Terraform module to provision AWS SSM Patch Manager maintenance window tasks, targets, patch baseline, patch groups and an s3 bucket for storing patch task logs
cloudposse/terraform-aws-s3-bucket
### [`v0.40.1`](https://togithub.com/cloudposse/terraform-aws-s3-bucket/releases/0.40.1)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-s3-bucket/compare/0.40.0...0.40.1)
#### π Bug Fixes
Properly type the default replication filter object @alexjurkiewicz (#96)
### what
Properly type the default replication filter object
### why
An error exists β likely introduced during some rewriting in #93 β where the default replication filter object is not properly typed, and causes issues with the ternary operator.
### [`v0.40.0`](https://togithub.com/cloudposse/terraform-aws-s3-bucket/releases/0.40.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-s3-bucket/compare/0.39.0...0.40.0)
Feat: Support Allowing Actions from Specific Principal ARNs in Bucket Policy. @korenyoni (#95)
##### what
* Support allowing actions from specific principal ARNs in bucket policy.
* Reorganize `examples/complete` (split up into multiple files to keep `main.tf` simple)
* Misc: use `local.enabled` where possible
##### why
* Some buckets that are used by CI/CD systems may need to allow actions from cross-account IAM principals in their bucket policy.
##### references
* https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/pull/160
### [`v0.39.0`](https://togithub.com/cloudposse/terraform-aws-s3-bucket/releases/0.39.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-s3-bucket/compare/0.38.0...0.39.0)
##### π Enhancements
S3 Replication Improvements @alexjurkiewicz (#93)
##### Terraform plan impact
In order to support multiple S3 Bucket replication destinations, we must use the `filter` in the replication rule, even if there is nothing to filter. The filter, even if empty, conflicts with the `prefix` attribute of the rule (a v1 feature replaced in v2 with the filter). So we moved all `prefix` settings into the filter. Therefore, you may see Terraform make a change like this:
Click to show plan
```hcl
- rules {
- id = "replication-test"
- prefix = "/main"
- priority = 0
- status = "Enabled"
- destination {
- bucket = "arn:aws:s3:::replication-target"
- storage_class = "STANDARD"
}
- filter {}
- }
+ rules {
+ id = "replication-test"
+ priority = 0
+ status = "Enabled"
+ destination {
+ bucket = "arn:aws:s3:::replication-target"
+ storage_class = "STANDARD"
}
+ filter {
+ prefix = "/main"
+ tags = {}
+ }
+ }
```
This change is harmless and can be applied without impact.
##### Deprecation
To provide consistency in naming, the `replication_rules` input has been deprecated in favor of `s3_replication_rules`. Existing code will continue to work, but new users should use `s3_replication_rules` and current users of `replication_rules` should update their code to use `s3_replication_rules` at their convenience.
##### what
##### [@alexjurkiewicz](https://togithub.com/alexjurkiewicz)
- Add support for multi-bucket S3 replication
- Add support for easily adding cross-account replication destination bucket policy statements
##### [@korenyoni](https://togithub.com/korenyoni)
- Add test for S3 bucket replication configuration to provide better code coverage
##### [@Nuru](https://togithub.com/Nuru)
- Convert v1 `prefix` to v2 `filter` to support multiple replication destinations
- Rename `replication_rules` to `s3_replication_rules` for consistency
- Move testing to `us-east-2` region because that is where Cloud Posse prefers to do testing
##### why
- Module currently does not support multi-bucket S3 replication
- Adding cross-account replication destination bucket policy statements is currently a manual task with no site-specific uniqueness
##### references
- Replication was added in [#56](https://togithub.com/cloudposse/terraform-aws-s3-bucket/issues/56)
- https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3\_bucket
Configuration
π Schedule: At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
π Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box.
This PR contains the following updates:
0.38.0
->0.40.1
Release Notes
cloudposse/terraform-aws-s3-bucket
### [`v0.40.1`](https://togithub.com/cloudposse/terraform-aws-s3-bucket/releases/0.40.1) [Compare Source](https://togithub.com/cloudposse/terraform-aws-s3-bucket/compare/0.40.0...0.40.1) #### π Bug FixesProperly type the default replication filter object @alexjurkiewicz (#96)
### what Properly type the default replication filter object ### why An error exists β likely introduced during some rewriting in #93 β where the default replication filter object is not properly typed, and causes issues with the ternary operator.Feat: Support Allowing Actions from Specific Principal ARNs in Bucket Policy. @korenyoni (#95)
##### what * Support allowing actions from specific principal ARNs in bucket policy. * Reorganize `examples/complete` (split up into multiple files to keep `main.tf` simple) * Misc: use `local.enabled` where possible ##### why * Some buckets that are used by CI/CD systems may need to allow actions from cross-account IAM principals in their bucket policy. ##### references * https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/pull/160S3 Replication Improvements @alexjurkiewicz (#93)
##### Terraform plan impact In order to support multiple S3 Bucket replication destinations, we must use the `filter` in the replication rule, even if there is nothing to filter. The filter, even if empty, conflicts with the `prefix` attribute of the rule (a v1 feature replaced in v2 with the filter). So we moved all `prefix` settings into the filter. Therefore, you may see Terraform make a change like this:Click to show plan
```hcl - rules { - id = "replication-test" - prefix = "/main" - priority = 0 - status = "Enabled" - destination { - bucket = "arn:aws:s3:::replication-target" - storage_class = "STANDARD" } - filter {} - } + rules { + id = "replication-test" + priority = 0 + status = "Enabled" + destination { + bucket = "arn:aws:s3:::replication-target" + storage_class = "STANDARD" } + filter { + prefix = "/main" + tags = {} + } + } ```Configuration
π Schedule: At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.