From 117aaf27d945218e828f10019aa16fef4a6427e3 Mon Sep 17 00:00:00 2001 From: Jim Park Date: Sat, 12 Mar 2022 11:10:23 -0800 Subject: [PATCH 1/3] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5c2e2c7..b2bae8d 100644 --- a/README.md +++ b/README.md @@ -72,8 +72,8 @@ Cloudwatch log sync are namspaced by module. ## Module Versions -Version 2.0.0 and greater require terraform version 0.13.x. -Version 1.3.5 is the latest version that support terraform version 0.12.x. +**Version 2.x.x** and greater require terraform version > 0.13.x and AWS provider < 4.0.0. +**Version 1.x.x** is the latest version that support terraform version 0.12.x and AWS provider < 4.0.0. When using this module, please be sure to [pin to a compatible version](https://www.terraform.io/docs/configuration/modules.html#module-versions). ## Examples From 5bc98cb56b7dd1b697f3bfa64251515d8e8ff61c Mon Sep 17 00:00:00 2001 From: kuntalkumarbasu <42655948+kuntalkumarbasu@users.noreply.github.com> Date: Tue, 5 Apr 2022 15:37:09 -0400 Subject: [PATCH 2/3] feat!: enable support for aws provider 4.0+ (#49) BREAKING CHANGE: This release drops support for AWS provider <4.0 When updating to this version, the diff will show each of the new resources as needing to be created. However, each of the new aws_s3_bucket_* resources relies on S3 API calls that utilize a PUT action in order to modify the target S3 bucket. Because these API calls adhere to standard HTTP methods for REST APIs, they should handle situations where the target configuration already exists (as noted in the HTTP RFC). Given that this is the case, it's not strictly necessary to import any new aws_s3_bucket_* resources that are a one-to-one translation from previous versions of the AWS provider -- on the next terraform apply, they'll attempt the PUT, and update the state with the results as necessary. --- README.md | 1 + logs_monitoring_elb.tf | 78 ++++++++++++++++++++++++------------------ versions.tf | 4 +-- 3 files changed, 47 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index b2bae8d..136682b 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ Cloudwatch log sync are namspaced by module. ## Module Versions +**Version 3.x.x** and greater require terraform version > 0.13.x and AWS provider > 4.0.0. **Version 2.x.x** and greater require terraform version > 0.13.x and AWS provider < 4.0.0. **Version 1.x.x** is the latest version that support terraform version 0.12.x and AWS provider < 4.0.0. When using this module, please be sure to [pin to a compatible version](https://www.terraform.io/docs/configuration/modules.html#module-versions). diff --git a/logs_monitoring_elb.tf b/logs_monitoring_elb.tf index 618f18e..86542f2 100644 --- a/logs_monitoring_elb.tf +++ b/logs_monitoring_elb.tf @@ -25,48 +25,46 @@ locals { elb_logs_s3_bucket = "${var.elb_logs_bucket_prefix}-${var.namespace}-${var.env}-elb-logs" } +data aws_iam_policy_document "elb_logs" { + statement { + actions = [ + "s3:PutObject" + ] + resources = [ + "arn:aws:s3:::${local.elb_logs_s3_bucket}/*", + ] + principals { + type = "AWS" + identifiers = [data.aws_elb_service_account.main.arn] + } + effect = "Allow" + } +} + resource "aws_s3_bucket" "elb_logs" { count = var.create_elb_logs_bucket ? 1 : 0 bucket = local.elb_logs_s3_bucket - acl = "private" - policy = < Date: Tue, 5 Apr 2022 19:38:56 +0000 Subject: [PATCH 3/3] chore(release): 3.0.0 [skip ci] # [3.0.0](https://github.com/scribd/terraform-aws-datadog/compare/v2.7.0...v3.0.0) (2022-04-05) * feat!: enable support for aws provider 4.0+ (#49) ([5bc98cb](https://github.com/scribd/terraform-aws-datadog/commit/5bc98cb56b7dd1b697f3bfa64251515d8e8ff61c)), closes [#49](https://github.com/scribd/terraform-aws-datadog/issues/49) ### BREAKING CHANGES * This release drops support for AWS provider <4.0 When updating to this version, the diff will show each of the new resources as needing to be created. However, each of the new aws_s3_bucket_* resources relies on S3 API calls that utilize a PUT action in order to modify the target S3 bucket. Because these API calls adhere to standard HTTP methods for REST APIs, they should handle situations where the target configuration already exists (as noted in the HTTP RFC). Given that this is the case, it's not strictly necessary to import any new aws_s3_bucket_* resources that are a one-to-one translation from previous versions of the AWS provider -- on the next terraform apply, they'll attempt the PUT, and update the state with the results as necessary. --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2cdce34..330cc25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +# [3.0.0](https://github.com/scribd/terraform-aws-datadog/compare/v2.7.0...v3.0.0) (2022-04-05) + + +* feat!: enable support for aws provider 4.0+ (#49) ([5bc98cb](https://github.com/scribd/terraform-aws-datadog/commit/5bc98cb56b7dd1b697f3bfa64251515d8e8ff61c)), closes [#49](https://github.com/scribd/terraform-aws-datadog/issues/49) + + +### BREAKING CHANGES + +* This release drops support for AWS provider <4.0 + +When updating to this version, the diff will show each of the new resources as needing to be created. However, each of the new aws_s3_bucket_* resources relies on S3 API calls that utilize a PUT action in order to modify the target S3 bucket. Because these API calls adhere to standard HTTP methods for REST APIs, they should handle situations where the target configuration already exists (as noted in the HTTP RFC). Given that this is the case, it's not strictly necessary to import any new aws_s3_bucket_* resources that are a one-to-one translation from previous versions of the AWS provider -- on the next terraform apply, they'll attempt the PUT, and update the state with the results as necessary. + # [2.7.0](https://github.com/scribd/terraform-aws-datadog/compare/v2.6.1...v2.7.0) (2022-03-07)