Releases: ministryofjustice/modernisation-platform-terraform-ec2-instance
Releases · ministryofjustice/modernisation-platform-terraform-ec2-instance
v2.5.0
What's New
This version of the module, automatically adds the arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore policy to the AWS instance profile
What's Changed
- Bump bridgecrewio/checkov-action from 12.2777.0 to 12.2780.0 by @dependabot in #396
- Bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in #397
- Bump bridgecrewio/checkov-action from 12.2780.0 to 12.2782.0 by @dependabot in #398
- Bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 by @dependabot in #399
- Bump bridgecrewio/checkov-action from 12.2782.0 to 12.2783.0 by @dependabot in #400
- Bump bridgecrewio/checkov-action from 12.2783.0 to 12.2784.0 by @dependabot in #401
- Bump bridgecrewio/checkov-action from 12.2784.0 to 12.2785.0 by @dependabot in #402
- Bump bridgecrewio/checkov-action from 12.2785.0 to 12.2786.0 by @dependabot in #403
- Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /test by @dependabot in #404
- Bump bridgecrewio/checkov-action from 12.2786.0 to 12.2787.0 by @dependabot in #405
- Bump bridgecrewio/checkov-action from 12.2787.0 to 12.2789.0 by @dependabot in #406
- Bump bridgecrewio/checkov-action from 12.2789.0 to 12.2796.0 by @dependabot in #407
- Redaction of sensitive data items from workflow log output. by @mikereiddigital in #408
- Bump bridgecrewio/checkov-action from 12.2796.0 to 12.2798.0 by @dependabot in #409
- Bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #410
- Update go-terratest.yml by @ASTRobinson in #412
- Bump bridgecrewio/checkov-action from 12.2798.0 to 12.2802.0 by @dependabot in #411
- Bump bridgecrewio/checkov-action from 12.2802.0 to 12.2804.0 by @dependabot in #413
- Bump bridgecrewio/checkov-action from 12.2804.0 to 12.2808.0 by @dependabot in #414
- Removes tee as it was splitting the output causing un-redacted values. by @mikereiddigital in #416
- Bump bridgecrewio/checkov-action from 12.2808.0 to 12.2809.0 by @dependabot in #415
- Bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #417
- Bump bridgecrewio/checkov-action from 12.2809.0 to 12.2811.0 by @dependabot in #418
- Bump bridgecrewio/checkov-action from 12.2811.0 to 12.2813.0 by @dependabot in #419
- Bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 by @dependabot in #420
- Bump bridgecrewio/checkov-action from 12.2813.0 to 12.2818.0 by @dependabot in #422
- Bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #423
- Bump bridgecrewio/checkov-action from 12.2818.0 to 12.2821.0 by @dependabot in #424
- Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #425
- Bump bridgecrewio/checkov-action from 12.2821.0 to 12.2823.0 by @dependabot in #426
- Bump bridgecrewio/checkov-action from 12.2823.0 to 12.2824.0 by @dependabot in #427
- Bump bridgecrewio/checkov-action from 12.2824.0 to 12.2825.0 by @dependabot in #428
- Bump bridgecrewio/checkov-action from 12.2825.0 to 12.2826.0 by @dependabot in #429
- Bump bridgecrewio/checkov-action from 12.2826.0 to 12.2828.0 by @dependabot in #430
- Bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #431
- Bump bridgecrewio/checkov-action from 12.2828.0 to 12.2829.0 by @dependabot in #432
- Bump bridgecrewio/checkov-action from 12.2829.0 to 12.2831.0 by @dependabot in #433
- Bump bridgecrewio/checkov-action from 12.2831.0 to 12.2832.0 by @dependabot in #434
- Bump bridgecrewio/checkov-action from 12.2832.0 to 12.2836.0 by @dependabot in #435
- Bump github/codeql-action from 3.25.13 to 3.25.14 by @dependabot in #436
- feature 7412 - added AmazonSSMManagedInstanceCore policy by @Kudzai-moj in #437
Full Changelog: v2.4.2...v2.5.0
Contributors
mikereiddigital, dependabot, and 2 other contributors
Assets 2
v2.4.2
What's Changed
- Bump bridgecrewio/checkov-action from 12.2601.0 to 12.2602.0 by @dependabot in #260
- Bump bridgecrewio/checkov-action from 12.2602.0 to 12.2605.0 by @dependabot in #261
- Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #262
- Bump bridgecrewio/checkov-action from 12.2605.0 to 12.2608.0 by @dependabot in #264
- Bump bridgecrewio/checkov-action from 12.2608.0 to 12.2610.0 by @dependabot in #265
- Bump bridgecrewio/checkov-action from 12.2610.0 to 12.2615.0 by @dependabot in #267
- Bump bridgecrewio/checkov-action from 12.2615.0 to 12.2619.0 by @dependabot in #268
- Bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot in #269
- Bump terraform-docs/gh-actions from 18dc76d9b2e3c746cf6f8e073c7fa7df16dcf620 to d1c99433f7a1e5003ef213d70f89aaa47cb0b675 by @dependabot in #270
- Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /test by @dependabot in #271
- Bump bridgecrewio/checkov-action from 12.2619.0 to 12.2621.0 by @dependabot in #272
- Bump terraform-docs/gh-actions from d1c99433f7a1e5003ef213d70f89aaa47cb0b675 to b9ea051e31d6fea24f409f2445d563a4bbde7fbf by @dependabot in #273
- Bump bridgecrewio/checkov-action from 12.2621.0 to 12.2622.0 by @dependabot in #274
- Bump bridgecrewio/checkov-action from 12.2622.0 to 12.2624.0 by @dependabot in #276
- Bump bridgecrewio/checkov-action from 12.2624.0 to 12.2626.0 by @dependabot in #277
- Bump bridgecrewio/checkov-action from 12.2626.0 to 12.2630.0 by @dependabot in #278
- Bump bridgecrewio/checkov-action from 12.2630.0 to 12.2631.0 by @dependabot in #279
- Bump bridgecrewio/checkov-action from 12.2631.0 to 12.2633.0 by @dependabot in #280
- Bump bridgecrewio/checkov-action from 12.2633.0 to 12.2634.0 by @dependabot in #281
- Bump bridgecrewio/checkov-action from 12.2634.0 to 12.2635.0 by @dependabot in #282
- Bump bridgecrewio/checkov-action from 12.2635.0 to 12.2636.0 by @dependabot in #283
- Bump bridgecrewio/checkov-action from 12.2636.0 to 12.2637.0 by @dependabot in #284
- Bump actions/cache from 3.3.2 to 3.3.3 by @dependabot in #285
- Bump bridgecrewio/checkov-action from 12.2637.0 to 12.2640.0 by @dependabot in #286
- Bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in #287
- Bump bridgecrewio/checkov-action from 12.2640.0 to 12.2641.0 by @dependabot in #288
- Bump actions/cache from 3.3.3 to 4.0.0 by @dependabot in #289
- Bump bridgecrewio/checkov-action from 12.2641.0 to 12.2643.0 by @dependabot in #290
- Bump bridgecrewio/checkov-action from 12.2643.0 to 12.2645.0 by @dependabot in #291
- Bump bridgecrewio/checkov-action from 12.2645.0 to 12.2646.0 by @dependabot in #293
- Bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in #292
- Bump bridgecrewio/checkov-action from 12.2646.0 to 12.2648.0 by @dependabot in #294
- Bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #295
- Bump bridgecrewio/checkov-action from 12.2648.0 to 12.2649.0 by @dependabot in #296
- Bump bridgecrewio/checkov-action from 12.2649.0 to 12.2652.0 by @dependabot in #297
- Bump bridgecrewio/checkov-action from 12.2652.0 to 12.2654.0 by @dependabot in #299
- Bump bridgecrewio/checkov-action from 12.2654.0 to 12.2655.0 by @dependabot in #300
- Bump bridgecrewio/checkov-action from 12.2655.0 to 12.2657.0 by @dependabot in #301
- Bump bridgecrewio/checkov-action from 12.2657.0 to 12.2659.0 by @dependabot in #302
- Bump bridgecrewio/checkov-action from 12.2659.0 to 12.2660.0 by @dependabot in #304
- Bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #303
- Bump bridgecrewio/checkov-action from 12.2660.0 to 12.2665.0 by @dependabot in #305
- Bump bridgecrewio/checkov-action from 12.2665.0 to 12.2669.0 by @dependabot in #306
- Bump bridgecrewio/checkov-action from 12.2669.0 to 12.2671.0 by @dependabot in #307
- Bump bridgecrewio/checkov-action from 12.2671.0 to 12.2672.0 by @dependabot in #308
- Bump bridgecrewio/checkov-action from 12.2672.0 to 12.2673.0 by @dependabot in #309
- Bump bridgecrewio/checkov-action from 12.2673.0 to 12.2674.0 by @dependabot in #310
- Bump bridgecrewio/checkov-action from 12.2674.0 to 12.2675.0 by @dependabot in #312
- Bump bridgecrewio/checkov-action from 12.2675.0 to 12.2676.0 by @dependabot in #314
- Bump terraform-docs/gh-actions from b9ea051e31d6fea24f409f2445d563a4bbde7fbf to 7c16aaaacc92335d6d5c5d43778448deebaa3798 by @dependabot in #313
- Adds a reference to a second deployed example for using the ec2 module. by @mikereiddigital in #316
- Bump bridgecrewio/checkov-action from 12.2676.0 to 12.2678.0 by @dependabot in #315
- Bump bridgecrewio/checkov-action from 12.2678.0 to 12.2680.0 by @dependabot in #317
- Bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #318
- Bump bridgecrewio/checkov-action from 12.2680.0 to 12.2683.0 by @dependabot in #320
- Bump bridgecrewio/checkov-action from 12.2683.0 to 12.2684.0 by @dependabot in #321
- Bump bridgecrewio/checkov-action from 12.2684.0 to 12.2687.0 by @dependabot in #323
- Bump bridgec...
Contributors
wullub, mikereiddigital, and 4 other contributors
Assets 2
v2.4.1
What's Changed
Fix SSM parameter and secrets policy.
Bug fix: changed "and" condition to "or". Ensures policy is created if either SSM Params or Secrets are created.
Best practice: add minimum possible permissions (e.g. only need Put if there are placeholder params/secrets)
- DSOS-2423: ssm and secrets policy fix by @drobinson-moj in #258
- Bump bridgecrewio/checkov-action from 12.2600.0 to 12.2601.0 by @dependabot in #259
Full Changelog: v2.4.0...v2.4.1
Contributors
dependabot and drobinson-moj
Assets 2
v2.4.0
What's New
- SecretsManager secrets can now be populated with fixed or random values, and can have a
recovery_window_in_daysset.
What's Changed
- Introducing new outputs and test outputs and randomising resource names by @ewastempel in #241
- Adding terratest around the backup tags by @ewastempel in #244
- Updating the README to include the logic behind backup tags and fixin by @ewastempel in #246
- Correcting formatting in the README by @ewastempel in #247
- DSOS-2406: align secretsmanager options with ssm by @drobinson-moj in #256
- Bump bridgecrewio/checkov-action to 12.2600.0 by @dependabot in #257
New Contributors
- @ewastempel made their first contribution in #241
Full Changelog: v2.3.1...v2.4.0
Contributors
dependabot, ewastempel, and drobinson-moj
Assets 2
v2.3.1
What's Changed
This release combines the SSM and SecretsManager policies to help minimise the number of policies on an ec2.
- Bump bridgecrewio/checkov-action from 12.2561.0 to 12.2569.0 by @dependabot in #238
- combine-ssm-and-secrets by @wullub in #237
Full Changelog: v2.3.0...v2.3.1
Contributors
wullub and dependabot
Assets 2
v2.3.0
What's Changed
- Bump bridgecrewio/checkov-action from 12.2544.0 to 12.2547.0 by @dependabot in #222
- Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /test by @dependabot in #221
- workflow fix by @markgov in #224
- Bump bridgecrewio/checkov-action from 12.2547.0 to 12.2552.0 by @dependabot in #223
- Bump bridgecrewio/checkov-action from 12.2552.0 to 12.2553.0 by @dependabot in #225
- Bump bridgecrewio/checkov-action from 12.2553.0 to 12.2556.0 by @dependabot in #230
- Bump hashicorp/setup-terraform from 2.0.3 to 3.0.0 by @dependabot in #227
- Bump bridgecrewio/checkov-action from 12.2556.0 to 12.2561.0 by @dependabot in #233
- adding disable api stop attribute by @haitchison in #234
New Contributors
- @markgov made their first contribution in #224
- @haitchison made their first contribution in #234
Full Changelog: v2.2.0...v2.2.1
Contributors
dependabot, markgov, and haitchison
Assets 2
v2.2.0
v2.1.1
What's Changed
- Bump bridgecrewio/checkov-action from 12.2422.0 to 12.2425.0 by @dependabot in #145
- Bump bridgecrewio/checkov-action from 12.2425.0 to 12.2427.0 by @dependabot in #146
- Bump bridgecrewio/checkov-action from 12.2427.0 to 12.2431.0 by @dependabot in #148
- Bump bridgecrewio/checkov-action from 12.2431.0 to 12.2434.0 by @dependabot in #149
- Bump bridgecrewio/checkov-action from 12.2434.0 to 12.2436.0 by @dependabot in #150
- Bump bridgecrewio/checkov-action from 12.2436.0 to 12.2440.0 by @dependabot in #151
- Bump bridgecrewio/checkov-action from 12.2440.0 to 12.2443.0 by @dependabot in #152
- Bump bridgecrewio/checkov-action from 12.2443.0 to 12.2446.0 by @dependabot in #153
- Bump bridgecrewio/checkov-action from 12.2446.0 to 12.2447.0 by @dependabot in #154
- Bump bridgecrewio/checkov-action from 12.2447.0 to 12.2450.0 by @dependabot in #155
- Bump bridgecrewio/checkov-action from 12.2450.0 to 12.2451.0 by @dependabot in #156
- Bump bridgecrewio/checkov-action from 12.2451.0 to 12.2453.0 by @dependabot in #157
- Bump bridgecrewio/checkov-action from 12.2453.0 to 12.2454.0 by @dependabot in #158
- Bump bridgecrewio/checkov-action from 12.2454.0 to 12.2455.0 by @dependabot in #160
- Bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #159
- Bump bridgecrewio/checkov-action from 12.2455.0 to 12.2456.0 by @dependabot in #161
- Bump bridgecrewio/checkov-action from 12.2456.0 to 12.2459.0 by @dependabot in #162
- Bump bridgecrewio/checkov-action from 12.2459.0 to 12.2460.0 by @dependabot in #163
- Bump bridgecrewio/checkov-action from 12.2460.0 to 12.2461.0 by @dependabot in #164
- Bump bridgecrewio/checkov-action from 12.2461.0 to 12.2463.0 by @dependabot in #165
- Bump bridgecrewio/checkov-action from 12.2463.0 to 12.2464.0 by @dependabot in #166
- Bump bridgecrewio/checkov-action from 12.2464.0 to 12.2466.0 by @dependabot in #167
- Bump bridgecrewio/checkov-action from 12.2466.0 to 12.2467.0 by @dependabot in #168
- Bump bridgecrewio/checkov-action from 12.2467.0 to 12.2468.0 by @dependabot in #169
- Bump bridgecrewio/checkov-action from 12.2468.0 to 12.2472.0 by @dependabot in #173
- Bump terraform-linters/setup-tflint from 3.0.0 to 3.1.0 by @dependabot in #171
- Bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #172
- Bump bridgecrewio/checkov-action from 12.2472.0 to 12.2476.0 by @dependabot in #174
- Bump bridgecrewio/checkov-action from 12.2476.0 to 12.2480.0 by @dependabot in #175
- MOJ Compliant Badge Update by @ASTRobinson in #176
- Bump bridgecrewio/checkov-action from 12.2480.0 to 12.2483.0 by @dependabot in #177
- Bump terraform-linters/setup-tflint from 3.1.0 to 3.1.1 by @dependabot in #178
- Bump bridgecrewio/checkov-action from 12.2483.0 to 12.2486.0 by @dependabot in #179
- DSOS-2124: allow placeholder ssm parameters by @drobinson-moj in #184
New Contributors
- @ASTRobinson made their first contribution in #176
Full Changelog: v2.1.0...v2.1.1
Contributors
dependabot, ASTRobinson, and drobinson-moj
Assets 2
v2.1.0
Adding finer control over tagging. Allow additional (optional) tags specific to ec2_instance and ebs_volume resources. This allows to add a backup tag to only the ec2_instance resource, thus avoiding duplicate ec2 and ebs backups.
See additional changes below.
What's Changed
- Bump bridgecrewio/checkov-action from 12.2408.0 to 12.2409.0 by @dependabot in #135
- Bump bridgecrewio/checkov-action from 12.2409.0 to 12.2410.0 by @dependabot in #137
- Bump google.golang.org/grpc from 1.50.1 to 1.53.0 in /test by @dependabot in #136
- Bump bridgecrewio/checkov-action from 12.2410.0 to 12.2412.0 by @dependabot in #138
- Bump bridgecrewio/checkov-action from 12.2412.0 to 12.2414.0 by @dependabot in #139
- Bump bridgecrewio/checkov-action from 12.2414.0 to 12.2416.0 by @dependabot in #140
- Bump bridgecrewio/checkov-action from 12.2416.0 to 12.2419.0 by @dependabot in #141
- Bump bridgecrewio/checkov-action from 12.2419.0 to 12.2420.0 by @dependabot in #142
- Bump bridgecrewio/checkov-action from 12.2420.0 to 12.2422.0 by @dependabot in #143
- DSOS-1987: allow specific tags for ec2 and ebs resources by @drobinson-moj in #144
Full Changelog: v2.0.1...v2.1.0
Contributors
dependabot and drobinson-moj
Assets 2
Addressing deprecated vpc attribute
This is to swap out the following attribute of the aws_eip:
vpc = true -> domain = "vpc".
This release also contains security updates. See the details below.
What's Changed
- Bump bridgecrewio/checkov-action from 12.2389.0 to 12.2393.0 by @dependabot in #123
- Bump bridgecrewio/checkov-action from 12.2393.0 to 12.2399.0 by @dependabot in #125
- Bump bridgecrewio/checkov-action from 12.2399.0 to 12.2400.0 by @dependabot in #126
- Bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #128
- Bump ministryofjustice/github-actions from 13 to 14 by @dependabot in #127
- Bump bridgecrewio/checkov-action from 12.2400.0 to 12.2401.0 by @dependabot in #129
- Bump bridgecrewio/checkov-action from 12.2401.0 to 12.2402.0 by @dependabot in #130
- Bump bridgecrewio/checkov-action from 12.2402.0 to 12.2405.0 by @dependabot in #131
- Bump bridgecrewio/checkov-action from 12.2405.0 to 12.2408.0 by @dependabot in #133
- swap out depracated value after aws provider now ~> 5.0 by @robertsweetman in #134
New Contributors
- @robertsweetman made their first contribution in #134
Full Changelog: v2.0.0...v2.0.1
Contributors
robertsweetman and dependabot