diff --git a/docs/reference/services/app-orchestration/amazon-ecs-cluster.md b/docs/reference/services/app-orchestration/amazon-ecs-cluster.md
index dbfa6e15db..c06633286f 100644
--- a/docs/reference/services/app-orchestration/amazon-ecs-cluster.md
+++ b/docs/reference/services/app-orchestration/amazon-ecs-cluster.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon ECS Cluster
-View Source
+View Source
Release Notes
@@ -108,9 +108,9 @@ For info on finding your Docker container logs and custom metrics in CloudWatch,
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -118,7 +118,7 @@ For info on finding your Docker container logs and custom metrics in CloudWatch,
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -126,7 +126,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -153,7 +153,7 @@ For information on how to manage your ECS cluster, see the documentation in the
module "ecs_cluster" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-cluster?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-cluster?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -287,6 +287,10 @@ module "ecs_cluster" {
# Instances. Can be one of standard, gp2, gp3, io1, io2, sc1 or st1.
cluster_instance_root_volume_type = "gp2"
+ # When set, name the IAM role for the ECS cluster using this variable. When
+ # null, the IAM role name will be derived from var.cluster_name.
+ custom_iam_role_name = null
+
# A list of custom tags to apply to the EC2 Instances in this ASG. Each item
# in this list should be a map with the parameters key, value, and
# propagate_at_launch.
@@ -451,7 +455,7 @@ module "ecs_cluster" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-cluster?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-cluster?ref=v0.143.3"
}
inputs = {
@@ -588,6 +592,10 @@ inputs = {
# Instances. Can be one of standard, gp2, gp3, io1, io2, sc1 or st1.
cluster_instance_root_volume_type = "gp2"
+ # When set, name the IAM role for the ECS cluster using this variable. When
+ # null, the IAM role name will be derived from var.cluster_name.
+ custom_iam_role_name = null
+
# A list of custom tags to apply to the EC2 Instances in this ASG. Each item
# in this list should be a map with the parameters key, value, and
# propagate_at_launch.
@@ -1042,6 +1050,15 @@ The volume type for the root volume for each of the ECS Cluster's EC2 Instances.
+
+
+
+When set, name the IAM role for the ECS cluster using this variable. When null, the IAM role name will be derived from cluster_name.
+
+
+
+
+
@@ -1484,11 +1501,11 @@ The CloudWatch Dashboard metric widget for the ECS cluster workers' Memory utili
diff --git a/docs/reference/services/app-orchestration/amazon-ecs-fargate-cluster.md b/docs/reference/services/app-orchestration/amazon-ecs-fargate-cluster.md
index cd9b83337d..370edac5d9 100644
--- a/docs/reference/services/app-orchestration/amazon-ecs-fargate-cluster.md
+++ b/docs/reference/services/app-orchestration/amazon-ecs-fargate-cluster.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon ECS Fargate Cluster
-View Source
+View Source
Release Notes
@@ -64,9 +64,9 @@ To understand core concepts like what is ECS, and the different cluster types, s
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -74,7 +74,7 @@ To understand core concepts like what is ECS, and the different cluster types, s
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -82,7 +82,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -106,7 +106,7 @@ For information on how to manage your ECS cluster, see the documentation in the
module "ecs_fargate_cluster" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-fargate-cluster?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-fargate-cluster?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -141,7 +141,7 @@ module "ecs_fargate_cluster" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-fargate-cluster?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-fargate-cluster?ref=v0.143.3"
}
inputs = {
@@ -221,6 +221,22 @@ ARN of the ECS cluster that was created.
+
+
+
+ARN of the ECS cluster that was created. This output uses a consistent naming convention with the ecs-cluster module.
+
+
+
+
+
+
+
+The name of the ECS cluster. This output uses a consistent naming convention with the ecs-cluster module.
+
+
+
+
@@ -235,11 +251,11 @@ The name of the ECS cluster.
diff --git a/docs/reference/services/app-orchestration/amazon-ecs-service.md b/docs/reference/services/app-orchestration/amazon-ecs-service.md
index 9b0dd82b97..66f522e414 100644
--- a/docs/reference/services/app-orchestration/amazon-ecs-service.md
+++ b/docs/reference/services/app-orchestration/amazon-ecs-service.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon ECS Service
-View Source
+View Source
Release Notes
@@ -63,10 +63,10 @@ more, see the documentation in the
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal
submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -74,14 +74,14 @@ more, see the documentation in the
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and testing (but not direct production usage).
### Production deployment
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -105,7 +105,7 @@ For information on how to manage your ECS service, see the documentation in the
module "ecs_service" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-service?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -637,7 +637,7 @@ module "ecs_service" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ecs-service?ref=v0.143.3"
}
inputs = {
@@ -3028,11 +3028,11 @@ The names of the ECS service's load balancer's target groups
diff --git a/docs/reference/services/app-orchestration/amazon-eks-core-services.md b/docs/reference/services/app-orchestration/amazon-eks-core-services.md
index 89f7b9f452..a7d9259c1f 100644
--- a/docs/reference/services/app-orchestration/amazon-eks-core-services.md
+++ b/docs/reference/services/app-orchestration/amazon-eks-core-services.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon EKS Core Services
-View Source
+View Source
Release Notes
@@ -68,9 +68,9 @@ For information on each of the core services deployed by this service, see the d
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -78,7 +78,7 @@ For information on each of the core services deployed by this service, see the d
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -86,7 +86,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -108,7 +108,7 @@ If you want to deploy this repo in production, check out the following resources
module "eks_core_services" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-core-services?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-core-services?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -273,7 +273,10 @@ module "eks_core_services" {
# The version of the cluster-autoscaler helm chart to deploy. Note that this
# is different from the app/container version, which is sepecified with
# var.cluster_autoscaler_version.
- cluster_autoscaler_chart_version = "9.21.0"
+ cluster_autoscaler_chart_version = "9.46.6"
+
+ # Map of extra arguments to pass to the container.
+ cluster_autoscaler_container_extra_args = {}
# A map of custom tags to apply to the Autoscaler Fargate Profile IAM Role if
# enabled. The key is the tag name and the value is the tag value.
@@ -413,6 +416,11 @@ module "eks_core_services" {
# The registry to use for the external-dns image.
external_dns_image_registry = null
+ # The container image repository to pull the images from. This allows
+ # overriding the default image repository for external-dns. For example,
+ # bitnamilegacy/external-dns.
+ external_dns_image_repository = "bitnamilegacy/external-dns"
+
# Configure affinity rules for the external-dns Pod to control which nodes to
# schedule on. Each item in the list should be a map with the keys `key`,
# `values`, and `operator`, corresponding to the 3 properties of
@@ -735,7 +743,7 @@ module "eks_core_services" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-core-services?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-core-services?ref=v0.143.3"
}
inputs = {
@@ -903,7 +911,10 @@ inputs = {
# The version of the cluster-autoscaler helm chart to deploy. Note that this
# is different from the app/container version, which is sepecified with
# var.cluster_autoscaler_version.
- cluster_autoscaler_chart_version = "9.21.0"
+ cluster_autoscaler_chart_version = "9.46.6"
+
+ # Map of extra arguments to pass to the container.
+ cluster_autoscaler_container_extra_args = {}
# A map of custom tags to apply to the Autoscaler Fargate Profile IAM Role if
# enabled. The key is the tag name and the value is the tag value.
@@ -1043,6 +1054,11 @@ inputs = {
# The registry to use for the external-dns image.
external_dns_image_registry = null
+ # The container image repository to pull the images from. This allows
+ # overriding the default image repository for external-dns. For example,
+ # bitnamilegacy/external-dns.
+ external_dns_image_repository = "bitnamilegacy/external-dns"
+
# Configure affinity rules for the external-dns Pod to control which nodes to
# schedule on. Each item in the list should be a map with the keys `key`,
# `values`, and `operator`, corresponding to the 3 properties of
@@ -1873,7 +1889,16 @@ Restrict the cluster autoscaler to a list of absolute ASG ARNs upon initial appl
The version of the cluster-autoscaler helm chart to deploy. Note that this is different from the app/container version, which is sepecified with cluster_autoscaler_version.
-
+
+
+
+
+
+
+Map of extra arguments to pass to the container.
+
+
+
@@ -2297,6 +2322,15 @@ The registry to use for the external-dns image.
+
+
+
+The container image repository to pull the images from. This allows overriding the default image repository for external-dns. For example, bitnamilegacy/external-dns.
+
+
+
+
+
@@ -5466,11 +5500,11 @@ A list of names of Kubernetes PriorityClass objects created by this module.
diff --git a/docs/reference/services/app-orchestration/amazon-eks-workers.md b/docs/reference/services/app-orchestration/amazon-eks-workers.md
index 022920f60d..dd1be5913d 100644
--- a/docs/reference/services/app-orchestration/amazon-eks-workers.md
+++ b/docs/reference/services/app-orchestration/amazon-eks-workers.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon EKS Workers
-View Source
+View Source
Release Notes
@@ -68,9 +68,9 @@ more, see the documentation in the [terraform-aws-eks](https://github.com/gruntw
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -78,7 +78,7 @@ more, see the documentation in the [terraform-aws-eks](https://github.com/gruntw
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -86,7 +86,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -97,10 +97,10 @@ If you want to deploy this repo in production, check out the following resources
## Manage
For information on registering the worker IAM role to the EKS control plane, refer to the
-[IAM Roles and Kubernetes API Access](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/eks-workers/core-concepts.md#iam-roles-and-kubernetes-api-access) section of the documentation.
+[IAM Roles and Kubernetes API Access](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/eks-workers/core-concepts.md#iam-roles-and-kubernetes-api-access) section of the documentation.
For information on how to perform a blue-green deployment of the worker pools, refer to the
-[How do I perform a blue green release to roll out new versions of the module](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/eks-workers/core-concepts.md#how-do-i-perform-a-blue-green-release-to-roll-out-new-versions-of-the-module)
+[How do I perform a blue green release to roll out new versions of the module](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/eks-workers/core-concepts.md#how-do-i-perform-a-blue-green-release-to-roll-out-new-versions-of-the-module)
section of the documentation.
For information on how to manage your EKS cluster, including how to deploy Pods on Fargate, how to associate IAM roles
@@ -121,7 +121,7 @@ to Pod, how to upgrade your EKS cluster, and more, see the documentation in the
module "eks_workers" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-workers?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-workers?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -191,10 +191,20 @@ module "eks_workers" {
# if asg_iam_role_already_exists is true.
asg_custom_iam_role_name = null
+ # Default value for asg_ami_type field of autoscaling_group_configurations.
+ # See the AWS documentation for valid values. Docs:
+ # https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
+ asg_default_ami_type = "AL2_x86_64"
+
# Default value for enable_detailed_monitoring field of
# autoscaling_group_configurations.
asg_default_enable_detailed_monitoring = true
+ # Default value for the extra_block_device_mappings field of
+ # autoscaling_group_configurations. Any map entry that does not specify
+ # extra_block_device_mappings will use this value.
+ asg_default_extra_block_device_mappings = []
+
# Default value for the http_put_response_hop_limit field of
# autoscaling_group_configurations.
asg_default_http_put_response_hop_limit = null
@@ -233,6 +243,11 @@ module "eks_workers" {
# asg_instance_type will use this value.
asg_default_instance_type = "t3.medium"
+ # Default value for the asg_instance_user_data_base64 field of
+ # autoscaling_group_configurations. Any map entry that does not specify
+ # asg_instance_user_data_base64 will use this value.
+ asg_default_instance_user_data_base64 = null
+
# Default value for the max_pods_allowed field of
# autoscaling_group_configurations. Any map entry that does not specify
# max_pods_allowed will use this value.
@@ -474,6 +489,10 @@ module "eks_workers" {
# Must be one of: 'missing', 'ignore', 'breaching' or 'notBreaching'.
high_worker_memory_utilization_treat_missing_data = "missing"
+ # Whether or not to create an AWS Security Group for the Managed Node Groups.
+ # By default this is created.
+ managed_node_group_create_security_group = true
+
# Custom name for the IAM role for the Managed Node Groups. When null, a
# default name based on worker_name_prefix will be used. One of
# managed_node_group_custom_iam_role_name and managed_node_group_iam_role_arn
@@ -492,6 +511,11 @@ module "eks_workers" {
# is true.
managed_node_group_iam_role_arn = null
+ # Default value for ami_type field of managed_node_group_configurations. See
+ # the AWS documentation for valid values. Docs:
+ # https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
+ node_group_default_ami_type = "AL2_x86_64"
+
# Default value for capacity_type field of managed_node_group_configurations.
node_group_default_capacity_type = "ON_DEMAND"
@@ -542,6 +566,12 @@ module "eks_workers" {
# Default value for min_size field of managed_node_group_configurations.
node_group_default_min_size = 1
+ # Default value for the node_repair_config field of
+ # managed_node_group_configurations. Any map entry that does not specify
+ # node_repair_config will use this value. Node auto repair is disabled by
+ # default.
+ node_group_default_node_repair_config = null
+
# Default value for subnet_ids field of managed_node_group_configurations.
node_group_default_subnet_ids = null
@@ -554,6 +584,11 @@ module "eks_workers" {
# only used if the taint field is omitted from the configuration.
node_group_default_taints = []
+ # Default value for the user_data_base64 field of
+ # managed_node_group_configurations. Any map entry that does not specify
+ # user_data_base64 will use this value.
+ node_group_default_user_data_base64 = null
+
# The instance type to configure in the launch template. This value will be
# used when the instance_types field is set to null (NOT omitted, in which
# case var.node_group_default_instance_types will be used).
@@ -665,7 +700,7 @@ module "eks_workers" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-workers?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-workers?ref=v0.143.3"
}
inputs = {
@@ -738,10 +773,20 @@ inputs = {
# if asg_iam_role_already_exists is true.
asg_custom_iam_role_name = null
+ # Default value for asg_ami_type field of autoscaling_group_configurations.
+ # See the AWS documentation for valid values. Docs:
+ # https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
+ asg_default_ami_type = "AL2_x86_64"
+
# Default value for enable_detailed_monitoring field of
# autoscaling_group_configurations.
asg_default_enable_detailed_monitoring = true
+ # Default value for the extra_block_device_mappings field of
+ # autoscaling_group_configurations. Any map entry that does not specify
+ # extra_block_device_mappings will use this value.
+ asg_default_extra_block_device_mappings = []
+
# Default value for the http_put_response_hop_limit field of
# autoscaling_group_configurations.
asg_default_http_put_response_hop_limit = null
@@ -780,6 +825,11 @@ inputs = {
# asg_instance_type will use this value.
asg_default_instance_type = "t3.medium"
+ # Default value for the asg_instance_user_data_base64 field of
+ # autoscaling_group_configurations. Any map entry that does not specify
+ # asg_instance_user_data_base64 will use this value.
+ asg_default_instance_user_data_base64 = null
+
# Default value for the max_pods_allowed field of
# autoscaling_group_configurations. Any map entry that does not specify
# max_pods_allowed will use this value.
@@ -1021,6 +1071,10 @@ inputs = {
# Must be one of: 'missing', 'ignore', 'breaching' or 'notBreaching'.
high_worker_memory_utilization_treat_missing_data = "missing"
+ # Whether or not to create an AWS Security Group for the Managed Node Groups.
+ # By default this is created.
+ managed_node_group_create_security_group = true
+
# Custom name for the IAM role for the Managed Node Groups. When null, a
# default name based on worker_name_prefix will be used. One of
# managed_node_group_custom_iam_role_name and managed_node_group_iam_role_arn
@@ -1039,6 +1093,11 @@ inputs = {
# is true.
managed_node_group_iam_role_arn = null
+ # Default value for ami_type field of managed_node_group_configurations. See
+ # the AWS documentation for valid values. Docs:
+ # https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
+ node_group_default_ami_type = "AL2_x86_64"
+
# Default value for capacity_type field of managed_node_group_configurations.
node_group_default_capacity_type = "ON_DEMAND"
@@ -1089,6 +1148,12 @@ inputs = {
# Default value for min_size field of managed_node_group_configurations.
node_group_default_min_size = 1
+ # Default value for the node_repair_config field of
+ # managed_node_group_configurations. Any map entry that does not specify
+ # node_repair_config will use this value. Node auto repair is disabled by
+ # default.
+ node_group_default_node_repair_config = null
+
# Default value for subnet_ids field of managed_node_group_configurations.
node_group_default_subnet_ids = null
@@ -1101,6 +1166,11 @@ inputs = {
# only used if the taint field is omitted from the configuration.
node_group_default_taints = []
+ # Default value for the user_data_base64 field of
+ # managed_node_group_configurations. Any map entry that does not specify
+ # user_data_base64 will use this value.
+ node_group_default_user_data_base64 = null
+
# The instance type to configure in the launch template. This value will be
# used when the instance_types field is set to null (NOT omitted, in which
# case var.node_group_default_instance_types will be used).
@@ -1254,6 +1324,10 @@ Any types represent complex values of variable type. For details, please consult
will be used to deploy updates to the cluster.
- asg_instance_type string : (Defaults to value from var.asg_default_instance_type) The type of
instances to use for the ASG (e.g., t2.medium).
+ - asg_ami_type string : (Defaults to value from var.asg_default_ami_type) Type of Amazon
+ Machine Image (e.g. AL2_x86_64, AL2_x86_64_GPU) associated with the EKS
+ Node Group. See the AWS documentation for valid values.
+ https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.htmlAmazonEKS-Type-Nodegroup-amiType
- max_pods_allowed number : (Defaults to value from var.asg_default_max_pods_allowed) The
maximum number of Pods allowed to be scheduled on the node. When null,
the max will be automatically calculated based on the availability of
@@ -1268,6 +1342,8 @@ Any types represent complex values of variable type. For details, please consult
instances to use for the ASG (e.g., 125).
- asg_instance_root_volume_encryption bool : (Defaults to value from var.asg_default_instance_root_volume_encryption)
Whether or not to enable root volume encryption for instances of the ASG.
+ - asg_instance_user_data_base64 string : (Defaults to value from var.asg_default_instance_user_data_base64) The base64 user-data content of
+ instance to use for the ASG.
- tags list(object[Tag]) : (Defaults to value from var.asg_default_tags) Custom tags to apply to the
EC2 Instances in this ASG. Refer to structure definition below for the
object type of each entry in the list.
@@ -1300,6 +1376,8 @@ Any types represent complex values of variable type. For details, please consult
Per-ASG cloud init scripts to run at boot time on the node. See var.cloud_init_parts for accepted keys.
- http_put_response_hop_limit number : (Defaults to value from var.asg_default_http_put_response_hop_limit) The
desired HTTP PUT response hop limit for instance metadata requests.
+ - extra_block_device_mappings : (Defaults to value from var.asg_default_extra_block_device_mappings) Additional block device mappings
+ to attach to instances. Useful for Bottlerocket or custom storage configs.
- instance_maintenance_policy object(Health_Percentage)
Structure of Health_Percentage object:
- min_healthy_percentage number : Min healthy percentage forthe intance maintenance policy
@@ -1437,6 +1515,12 @@ Any types represent complex values of variable type. For details, please consult
nodes. EKS will choose from this list of instance types when launching
new instances. When using launch templates, this setting will override
the configured instance type of the launch template.
+ - ami_type string : (Defaults to value from var.node_group_default_ami_type) Type of Amazon
+ Machine Image (e.g. AL2_x86_64, AL2_x86_64_GPU) associated with the EKS
+ Node Group. See the AWS documentation for valid values.
+ https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.htmlAmazonEKS-Type-Nodegroup-amiType
+ - user_data_base64 string : (Defaults to value from var.node_group_default_user_data_base64) The base64 user-data content of
+ instance to use for the Node Group.
- capacity_type string : (Defaults to value from var.node_group_default_capacity_type) Type of capacity
associated with the EKS Node Group. Valid values: ON_DEMAND, SPOT.
- launch_template LaunchTemplate : (Defaults to value from var.node_group_default_launch_template)
@@ -1451,6 +1535,9 @@ Any types represent complex values of variable type. For details, please consult
maximum number of Pods allowed to be scheduled on the node. When null,
the max will be automatically calculated based on the availability of
total IP addresses to the instance type.
+ - node_repair_config object : (Defaults to value from var.node_group_default_node_repair_config) The node
+ auto repair configuration for the node group. Node auto repair is disabled
+ by default.
- imds_http_put_response_hop_limit number : (Defaults to value from
var.node_group_default_imds_http_put_response_hop_limit) The desired
HTTP PUT response hop limit for instance metadata requests from the
@@ -1489,6 +1576,9 @@ Any types represent complex values of variable type. For details, please consult
- id string : The ID of the Launch Template to use. One of ID or Name should be provided.
- version string : The version of the Launch Template to use.
+ Structure of the node_repair_config object:
+ - enabled bool : Specifies whether to enable node auto repair for the node group. Node auto repair is disabled by default.
+
Example:
managed_node_group_configurations = {
ngroup1 = {
@@ -1569,6 +1659,15 @@ Custom name for the IAM role for the Self-managed workers. When null, a default
+
+
+
+Default value for asg_ami_type field of autoscaling_group_configurations. See the AWS documentation for valid values. Docs: https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
+
+
+
+
+
@@ -1578,6 +1677,35 @@ Default value for enable_detailed_monitoring field of autoscaling_group_configur
+
+
+
+Default value for the extra_block_device_mappings field of autoscaling_group_configurations. Any map entry that does not specify extra_block_device_mappings will use this value.
+
+
+
+
+```hcl
+list(object({
+ device_name = string
+ no_device = optional(string)
+ virtual_name = optional(string)
+ ebs = optional(object({
+ volume_size = optional(number)
+ volume_type = optional(string)
+ iops = optional(number)
+ throughput = optional(number)
+ delete_on_termination = optional(bool)
+ encrypted = optional(bool)
+ kms_key_id = optional(string)
+ }))
+ }))
+```
+
+
+
+
+
@@ -1660,6 +1788,15 @@ Default value for the asg_instance_type field of autoscaling_group_configuration
+
+
+
+Default value for the asg_instance_user_data_base64 field of autoscaling_group_configurations. Any map entry that does not specify asg_instance_user_data_base64 will use this value.
+
+
+
+
+
@@ -2372,6 +2509,15 @@ Sets how this alarm should handle entering the INSUFFICIENT_DATA state. Based on
+
+
+
+Whether or not to create an AWS Security Group for the Managed Node Groups. By default this is created.
+
+
+
+
+
@@ -2399,6 +2545,15 @@ ARN of the IAM role to use if iam_role_already_exists = true. When null, uses ma
+
+
+
+Default value for ami_type field of managed_node_group_configurations. See the AWS documentation for valid values. Docs: https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
+
+
+
+
+
@@ -2516,6 +2671,24 @@ Default value for min_size field of managed_node_group_configurations.
+
+
+
+Default value for the node_repair_config field of managed_node_group_configurations. Any map entry that does not specify node_repair_config will use this value. Node auto repair is disabled by default.
+
+
+
+
+```hcl
+object({
+ enabled = bool
+ })
+```
+
+
+
+
+
@@ -2550,6 +2723,15 @@ list(map(string))
+
+
+
+Default value for the user_data_base64 field of managed_node_group_configurations. Any map entry that does not specify user_data_base64 will use this value.
+
+
+
+
+
@@ -2814,11 +2996,11 @@ The list of names of the ASGs that were deployed to act as EKS workers.
diff --git a/docs/reference/services/app-orchestration/amazon-eks.md b/docs/reference/services/app-orchestration/amazon-eks.md
index 84e06f0884..81bb7e3a6a 100644
--- a/docs/reference/services/app-orchestration/amazon-eks.md
+++ b/docs/reference/services/app-orchestration/amazon-eks.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon EKS
-View Source
+View Source
Release Notes
@@ -68,9 +68,9 @@ more, see the documentation in the [terraform-aws-eks](https://github.com/gruntw
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -78,7 +78,7 @@ more, see the documentation in the [terraform-aws-eks](https://github.com/gruntw
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -86,7 +86,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -116,7 +116,7 @@ To add and manage additional worker groups, refer to the [eks-workers module](/r
module "eks_cluster" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -178,6 +178,11 @@ module "eks_cluster" {
# autoscaling_group_configurations.
asg_default_enable_detailed_monitoring = true
+ # Default value for the extra_block_device_mappings field of
+ # autoscaling_group_configurations. Any map entry that does not specify
+ # extra_block_device_mappings will use this value.
+ asg_default_extra_block_device_mappings = []
+
# Default value for the http_put_response_hop_limit field of
# autoscaling_group_configurations.
asg_default_http_put_response_hop_limit = null
@@ -383,6 +388,9 @@ module "eks_cluster" {
# cluster to be created.
cluster_network_config_service_ipv4_cidr = null
+ # Specify the log class of the cloudwatch log group
+ control_plane_cloudwatch_log_group_class = "STANDARD"
+
# The ID (ARN, alias ARN, AWS ID) of a customer managed KMS Key to use for
# encrypting log data in the CloudWatch log group for EKS control plane logs.
control_plane_cloudwatch_log_group_kms_key_id = null
@@ -521,6 +529,11 @@ module "eks_cluster" {
# the tag name and the value is the tag value.
eks_cluster_oidc_tags = {}
+ # The name of the Security Group to create for the EKS Cluster. If a name is
+ # not provided, a name will be generated automatically. For existing clusters,
+ # set this variable to the existing cluster security group name.
+ eks_cluster_security_group_name = null
+
# A map of custom tags to apply to the Security Group for the EKS Cluster
# Control Plane. The key is the tag name and the value is the tag value.
eks_cluster_security_group_tags = {}
@@ -664,8 +677,8 @@ module "eks_cluster" {
# The URL from which to download Kubergrunt if it's not installed already. Use
# to specify a version of kubergrunt that is compatible with your specified
# kubernetes version. Ex.
- # 'https://github.com/gruntwork-io/kubergrunt/releases/download/v0.17.3/kubergrunt_'
- kubergrunt_download_url = "https://github.com/gruntwork-io/kubergrunt/releases/download/v0.17.3/kubergrunt_"
+ # 'https://github.com/gruntwork-io/kubergrunt/releases/download/v0.18.1/kubergrunt_'
+ kubergrunt_download_url = "https://github.com/gruntwork-io/kubergrunt/releases/download/v0.18.1/kubergrunt_"
# Version of Kubernetes to use. Refer to EKS docs for list of available
# versions
@@ -723,6 +736,12 @@ module "eks_cluster" {
# Default value for min_size field of managed_node_group_configurations.
node_group_default_min_size = 1
+ # Default value for the node_repair_config field of
+ # managed_node_group_configurations. Any map entry that does not specify
+ # node_repair_config will use this value. Node auto repair is disabled by
+ # default.
+ node_group_default_node_repair_config = null
+
# Default value for subnet_ids field of managed_node_group_configurations.
node_group_default_subnet_ids = null
@@ -959,7 +978,7 @@ module "eks_cluster" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-cluster?ref=v0.143.3"
}
inputs = {
@@ -1024,6 +1043,11 @@ inputs = {
# autoscaling_group_configurations.
asg_default_enable_detailed_monitoring = true
+ # Default value for the extra_block_device_mappings field of
+ # autoscaling_group_configurations. Any map entry that does not specify
+ # extra_block_device_mappings will use this value.
+ asg_default_extra_block_device_mappings = []
+
# Default value for the http_put_response_hop_limit field of
# autoscaling_group_configurations.
asg_default_http_put_response_hop_limit = null
@@ -1229,6 +1253,9 @@ inputs = {
# cluster to be created.
cluster_network_config_service_ipv4_cidr = null
+ # Specify the log class of the cloudwatch log group
+ control_plane_cloudwatch_log_group_class = "STANDARD"
+
# The ID (ARN, alias ARN, AWS ID) of a customer managed KMS Key to use for
# encrypting log data in the CloudWatch log group for EKS control plane logs.
control_plane_cloudwatch_log_group_kms_key_id = null
@@ -1367,6 +1394,11 @@ inputs = {
# the tag name and the value is the tag value.
eks_cluster_oidc_tags = {}
+ # The name of the Security Group to create for the EKS Cluster. If a name is
+ # not provided, a name will be generated automatically. For existing clusters,
+ # set this variable to the existing cluster security group name.
+ eks_cluster_security_group_name = null
+
# A map of custom tags to apply to the Security Group for the EKS Cluster
# Control Plane. The key is the tag name and the value is the tag value.
eks_cluster_security_group_tags = {}
@@ -1510,8 +1542,8 @@ inputs = {
# The URL from which to download Kubergrunt if it's not installed already. Use
# to specify a version of kubergrunt that is compatible with your specified
# kubernetes version. Ex.
- # 'https://github.com/gruntwork-io/kubergrunt/releases/download/v0.17.3/kubergrunt_'
- kubergrunt_download_url = "https://github.com/gruntwork-io/kubergrunt/releases/download/v0.17.3/kubergrunt_"
+ # 'https://github.com/gruntwork-io/kubergrunt/releases/download/v0.18.1/kubergrunt_'
+ kubergrunt_download_url = "https://github.com/gruntwork-io/kubergrunt/releases/download/v0.18.1/kubergrunt_"
# Version of Kubernetes to use. Refer to EKS docs for list of available
# versions
@@ -1569,6 +1601,12 @@ inputs = {
# Default value for min_size field of managed_node_group_configurations.
node_group_default_min_size = 1
+ # Default value for the node_repair_config field of
+ # managed_node_group_configurations. Any map entry that does not specify
+ # node_repair_config will use this value. Node auto repair is disabled by
+ # default.
+ node_group_default_node_repair_config = null
+
# Default value for subnet_ids field of managed_node_group_configurations.
node_group_default_subnet_ids = null
@@ -1955,6 +1993,35 @@ Default value for enable_detailed_monitoring field of autoscaling_group_configur
+
+
+
+Default value for the extra_block_device_mappings field of autoscaling_group_configurations. Any map entry that does not specify extra_block_device_mappings will use this value.
+
+
+
+
+```hcl
+list(object({
+ device_name = string
+ no_device = optional(string)
+ virtual_name = optional(string)
+ ebs = optional(object({
+ volume_size = optional(number)
+ volume_type = optional(string)
+ iops = optional(number)
+ throughput = optional(number)
+ delete_on_termination = optional(bool)
+ encrypted = optional(bool)
+ kms_key_id = optional(string)
+ }))
+ }))
+```
+
+
+
+
+
@@ -2336,6 +2403,8 @@ Any types represent complex values of variable type. For details, please consult
Per-ASG cloud init scripts to run at boot time on the node. See var.cloud_init_parts for accepted keys.
- http_put_response_hop_limit number : (Defaults to value from var.asg_default_http_put_response_hop_limit) The
desired HTTP PUT response hop limit for instance metadata requests.
+ - extra_block_device_mappings : (Defaults to value from var.asg_default_extra_block_device_mappings) Additional block device mappings
+ to attach to instances. Useful for Bottlerocket or custom storage configs.
Structure of Tag object:
- key string : The key for the tag to apply to the instance.
@@ -2569,6 +2638,15 @@ The CIDR block to assign Kubernetes pod and service IP addresses from. If you do
+
+
+
+Specify the log class of the cloudwatch log group
+
+
+
+
+
@@ -3178,6 +3256,15 @@ A map of custom tags to apply to the EKS Cluster OIDC Provider. The key is the t
+
+
+
+The name of the Security Group to create for the EKS Cluster. If a name is not provided, a name will be generated automatically. For existing clusters, set this variable to the existing cluster security group name.
+
+
+
+
+
@@ -3541,10 +3628,10 @@ map(list(string))
-The URL from which to download Kubergrunt if it's not installed already. Use to specify a version of kubergrunt that is compatible with your specified kubernetes version. Ex. 'https://github.com/gruntwork-io/kubergrunt/releases/download/v0.17.3/kubergrunt_<platform>'
+The URL from which to download Kubergrunt if it's not installed already. Use to specify a version of kubergrunt that is compatible with your specified kubernetes version. Ex. 'https://github.com/gruntwork-io/kubergrunt/releases/download/v0.18.1/kubergrunt_<platform>'
-
+
@@ -3622,6 +3709,9 @@ Any types represent complex values of variable type. For details, please consult
maximum number of Pods allowed to be scheduled on the node. When null,
the max will be automatically calculated based on the availability of
total IP addresses to the instance type.
+ - node_repair_config object : (Defaults to value from var.node_group_default_node_repair_config) The node
+ auto repair configuration for the node group. Node auto repair is disabled
+ by default.
- http_put_response_hop_limit number : (Defaults to value from
var.node_group_default_http_put_response_hop_limit) The desired
HTTP PUT response hop limit for instance metadata requests from the
@@ -3652,6 +3742,9 @@ Any types represent complex values of variable type. For details, please consult
- id string : The ID of the Launch Template to use. One of ID or Name should be provided.
- version string : The version of the Launch Template to use.
+ Structure of the node_repair_config object:
+ - enabled bool : Specifies whether to enable node auto repair for the node group. Node auto repair is disabled by default.
+
Example:
managed_node_group_configurations = {
ngroup1 = {
@@ -3784,6 +3877,24 @@ Default value for min_size field of managed_node_group_configurations.
+
+
+
+Default value for the node_repair_config field of managed_node_group_configurations. Any map entry that does not specify node_repair_config will use this value. Node auto repair is disabled by default.
+
+
+
+
+```hcl
+object({
+ enabled = bool
+ })
+```
+
+
+
+
+
@@ -4285,11 +4396,11 @@ The ID of the AWS Security Group associated with the self-managed EKS workers.
diff --git a/docs/reference/services/app-orchestration/argo-cd.md b/docs/reference/services/app-orchestration/argo-cd.md
index 4411ef4c15..b0245ea18a 100644
--- a/docs/reference/services/app-orchestration/argo-cd.md
+++ b/docs/reference/services/app-orchestration/argo-cd.md
@@ -16,13 +16,13 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Gruntwork GitOps "GruntOps"
GitOps is an operational framework that is built around DevOps best practices for a standardized approach to managing the lifecycle of Kubernetes based deployments. GitOps provides a unified approach to the deployment and management of container workloads, with Git being the single source of truth for the state of the container infrastructure. GitOps is a very developer-centric workflow that works best when adopted by individuals and teams that follow a git based development lifecycle. The core principles of GitOps have been at the center of Gruntwork from the beginning!
-View Source
+View Source
Release Notes
@@ -40,7 +40,7 @@ GitOps is an operational framework that is built around DevOps best practices fo
module "eks_argocd" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-argocd?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-argocd?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
@@ -137,7 +137,7 @@ module "eks_argocd" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-argocd?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-argocd?ref=v0.143.3"
}
inputs = {
@@ -438,11 +438,11 @@ A list of the subnets into which the Argo CD pods will be launched. These should
diff --git a/docs/reference/services/app-orchestration/auto-scaling-group-asg.md b/docs/reference/services/app-orchestration/auto-scaling-group-asg.md
index 870bb1f29b..2a42345d92 100644
--- a/docs/reference/services/app-orchestration/auto-scaling-group-asg.md
+++ b/docs/reference/services/app-orchestration/auto-scaling-group-asg.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Auto Scaling Group
-View Source
+View Source
Release Notes
@@ -55,7 +55,7 @@ access to this repo, email [support@gruntwork.io](mailto:support@gruntwork.io).
* [ASG Documentation](https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html):
Amazon’s docs for ASG that cover core concepts such as launch templates and auto scaling groups.
-* [User Data](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/asg-service/core-concepts.md)
+* [User Data](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/asg-service/core-concepts.md)
## Deploy
@@ -63,7 +63,7 @@ access to this repo, email [support@gruntwork.io](mailto:support@gruntwork.io).
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -71,7 +71,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -90,7 +90,7 @@ If you want to deploy this repo in production, check out the following resources
module "asg_service" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/asg-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/asg-service?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -497,7 +497,7 @@ module "asg_service" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/asg-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/asg-service?ref=v0.143.3"
}
inputs = {
@@ -2346,11 +2346,11 @@ The ID of the Security Group that belongs to the ASG.
diff --git a/docs/reference/services/app-orchestration/ec-2-instance.md b/docs/reference/services/app-orchestration/ec-2-instance.md
index 55e7a2690d..b74e592873 100644
--- a/docs/reference/services/app-orchestration/ec-2-instance.md
+++ b/docs/reference/services/app-orchestration/ec-2-instance.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# EC2 Instance
-View Source
+View Source
Release Notes
@@ -58,9 +58,9 @@ If you’ve never used the Service Catalog before, make sure to read
### Core concepts
-* [How do I update my instance?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/ec2-instance/core-concepts.md#how-do-i-update-my-instance)
-* [How do I use User Data?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/ec2-instance/core-concepts.md#how-do-i-use-user-data)
-* [How do I mount an EBS volume?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/ec2-instance/core-concepts.md#how-do-i-mount-an-ebs-volume)
+* [How do I update my instance?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/ec2-instance/core-concepts.md#how-do-i-update-my-instance)
+* [How do I use User Data?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/ec2-instance/core-concepts.md#how-do-i-use-user-data)
+* [How do I mount an EBS volume?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/ec2-instance/core-concepts.md#how-do-i-mount-an-ebs-volume)
### The EC2 Instance AMI
@@ -85,7 +85,7 @@ This template configures the AMI to:
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The `examples/for-learning-and-testing`
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The `examples/for-learning-and-testing`
folder contains standalone sample code optimized for learning, experimenting, and testing (but not direct
production usage).
@@ -93,7 +93,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog, configure CI / CD for your apps and
@@ -113,7 +113,7 @@ If you want to deploy this repo in production, check out the following resources
module "ec_2_instance" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ec2-instance?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ec2-instance?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -368,6 +368,16 @@ module "ec_2_instance" {
# empty string, will use var.name. Required when create_iam_role is false.
iam_role_name = ""
+ # The name of the device being monitored (e.g. xvda1)
+ instance_device = "xvda1"
+
+ # Optional fstype dimension that filters the data you request for all
+ # instances matching the specified fstype. Example: 'xfs'
+ instance_fstype = null
+
+ # The mount path of the file system being monitored (e.g. /)
+ instance_mount_path = "/"
+
# The name of a Key Pair that can be used to SSH to this instance. This
# instance may have ssh-grunt installed. The preferred way to do SSH access is
# with your own IAM user name and SSH key. This Key Pair is only as a
@@ -399,6 +409,13 @@ module "ec_2_instance" {
# If set to true, the root volume will be encrypted. Default is set to false
root_volume_encrypted = false
+ # The ID of the KMS key to use for encrypting the root volume. Only used if
+ # root_volume_encrypted is true. If null, the default EBS encryption key for
+ # the account will be used. See
+ # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#kms_key_id
+ # for more information.
+ root_volume_kms_key_id = null
+
# The size of the root volume, in gigabytes.
root_volume_size = 8
@@ -455,7 +472,7 @@ module "ec_2_instance" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ec2-instance?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/ec2-instance?ref=v0.143.3"
}
inputs = {
@@ -713,6 +730,16 @@ inputs = {
# empty string, will use var.name. Required when create_iam_role is false.
iam_role_name = ""
+ # The name of the device being monitored (e.g. xvda1)
+ instance_device = "xvda1"
+
+ # Optional fstype dimension that filters the data you request for all
+ # instances matching the specified fstype. Example: 'xfs'
+ instance_fstype = null
+
+ # The mount path of the file system being monitored (e.g. /)
+ instance_mount_path = "/"
+
# The name of a Key Pair that can be used to SSH to this instance. This
# instance may have ssh-grunt installed. The preferred way to do SSH access is
# with your own IAM user name and SSH key. This Key Pair is only as a
@@ -744,6 +771,13 @@ inputs = {
# If set to true, the root volume will be encrypted. Default is set to false
root_volume_encrypted = false
+ # The ID of the KMS key to use for encrypting the root volume. Only used if
+ # root_volume_encrypted is true. If null, the default EBS encryption key for
+ # the account will be used. See
+ # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#kms_key_id
+ # for more information.
+ root_volume_kms_key_id = null
+
# The size of the root volume, in gigabytes.
root_volume_size = 8
@@ -1336,6 +1370,33 @@ The name for the bastion host's IAM role and instance profile. If set to an empt
+
+
+
+The name of the device being monitored (e.g. xvda1)
+
+
+
+
+
+
+
+
+Optional fstype dimension that filters the data you request for all instances matching the specified fstype. Example: 'xfs'
+
+
+
+
+
+
+
+
+The mount path of the file system being monitored (e.g. /)
+
+
+
+
+
@@ -1399,6 +1460,15 @@ If set to true, the root volume will be encrypted. Default is set to false
+
+
+
+The ID of the KMS key to use for encrypting the root volume. Only used if root_volume_encrypted is true. If null, the default EBS encryption key for the account will be used. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#kms_key_id for more information.
+
+
+
+
+
@@ -1569,11 +1639,11 @@ The input parameters for the EBS volumes.
diff --git a/docs/reference/services/app-orchestration/helm-service.md b/docs/reference/services/app-orchestration/helm-service.md
index b059fdf12f..4b1fbd02f0 100644
--- a/docs/reference/services/app-orchestration/helm-service.md
+++ b/docs/reference/services/app-orchestration/helm-service.md
@@ -15,11 +15,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Helm Service
-View Source
+View Source
Release Notes
@@ -63,9 +63,9 @@ If you’ve never used the Service Catalog before, make sure to read
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -73,7 +73,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -81,7 +81,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -100,7 +100,7 @@ If you want to deploy this repo in production, check out the following resources
module "helm_service" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/helm-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/helm-service?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -127,6 +127,9 @@ module "helm_service" {
# OPTIONAL VARIABLES
# ----------------------------------------------------------------------------------------------------
+ # Whether or not Helm should create the namespace to deploy the helm chart to.
+ create_namespace = false
+
# Configuration for using the IAM role with Service Accounts feature to
# provide permissions to the applications. This expects a map with two
# properties: `openid_connect_provider_arn` and `openid_connect_provider_url`.
@@ -195,7 +198,7 @@ module "helm_service" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/helm-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/helm-service?ref=v0.143.3"
}
inputs = {
@@ -225,6 +228,9 @@ inputs = {
# OPTIONAL VARIABLES
# ----------------------------------------------------------------------------------------------------
+ # Whether or not Helm should create the namespace to deploy the helm chart to.
+ create_namespace = false
+
# Configuration for using the IAM role with Service Accounts feature to
# provide permissions to the applications. This expects a map with two
# properties: `openid_connect_provider_arn` and `openid_connect_provider_url`.
@@ -330,6 +336,15 @@ The Kubernetes Namespace to deploy the helm chart into.
### Optional
+
+
+
+Whether or not Helm should create the namespace to deploy the helm chart to.
+
+
+
+
+
@@ -482,11 +497,11 @@ Number of seconds to wait for Pods to become healthy before marking the deployme
diff --git a/docs/reference/services/app-orchestration/karpenter.md b/docs/reference/services/app-orchestration/karpenter.md
index 1cddcbda56..3cd2e8216c 100644
--- a/docs/reference/services/app-orchestration/karpenter.md
+++ b/docs/reference/services/app-orchestration/karpenter.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# EKS Karpenter
-View Source
+View Source
Release Notes
@@ -61,9 +61,9 @@ For detailed information on how Karpenter is deployed to EKS, see the documentat
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -71,7 +71,7 @@ For detailed information on how Karpenter is deployed to EKS, see the documentat
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -79,7 +79,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -101,7 +101,7 @@ If you want to deploy this repo in production, check out the following resources
module "eks_karpenter" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-karpenter?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-karpenter?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -196,7 +196,7 @@ module "eks_karpenter" {
# The version of the Karpenter CRD Helm chart. This should typically be the
# same version as karpenter_chart_version.
- karpenter_crd_chart_version = "v0.32.7"
+ karpenter_crd_chart_version = "1.6.2"
# Whether or not to create the Karpneter CRDs via the karpenter-crd Helm
# chart. It is suggested to manage the Karpenter CRDs via this Helm chart.
@@ -271,7 +271,7 @@ module "eks_karpenter" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-karpenter?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/eks-karpenter?ref=v0.143.3"
}
inputs = {
@@ -369,7 +369,7 @@ inputs = {
# The version of the Karpenter CRD Helm chart. This should typically be the
# same version as karpenter_chart_version.
- karpenter_crd_chart_version = "v0.32.7"
+ karpenter_crd_chart_version = "1.6.2"
# Whether or not to create the Karpneter CRDs via the karpenter-crd Helm
# chart. It is suggested to manage the Karpenter CRDs via this Helm chart.
@@ -673,7 +673,7 @@ The Helm repository to obtain the Karpenter CRD chart from.
The version of the Karpenter CRD Helm chart. This should typically be the same version as karpenter_chart_version.
-
+
@@ -869,11 +869,11 @@ The name of the Karpenter Node IAM Role.
diff --git a/docs/reference/services/app-orchestration/kubernetes-namespace.md b/docs/reference/services/app-orchestration/kubernetes-namespace.md
index 6c4bc1b096..c6eeca138b 100644
--- a/docs/reference/services/app-orchestration/kubernetes-namespace.md
+++ b/docs/reference/services/app-orchestration/kubernetes-namespace.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Kubernetes Namespace
-View Source
+View Source
Release Notes
@@ -65,9 +65,9 @@ subscriber and don’t have access to this repo, email [support@gruntwork.io](ma
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -75,7 +75,7 @@ subscriber and don’t have access to this repo, email [support@gruntwork.io](ma
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -83,7 +83,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -102,7 +102,7 @@ If you want to deploy this repo in production, check out the following resources
module "k_8_s_namespace" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-namespace?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-namespace?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -166,7 +166,7 @@ module "k_8_s_namespace" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-namespace?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-namespace?ref=v0.143.3"
}
inputs = {
@@ -427,11 +427,11 @@ The name of the rbac role that grants read only permissions on the namespace.
diff --git a/docs/reference/services/app-orchestration/kubernetes-service.md b/docs/reference/services/app-orchestration/kubernetes-service.md
index 5d3201fc27..4a3dbdc391 100644
--- a/docs/reference/services/app-orchestration/kubernetes-service.md
+++ b/docs/reference/services/app-orchestration/kubernetes-service.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Kubernetes Service
-View Source
+View Source
Release Notes
@@ -74,9 +74,9 @@ don’t have access to this repo, email [support@gruntwork.io](mailto:support@gr
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -84,7 +84,7 @@ don’t have access to this repo, email [support@gruntwork.io](mailto:support@gr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -92,7 +92,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -111,7 +111,7 @@ If you want to deploy this repo in production, check out the following resources
module "k_8_s_service" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-service?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -513,7 +513,7 @@ module "k_8_s_service" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-service?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/k8s-service?ref=v0.143.3"
}
inputs = {
@@ -2062,11 +2062,11 @@ Number of seconds to wait for Pods to become healthy before marking the deployme
diff --git a/docs/reference/services/app-orchestration/lambda.md b/docs/reference/services/app-orchestration/lambda.md
index 122709c8e8..70a7ea5add 100644
--- a/docs/reference/services/app-orchestration/lambda.md
+++ b/docs/reference/services/app-orchestration/lambda.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Lambda
-View Source
+View Source
Release Notes
@@ -59,9 +59,9 @@ documentation in the [terraform-aws-lambda](https://github.com/gruntwork-io/terr
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): The main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): The main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -69,7 +69,7 @@ documentation in the [terraform-aws-lambda](https://github.com/gruntwork-io/terr
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -77,7 +77,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -101,7 +101,7 @@ If you want to deploy this repo in production, check out the following resources
module "lambda" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/lambda?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/lambda?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -254,6 +254,10 @@ module "lambda" {
# with Service Accounts.
iam_policy = null
+ # The name to use for the IAM role created for the lambda function. If null,
+ # default to the function name (var.name).
+ iam_role_name = null
+
# The ECR image URI containing the function's deployment package. Example:
# 01234501234501.dkr.ecr.us-east-1.amazonaws.com/image_name:image_tag
image_uri = null
@@ -271,6 +275,10 @@ module "lambda" {
# can have a maximum of 5 Layers attached to each function.
layers = []
+ # Time to wait after creating managed policy, to avoid AWS eventual
+ # consistency racing. Default: 60s.
+ managed_policy_waiting_time = "60s"
+
# The name for the alarm's associated metric.
metric_name = "Errors"
@@ -403,7 +411,7 @@ module "lambda" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/lambda?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/lambda?ref=v0.143.3"
}
inputs = {
@@ -559,6 +567,10 @@ inputs = {
# with Service Accounts.
iam_policy = null
+ # The name to use for the IAM role created for the lambda function. If null,
+ # default to the function name (var.name).
+ iam_role_name = null
+
# The ECR image URI containing the function's deployment package. Example:
# 01234501234501.dkr.ecr.us-east-1.amazonaws.com/image_name:image_tag
image_uri = null
@@ -576,6 +588,10 @@ inputs = {
# can have a maximum of 5 Layers attached to each function.
layers = []
+ # Time to wait after creating managed policy, to avoid AWS eventual
+ # consistency racing. Default: 60s.
+ managed_policy_waiting_time = "60s"
+
# The name for the alarm's associated metric.
metric_name = "Errors"
@@ -1025,6 +1041,15 @@ map(object({
+
+
+
+The name to use for the IAM role created for the lambda function. If null, default to the function name (name).
+
+
+
+
+
@@ -1061,6 +1086,15 @@ The list of Lambda Layer Version ARNs to attach to your Lambda Function. You can
+
+
+
+Time to wait after creating managed policy, to avoid AWS eventual consistency racing. Default: 60s.
+
+
+
+
+
@@ -1423,11 +1457,11 @@ Latest published version of your Lambda Function
diff --git a/docs/reference/services/app-orchestration/public-static-website.md b/docs/reference/services/app-orchestration/public-static-website.md
index 1f39cda2e0..45b9180cc6 100644
--- a/docs/reference/services/app-orchestration/public-static-website.md
+++ b/docs/reference/services/app-orchestration/public-static-website.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Public Static Website
-View Source
+View Source
Release Notes
@@ -60,7 +60,7 @@ If you’ve never used the Service Catalog before, make sure to read
### Core concepts
This module deploys a public website, so the S3 bucket and objects with it are readable by the public. It also is
-hosted in a Public Hosted Zone in Route 53. You may provide a `hosted_zone_id` in [variables](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/public-static-website/variables.tf),
+hosted in a Public Hosted Zone in Route 53. You may provide a `hosted_zone_id` in [variables](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/public-static-website/variables.tf),
or you may provide the `base_domain_name` associated with your Public Hosted Zone in Route 53, optionally along with
any tags that must match that zone in `base_domain_name_tags`. If you do the latter, this module will find the hosted
zone id for you.
@@ -71,17 +71,17 @@ website, and how to configure SSL, check out the documentation for the
and [s3-cloudfront](https://github.com/gruntwork-io/terraform-aws-static-assets/tree/master/modules/s3-cloudfront)
modules.
-* [Quick Start](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/public-static-website/core-concepts.md#quick-start)
+* [Quick Start](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/public-static-website/core-concepts.md#quick-start)
* [How to test the website](https://github.com/gruntwork-io/terraform-aws-static-assets/blob/master/modules/s3-static-website/core-concepts.md#how-to-test-the-website)
-* [How to configure HTTPS (SSL) or a CDN?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/services/public-static-website/core-concepts.md#how-to-configure-https-ssl-or-a-cdn)
+* [How to configure HTTPS (SSL) or a CDN?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/services/public-static-website/core-concepts.md#how-to-configure-https-ssl-or-a-cdn)
* [How to handle www + root domains](https://github.com/gruntwork-io/terraform-aws-static-assets/blob/master/modules/s3-static-website/core-concepts.md#how-do-i-handle-www—root-domains)
* [How do I configure Cross Origin Resource Sharing (CORS)?](https://github.com/gruntwork-io/terraform-aws-static-assets/blob/master/modules/s3-static-website/core-concepts.md#how-do-i-configure-cross-origin-resource-sharing-cors)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -89,7 +89,7 @@ modules.
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -97,7 +97,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing/services/public-static-website/example-website):
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing/services/public-static-website/example-website):
The `examples/for-production` folder contains sample code optimized for direct usage in production. This is code from
the [Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -116,7 +116,7 @@ If you want to deploy this repo in production, check out the following resources
module "public_static_website" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/public-static-website?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/public-static-website?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -332,7 +332,7 @@ module "public_static_website" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/public-static-website?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/services/public-static-website?ref=v0.143.3"
}
inputs = {
@@ -1090,11 +1090,11 @@ The ARN of the created S3 bucket associated with the website.
diff --git a/docs/reference/services/ci-cd-pipeline/ecs-deploy-runner.md b/docs/reference/services/ci-cd-pipeline/ecs-deploy-runner.md
index 51a44e6c4a..4d00da9194 100644
--- a/docs/reference/services/ci-cd-pipeline/ecs-deploy-runner.md
+++ b/docs/reference/services/ci-cd-pipeline/ecs-deploy-runner.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# ECS Deploy Runner
-View Source
+View Source
Release Notes
@@ -77,7 +77,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -85,7 +85,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [shared account ecs-deploy-runner configuration in the for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production/infrastructure-live/shared/us-west-2/mgmt/ecs-deploy-runner/):
+* [shared account ecs-deploy-runner configuration in the for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production/infrastructure-live/shared/us-west-2/mgmt/ecs-deploy-runner/):
The `examples/for-production` folder contains sample code optimized for direct usage in production. This is code from
the [Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -104,7 +104,7 @@ If you want to deploy this repo in production, check out the following resources
module "ecs_deploy_runner" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/ecs-deploy-runner?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/ecs-deploy-runner?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -440,7 +440,7 @@ module "ecs_deploy_runner" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/ecs-deploy-runner?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/ecs-deploy-runner?ref=v0.143.3"
}
inputs = {
@@ -2541,11 +2541,11 @@ Security Group ID of the ECS task
diff --git a/docs/reference/services/ci-cd-pipeline/jenkins.md b/docs/reference/services/ci-cd-pipeline/jenkins.md
index affe5ada0b..e40840782e 100644
--- a/docs/reference/services/ci-cd-pipeline/jenkins.md
+++ b/docs/reference/services/ci-cd-pipeline/jenkins.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Jenkins CI Server
-View Source
+View Source
Release Notes
@@ -68,7 +68,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -76,7 +76,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -98,7 +98,7 @@ If you want to deploy this repo in production, check out the following resources
module "jenkins" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/jenkins?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/jenkins?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -452,7 +452,7 @@ module "jenkins" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/jenkins?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/jenkins?ref=v0.143.3"
}
inputs = {
@@ -1644,11 +1644,11 @@ The ID of the Security Group attached to the Jenkins EC2 Instance
diff --git a/docs/reference/services/data-storage/amazon-aurora.md b/docs/reference/services/data-storage/amazon-aurora.md
index 70ec386b01..ba3f12ec02 100644
--- a/docs/reference/services/data-storage/amazon-aurora.md
+++ b/docs/reference/services/data-storage/amazon-aurora.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon Aurora
-View Source
+View Source
Release Notes
@@ -71,7 +71,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -79,7 +79,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the [Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/),
and it shows you how we build an end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -102,7 +102,7 @@ If you want to deploy this repo in production, check out the following resources
module "aurora" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/aurora?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/aurora?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -183,6 +183,20 @@ module "aurora" {
# IAM roles.
cluster_iam_roles = []
+ # Specifies whether cluster level Performance Insights is enabled or not. On
+ # Aurora MySQL, Performance Insights is not supported on db.t2 or db.t3 DB
+ # instance classes.
+ cluster_performance_insights_enabled = false
+
+ # The ARN for the KMS key to encrypt cluster level Performance Insights data.
+ cluster_performance_insights_kms_key_id = null
+
+ # Specifies the amount of time to retain cluster level Performance Insights
+ # data for. Defaults to 7 days if Performance Insights are enabled. Valid
+ # values are 7, month * 31 (where month is a number of months from 1-23), and
+ # 731.
+ cluster_performance_insights_retention_period = null
+
# Copy all the Aurora cluster tags to snapshots. Default is false.
copy_tags_to_snapshot = false
@@ -225,6 +239,12 @@ module "aurora" {
# dashboard.
dashboard_write_latency_widget_parameters = {"height":6,"period":60,"width":8}
+ # The mode of Database Insights to enable for the DB cluster. Valid options
+ # are 'standard' or 'advanced'. When setting this to 'advanced' then
+ # cluster_performance_insights_enabled must be set to true and
+ # 'cluster_performance_insights_retention_period' set to at least 465 days.
+ database_insights_mode = null
+
# Configure a custom parameter group for the RDS DB cluster. This will create
# a new parameter group with the given parameters. When null, the database
# will be launched with the default parameter group.
@@ -254,6 +274,11 @@ module "aurora" {
# value in db_config_secrets_manager_id.
db_name = null
+ # If true, delete all automated backups when the DB cluster is deleted. If
+ # false, automated backups are retained until the retention period expires.
+ # Defaults to true.
+ delete_automated_backups = null
+
# Set to true to enable several basic CloudWatch alarms around CPU usage,
# memory usage, and disk space usage. If set to true, make sure to specify SNS
# topics to send notifications to using var.alarms_sns_topic_arn.
@@ -267,6 +292,10 @@ module "aurora" {
# database cannot be deleted.
enable_deletion_protection = false
+ # If true, enables the HTTP endpoint used for Data API. Only valid when
+ # engine_mode is set to serverless.
+ enable_http_endpoint = null
+
# Set to true to enable alarms related to performance, such as read and write
# latency alarms. Set to false to disable those alarms if you aren't sure what
# would be reasonable perf numbers for your RDS set up or if those numbers are
@@ -410,6 +439,12 @@ module "aurora" {
# The ARN for the KMS key to encrypt Performance Insights data.
performance_insights_kms_key_id = null
+ # The amount of time in days to retain Performance Insights data. Either 7 (7
+ # days) or 731 (2 years). When specifying
+ # performance_insights_retention_period, performance_insights_enabled needs to
+ # be set to true. Defaults to 7.
+ performance_insights_retention_period = null
+
# The port the DB will listen on (e.g. 3306). This can also be provided via
# AWS Secrets Manager. See the description of db_config_secrets_manager_id. A
# value here overrides the value in db_config_secrets_manager_id.
@@ -451,6 +486,11 @@ module "aurora" {
# https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_PIT.html
restore_source_cluster_identifier = null
+ # Only used if 'restore_source_cluster_identifier' is non-empty. Date and time
+ # in UTC format to restore the database cluster to (e.g,
+ # 2009-09-07T23:45:00Z). When null, the latest restorable time will be used.
+ restore_to_time = null
+
# Only used if 'restore_source_cluster_identifier' is non-empty. Type of
# restore to be performed. Valid options are 'full-copy' and 'copy-on-write'.
# https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Clone.html
@@ -543,7 +583,7 @@ module "aurora" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/aurora?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/aurora?ref=v0.143.3"
}
inputs = {
@@ -627,6 +667,20 @@ inputs = {
# IAM roles.
cluster_iam_roles = []
+ # Specifies whether cluster level Performance Insights is enabled or not. On
+ # Aurora MySQL, Performance Insights is not supported on db.t2 or db.t3 DB
+ # instance classes.
+ cluster_performance_insights_enabled = false
+
+ # The ARN for the KMS key to encrypt cluster level Performance Insights data.
+ cluster_performance_insights_kms_key_id = null
+
+ # Specifies the amount of time to retain cluster level Performance Insights
+ # data for. Defaults to 7 days if Performance Insights are enabled. Valid
+ # values are 7, month * 31 (where month is a number of months from 1-23), and
+ # 731.
+ cluster_performance_insights_retention_period = null
+
# Copy all the Aurora cluster tags to snapshots. Default is false.
copy_tags_to_snapshot = false
@@ -669,6 +723,12 @@ inputs = {
# dashboard.
dashboard_write_latency_widget_parameters = {"height":6,"period":60,"width":8}
+ # The mode of Database Insights to enable for the DB cluster. Valid options
+ # are 'standard' or 'advanced'. When setting this to 'advanced' then
+ # cluster_performance_insights_enabled must be set to true and
+ # 'cluster_performance_insights_retention_period' set to at least 465 days.
+ database_insights_mode = null
+
# Configure a custom parameter group for the RDS DB cluster. This will create
# a new parameter group with the given parameters. When null, the database
# will be launched with the default parameter group.
@@ -698,6 +758,11 @@ inputs = {
# value in db_config_secrets_manager_id.
db_name = null
+ # If true, delete all automated backups when the DB cluster is deleted. If
+ # false, automated backups are retained until the retention period expires.
+ # Defaults to true.
+ delete_automated_backups = null
+
# Set to true to enable several basic CloudWatch alarms around CPU usage,
# memory usage, and disk space usage. If set to true, make sure to specify SNS
# topics to send notifications to using var.alarms_sns_topic_arn.
@@ -711,6 +776,10 @@ inputs = {
# database cannot be deleted.
enable_deletion_protection = false
+ # If true, enables the HTTP endpoint used for Data API. Only valid when
+ # engine_mode is set to serverless.
+ enable_http_endpoint = null
+
# Set to true to enable alarms related to performance, such as read and write
# latency alarms. Set to false to disable those alarms if you aren't sure what
# would be reasonable perf numbers for your RDS set up or if those numbers are
@@ -854,6 +923,12 @@ inputs = {
# The ARN for the KMS key to encrypt Performance Insights data.
performance_insights_kms_key_id = null
+ # The amount of time in days to retain Performance Insights data. Either 7 (7
+ # days) or 731 (2 years). When specifying
+ # performance_insights_retention_period, performance_insights_enabled needs to
+ # be set to true. Defaults to 7.
+ performance_insights_retention_period = null
+
# The port the DB will listen on (e.g. 3306). This can also be provided via
# AWS Secrets Manager. See the description of db_config_secrets_manager_id. A
# value here overrides the value in db_config_secrets_manager_id.
@@ -895,6 +970,11 @@ inputs = {
# https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_PIT.html
restore_source_cluster_identifier = null
+ # Only used if 'restore_source_cluster_identifier' is non-empty. Date and time
+ # in UTC format to restore the database cluster to (e.g,
+ # 2009-09-07T23:45:00Z). When null, the latest restorable time will be used.
+ restore_to_time = null
+
# Only used if 'restore_source_cluster_identifier' is non-empty. Type of
# restore to be performed. Valid options are 'full-copy' and 'copy-on-write'.
# https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Clone.html
@@ -1122,6 +1202,33 @@ List of IAM role ARNs to attach to the cluster. Be sure these roles exists. They
+
+
+
+Specifies whether cluster level Performance Insights is enabled or not. On Aurora MySQL, Performance Insights is not supported on db.t2 or db.t3 DB instance classes.
+
+
+
+
+
+
+
+
+The ARN for the KMS key to encrypt cluster level Performance Insights data.
+
+
+
+
+
+
+
+
+Specifies the amount of time to retain cluster level Performance Insights data for. Defaults to 7 days if Performance Insights are enabled. Valid values are 7, month * 31 (where month is a number of months from 1-23), and 731.
+
+
+
+
+
@@ -1440,6 +1547,15 @@ object({
+
+
+
+The mode of Database Insights to enable for the DB cluster. Valid options are 'standard' or 'advanced'. When setting this to 'advanced' then cluster_performance_insights_enabled must be set to true and 'cluster_performance_insights_retention_period' set to at least 465 days.
+
+
+
+
+
@@ -1610,6 +1726,15 @@ The name for your database of up to 8 alpha-numeric characters. If you do not pr
+
+
+
+If true, delete all automated backups when the DB cluster is deleted. If false, automated backups are retained until the retention period expires. Defaults to true.
+
+
+
+
+
@@ -1637,6 +1762,15 @@ Enable deletion protection on the database instance. If this is enabled, the dat
+
+
+
+If true, enables the HTTP endpoint used for Data API. Only valid when engine_mode is set to serverless.
+
+
+
+
+
@@ -1962,6 +2096,15 @@ The ARN for the KMS key to encrypt Performance Insights data.
+
+
+
+The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). When specifying performance_insights_retention_period, performance_insights_enabled needs to be set to true. Defaults to 7.
+
+
+
+
+
@@ -2034,6 +2177,15 @@ If non-empty, the Aurora cluster will be restored from the given source cluster
+
+
+
+Only used if 'restore_source_cluster_identifier' is non-empty. Date and time in UTC format to restore the database cluster to (e.g, 2009-09-07T23:45:00Z). When null, the latest restorable time will be used.
+
+
+
+
+
@@ -2341,11 +2493,11 @@ The ARN of the AWS Lambda Function used for sharing manual snapshots with second
diff --git a/docs/reference/services/data-storage/amazon-ecr-repositories.md b/docs/reference/services/data-storage/amazon-ecr-repositories.md
index 07a3756c3d..c3c92f5d3f 100644
--- a/docs/reference/services/data-storage/amazon-ecr-repositories.md
+++ b/docs/reference/services/data-storage/amazon-ecr-repositories.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon ECR Repositories
-View Source
+View Source
Release Notes
@@ -60,7 +60,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -68,7 +68,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -87,7 +87,7 @@ If you want to deploy this repo in production, check out the following resources
module "ecr_repos" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/ecr-repos?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/ecr-repos?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -179,7 +179,7 @@ module "ecr_repos" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/ecr-repos?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/ecr-repos?ref=v0.143.3"
}
inputs = {
@@ -562,11 +562,11 @@ A list of IAM policy actions necessary for ECR write access.
diff --git a/docs/reference/services/data-storage/amazon-elasti-cache-for-memcached.md b/docs/reference/services/data-storage/amazon-elasti-cache-for-memcached.md
index 07fae91177..e3a6188d77 100644
--- a/docs/reference/services/data-storage/amazon-elasti-cache-for-memcached.md
+++ b/docs/reference/services/data-storage/amazon-elasti-cache-for-memcached.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon ElastiCache for Memcached
-View Source
+View Source
Release Notes
@@ -64,7 +64,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -72,7 +72,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -91,7 +91,7 @@ If you want to deploy this repo in production, check out the following resources
module "memcached" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/memcached?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/memcached?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -187,7 +187,7 @@ module "memcached" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/memcached?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/memcached?ref=v0.143.3"
}
inputs = {
@@ -469,11 +469,11 @@ The configuration endpoint to allow host discovery.
diff --git a/docs/reference/services/data-storage/amazon-elasti-cache-for-redis.md b/docs/reference/services/data-storage/amazon-elasti-cache-for-redis.md
index 8a2f7c0ea8..a51f9005bd 100644
--- a/docs/reference/services/data-storage/amazon-elasti-cache-for-redis.md
+++ b/docs/reference/services/data-storage/amazon-elasti-cache-for-redis.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon ElastiCache for Redis
-View Source
+View Source
Release Notes
@@ -67,7 +67,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -75,7 +75,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -94,7 +94,7 @@ If you want to deploy this repo in production, check out the following resources
module "redis" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/redis?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/redis?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -270,7 +270,7 @@ module "redis" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/redis?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/redis?ref=v0.143.3"
}
inputs = {
@@ -834,11 +834,11 @@ Security Group ID used for redis cluster.
diff --git a/docs/reference/services/data-storage/amazon-elasticsearch.md b/docs/reference/services/data-storage/amazon-elasticsearch.md
index b6a972f607..414f34bd97 100644
--- a/docs/reference/services/data-storage/amazon-elasticsearch.md
+++ b/docs/reference/services/data-storage/amazon-elasticsearch.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon Elasticsearch Service
-View Source
+View Source
Release Notes
@@ -63,7 +63,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -76,7 +76,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the [Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/),
and it shows you how we build an end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -101,7 +101,7 @@ If you want to deploy this repo in production, check out the following resources
module "elasticsearch" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/elasticsearch?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/elasticsearch?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -475,7 +475,7 @@ module "elasticsearch" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/elasticsearch?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/elasticsearch?ref=v0.143.3"
}
inputs = {
@@ -1578,11 +1578,11 @@ Domain-specific endpoint for Kibana without https scheme.
diff --git a/docs/reference/services/data-storage/amazon-rds-replica.md b/docs/reference/services/data-storage/amazon-rds-replica.md
index e056a8c1ad..c64dcc9a4c 100644
--- a/docs/reference/services/data-storage/amazon-rds-replica.md
+++ b/docs/reference/services/data-storage/amazon-rds-replica.md
@@ -16,13 +16,13 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# RDS Read Replicas Module
This module creates a read replica (read-only copy) of a DB instance.
-View Source
+View Source
Release Notes
@@ -48,7 +48,7 @@ This module creates a read replica (read-only copy) of a DB instance.
module "rds_replica" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds-replica?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds-replica?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -350,7 +350,7 @@ module "rds_replica" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds-replica?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds-replica?ref=v0.143.3"
}
inputs = {
@@ -1668,11 +1668,11 @@ A list of IDs of the RDS DB instance's read replicas.
diff --git a/docs/reference/services/data-storage/amazon-rds.md b/docs/reference/services/data-storage/amazon-rds.md
index f341347994..dd82972190 100644
--- a/docs/reference/services/data-storage/amazon-rds.md
+++ b/docs/reference/services/data-storage/amazon-rds.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon Relational Database Service
-View Source
+View Source
Release Notes
@@ -69,7 +69,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -77,12 +77,12 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
-* [How do I pass database configuration securely?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/data-stores/rds/core-concepts.md#how-do-i-pass-database-configuration-securely)
+* [How do I pass database configuration securely?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/data-stores/rds/core-concepts.md#how-do-i-pass-database-configuration-securely)
## Sample Usage
@@ -103,7 +103,7 @@ If you want to deploy this repo in production, check out the following resources
module "rds" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -623,7 +623,7 @@ module "rds" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/rds?ref=v0.143.3"
}
inputs = {
@@ -2638,11 +2638,11 @@ The ID of the Security Group that controls access to the RDS DB instance.
diff --git a/docs/reference/services/data-storage/s-3-bucket.md b/docs/reference/services/data-storage/s-3-bucket.md
index dade4c0089..389884ec96 100644
--- a/docs/reference/services/data-storage/s-3-bucket.md
+++ b/docs/reference/services/data-storage/s-3-bucket.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# S3 Bucket
-View Source
+View Source
Release Notes
@@ -59,7 +59,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -67,7 +67,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -88,7 +88,7 @@ If you want to deploy this repo in production, check out the following resources
module "s_3_bucket" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/s3-bucket?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/s3-bucket?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -327,7 +327,7 @@ module "s_3_bucket" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/s3-bucket?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/data-stores/s3-bucket?ref=v0.143.3"
}
inputs = {
@@ -1259,11 +1259,11 @@ The name of the replica S3 bucket.
diff --git a/docs/reference/services/landing-zone/aws-app-account-baseline-wrapper.md b/docs/reference/services/landing-zone/aws-app-account-baseline-wrapper.md
index 3211aea820..02b9805143 100644
--- a/docs/reference/services/landing-zone/aws-app-account-baseline-wrapper.md
+++ b/docs/reference/services/landing-zone/aws-app-account-baseline-wrapper.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Account Baseline for app accounts
-View Source
+View Source
Release Notes
@@ -57,13 +57,13 @@ If you’ve never used the Service Catalog before, make sure to read
* Learn more about each individual module, click the link in the [Features](#features) section.
* [How to configure a production-grade AWS account structure](https://docs.gruntwork.io/guides/build-it-yourself/landing-zone/)
-* [How to use multi-region services](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/landingzone/account-baseline-root/core-concepts.md#how-to-use-multi-region-services)
+* [How to use multi-region services](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/landingzone/account-baseline-root/core-concepts.md#how-to-use-multi-region-services)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -71,7 +71,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing/landingzone): The
+* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing/landingzone): The
`examples/for-learning-and-testing/landingzone` folder contains standalone sample code optimized for learning,
experimenting, and testing (but not direct production usage).
@@ -79,7 +79,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end integrated tech stack on top of the Gruntwork Service Catalog.
@@ -100,7 +100,7 @@ If you want to deploy this repo in production, check out the following resources
module "account_baseline_app" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-app?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-app?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -267,6 +267,10 @@ module "account_baseline_app" {
# you don't have to pass around the KMS key ARN.
cloudtrail_allow_kms_describe_key_to_external_aws_accounts = false
+ # After cloudtrail_num_days_after_which_archive_log_data it will
+ # moved/archived to this storage class
+ cloudtrail_archive_storage_class = "GLACIER"
+
# Specify the name of the CloudWatch Logs group to publish the CloudTrail logs
# to. This log group exists in the current account. Set this value to `null`
# to avoid publishing the trail logs to the logs group. The recommended
@@ -358,7 +362,7 @@ module "account_baseline_app" {
cloudtrail_kms_key_user_iam_arns = []
# After this number of days, log files should be transitioned from S3 to
- # Glacier. Enter 0 to never archive log data.
+ # var.cloudtrail_archive_storage_class. Enter 0 to never archive log data.
cloudtrail_num_days_after_which_archive_log_data = 30
# After this number of days, log files should be deleted from S3. Enter 0 to
@@ -946,7 +950,7 @@ module "account_baseline_app" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-app?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-app?ref=v0.143.3"
}
inputs = {
@@ -1116,6 +1120,10 @@ inputs = {
# you don't have to pass around the KMS key ARN.
cloudtrail_allow_kms_describe_key_to_external_aws_accounts = false
+ # After cloudtrail_num_days_after_which_archive_log_data it will
+ # moved/archived to this storage class
+ cloudtrail_archive_storage_class = "GLACIER"
+
# Specify the name of the CloudWatch Logs group to publish the CloudTrail logs
# to. This log group exists in the current account. Set this value to `null`
# to avoid publishing the trail logs to the logs group. The recommended
@@ -1207,7 +1215,7 @@ inputs = {
cloudtrail_kms_key_user_iam_arns = []
# After this number of days, log files should be transitioned from S3 to
- # Glacier. Enter 0 to never archive log data.
+ # var.cloudtrail_archive_storage_class. Enter 0 to never archive log data.
cloudtrail_num_days_after_which_archive_log_data = 30
# After this number of days, log files should be deleted from S3. Enter 0 to
@@ -2173,6 +2181,15 @@ Whether or not to allow kms:DescribeKey to external AWS accounts with write acce
+
+
+
+After cloudtrail_num_days_after_which_archive_log_data it will moved/archived to this storage class
+
+
+
+
+
@@ -2384,7 +2401,7 @@ All CloudTrail Logs will be encrypted with a KMS CMK (Customer Master Key) that
-After this number of days, log files should be transitioned from S3 to Glacier. Enter 0 to never archive log data.
+After this number of days, log files should be transitioned from S3 to cloudtrail_archive_storage_class. Enter 0 to never archive log data.
@@ -4101,11 +4118,11 @@ A map of ARNs of the service linked roles created from
diff --git a/docs/reference/services/landing-zone/aws-root-account-baseline-wrapper.md b/docs/reference/services/landing-zone/aws-root-account-baseline-wrapper.md
index b4dc011ed0..93267be9d3 100644
--- a/docs/reference/services/landing-zone/aws-root-account-baseline-wrapper.md
+++ b/docs/reference/services/landing-zone/aws-root-account-baseline-wrapper.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Account Baseline for root account
-View Source
+View Source
Release Notes
@@ -58,16 +58,16 @@ If you’ve never used the Service Catalog before, make sure to read
* Learn more about each individual module, click the link in the [Features](#features) section
* [How to configure a production-grade AWS account structure](https://docs.gruntwork.io/guides/build-it-yourself/landing-zone/)
-* [How to create child accounts](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/core-concepts.md#creating-child-accounts)
-* [How to aggregate AWS Config and CloudTrail data in a logs account](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/core-concepts.md#aggregating-aws-config-and-cloudtrail-data-in-a-logs-account)
-* [Why does this module use account-level AWS Config Rules?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/core-concepts.md#why-does-this-module-use-account-level-aws-config-rules)
-* [How to use multi-region services](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/core-concepts.md#how-to-use-multi-region-services)
+* [How to create child accounts](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/core-concepts.md#creating-child-accounts)
+* [How to aggregate AWS Config and CloudTrail data in a logs account](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/core-concepts.md#aggregating-aws-config-and-cloudtrail-data-in-a-logs-account)
+* [Why does this module use account-level AWS Config Rules?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/core-concepts.md#why-does-this-module-use-account-level-aws-config-rules)
+* [How to use multi-region services](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/core-concepts.md#how-to-use-multi-region-services)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -75,7 +75,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing/landingzone): The
+* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing/landingzone): The
`examples/for-learning-and-testing/landingzone` folder contains standalone sample code optimized for learning,
experimenting, and testing (but not direct production usage).
@@ -83,7 +83,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end integrated tech stack on top of the Gruntwork Service Catalog.
@@ -104,7 +104,7 @@ If you want to deploy this repo in production, check out the following resources
module "account_baseline_root" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-root?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-root?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -281,6 +281,10 @@ module "account_baseline_root" {
# you don't have to pass around the KMS key ARN.
cloudtrail_allow_kms_describe_key_to_external_aws_accounts = false
+ # After cloudtrail_num_days_after_which_archive_log_data it will
+ # moved/archived to this storage class
+ cloudtrail_archive_storage_class = "GLACIER"
+
# Specify the name of the CloudWatch Logs group to publish the CloudTrail logs
# to. This log group exists in the current account. Set this value to `null`
# to avoid publishing the trail logs to the logs group. The recommended
@@ -369,7 +373,7 @@ module "account_baseline_root" {
cloudtrail_kms_key_user_iam_arns = []
# After this number of days, log files should be transitioned from S3 to
- # Glacier. Enter 0 to never archive log data.
+ # var.cloudtrail_archive_storage_class. Enter 0 to never archive log data.
cloudtrail_num_days_after_which_archive_log_data = 30
# After this number of days, log files should be deleted from S3. Enter 0 to
@@ -1013,7 +1017,7 @@ module "account_baseline_root" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-root?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-root?ref=v0.143.3"
}
inputs = {
@@ -1193,6 +1197,10 @@ inputs = {
# you don't have to pass around the KMS key ARN.
cloudtrail_allow_kms_describe_key_to_external_aws_accounts = false
+ # After cloudtrail_num_days_after_which_archive_log_data it will
+ # moved/archived to this storage class
+ cloudtrail_archive_storage_class = "GLACIER"
+
# Specify the name of the CloudWatch Logs group to publish the CloudTrail logs
# to. This log group exists in the current account. Set this value to `null`
# to avoid publishing the trail logs to the logs group. The recommended
@@ -1281,7 +1289,7 @@ inputs = {
cloudtrail_kms_key_user_iam_arns = []
# After this number of days, log files should be transitioned from S3 to
- # Glacier. Enter 0 to never archive log data.
+ # var.cloudtrail_archive_storage_class. Enter 0 to never archive log data.
cloudtrail_num_days_after_which_archive_log_data = 30
# After this number of days, log files should be deleted from S3. Enter 0 to
@@ -2501,6 +2509,15 @@ Whether or not to allow kms:DescribeKey to external AWS accounts with write acce
+
+
+
+After cloudtrail_num_days_after_which_archive_log_data it will moved/archived to this storage class
+
+
+
+
+
@@ -2721,7 +2738,7 @@ All CloudTrail Logs will be encrypted with a KMS Key (a Customer Master Key) tha
-After this number of days, log files should be transitioned from S3 to Glacier. Enter 0 to never archive log data.
+After this number of days, log files should be transitioned from S3 to cloudtrail_archive_storage_class. Enter 0 to never archive log data.
@@ -4615,11 +4632,11 @@ A map of user name to that user's AWS Web Console password, encrypted with that
diff --git a/docs/reference/services/landing-zone/aws-security-account-baseline-wrapper.md b/docs/reference/services/landing-zone/aws-security-account-baseline-wrapper.md
index 2621c13ab2..a61ded480e 100644
--- a/docs/reference/services/landing-zone/aws-security-account-baseline-wrapper.md
+++ b/docs/reference/services/landing-zone/aws-security-account-baseline-wrapper.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Account Baseline for security account
-View Source
+View Source
Release Notes
@@ -59,13 +59,13 @@ If you’ve never used the Service Catalog before, make sure to read
* Learn more about each individual module, click the link in the [Features](#features) section.
* [How to configure a production-grade AWS account structure](https://docs.gruntwork.io/guides/build-it-yourself/landing-zone/)
-* [How to use multi-region services](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/landingzone/account-baseline-root/core-concepts.md#how-to-use-multi-region-services)
+* [How to use multi-region services](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/landingzone/account-baseline-root/core-concepts.md#how-to-use-multi-region-services)
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -73,7 +73,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing/landingzone): The
+* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing/landingzone): The
`examples/for-learning-and-testing/landingzone` folder contains standalone sample code optimized for learning,
experimenting, and testing (but not direct production usage).
@@ -81,7 +81,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -101,7 +101,7 @@ If you want to deploy this repo in production, check out the following resources
module "account_baseline_security" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-security?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-security?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -261,6 +261,10 @@ module "account_baseline_security" {
# you don't have to pass around the KMS key ARN.
cloudtrail_allow_kms_describe_key_to_external_aws_accounts = false
+ # After cloudtrail_num_days_after_which_archive_log_data it will
+ # moved/archived to this storage class
+ cloudtrail_archive_storage_class = "GLACIER"
+
# Specify the name of the CloudWatch Logs group to publish the CloudTrail logs
# to. This log group exists in the current account. Set this value to `null`
# to avoid publishing the trail logs to the logs group. The recommended
@@ -342,7 +346,7 @@ module "account_baseline_security" {
cloudtrail_kms_key_user_iam_arns = []
# After this number of days, log files should be transitioned from S3 to
- # Glacier. Enter 0 to never archive log data.
+ # var.cloudtrail_archive_storage_class. Enter 0 to never archive log data.
cloudtrail_num_days_after_which_archive_log_data = 30
# After this number of days, log files should be deleted from S3. Enter 0 to
@@ -1063,7 +1067,7 @@ module "account_baseline_security" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-security?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/account-baseline-security?ref=v0.143.3"
}
inputs = {
@@ -1226,6 +1230,10 @@ inputs = {
# you don't have to pass around the KMS key ARN.
cloudtrail_allow_kms_describe_key_to_external_aws_accounts = false
+ # After cloudtrail_num_days_after_which_archive_log_data it will
+ # moved/archived to this storage class
+ cloudtrail_archive_storage_class = "GLACIER"
+
# Specify the name of the CloudWatch Logs group to publish the CloudTrail logs
# to. This log group exists in the current account. Set this value to `null`
# to avoid publishing the trail logs to the logs group. The recommended
@@ -1307,7 +1315,7 @@ inputs = {
cloudtrail_kms_key_user_iam_arns = []
# After this number of days, log files should be transitioned from S3 to
- # Glacier. Enter 0 to never archive log data.
+ # var.cloudtrail_archive_storage_class. Enter 0 to never archive log data.
cloudtrail_num_days_after_which_archive_log_data = 30
# After this number of days, log files should be deleted from S3. Enter 0 to
@@ -2323,6 +2331,15 @@ Whether or not to allow kms:DescribeKey to external AWS accounts with write acce
+
+
+
+After cloudtrail_num_days_after_which_archive_log_data it will moved/archived to this storage class
+
+
+
+
+
@@ -2534,7 +2551,7 @@ All CloudTrail Logs will be encrypted with a KMS Key (a Customer Master Key) tha
-After this number of days, log files should be transitioned from S3 to Glacier. Enter 0 to never archive log data.
+After this number of days, log files should be transitioned from S3 to cloudtrail_archive_storage_class. Enter 0 to never archive log data.
@@ -4733,11 +4750,11 @@ A map of usernames to that user's AWS Web Console password, encrypted with that
diff --git a/docs/reference/services/landing-zone/gruntwork-access.md b/docs/reference/services/landing-zone/gruntwork-access.md
index 3209d96917..2acc48a1c8 100644
--- a/docs/reference/services/landing-zone/gruntwork-access.md
+++ b/docs/reference/services/landing-zone/gruntwork-access.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Gruntwork Access
-View Source
+View Source
Release Notes
@@ -63,7 +63,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -71,7 +71,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog, configure CI / CD for your apps and
@@ -91,7 +91,7 @@ If you want to deploy this repo in production, check out the following resources
module "gruntwork_access" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/gruntwork-access?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/gruntwork-access?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -146,7 +146,7 @@ module "gruntwork_access" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/gruntwork-access?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/gruntwork-access?ref=v0.143.3"
}
inputs = {
@@ -295,11 +295,11 @@ The name of the IAM role
diff --git a/docs/reference/services/landing-zone/iam-users-and-iam-groups.md b/docs/reference/services/landing-zone/iam-users-and-iam-groups.md
index 0583dfadea..22db734ca6 100644
--- a/docs/reference/services/landing-zone/iam-users-and-iam-groups.md
+++ b/docs/reference/services/landing-zone/iam-users-and-iam-groups.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# IAM Users and IAM Groups
-View Source
+View Source
Release Notes
@@ -74,9 +74,9 @@ If you’ve never used the Service Catalog before, make sure to read
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -84,7 +84,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing/landingzone): The
+* [examples/for-learning-and-testing/landingzone folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing/landingzone): The
`examples/for-learning-and-testing/landingzone` folder contains standalone sample code optimized for learning,
experimenting, and testing (but not direct production usage).
@@ -92,7 +92,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -113,7 +113,7 @@ If you want to deploy this repo in production, check out the following resources
module "iam_users_and_groups" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/iam-users-and-groups?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/iam-users-and-groups?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -334,7 +334,7 @@ module "iam_users_and_groups" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/iam-users-and-groups?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/landingzone/iam-users-and-groups?ref=v0.143.3"
}
inputs = {
@@ -1136,11 +1136,11 @@ A map of usernames to that user's AWS Web Console password, encrypted with that
diff --git a/docs/reference/services/networking/elastic-load-balancer-elb.md b/docs/reference/services/networking/elastic-load-balancer-elb.md
index 336968dadc..3366149a10 100644
--- a/docs/reference/services/networking/elastic-load-balancer-elb.md
+++ b/docs/reference/services/networking/elastic-load-balancer-elb.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Application Load Balancer
-View Source
+View Source
Release Notes
@@ -62,7 +62,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -70,7 +70,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -89,7 +89,7 @@ If you want to deploy this repo in production, check out the following resources
module "alb" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/alb?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/alb?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -260,6 +260,12 @@ module "alb" {
# possible values are ipv4 and dualstack.
ip_address_type = null
+ # (Optional) Informs browsers that the site should only be accessed using
+ # HTTPS, and that any future attempts to access it using HTTP should
+ # automatically be converted to HTTPS. Example: 'max-age=31536000;
+ # includeSubDomains; preload'.
+ routing_http_response_strict_transport_security_header_value = null
+
# If true, create a new S3 bucket for access logs with the name in
# var.access_logs_s3_bucket_name. If false, assume the S3 bucket for access
# logs with the name in var.access_logs_s3_bucket_name already exists, and
@@ -289,7 +295,7 @@ module "alb" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/alb?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/alb?ref=v0.143.3"
}
inputs = {
@@ -463,6 +469,12 @@ inputs = {
# possible values are ipv4 and dualstack.
ip_address_type = null
+ # (Optional) Informs browsers that the site should only be accessed using
+ # HTTPS, and that any future attempts to access it using HTTP should
+ # automatically be converted to HTTPS. Example: 'max-age=31536000;
+ # includeSubDomains; preload'.
+ routing_http_response_strict_transport_security_header_value = null
+
# If true, create a new S3 bucket for access logs with the name in
# var.access_logs_s3_bucket_name. If false, assume the S3 bucket for access
# logs with the name in var.access_logs_s3_bucket_name already exists, and
@@ -904,6 +916,15 @@ The type of IP addresses used by the subnets for your load balancer. The possibl
+
+
+
+(Optional) Informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. Example: 'max-age=31536000; includeSubDomains; preload'.
+
+
+
+
+
@@ -1019,11 +1040,11 @@ The AWS-managed DNS name assigned to the ALB.
diff --git a/docs/reference/services/networking/management-vpc.md b/docs/reference/services/networking/management-vpc.md
index fb2d684183..8bc16d76c6 100644
--- a/docs/reference/services/networking/management-vpc.md
+++ b/docs/reference/services/networking/management-vpc.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Management VPC
-View Source
+View Source
Release Notes
@@ -65,9 +65,9 @@ documentation in the [terraform-aws-vpc](https://github.com/gruntwork-io/terrafo
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): The main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): The main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -75,7 +75,7 @@ documentation in the [terraform-aws-vpc](https://github.com/gruntwork-io/terrafo
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -83,7 +83,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized or direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -105,7 +105,7 @@ If you want to deploy this repo in production, check out the following resources
module "vpc_mgmt" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc-mgmt?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc-mgmt?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -327,7 +327,7 @@ module "vpc_mgmt" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc-mgmt?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc-mgmt?ref=v0.143.3"
}
inputs = {
@@ -1087,11 +1087,11 @@ Indicates whether or not the VPC has finished creating
diff --git a/docs/reference/services/networking/route-53-hosted-zones.md b/docs/reference/services/networking/route-53-hosted-zones.md
index 300ec55e11..dfef20fa74 100644
--- a/docs/reference/services/networking/route-53-hosted-zones.md
+++ b/docs/reference/services/networking/route-53-hosted-zones.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Route 53 Hosted Zones
-View Source
+View Source
Release Notes
@@ -38,6 +38,62 @@ This service contains code to deploy [Route 53 Hosted Zones](https://aws.amazon.
* Automatic health checks to route traffic only to healthy endpoints
* Automatic integration with other AWS services, such as ELBs
+### Private hosted zone record management
+
+This module now supports creating records (including A/AAAA and alias) inside Private Hosted Zones, mirroring the
+existing capabilities for Public Hosted Zones. You can define both apex-level records and subdomain records in the
+`private_zones` input by specifying `apex_records` and `subdomains`.
+
+Example:
+
+```hcl
+module "route53" {
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/route53?ref="
+
+ private_zones = {
+ "corp.internal" = {
+ comment = "Private zone with records"
+ vpcs = [{ id = "vpc-0123456789abcdef0", region = null }]
+ tags = { Env = "dev" }
+ force_destroy = true
+
+ # Apex record (e.g., corp.internal)
+ apex_records = [
+ {
+ type = "A"
+ ttl = 60
+ records = ["10.0.0.5"]
+ }
+ ]
+
+ # Subdomain records (e.g., app.corp.internal)
+ subdomains = {
+ app = {
+ type = "A"
+ ttl = 300
+ records = ["10.0.1.10"]
+ }
+
+ # Alias to an internal ALB/NLB
+ svc = {
+ type = "A"
+ alias = {
+ name = aws_lb.internal.dns_name
+ zone_id = aws_lb.internal.zone_id
+ evaluate_target_health = true
+ }
+ }
+ }
+ }
+ }
+}
+```
+
+Notes:
+
+* Alias targets must be resolvable within the associated VPC(s) (e.g., internal ALB/NLB).
+* Query private records from within the VPC(s) that are associated to the Private Hosted Zone.
+
## Learn
:::note
@@ -49,7 +105,7 @@ If you’ve never used the Service Catalog before, make sure to read
:::
-* [Should you use AWS Route 53 or CloudMap for your DNS entries?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/networking/route53/core-concepts.md#should-i-use-route53-or-cloud-map)
+* [Should you use AWS Route 53 or CloudMap for your DNS entries?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/networking/route53/core-concepts.md#should-i-use-route53-or-cloud-map)
* [AWS Cloud Map Documentation](https://docs.aws.amazon.com/cloud-map/latest/dg/what-is-cloud-map.html): Amazon’s docs
for AWS Cloud Map that cover core concepts and configuration.
* [Route 53 Documentation](https://docs.aws.amazon.com/route53/): Amazon’s docs for Route 53 that cover core concepts
@@ -61,7 +117,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -69,7 +125,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -88,14 +144,15 @@ If you want to deploy this repo in production, check out the following resources
module "route_53" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/route53?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/route53?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
# ----------------------------------------------------------------------------------------------------
# A map of private Route 53 Hosted Zones. In this map, the key should be the
- # domain name. See examples below.
+ # domain name. Supports optional record management similar to public zones.
+ # See examples below.
private_zones = {}
# A map of public Route 53 Hosted Zones. In this map, the key should be the
@@ -126,7 +183,7 @@ module "route_53" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/route53?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/route53?ref=v0.143.3"
}
inputs = {
@@ -136,7 +193,8 @@ inputs = {
# ----------------------------------------------------------------------------------------------------
# A map of private Route 53 Hosted Zones. In this map, the key should be the
- # domain name. See examples below.
+ # domain name. Supports optional record management similar to public zones.
+ # See examples below.
private_zones = {}
# A map of public Route 53 Hosted Zones. In this map, the key should be the
@@ -170,64 +228,79 @@ inputs = {
### Optional
-
+
-A map of private Route 53 Hosted Zones. In this map, the key should be the domain name. See examples below.
+A map of private Route 53 Hosted Zones. In this map, the key should be the domain name. Supports optional record management similar to public zones. See examples below.
```hcl
-map(object({
- # An optional, arbitrary comment to attach to the private Hosted Zone
- comment = string
- # The list of VPCs to associate with the private Hosted Zone. You must provide at least one VPC in this list.
- vpcs = list(object({
- # The ID of the VPC.
- id = string
- # The region of the VPC. If null, defaults to the region configured on the provider.
- region = string
- }))
- # A mapping of tags to assign to the private Hosted Zone
- tags = map(string)
- # Whether to destroy all records (possibly managed ouside of Terraform) in the zone when destroying the zone
- force_destroy = bool
- }))
+Any types represent complex values of variable type. For details, please consult `variables.tf` in the source repo.
```
-
+
- Example
```hcl
+
+ Allow empty maps to be passed by default - since we sometimes define only public zones or only private zones in a given module call
+
+```
+
+
+
+
+
+```hcl
+
+ Example (basic private zone only):
+
private_zones = {
- "backend.com" = {
- comment = "Use for arbitrary comments"
- vpcs = [{
- id = "19233983937"
- region = null
- }]
- tags = {
- CanDelete = true
- }
- force_destroy = true
- }
- "database.com" = {
- comment = "This is prod - don't delete!"
- vpcs = [{
- id = "129734967447"
- region = null
- }]
- tags = {
- Application = "redis"
- Team = "apps"
+ "backend.local" = {
+ comment = "Use for arbitrary comments"
+ vpcs = [{ id = "vpc-1234567890", region = null }]
+ tags = { CanDelete = true }
+ force_destroy = true
+ }
+ }
+
+ Example (with private A records):
+
+ private_zones = {
+ "corp.internal" = {
+ comment = "Private zone with records"
+ vpcs = [{ id = "vpc-1234567890", region = null }]
+ tags = { Env = "dev" }
+ force_destroy = true
+ subdomains = {
+ api = {
+ type = "A"
+ ttl = 300
+ records = ["10.0.1.10"]
+ }
+ Alternatively, alias to an internal NLB/ALB etc
+ app = {
+ type = "A"
+ alias = {
+ name = aws_lb.internal.dns_name
+ zone_id = aws_lb.internal.zone_id
+ evaluate_target_health = true
}
- force_destroy = false
+ }
}
+ apex_records = [
+ {
+ type = "A"
+ ttl = 60
+ records = ["10.0.0.5"]
+ }
+ ]
+ }
}
```
@@ -548,11 +621,11 @@ A map of domains to resource arns and hosted zones of the created Service Discov
diff --git a/docs/reference/services/networking/sns-topics.md b/docs/reference/services/networking/sns-topics.md
index 8968e55dc2..a81589c5dd 100644
--- a/docs/reference/services/networking/sns-topics.md
+++ b/docs/reference/services/networking/sns-topics.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Amazon Simple Notification Service
-View Source
+View Source
Release Notes
@@ -48,8 +48,8 @@ If you’ve never used the Service Catalog before, make sure to read
:::
* [SNS Documentation](https://docs.aws.amazon.com/sns/): Amazon’s docs for SNS that cover core concepts and configuration
-* [How do SNS topics work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/networking/sns-topics/core-concepts.md#how-do-sns-topics-work)
-* [How do I get notified when a message is published to an SNS Topic?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/networking/sns-topics/core-concepts.md#how-do-i-get-notified)
+* [How do SNS topics work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/networking/sns-topics/core-concepts.md#how-do-sns-topics-work)
+* [How do I get notified when a message is published to an SNS Topic?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/networking/sns-topics/core-concepts.md#how-do-i-get-notified)
## Deploy
@@ -57,7 +57,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -65,7 +65,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -84,7 +84,7 @@ If you want to deploy this repo in production, check out the following resources
module "sns_topics" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/sns-topics?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/sns-topics?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -121,6 +121,10 @@ module "sns_topics" {
# The display name of the SNS topic
display_name = ""
+ # Set to true to enable advanced formatting for CloudWatch alarms in Slack.
+ # This will use the CloudWatchNotification class for richer messages.
+ enable_advanced_formatting = false
+
# The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a
# custom CMK
kms_master_key_id = "alias/aws/sns"
@@ -145,7 +149,7 @@ module "sns_topics" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/sns-topics?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/sns-topics?ref=v0.143.3"
}
inputs = {
@@ -185,6 +189,10 @@ inputs = {
# The display name of the SNS topic
display_name = ""
+ # Set to true to enable advanced formatting for CloudWatch alarms in Slack.
+ # This will use the CloudWatchNotification class for richer messages.
+ enable_advanced_formatting = false
+
# The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a
# custom CMK
kms_master_key_id = "alias/aws/sns"
@@ -291,6 +299,15 @@ The display name of the SNS topic
+
+
+
+Set to true to enable advanced formatting for CloudWatch alarms in Slack. This will use the CloudWatchNotification class for richer messages.
+
+
+
+
+
@@ -326,11 +343,11 @@ The ARN of the SNS topic.
diff --git a/docs/reference/services/networking/virtual-private-cloud-vpc.md b/docs/reference/services/networking/virtual-private-cloud-vpc.md
index c97696dde1..47e2981212 100644
--- a/docs/reference/services/networking/virtual-private-cloud-vpc.md
+++ b/docs/reference/services/networking/virtual-private-cloud-vpc.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# VPC
-View Source
+View Source
Release Notes
@@ -65,9 +65,9 @@ documentation in the [terraform-aws-vpc](https://github.com/gruntwork-io/terrafo
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules): The main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules): The main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/test): Automated tests for the modules and examples.
## Deploy
@@ -75,7 +75,7 @@ documentation in the [terraform-aws-vpc](https://github.com/gruntwork-io/terrafo
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -83,7 +83,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.
@@ -105,7 +105,7 @@ If you want to deploy this repo in production, check out the following resources
module "vpc" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -861,7 +861,7 @@ module "vpc" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/vpc?ref=v0.143.3"
}
inputs = {
@@ -3612,11 +3612,11 @@ Indicates whether or not the VPC has finished creating
diff --git a/docs/reference/services/security/bastion.md b/docs/reference/services/security/bastion.md
index f4728f6728..e1e8fe0eb1 100644
--- a/docs/reference/services/security/bastion.md
+++ b/docs/reference/services/security/bastion.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Bastion Host
-View Source
+View Source
Release Notes
@@ -87,7 +87,7 @@ The bastion host AMI is defined using the [Packer](https://www.packer.io/) templ
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -95,7 +95,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog, configure CI / CD for your apps and
@@ -115,7 +115,7 @@ If you want to deploy this repo in production, check out the following resources
module "bastion_host" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/bastion-host?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/bastion-host?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -346,7 +346,7 @@ module "bastion_host" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/bastion-host?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/bastion-host?ref=v0.143.3"
}
inputs = {
@@ -1076,11 +1076,11 @@ The fully qualified name of the bastion host.
diff --git a/docs/reference/services/security/open-vpn.md b/docs/reference/services/security/open-vpn.md
index 1300ca509b..cbba6f1c33 100644
--- a/docs/reference/services/security/open-vpn.md
+++ b/docs/reference/services/security/open-vpn.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# OpenVPN Server
-View Source
+View Source
Release Notes
@@ -74,7 +74,7 @@ documentation in the [package-openvpn](https://github.com/gruntwork-io/terraform
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -82,7 +82,7 @@ If you just want to try this repo out for experimenting and learning, check out
If you want to deploy this repo in production, check out the following resources:
-* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-production): The `examples/for-production` folder contains sample code
+* [examples/for-production folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-production): The `examples/for-production` folder contains sample code
optimized for direct usage in production. This is code from the
[Gruntwork Reference Architecture](https://gruntwork.io/reference-architecture/), and it shows you how we build an
end-to-end, integrated tech stack on top of the Gruntwork Service Catalog, configure CI / CD for your apps and
@@ -102,7 +102,7 @@ If you want to deploy this repo in production, check out the following resources
module "openvpn_server" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/openvpn-server?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/openvpn-server?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -441,7 +441,7 @@ module "openvpn_server" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/openvpn-server?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/openvpn-server?ref=v0.143.3"
}
inputs = {
@@ -1539,11 +1539,11 @@ The security group ID of the OpenVPN server.
diff --git a/docs/reference/services/security/tailscale-subnet-router.md b/docs/reference/services/security/tailscale-subnet-router.md
index dfc9220672..80df904e6e 100644
--- a/docs/reference/services/security/tailscale-subnet-router.md
+++ b/docs/reference/services/security/tailscale-subnet-router.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# Tailscale Subnet Router
-View Source
+View Source
Release Notes
@@ -77,7 +77,7 @@ If you’ve never used the Service Catalog before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/examples/for-learning-and-testing): The
+* [examples/for-learning-and-testing folder](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/examples/for-learning-and-testing): The
`examples/for-learning-and-testing` folder contains standalone sample code optimized for learning, experimenting, and
testing (but not direct production usage).
@@ -94,7 +94,7 @@ access services within your VPC through the tailnet.
### What AMI should I use?
-Any AMI can be used with this module, provided that the [install-tailscale](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/mgmt/tailscale-subnet-router/scripts/install-tailscale.sh) script is installed
+Any AMI can be used with this module, provided that the [install-tailscale](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/mgmt/tailscale-subnet-router/scripts/install-tailscale.sh) script is installed
into the AMI. The `install-tailscale` script ensures that Tailscale is installed with the `init-tailscale-subnet-router` boot
script, which can be used to load the auth key from AWS Secrets Manager to authenticate to Tailscale at boot time.
@@ -150,7 +150,7 @@ resource "aws_iam_role_policy_attachment" "attachment" {
module "tailscale_subnet_router" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/tailscale-subnet-router?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/tailscale-subnet-router?ref=v0.143.3"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -386,7 +386,7 @@ module "tailscale_subnet_router" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/tailscale-subnet-router?ref=v0.127.2"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/mgmt/tailscale-subnet-router?ref=v0.143.3"
}
inputs = {
@@ -1094,11 +1094,11 @@ ID of the primary security group attached to the Tailscale relay server.
diff --git a/docs/reference/services/security/tls-scripts.md b/docs/reference/services/security/tls-scripts.md
index bf9b10b807..5771836cc8 100644
--- a/docs/reference/services/security/tls-scripts.md
+++ b/docs/reference/services/security/tls-scripts.md
@@ -16,11 +16,11 @@ import TabItem from '@theme/TabItem';
import VersionBadge from '../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../src/components/HclListItem.tsx';
-
+
# TLS Scripts
-View Source
+View Source
Release Notes
@@ -54,33 +54,33 @@ If you’ve never used the Service Catalog before, make sure to read
### About TLS
-* [How does TLS/SSL work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-does-tlsssl-work)
-* [What are commercial or public Certificate Authorities?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#what-are-commercial-or-public-certificate-authorities)
-* [How does Gruntwork generate a TLS cert for private services?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-does-gruntwork-generate-a-tls-cert-for-private-services)
+* [How does TLS/SSL work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-does-tlsssl-work)
+* [What are commercial or public Certificate Authorities?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#what-are-commercial-or-public-certificate-authorities)
+* [How does Gruntwork generate a TLS cert for private services?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-does-gruntwork-generate-a-tls-cert-for-private-services)
### About the scripts specifically
-* [How does create-tls-cert work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-does-create-tls-cert-work)
-* [How does download-rds-ca-certs work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-does-download-rds-ca-certs-work)
-* [How does generate-trust-stores work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-does-generate-trust-stores-work)
+* [How does create-tls-cert work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-does-create-tls-cert-work)
+* [How does download-rds-ca-certs work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-does-download-rds-ca-certs-work)
+* [How does generate-trust-stores work?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-does-generate-trust-stores-work)
## Deploy
### Running
-* [How do I run these scripts using Docker?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-do-i-run-these-scripts-using-docker)
-* [How do I create self-signed TLS certs?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-do-i-create-self-signed-tls-certs)
-* [Should I store certs in AWS Secrets Manager or Amazon Certificate Manager?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#should-i-store-certs-in-aws-secrets-manager-or-amazon-certificate-manager)
-* [Generating self-signed certs for local dev and testing](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-local-dev-and-testing)
-* [Generating self-signed certs for prod, encrypting certs locally with KMS](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-prod-encrypting-certs-locally-with-kms)
-* [Generating self-signed certs for prod, using AWS Secrets Manager for storage](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-prod-using-aws-secrets-manager-for-storage)
-* [Generating self-signed certs for prod, using Amazon Certificate Manager for storage](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-prod-using-amazon-certificate-manager-for-storage)
-* [How do I download CA public keys for validating RDS TLS connections?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-do-i-download-CA-public-keys-for-validating-rds-tls-connections)
-* [How do I generate key stores and trust stores to manage TLS certificates for JVM apps?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-do-i-generate-key-stores-and-trust-stores-to-manage-tls-certificates-for-jvm-apps)
+* [How do I run these scripts using Docker?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-do-i-run-these-scripts-using-docker)
+* [How do I create self-signed TLS certs?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-do-i-create-self-signed-tls-certs)
+* [Should I store certs in AWS Secrets Manager or Amazon Certificate Manager?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#should-i-store-certs-in-aws-secrets-manager-or-amazon-certificate-manager)
+* [Generating self-signed certs for local dev and testing](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-local-dev-and-testing)
+* [Generating self-signed certs for prod, encrypting certs locally with KMS](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-prod-encrypting-certs-locally-with-kms)
+* [Generating self-signed certs for prod, using AWS Secrets Manager for storage](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-prod-using-aws-secrets-manager-for-storage)
+* [Generating self-signed certs for prod, using Amazon Certificate Manager for storage](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#generating-self-signed-certs-for-prod-using-amazon-certificate-manager-for-storage)
+* [How do I download CA public keys for validating RDS TLS connections?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-do-i-download-CA-public-keys-for-validating-rds-tls-connections)
+* [How do I generate key stores and trust stores to manage TLS certificates for JVM apps?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-do-i-generate-key-stores-and-trust-stores-to-manage-tls-certificates-for-jvm-apps)
### Testing
-* [How do I test these scripts using Docker?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.127.2/modules/tls-scripts/core-concepts.md#how-do-i-test-these-scripts-using-docker)
+* [How do I test these scripts using Docker?](https://github.com/gruntwork-io/terraform-aws-service-catalog/tree/v0.143.3/modules/tls-scripts/core-concepts.md#how-do-i-test-these-scripts-using-docker)
@@ -105,11 +105,11 @@ If you’ve never used the Service Catalog before, make sure to read