New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Terraform terraform-aws-modules/iam/aws to v5 #1224

Merged

samsimpson1 merged 1 commit into main from renovate/terraform-aws-modules-iam-aws-5.x

Apr 11, 2024

Contributor

govuk-ci commented Apr 9, 2024

This PR contains the following updates:

Package	Type	Update	Change
terraform-aws-modules/iam/aws (source)	module	major	`~> 4.0` -> `~> 5.0`

Release Notes

terraform-aws-modules/terraform-aws-iam (terraform-aws-modules/iam/aws)

`v5.39.0`

Features

Enable override policy name iam-group-with-assumable-roles-policy (#468) (bf013d2)
Update VPC CNI policy to 3/4/24 (#476) (f9d5e28)

`v5.38.0`

Features

EBS fast snapshot restores persmission for EKS IRSA (#469) (9ea77ca)

`v5.37.2`

Bug Fixes

Allow user to change own password when no MFA is present (#470) (ef0056b)

`v5.37.1`

Bug Fixes

Update CI workflow versions to remove deprecated runtime warnings (#465) (82348df)

`v5.37.0`

Features

Extend self-management policy to read account summary (iam-group-with-policies) (#462) (0bedaf4)

`v5.36.0`

Features

Add support for Mountpoint S3 CSI driver to EKS IRSA (#459) (21fb8d9)

`v5.35.0`

Features

Allow users to set and read own access keys description (iam-group-with-policies) (#461) (c80cd10)

`v5.34.0`

Features

Support new mTLS feature in awslb IAM policy (#458) (452c37f)

5.33.1 (2024-01-18)

Bug Fixes

Skip retrieving EKS cluster data when not creating the role (#436) (bcdf554)

`v5.33.1`

`v5.33.0`

Features

Add support for Amazon CloudWatch Observability IRSA role (#446) (25e2bf9)

5.32.1 (2023-12-11)

Bug Fixes

Remove unused TLS provider in iam-github-oidc-role (#439) (2ce3885)

`v5.32.1`

`v5.32.0`

Features

Add instance profile permissions to Karpenter IRSA policy (#434) (50348dd), closes #433

`v5.31.0`

Features

Allow users to change own password in iam-group-with-policies module (#435) (eb5b218)

5.30.2 (2023-11-10)

Bug Fixes

Update AllowManageOwnAccessKeys statement (#432) (741afc9)

5.30.1 (2023-11-04)

Bug Fixes

Direct policy attachment of iam-policy-created resources (#428) (543f101)

`v5.30.2`

`v5.30.1`

`v5.30.0`

Features

Add create_custom_role_trust_policy to control when a custom_role_trust_policy should be used (#321) (481095e)

5.29.2 (2023-08-30)

Bug Fixes

Expand Permissions for external-secrets IRSA Policy towards AWS Secrets Manager (#416) (fa74a18)

5.29.1 (2023-08-30)

Bug Fixes

Add missing condition role_session_name when assuming a role (#418) (89d011e)

`v5.29.2`

`v5.29.1`

`v5.29.0`

Features

Add variable for adding statement for secretsmanager:CreateSecret (#414) (24996cd)

`v5.28.0`

Features

Added direct policy attachment in iam-user module (#387) (9fa481f)

`v5.27.0`

Features

Correct enable_mfa_enforcement spelling (#404) (54b7165)

`v5.26.0`

Features

Github OIDC add extra thumbprints as needed (#403) (56511f3)

`v5.25.0`

Features

Added variable load_balancer_controller_targetgroup_arns in iam-role-for-service-accounts-eks module (#402) (61a5dbe)

`v5.24.0`

Features

Add path variable to IAM group module (#390) (e5c42c3)

5.23.1 (2023-06-29)

Bug Fixes

Ensure role_name_condition is set correctly (#389) (0024928)

`v5.23.1`

`v5.23.0`

Features

Added variable trusted_role_actions to sub modules as a "Action of STS" (#393) (5702679)

`v5.22.0`

Features

Add wrapper modules (#396) (9284b3e)

`v5.21.0`

Features

Added permissions to list zone tags in iam-role-for-service-accounts-eks module (#394) (740945f)

`v5.20.0`

Features

Add support for AWS Gateway controller (VPC Lattice) to IRSA module (#378) (fdee003)

`v5.19.0`

Features

Add support for condition role_session_name when assuming a role (#379) (5aabe67)

`v5.18.0`

Features

iam-eks-role: Add variable to allow change of IAM assume role condition test operator (#367) (542fc5a)

5.17.1 (2023-05-05)

Bug Fixes

Remove "autoscaling:UpdateAutoScalingGroup" permission from cluster-autoscaler IRSA (#357) (aeb5d7f)

`v5.17.1`

`v5.17.0`

Features

Add name_prefix to iam-policy and iam-read-only-policy modules (#369) (5bf5f6f)

`v5.16.0`

Features

Add elasticloadbalancing:AddTags permissions to AWS Load Balancer Controller policy required for version 2.4.7+ (#358) (e1403c1)

`v5.15.0`

Features

Add permissions for instance requirements support for cluster autoscaler IRSA policy (#356) (fac0cdc)

5.14.4 (2023-03-24)

Bug Fixes

Add kms:decrypt policy for External Secret (#349) (2359a03)

5.14.3 (2023-03-23)

Bug Fixes

Do not attach force MFA statement for iam-groups-with-policies by default (#333) (b9f3409)

5.14.2 (2023-03-21)

Bug Fixes

Add ssm:DescribeParameters permission to external-secrets IAM role for service account (IRSA) (#348) (fe8d73b)

5.14.1 (2023-03-21)

Bug Fixes

Update self manage policy to support users with path (#335) (9a8d5cb)

`v5.14.4`

`v5.14.3`

`v5.14.2`

`v5.14.1`

`v5.14.0`

Features

Update efs_csi policy to support resource tagging (#352) (47cb7a2)

`v5.13.0`

Features

Add support for path in iam-group-with-assumable-roles-policy (#345) (761368e)

`v5.12.0`

Features

Add eks:DescribeCluster for Karpenter cluster endpoint auto discovery (#343) (3f2cdc8)

5.11.2 (2023-02-15)

Bug Fixes

Allow Change Password when no MFA present (#340) (0c1cfaa)

5.11.1 (2023-01-19)

Bug Fixes

Reflect the changes in the ebs_csi driver (#326) (cadfe47)

`v5.11.2`

`v5.11.1`

`v5.11.0`

Features

Allow multiple MFA devices and users to manage MFA devices (#313) (57a5d70)

`v5.10.0`

Features

Added Extra STS actions param in assumable role with SAML (#317) (a2ad4cd)

Bug Fixes

Use a version for to avoid GitHub API rate limiting on CI workflows (#323) (90349fa)

5.9.2 (2022-12-10)

Bug Fixes

Update role_name default to null (#319) (0baa2c1)

5.9.1 (2022-12-07)

Bug Fixes

Add ssm:GetParameters permission to external-secrets policy (#316) (0e77849)

`v5.9.2`

`v5.9.1`

`v5.9.0`

Features

Support IAM access key status (#315) (705040a)

`v5.8.0`

Features

Add additional permissions to Karpenter EKS IRSA role for native node termination handling support (#304) (d6865d2)

`v5.7.0`

Features

Ensure that GitHub OIDC subject prefixes are normalied for repo: (#310) (b9873a0)

`v5.6.0`

Features

Add support for creating IAM GitHub OIDC provider and role(s) (#308) (cc44693)

5.5.7 (2022-11-09)

Bug Fixes

Add secretsmanager:ListSecrets to external-secrets policy (#305) (d3fb017)

5.5.6 (2022-11-07)

Bug Fixes

Update CI configuration files to use latest version (#302) (4c1c958)

5.5.5 (2022-11-01)

Bug Fixes

Add missing locals in iam-assumable-role module (#290) (8af6d28)

5.5.4 (2022-10-26)

Bug Fixes

Insufficient permissions for karpenter policy when not using karpenter discovery tags on security group (#294) (5ad496b)

5.5.3 (2022-10-26)

Bug Fixes

Correct tflint errors for latest version of tflint (#296) (b40ade4)

5.5.2 (2022-10-13)

Bug Fixes

Explicitly assume with condition matching role arn (#283) (470b6ff)

5.5.1 (2022-10-12)

Bug Fixes

Allow TagUser to SelfManagement policy (#287) (87624b6)

`v5.5.7`

`v5.5.6`

`v5.5.5`

`v5.5.4`

`v5.5.3`

`v5.5.2`

`v5.5.1`

`v5.5.0`

Features

Add support for roles created to explicitly assume their own role if desired (#281) (3d29d26)

`v5.4.0`

Features

Add support for spot request permissions with Karpenter IRSA role (#277) (b3b99d9)

5.3.3 (2022-09-06)

Bug Fixes

Fixed iam-user module when encrypted_ses_smtp_password_v4 is null (#275) (936d0f1)

5.3.2 (2022-09-05)

Bug Fixes

Correct encrypted ses_smtp_password_v4 output (#259) (ff9d783)

5.3.1 (2022-08-25)

Bug Fixes

Don't force users to reset passwords in modules/iam-user (#271) (358f7d4)

`v5.3.3`

`v5.3.2`

`v5.3.1`

`v5.3.0`

Features

Add additional permission for karpenter IAM policy added in v0.14.0 release (#264) (bce17b2)

`v5.2.0`

Features

Add additional Karpenter permissions for spot pricing improvements (#258) (14cc1df)

`v5.1.0`

Features

Update cluster autoscaler policy for recent permission changes upstream (#255) (2f1b2bf)

`v5.0.0`

⚠ BREAKING CHANGES

Replace use of toset() for policy attachment, bump min version of AWS provider to 4.0 and Terraform to 1.0 (#250)

Features

Replace use of toset() for policy attachment, bump min version of AWS provider to 4.0 and Terraform to 1.0 (#250) (835135b)

4.24.1 (2022-05-10)

Bug Fixes

Avoid restricting Karpenter RunInstances subnets by tag key (#247) (bbbe0c0)

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

govuk-ci force-pushed the renovate/terraform-aws-modules-iam-aws-5.x branch 3 times, most recently from 821dfa6 to 1dfb4cf Compare

April 10, 2024 13:02


          Update Terraform terraform-aws-modules/iam/aws to v5

60b415c

govuk-ci force-pushed the renovate/terraform-aws-modules-iam-aws-5.x branch from 1dfb4cf to 60b415c Compare

April 10, 2024 16:02

samsimpson1 approved these changes

View reviewed changes

samsimpson1 merged commit 8ca714d into main

7 checks passed

samsimpson1 deleted the renovate/terraform-aws-modules-iam-aws-5.x branch

April 11, 2024 09:14

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet