded approach doesn't allow this.
I really don't know best practices around backwards compatibility or naming in general, just that the way it is doesn't allow for specifying unique names for the stored SSM keys. let me know if a different approach would work better.
references
- Closes #31
- Upstream fix to use id instead of name cloudposse/terraform-aws-ssm-tls-self-signed-cert#10
Contributors
Assets 2
v0.10.6
🤖 Automatic Updates
Update Terraform cloudposse/cloudwatch-logs/aws to v0.6.4 @renovate (#28)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/cloudwatch-logs/aws (source) | module | patch | 0.6.3 -> 0.6.4 |
Release Notes
cloudposse/terraform-aws-cloudwatch-logs
v0.6.4
🤖 Automatic Updates
Update Terraform cloudposse/iam-role/aws to v0.15.0 @renovate (#29)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/iam-role/aws (source) | module | minor | 0.14.1 -> 0.15.0 |
Release Notes
cloudposse/terraform-aws-iam-role
##### [`v0.15.0`](https://togithub.com/cloudposse/terraform-aws-iam-role/releases/0.15.0)allow to set role and policy path @​1david5 (#​40)
##### what * Add `path` argument to role and policy resources ##### why * Allow users to set path for role and policyConfiguration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by WhiteSource Renovate. View repository job log here.
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by WhiteSource Renovate. View repository job log here.