Added support for ensuring the service quota limits are set to a sufficiently high enough value in the new accounts to support deployment of the Reference Architecture.
Fix "no commit found for SHA" error that would come up in certain cases when copying repos.
The default behavior of --force-overwrite is now to overwrite Git history in the existing repo instead of deleting the repo entirely and recreating it. If you wish to delete and recreate, you now also need to pass --force-recreate.
We've updated the version of the boto library used in the asg-rolling-deploy module from 1.7.10 to 1.20.24 to fix a compatibility issue with python 3.10 (while still maintaining backwards compatibility with older python 3.7+ releases). However, this new version of boto DOES NOT WORK WITH PYTHON 2. Python 2 was sunsetted on January 1, 2020, so hopefully, you've already migrated off of it, but if you haven't, you will now need to to use this version of the asg-rolling-deploy module.
Fixed bug where setup-minikube script sometimes ended up with an interactive prompt.
Updated setup-minikube to install the version v1.24.0 by default.
Updated setup-minikube to require at least minikube version v1.10.0. If you are relying on an older minikube version, update your usage to match the newer version prior to upgrading the script.
Added support for restoring an Aurora cluster using a Point-in-Time restore. Refer to the variable documentation for restore_source_cluster_identifier for more details.
Added support for new AWS region (ap-southeast-3 Jakarta) to multiregion modules. As a result, you will need to add this region to your list of region providers.
Add the following to your providers.tf for terraform:
provider "aws" { region = "ap-southeast-3" alias = "ap_southeast_3" # Skip credential validation and account ID retrieval for disabled or restricted regions skip_credentials_validation = contains(coalesce(var.opt_in_regions, []), "ap-southeast-3") ? false : true skip_requesting_account_id = contains(coalesce(var.opt_in_regions, []), "ap-southeast-3") ? false : true }
For terragrunt, add ap-southeast-3 to the all_aws_regions local variable.
Updated management of S3 bucket replication configuration to use the aws_s3_bucket_replication_configuration resource so that users can have more control over the replication configuration.
Added the ability to configure an OpenID Connect Provider for GitHub Actions to use to authenticate to AWS in LandingZone (account-baseline-app and account-baseline-security).
Fixed bug where allow_ssh_from_cidr was hardcoded to true in openvpn-server module. This will now be set to false if the allow_ssh_from_cidr_list list is empty.
Added iam_role_id and iam_role_name outputs to ec2-instance module
Added the ability to configure S3 lifecycle rules to the private-s3-bucket module.
Added the ability to configure cross region replication in the ecr-repos module.
Exposed ability to specify additional security groups for the EKS cluster workers (using the new input var additional_security_groups_for_workers). As a part of this change, the input var additional_security_groups on eks-cluster module has been renamed to additional_security_groups_for_control_plane.