feat!: Update Terraform and AWS provider versions to 1.11 and 6.0 respectively
#14
Conversation
|
@bryantbiggs Would you mind taking a look at this please? :-) |
1.11 and 6.0 respectively
There was a problem hiding this comment.
looks good to me but I'll let @antonbabenko chime in given the changes I made and version bump
ps - ephemeral resources and write only arguments are .... awful ! I don't get them, nor do I see their value but since folks have asked, we'll support them I guess
examples/complete/main.tf
Outdated
| @@ -38,8 +38,8 @@ module "secrets_manager" { | |||
| # Policy | |||
| create_policy = true | |||
| block_public_policy = true | |||
| policy_statements = { | |||
| read = { | |||
| policy_statements = [ | |||
There was a problem hiding this comment.
What was the reason for the change from map to list? I like maps, because keys there are like comments. Also, *_statements are maps in other modules, I guess.
There was a problem hiding this comment.
crap, looks like I've mixed up and some are maps some are lists in the other updated modules - I'll move this back to a map
examples/complete/main.tf
Outdated
|
|
||
| function_name = local.name | ||
| description = "Example Secrets Manager secret rotation lambda function" | ||
|
|
||
| handler = "function.lambda_handler" | ||
| runtime = "python3.10" | ||
| runtime = "python3.12" |
There was a problem hiding this comment.
Just for being lazy for another more year, let's put it to python3.13 :)
examples/complete/main.tf
Outdated
| @@ -127,6 +126,12 @@ module "secrets_manager_disabled" { | |||
| # Supporting Resources | |||
| ################################################################################ | |||
|
|
|||
| ephemeral "random_password" "password" { | |||
There was a problem hiding this comment.
ephemeral outside of the module is fine, but I think we should have ephemeral within the module as well. This way, users can just call the module without any external resources/ephemerals.
There was a problem hiding this comment.
It looks like OpenTofu doesn't support ephemeral variables yet, so if we add ephemeral variables into the module, it will break it for OpenTofu users.
https://opentofu.org/docs/language/values/variables/#arguments
There was a problem hiding this comment.
re-added using ephemeral resource 9682e45
|
@bryantbiggs Are you going to address @antonbabenko's comments or should I? |
|
I will get to this today |
|
This PR is included in version 2.0.0 🎉 |
Description
v1.11is now minimum supported version; required for ephemeral resources and write only argumentsv6.0is now minimum supported versionregionparameter to specify the AWS region for the resources created if different from the provider region.objecttypes in place of the previously used any typeephemeralresource type and passed to a write only attribute to ensure secrets are not persisted in the Terraform statefilesecret_string_wo,secret_string_wo_version, androtate_immediatelyargumentsMotivation and Context
Breaking Changes
How Has This Been Tested?
examples/*to demonstrate and validate my change(s)examples/*projectspre-commit run -aon my pull request