Releases: cloudposse/terraform-aws-eks-cluster
v4.5.0
Add support for upgrade policy configuration @z0rc (#245)
## whatAdd module variable to set aws_eks_cluster
's upgrade_policy
.
why
I need to be able to downgrade EKS support policy from default "Extedned" to "Standard".
references
Summary by CodeRabbit
-
New Features
- Introduced a new input parameter
upgrade_policy
for configuring the support policy of the EKS cluster. - Added a new variable
zonal_shift_config
to the Terraform configuration.
- Introduced a new input parameter
-
Documentation
- Updated README and Terraform documentation to include details about the new
upgrade_policy
input. - Enhanced clarity and comprehensiveness of existing inputs and outputs documentation.
- Added examples for the
upgrade_policy
configuration in the fixtures and variable files.
- Updated README and Terraform documentation to include details about the new
-
Bug Fixes
- Updated default values for existing variables to improve clarity and usability.
v4.4.1
Add support for zonal shift configuration @z0rc (#243)
## whatAdd support of zonal shift config for the cluster. Closes #242
why
See linked ticket.
references
See linked ticket.
additional info
<br>
to <br/>
changes are caused by new version of terraform-docs
and are intended, see terraform-docs/terraform-docs#787
🤖 Automatic Updates
Update terratest to '>= 0.46.0' @osterman (#232)
## what - Update terratest `>= 0.46.0`why
- Support OpenTofu for testing
References
- https://github.com/gruntwork-io/terratest/releases/tag/v0.46.0
- DEV-374 Add opentofu to all our Terragrunt Testing GHA matrix
Migrate new test account @osterman (#240)
## what - Update `.github/settings.yml` - Update `.github/chatops.yml` fileswhy
- Re-apply
.github/settings.yml
from org level to getterratest
environment - Migrate to new
test
account
References
- DEV-388 Automate clean up of test account in new organization
- DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
- DEV-386 Update terratest to use new testing account with GitHub OIDC
v4.4.0
🚀 Enhancements
feat: Add support bootstrap_self_managed_addons @sergeyrudenko111 (#236)
## what- Add support of
bootstrap_self_managed_addons
foraws_eks_cluster
resource
why
- This change will provide an opportunity to not bootstrap default networking addons for new cluster
references
v4.3.0
feat: Add missed tags @MaxymVlasov (#235)
## whatAdd tags to resources where they missed
🤖 Automatic Updates
v4.2.0
add cloudwatch_log_group_class config @peter-novata (#229)
what
- Add configuration option for the cloudwatch log infrequent access
why
terraform AWS provider added support for the recent cloudwatch log infrequent access feature which reduces cloudwatch log costs by up to 50%
references
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group.html#log_group_class
https://aws.amazon.com/blogs/aws/new-amazon-cloudwatch-log-class-for-infrequent-access-logs-at-a-reduced-price/
🤖 Automatic Updates
v4.1.1
Add Service IPv4 CIDR to output @z0rc (#227)
what
Implements #226.
why
See linked issue.
references
See linked issue.
Update/enhance migration documentation @Nuru (#218)
what
- Update/enhance v3 to v4 migration documentation
- Add
.editorconfig
why
- Add more information that may be helpful
- Maintain consistent formatting, particularly with regard to line endings and trailing whitespace, reducing the number of meaningless changes introduced when editing
🚀 Enhancements
Bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 in /test/src @dependabot (#222)
Bumps github.com/hashicorp/go-getter from 1.7.3 to 1.7.4.
Release notes
Sourced from github.com/hashicorp/go-getter's releases.
v1.7.4
What's Changed
- Escape user-provided strings in
git
commands hashicorp/go-getter#483- Fixed a bug in
.netrc
handling if the file does not exist hashicorp/go-getter#433Full Changelog: hashicorp/go-getter@v1.7.3...v1.7.4
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
🤖 Automatic Updates
Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#225)
what
- Update workflows (
.github/workflows
) to addissue: write
permission needed by ReviewDogtflint
action
why
- The ReviewDog action will comment with line-level suggestions based on linting failures
Bump golang.org/x/net from 0.21.0 to 0.23.0 in /test/src @dependabot (#221)
Bumps golang.org/x/net from 0.21.0 to 0.23.0.
Commits
c48da13
http2: fix TestServerContinuationFlood flakes762b58d
http2: fix tipos in commentba87210
http2: close connections when receiving too many headersebc8168
all: fix some typos3678185
http2: make TestCanonicalHeaderCacheGrowth faster448c44f
http2: remove clientTesterc7877ac
http2: convert the remaining clientTester tests to testClientConnd8870b0
http2: use synthetic time in TestIdleConnTimeoutd73acff
http2: only set up deadline when Server.IdleTimeout is positive89f602b
http2: validate client/outgoing trailers- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https:/...
v4.1.0
🚀 Enhancements
Output addons_versions if enabled @bogdanbarna (#216)
what
- Output
addons_version
if the EKS addons are enabled (var.addons)
why
- This may be just my use case, but I have both a variable and a data source for fetching an addon version (the former to overwrite the latter) and the module's addon_version output would become the source of truth for the versions, e.g.
addon_version = try(var.addons_versions["coredns"], data.aws_eks_addon_version.latest["coredns"].version)
references
- N/A
🤖 Automatic Updates
Add GitHub Settings @osterman (#215)
what
- Install a repository config (
.github/settings.yaml
)
why
- Programmatically manage GitHub repo settings
Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /test/src @dependabot (#213)
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
v4.0.0 Major breaking changes
Major breaking changes. Review the migration guide for guidance about upgrading.
In this version we fulfill the promise of managing EKS access via AWS APIs rather than via the various hacks we employed to make it possible to manage access via the aws-auth
ConfigMap. As a result, all references to the Kubernetes Terraform AWS provider have been removed, requiring manual intervention for upgrading from previous versions.
We also removed Security Group and other inputs deprecated in version 2.
We believe the final result is much cleaner, more reliable, and more stable than earlier versions, but the upgrade is unfortunately non-trivial. Please allow yourself sufficient time to read the migration guide before upgrading.
Use AWS API for EKS authentication and authorization @Nuru (#206)
Major Breaking Changes
[!WARNING]
This release has major breaking changes and requires significant manual intervention
to upgrade existing clusters. Read the migration document
for more details.
what
- Use the AWS API to manage EKS access controls instead of the
aws-auth
ConfigMap - Remove support for creating an extra security group, deprecated in v2
- Add IPv6 service CIDR output
- Update test framework to
go
v1.21, Kubernetes 1.29, etc.
why
- Remove a large number of bugs, hacks, and flaky behaviors
- Encourage separation of concerns (use another module to create a security group)
- Requested and authored by @colinh6
- Stay current
references
- New API for EKS access control
- Obsoletes and closes #148
- Obsoletes and closes #155
- Obsoletes and closes #167
- Obsoletes and closes #168
- Obsoletes and closes #193
- Obsoletes and closes #202
- Fixes #203
- Supersedes and closes #173
- Supersedes and closes #194
- Supersedes and closes #195
- Supersedes and closes #196
- Supersedes and closes #197
- Supersedes and closes #198
- Supersedes and closes #199
- Supersedes and closes #200
- Supersedes and closes #201
v4.0.0-rc1 Use AWS API for EKS Access Control
Use new AWS API for EKS Access Control (#206)
Note: this may not be available via the Terraform registry, so source it via
source = "github.com/cloudposse/terraform-aws-eks-cluster?ref=v4.0.0-rc1"
Major Breaking Changes
Warning
This release has major breaking changes and requires significant manual intervention
to upgrade existing clusters. Read the migration document
for more details.
what
- Use the AWS API to manage EKS access controls instead of the
aws-auth
ConfigMap - Remove support for creating an extra security group, deprecated in v2
- Add IPv6 service CIDR output
- Update test framework to
go
v1.21, Kubernetes 1.29, etc.
v3.0.0
Feature/update resolve conflicts @tyu0912 (#192)
what
Updating the addon to use resolve_conflicts_on_create
and resolve_conflicts_on_update
.
why
Per reference below, resolve_conflicts
is deprecated.
references
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon