v2.1.0

fix: listener default action variable object block [HOTFIX REQUIRED!] @oycyc (#190)

## what

Removes the default object block and changes it to null, making it consistent with the other default actions. The original mindset of having it was to default to HTTP_301 since it's a required attribute, but it doesn't matter because it is not optional() in the Terraform.

why

As described by @mschfh

this adds a redirect by default, as the default for the variable is an object, not null.

https://github.com/cloudposse/terraform-aws-alb/blob/cb8fa6558c4f8a49fa3aebf33505397c1ac74ad6/main.tf#L231-L232

https://github.com/cloudposse/terraform-aws-alb/blob/cb8fa6558c4f8a49fa3aebf33505397c1ac74ad6/variables.tf#L292-L311

Plan:

      ~ default_action {
          ~ type             = "forward" -> "redirect"
            # (2 unchanged attributes hidden)

          + redirect {
              + host        = "#{host}"
              + path        = "/#{path}"
              + port        = "#{port}"
              + protocol    = "#{protocol}"
              + query       = "#{query}"
              + status_code = "HTTP_301"
            }
        }

Explicitly passing listener_https_redirect = null to the module does prevent this change, please update the default or adjust the for_each.

references

Comment referencing this issue
#187 (comment)

v2.0.0

feat: alb client keep alive @oycyc (#189)

## what

• Adds the variable and argument for client_keep_alive.
• This was just introduced pretty recently, in May 2024. hashicorp/terraform-provider-aws#36402
  • Therefore updated the version as well, this requires a major bump from v4 to v5.46.0.

why

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#client_keep_alive-1

v1.12.0

Add IPv6 ingress security group rules @mschfh (#186)

## what

• Added IPv6 support for ingress security groups
• Added variable validation for http_ingress_cidr_blocks and https_ingress_cidr_blocks
• Added variable validation for ip_address_type
• Updated the http_ingress_cidr_blocks and https_ingress_cidr_blocks defaults values to include ::/0

why

The current implementation only configures IPv4 security group rules, causing IPv6 traffic to be dropped by default for dualstack ALBs

references

AWS Load Balancer dual-stack mode: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#ip-address-type
AWS Security Group IPv6 support: https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#security-group-rule-syntax
TF aws_security_group_rule resource: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule#ipv6_cidr_blocks

v1.11.2

feat: redirect default action for https listener @oycyc (#187)

## what

• Adds the ability for a HTTPS listener to have an default action of "redirect" in addition to the current two existing "fixed-response" and "target group".

• Create a new variable to support this with default of null.

• Ran make readme

why

There are use cases when the default action to be redirect that we want for an ALB listener if it doesn't match any rules to redirect. See image below for the action in AWS console.

This would be good to have in the module, otherwise when there is a case that this needs to be configured, this specific resource has to be stripped out.

Templates update @max-lobur (#152)

## what

Templates update

why

Maintenance

🤖 Automatic Updates

Migrate new test account @osterman (#182)

## what - Update `.github/settings.yml` - Update `.github/chatops.yml` files

why

• Re-apply .github/settings.yml from org level to get terratest environment
• Migrate to new test account

References

• DEV-388 Automate clean up of test account in new organization
• DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
• DEV-386 Update terratest to use new testing account with GitHub OIDC

Update .github/settings.yml @osterman (#181)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @osterman (#180)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @osterman (#177)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @osterman (#175)

## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

• So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#173)

## what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repo

why

• Reduce nested levels of reusable workflows

Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#172)

## what - Update workflows (`.github/workflows`) to add `issue: write` permission needed by ReviewDog `tflint` action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @osterman (#170)

## what - Update workflows (`.github/workflows/settings.yaml`)

why

• Support new readme generation workflow.
• Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#167)

## what

• Install latest GitHub Action Workflows

why

• Use shared workflows from cldouposse/.github repository
• Simplify management of workflows from centralized hub of configuration

Add GitHub Settings @osterman (#161)

## what - Install a repository config (`.github/settings.yaml`)

why

• Programmatically manage GitHub repo settings

Update README.md and docs @cloudpossebot (#158)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @osterman (#159)

## what - Reran `make readme` to rebuild `README.md` from `README.yaml` - Migrate to square badges - Add scaffolding for repo settings and Mergify

why

• Upstream template changed in the .github repo
• Work better with repository rulesets
• Modernize look & feel

chore(deps): update terraform cloudposse/vpc/aws to v2.2.0 @renovate (#156)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/vpc/aws (source)	module	minor	2.1.1 -> 2.2.0

---

Release Notes

cloudposse/terraform-aws-vpc (cloudposse/vpc/aws)

v2.2.0

Compare Source

---

v1.11.1

🐛 Bug Fixes

rm lockfile @kevcube (#151)

what

• lockfile was accidentally merged in #120

why

• we don't ship module with lockfiles

references

• #120

v1.11.0

Allow the option to set ssl request only on the s3 bucket for access logs @joshuabalduff (#120)

what

Adds an optional input variable to force SSL on the s3 bucket for security compliance.

why

[PCI.S3.5] S3 buckets should require requests to use Secure Socket Layer

references

If #107 is going to get merged, then I guess this pr serves no purpose :)

AWS Config

v1.10.0

chore(deps): update terraform cloudposse/lb-s3-bucket/aws to v0.19.0 (main) @renovate (#145)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/lb-s3-bucket/aws (source)	module	minor	0.18.0 -> 0.19.0

---

Release Notes

cloudposse/terraform-aws-lb-s3-bucket (cloudposse/lb-s3-bucket/aws)

v0.19.0

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/s3-log-storage/aws to v1.4.2 (main) @​renovate (#​69)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-log-storage/aws (source)	module	patch	1.4.0 -> 1.4.2

---

Release Notes

cloudposse/terraform-aws-s3-log-storage (cloudposse/s3-log-storage/aws)

v1.4.2

Compare Source

🚀 Enhancements

Add `grants` input @​&#​8203;Nuru (#&#​8203;93)

what

• Add grants input

why

• Some AWS services, such at Cloudfront, require specific grants for log delivery

references

• Cloudfront log delivery requirements

v1.4.1

Compare Source

Sync .github @​&#​8203;max-lobur (#&#​8203;89)

Rebuild '.github' dir from the template

🚀 Enhancements

Update Terraform cloudposse/s3-bucket/aws to v3.1.2 (main) @​&#​8203;renovate (#&#​8203;91)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-bucket/aws (source)	module	patch	3.1.1 -> 3.1.2

---

Release Notes

cloudposse/terraform-aws-s3-bucket

v3.1.2: Fix Public Bucket Creation

Compare Source

What's Changed

• Remove reference to TF_DATA_DIR retained by mistake in #​40 by @​​​Nuru in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/181
• Sync .github by @​​​max-lobur in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/183
• Fix linters / Retest on AWS provider V5 by @​​​max-lobur in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/188
• Fix Public Bucket Creation by @​​​rankin-tr in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/194

New Contributors

• @​​​rankin-tr made their first contribution in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/194

Full Changelog: cloudposse/terraform-aws-s3-bucket@3.1.1...3.1.2

---

🤖 Automatic Updates

Update Terraform cloudposse/s3-bucket/aws to v3.1.2 (main) @​&#​8203;renovate (#&#​8203;91)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-bucket/aws (source)	module	patch	3.1.1 -> 3.1.2

---

Release Notes

cloudposse/terraform-aws-s3-bucket

v3.1.2: Fix Public Bucket Creation

Compare Source

What's Changed

• Remove reference to TF_DATA_DIR retained by mistake in #​40 by @​​​Nuru in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/181
• Sync .github by @​​​max-lobur in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/183
• Fix linters / Retest on AWS provider V5 by @​​​max-lobur in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/188
• Fix Public Bucket Creation by @​​​rankin-tr in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/194

New Contributors

• @​​​rankin-tr made their first contribution in https://github.com/cloudposse/terraform-aws-s3-bucket/pull/194

Full Changelog: cloudposse/terraform-aws-s3-bucket@3.1.1...3.1.2

---

---

---

v1.9.0

add xff_header_processing_mode option to alb @tbpoetke (#143)

what

add xff_header_processing_mode option to alb

why

option is missing

v1.8.0

Support AWS Provider V5 (#142)

* Support AWS Provider V5

* Support AWS Provider V5

* Support AWS Provider V5

* bump s3

* bump s3

* bump s3

* precommit/terraform

* bump logs

* bump logs

* bump logs

* bump logs

v1.7.0

Add load_balancing_algorithm_type input variable @linhkikuchi (#127)

what

• To support other type of load_balancing_algorithm_type (other than the default round_robin)

why

• My use case requires to use least_outstanding_requests type