Skip to content

[Automated Update][terraform-aws-messaging] v1.0.3 release #2926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
docs-sourcer wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Automated Update][terraform-aws-messaging] v1.0.3 release #2926

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 51 additions & 23 deletions .../reference/modules/terraform-aws-messaging/kinesis-firehose/kinesis-firehose.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";

<VersionBadge repoTitle="AWS Messaging" version="1.0.2" lastModifiedVersion="0.13.0"/>
<VersionBadge repoTitle="AWS Messaging" version="1.0.3" lastModifiedVersion="1.0.3"/>

# Kinesis Firehose Delivery Stream Module

<a href="https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis-firehose" className="link-button" title="View the source code for this module in GitHub.">View Source</a>
<a href="https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis-firehose" className="link-button" title="View the source code for this module in GitHub.">View Source</a>

<a href="https://github.com/gruntwork-io/terraform-aws-messaging/releases/tag/v0.13.0" className="link-button" title="Release notes for only versions which impacted this module.">Release Notes</a>
<a href="https://github.com/gruntwork-io/terraform-aws-messaging/releases/tag/v1.0.3" className="link-button" title="Release notes for only versions which impacted this module.">Release Notes</a>

This module creates
an [Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/what-is-this-service.html).
Expand All @@ -40,15 +40,12 @@ the `var.kinesis_stream_arn` to specify the kinesis data stream, we also have a

module "kinesis_firehose" {

source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis-firehose?ref=v1.0.2"
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis-firehose?ref=v1.0.3"

# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
# ----------------------------------------------------------------------------------------------------

# The ARN of the kinesis data stream.
kinesis_stream_arn = <string>

# The name of the Kinesis Data Firehose.
name = <string>

Expand All @@ -59,9 +56,21 @@ module "kinesis_firehose" {
# OPTIONAL VARIABLES
# ----------------------------------------------------------------------------------------------------

# Set to true to use a Kinesis Data Stream as the source for the Firehose.
# When true, kinesis_stream_arn must also be provided. When false, the
# Firehose will use Direct PUT as the source. This variable is needed because
# kinesis_stream_arn may come from a resource that isn't created yet, and
# Terraform needs to know at plan time whether to create the kinesis source
# configuration.
enable_kinesis_source = false

# The processing configuration for the Kinesis Data Firehose.
extended_s3_processors = []

# The ARN of the kinesis data stream. Must be set when enable_kinesis_source
# is true.
kinesis_stream_arn = null

}


Expand All @@ -77,7 +86,7 @@ module "kinesis_firehose" {
# ------------------------------------------------------------------------------------------------------

terraform {
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis-firehose?ref=v1.0.2"
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis-firehose?ref=v1.0.3"
}

inputs = {
Expand All @@ -86,9 +95,6 @@ inputs = {
# REQUIRED VARIABLES
# ----------------------------------------------------------------------------------------------------

# The ARN of the kinesis data stream.
kinesis_stream_arn = <string>

# The name of the Kinesis Data Firehose.
name = <string>

Expand All @@ -99,9 +105,21 @@ inputs = {
# OPTIONAL VARIABLES
# ----------------------------------------------------------------------------------------------------

# Set to true to use a Kinesis Data Stream as the source for the Firehose.
# When true, kinesis_stream_arn must also be provided. When false, the
# Firehose will use Direct PUT as the source. This variable is needed because
# kinesis_stream_arn may come from a resource that isn't created yet, and
# Terraform needs to know at plan time whether to create the kinesis source
# configuration.
enable_kinesis_source = false

# The processing configuration for the Kinesis Data Firehose.
extended_s3_processors = []

# The ARN of the kinesis data stream. Must be set when enable_kinesis_source
# is true.
kinesis_stream_arn = null

}


Expand All @@ -120,14 +138,6 @@ inputs = {

### Required

<HclListItem name="kinesis_stream_arn" requirement="required" type="string">
<HclListItemDescription>

The ARN of the kinesis data stream.

</HclListItemDescription>
</HclListItem>

<HclListItem name="name" requirement="required" type="string">
<HclListItemDescription>

Expand All @@ -146,6 +156,15 @@ The ARN of the S3 bucket you want to export the data to.

### Optional

<HclListItem name="enable_kinesis_source" requirement="optional" type="bool">
<HclListItemDescription>

Set to true to use a Kinesis Data Stream as the source for the Firehose. When true, kinesis_stream_arn must also be provided. When false, the Firehose will use Direct PUT as the source. This variable is needed because kinesis_stream_arn may come from a resource that isn't created yet, and Terraform needs to know at plan time whether to create the kinesis source configuration.

</HclListItemDescription>
<HclListItemDefaultValue defaultValue="false"/>
</HclListItem>

<HclListItem name="extended_s3_processors" requirement="optional" type="list(object(…))">
<HclListItemDescription>

Expand All @@ -168,6 +187,15 @@ list(object({
<HclListItemDefaultValue defaultValue="[]"/>
</HclListItem>

<HclListItem name="kinesis_stream_arn" requirement="optional" type="string">
<HclListItemDescription>

The ARN of the kinesis data stream. Must be set when enable_kinesis_source is true.

</HclListItemDescription>
<HclListItemDefaultValue defaultValue="null"/>
</HclListItem>

</TabItem>
<TabItem value="outputs" label="Outputs">

Expand Down Expand Up @@ -209,11 +237,11 @@ Name of the role for Kinesis Firehose
<!-- ##DOCS-SOURCER-START
{
"originalSources": [
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis-firehose/readme.md",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis-firehose/variables.tf",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis-firehose/outputs.tf"
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis-firehose/readme.md",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis-firehose/variables.tf",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis-firehose/outputs.tf"
],
"sourcePlugin": "module-catalog-api",
"hash": "8db9113fa20e099ec86d9419e57763ea"
"hash": "be90673f4a06c106ae6392ce58e39820"
}
##DOCS-SOURCER-END -->
18 changes: 9 additions & 9 deletions docs/reference/modules/terraform-aws-messaging/kinesis/kinesis.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";

<VersionBadge repoTitle="AWS Messaging" version="1.0.2" lastModifiedVersion="0.13.0"/>
<VersionBadge repoTitle="AWS Messaging" version="1.0.3" lastModifiedVersion="1.0.3"/>

# Kinesis Data Stream Module

<a href="https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis" className="link-button" title="View the source code for this module in GitHub.">View Source</a>
<a href="https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis" className="link-button" title="View the source code for this module in GitHub.">View Source</a>

<a href="https://github.com/gruntwork-io/terraform-aws-messaging/releases/tag/v0.13.0" className="link-button" title="Release notes for only versions which impacted this module.">Release Notes</a>
<a href="https://github.com/gruntwork-io/terraform-aws-messaging/releases/tag/v1.0.3" className="link-button" title="Release notes for only versions which impacted this module.">Release Notes</a>

This module creates a [Kinesis Data Stream](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html).

Expand Down Expand Up @@ -152,7 +152,7 @@ regions: https://github.com/aws-samples/aws-kinesis-data-streams-replicator

module "kinesis" {

source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis?ref=v1.0.2"
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis?ref=v1.0.3"

# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
Expand Down Expand Up @@ -223,7 +223,7 @@ module "kinesis" {
# ------------------------------------------------------------------------------------------------------

terraform {
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis?ref=v1.0.2"
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/kinesis?ref=v1.0.3"
}

inputs = {
Expand Down Expand Up @@ -458,11 +458,11 @@ A map of key value pairs to apply as tags to the Kinesis stream.
<!-- ##DOCS-SOURCER-START
{
"originalSources": [
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis/readme.md",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis/variables.tf",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/kinesis/outputs.tf"
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis/readme.md",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis/variables.tf",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/kinesis/outputs.tf"
],
"sourcePlugin": "module-catalog-api",
"hash": "2b94249fc636a9a4579cb779b2eaec9c"
"hash": "1fb71b42d108b2810e4c70690a1c593a"
}
##DOCS-SOURCER-END -->
91 changes: 78 additions & 13 deletions docs/reference/modules/terraform-aws-messaging/msk/msk.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";

<VersionBadge repoTitle="AWS Messaging" version="1.0.2" lastModifiedVersion="1.0.1"/>
<VersionBadge repoTitle="AWS Messaging" version="1.0.3" lastModifiedVersion="1.0.3"/>

# Amazon Managed Streaming for Apache Kafka (Amazon MSK) Module

<a href="https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/msk" className="link-button" title="View the source code for this module in GitHub.">View Source</a>
<a href="https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/msk" className="link-button" title="View the source code for this module in GitHub.">View Source</a>

<a href="https://github.com/gruntwork-io/terraform-aws-messaging/releases/tag/v1.0.1" className="link-button" title="Release notes for only versions which impacted this module.">Release Notes</a>
<a href="https://github.com/gruntwork-io/terraform-aws-messaging/releases/tag/v1.0.3" className="link-button" title="Release notes for only versions which impacted this module.">Release Notes</a>

This Terraform module configures and launches an [Amazon MSK](https://aws.amazon.com/msk/) cluster.

Expand Down Expand Up @@ -145,12 +145,58 @@ The MSK module supports the following authentication and authorization methods:

* [IAM access control](https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.html)
using `var.enable_client_sasl_iam`. You can refer
to the [msk-with-iam-auth example module](https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/examples/msk-with-iam-auth).
* [TLS](https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html) using `var.enable_client_tls`
and `var.client_tls_certificate_authority_arns`
to the [msk-with-iam-auth example module](https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/examples/msk-with-iam-auth).
* [SASL/SCRAM authentication](https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html) using
`var.enable_client_sasl_scram` and `var.client_sasl_scram_secret_arns`.
* [TLS (Mutual TLS)](https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html) using `var.enable_client_tls`
and `var.client_tls_certificate_authority_arns`.
* [Apache Kafka ACLs](https://docs.aws.amazon.com/msk/latest/developerguide/msk-acls.html)
using `var.server_properties`.

#### Using Multiple Authentication Methods

Amazon MSK supports enabling multiple authentication methods simultaneously. You can activate any combination
of authentication modes (mutual TLS, SASL/SCRAM, or IAM access control) on new or existing clusters. This is
useful if you are migrating to a new authentication mode or must run multiple authentication modes simultaneously.

To enable multiple authentication methods, set the corresponding variables to `true`:

```hcl
module "msk" {
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/msk?ref=v0.x.x"

# ... other required variables ...

# Enable multiple authentication methods
enable_client_tls = true
client_tls_certificate_authority_arns = ["arn:aws:acm-pca:..."]
enable_client_sasl_iam = true
enable_client_sasl_scram = true
client_sasl_scram_secret_arns = ["arn:aws:secretsmanager:..."]

# TLS encryption is required for SASL authentication
encryption_in_transit_client_broker = "TLS"
}
```

**Note**: When using multiple authentication methods, ensure `encryption_in_transit_client_broker` is set to
`TLS` or `TLS_PLAINTEXT` as SASL authentication requires TLS encryption for client-broker communication.

**Important**: This feature requires Terraform AWS Provider version 4.13.0 or later. If you encounter a
`ConflictsWith` error when enabling both TLS and SASL, please upgrade your AWS provider version.

#### Unauthenticated Access

By default, the module sets `enable_client_unauthenticated = false`, which disables unauthenticated client access
when any authentication method is enabled. If you need to allow unauthenticated access alongside authenticated
methods (e.g., during a migration), you can set `enable_client_unauthenticated = true`.

**Note**: If you have an existing cluster with `unauthenticated = true` and want to enable authentication methods,
you should explicitly set `enable_client_unauthenticated = true` to prevent Terraform from changing the
unauthenticated setting unexpectedly.

See the [msk-with-multi-auth example](https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/examples/msk-with-multi-auth) for a complete working example.

You can read more about available authentication and authorization options from
the [Authentication and authorization for Apache Kafka APIs page](https://docs.aws.amazon.com/msk/latest/developerguide/kafka_apis_iam.html)

Expand Down Expand Up @@ -246,7 +292,7 @@ the [Tiered storage](https://docs.aws.amazon.com/msk/latest/developerguide/msk-t
You can enable the tiered storage by setting the following variables:

* `var.storage_info = "TIERED"`
* `var.kafka_version = "2.8.2.tiered"` (Note: this is the only supported kafka version for tiered storage)
* `var.kafka_version`: set to version 3.6.0 or higher (e.g., "3.6.0", "3.7.x", "3.8.x", etc.)
* `var.instance_type`: set to other than `kafka.t3.small`.

It's only supported for the provisioned cluster type (non-serverless mode).
Expand All @@ -264,7 +310,7 @@ It's only supported for the provisioned cluster type (non-serverless mode).

module "msk" {

source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/msk?ref=v1.0.2"
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/msk?ref=v1.0.3"

# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
Expand Down Expand Up @@ -337,6 +383,11 @@ module "msk" {
# Whether TLS client authentication is enabled.
enable_client_tls = false

# Whether unauthenticated client access is enabled. When set to true, clients
# can connect without authentication. When using TLS or SASL authentication,
# you typically want this set to false.
enable_client_unauthenticated = false

# Indicates whether you want to enable or disable streaming broker logs to
# Cloudwatch Logs.
enable_cloudwatch_logs = false
Expand Down Expand Up @@ -444,7 +495,7 @@ module "msk" {
# ------------------------------------------------------------------------------------------------------

terraform {
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/msk?ref=v1.0.2"
source = "git::git@github.com:gruntwork-io/terraform-aws-messaging.git//modules/msk?ref=v1.0.3"
}

inputs = {
Expand Down Expand Up @@ -520,6 +571,11 @@ inputs = {
# Whether TLS client authentication is enabled.
enable_client_tls = false

# Whether unauthenticated client access is enabled. When set to true, clients
# can connect without authentication. When using TLS or SASL authentication,
# you typically want this set to false.
enable_client_unauthenticated = false

# Indicates whether you want to enable or disable streaming broker logs to
# Cloudwatch Logs.
enable_cloudwatch_logs = false
Expand Down Expand Up @@ -821,6 +877,15 @@ Whether TLS client authentication is enabled.
<HclListItemDefaultValue defaultValue="false"/>
</HclListItem>

<HclListItem name="enable_client_unauthenticated" requirement="optional" type="bool">
<HclListItemDescription>

Whether unauthenticated client access is enabled. When set to true, clients can connect without authentication. When using TLS or SASL authentication, you typically want this set to false.

</HclListItemDescription>
<HclListItemDefaultValue defaultValue="false"/>
</HclListItem>

<HclListItem name="enable_cloudwatch_logs" requirement="optional" type="bool">
<HclListItemDescription>

Expand Down Expand Up @@ -1180,11 +1245,11 @@ A comma separated list of one or more hostname:port pairs to use to connect to t
<!-- ##DOCS-SOURCER-START
{
"originalSources": [
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/msk/readme.md",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/msk/variables.tf",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.2/modules/msk/outputs.tf"
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/msk/readme.md",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/msk/variables.tf",
"https://github.com/gruntwork-io/terraform-aws-messaging/tree/v1.0.3/modules/msk/outputs.tf"
],
"sourcePlugin": "module-catalog-api",
"hash": "59f6d6055769f56876cab99505541f86"
"hash": "6638bb3b448949c0f5682284c3b40ddf"
}
##DOCS-SOURCER-END -->
Loading