v0.8.3

Modules affected

• None (updates to example in root only)

Description

• Updated the example code in the root of this repo to fix deprecation warnings with Terraform 0.13. There should be no difference in behavior.

Related links

• #206

v0.8.2

Modules affected

• consul-cluster
• consul-security-group-rules

Description

• You can now allow inbound API traffic on the HTTPS port by setting the new enable_https_port input variable to true. You can also customize the HTTPS port using the new input variable https_api_port.

Special thanks

• Thank you to @Laakso for the contribution!

Related links

• #200

v0.8.1

Modules affected

• consul-cluster

Description

• You can now enable encryption for the root volume using the new root_volume_encrypted input variable.

Special thanks

• Thank you to @mirkop-mattr for the contribution!

Related links

• #199

v0.8.0

Modules affected

• (none)

Description

• Terraform 0.13 upgrade: We have verified that this repo is compatible with Terraform 0.13.x!
  • From this release onward, we will only be running tests with Terraform 0.13.x against this repo, so we recommend updating to 0.13.x soon!
  • To give you more time to upgrade, for the time being, all modules will still support Terraform 0.12.26 and above, as that version has several features in it (required_providers with source URLs) that make it more forwards compatible with 0.13.x.
  • Once all Gruntwork repos have been upgrade to work with 0.13.x, we will publish a migration guide with a version compatibility table and announce it all via the Gruntwork Newsletter.

Related links

• #192

v0.7.11

Modules affected

• install-dnsmasq

Description

• You can now specify a custom IP address for dnsmasq to listen on using the new --dnsmasq-listen-address option.

Special thanks

• Thanks to @ryandens for the fix!

Related links

• #191

v0.7.10

Modules affected

• consul-cluster

Description

• The consul-cluster module now sets the ignore_changes lifecycle setting on load_balancers and target_group_arns attributes. As of AWS Provider 3.x, if you use aws_autoscaling_attachment, you MUST have ignore_changes set on these attributes, or your load balancer will be removed (see corresponding issue in the AWS provider). Since the consul-cluster module doesn't let you use these attributes anyway, this should be a backwards compatible change that allows this module to work properly with a load balancer.

Special thanks

• Thanks to @andrew-womeldorf for the fix!

Related links

• #188

v0.7.9

Modules affected

• run-consul

Description

• Added a new --verify-server-hostname flag to run-consul that, when set, enables server hostname verification as part of RPC encryption. Each server in Consul should get its own certificate that contains SERVERNAME.DATACENTERNAME.consul in the hostname or SAN. This prevents an authenticated agent from being converted into a server that streams all data, bypassing ACLs.

Related links

• #190

v0.7.8

Modules affected

• install-consul
• install-dnsmasq
• run-consul

Description

• Fix shellcheck warnings in these three modules. There should be no change to behavior, though it's possible fixing these warnings may have fixed some unknown bugs or unexpected gotchas.

Related links

• #189

v0.7.7

Modules affected

• consul-cluster

Description

• Set default values for availability_zones and subnet_ids to null in consul-cluster. As of AWS Provider 3.x.x, only one of these parameters may be set at a time on an Auto Scaling Group, so we now have to use null rather than empty list as our default.

Special thanks

• Thanks to @rafaelremondes for the PR!

Related links

• #182

v0.7.6

Modules affected

• consul-security-group-rules

Description

• Removed a duplicate required_version entry from the consul-security-group-rules module. This should have no impact on behavior.

Special thanks

• Thanks to @RetWolf for the PR!

Related links

• #179