cloud-platform-infrastructure icon indicating copy to clipboard operation
cloud-platform-infrastructure copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

chore(deps): bump the cloud-platform-aws-account group across 1 directory with 6 updates

Open dependabot[bot] opened this issue 9 months ago • 0 comments

Bumps the cloud-platform-aws-account group with 6 updates in the /terraform/aws-accounts/cloud-platform-aws/account directory:

Package From To
auth0/auth0 0.50.2 1.2.0
ecr::cloud-platform-terraform-ecr-credentials 6.1.0 7.0.0
hashicorp/aws 5.31.0 5.49.0
integrations/github 5.42.0 6.2.1
terraform-aws-modules/acm/aws 5.0.0 5.0.1
terraform-aws-modules/s3-bucket/aws 2.14.0 4.1.2

Updates auth0/auth0 from 0.50.2 to 1.2.0

Release notes

Sourced from auth0/auth0's releases.

v1.2.0

FEATURES:

  • resource/auth0_prompt_partials: Add new resource to manage prompt partials (#918)

v1.1.2

ENHANCEMENTS:

  • resource/auth0_action: Prevent sending secrets and dependencies config if no changes triggered (#903)

BUG FIXES:

  • resource/auth0_connection: Fix PKCE values for OIDC connections (#896)
  • resource/auth0_connection: Allow samlp block to be defined as empty and inherit default values (#905)

v1.1.1

BUG FIXES:

  • resource/auth0_client_grant: Allowing scopes to be set as empty (#888)

v1.1.0

FEATURES:

  • resource/auth0_tenant: Add support for customize_mfa_in_postlogin_action setting (#871)

ENHANCEMENTS:

  • resource/auth0_client: Set default token_endpoint_auth_method based on app_type on creation (#878)

BUG FIXES:

  • resource/auth0_tenant: Set default idle_session_lifetime and session_lifetime on import (#849)
  • resource/auth0_connection: Prevent panic when checking for database config secrets (#864)
  • resource/auth0_branding: Allow deleting the resource even on free tenants (#875)
  • data-source/auth0_organization: Fix how we fetch organizations by name (#877)
  • resource/auth0_connection: Add support for disable_self_service_change_password on AD connection options (#874)

v1.0.0

NOTES:

FEATURES:

  • resource/auth0_connection: Add support for Line strategy (#818)
  • resource/auth0_connection: Add pkce and attribute_map settings to OIDC and Okta Workforce connection options (#815)
  • resource/auth0_client: Add support for pushed authorization requests setting (#756)
  • resource/auth0_tenant: Add support for pushed authorization requests setting (#756)

... (truncated)

Changelog

Sourced from auth0/auth0's changelog.

v1.2.0

FEATURES:

  • resource/auth0_prompt_partials: Add new resource to manage prompt partials (#918)

v1.1.2

ENHANCEMENTS:

  • resource/auth0_action: Prevent sending secrets and dependencies config if no changes triggered (#903)

BUG FIXES:

  • resource/auth0_connection: Fix PKCE values for OIDC connections (#896)
  • resource/auth0_connection: Allow samlp block to be defined as empty and inherit default values (#905)

v1.1.1

BUG FIXES:

  • resource/auth0_client_grant: Allowing scopes to be set as empty (#888)

v1.1.0

FEATURES:

  • resource/auth0_tenant: Add support for customize_mfa_in_postlogin_action setting (#871)

ENHANCEMENTS:

  • resource/auth0_client: Set default token_endpoint_auth_method based on app_type on creation (#878)

BUG FIXES:

  • resource/auth0_tenant: Set default idle_session_lifetime and session_lifetime on import (#849)
  • resource/auth0_connection: Prevent panic when checking for database config secrets (#864)
  • resource/auth0_branding: Allow deleting the resource even on free tenants (#875)
  • data-source/auth0_organization: Fix how we fetch organizations by name (#877)
  • resource/auth0_connection: Add support for disable_self_service_change_password on AD connection options (#874)

v1.0.0

NOTES:

... (truncated)

Commits
  • 21e8c52 Feat: Add resource for prompt partials (#918)
  • b5d51e8 Bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.32.0 to 2.33.0 (#922)
  • 1806bbf Bump github.com/hashicorp/terraform-plugin-docs from 0.17.0 to 0.18.0 (#913)
  • 718d7e5 Bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.31.0 to 2.32.0 (#915)
  • ba1ec90 Bump github.com/hashicorp/terraform-plugin-docs from 0.16.0 to 0.17.0 (#907)
  • f3b2416 Add changelog for v1.1.2 (#906)
  • ded242d ESD-33548: Allow samlp block to be defined as empty and inherit default value...
  • 9ebd304 Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#904)
  • c2807a3 Add HasChange check to action secrets and dependencies (#903)
  • 9b04210 Documenting limitation of managing action secrets out-of-bound (#898)
  • Additional commits viewable in compare view

Updates ecr::cloud-platform-terraform-ecr-credentials from 6.1.0 to 7.0.0

Release notes

Sourced from ecr::cloud-platform-terraform-ecr-credentials's releases.

v7.0.0

What's Changed

Full Changelog: https://github.com/ministryofjustice/cloud-platform-terraform-ecr-credentials/compare/6.1.1...7.0.0

Breaking Changes

Headline: If optional github_environments field is set, any pre-existing default repository ECR secrets and variables will be deleted.

This release introduces functionality that could potentially break some existing GitHub Actions pipelines that utilise GitHub Secrets and Variables. Please read this guidance thoroughly and check that your GitHub Actions workflows are configured correctly.

Action required

If you’re using the ECR module in your environment, and are not setting the optional github_environments field, then this 7.0.0 update will have no impact on your CI/CD workflows and you can ignore this guidance.

If you are setting the github_environments field, then you should be accessing your ECR secrets and variables:

ECR_ROLE_TO_ASSUME ECR_REGION ECR_REPOSITORY
(these will vary if you are setting github_actions_prefix in your module call)

from your own defined GitHub environments within your repository workflows. This can be verified by reviewing your GitHub Actions yaml ECR build configurations and verifying that your ECR secrets and variables are scoped within an environment block, similar to the below workflow snippet:

on:
  push:
    branches: [main]

jobs:
ecr:
environment: development          # <-- Your environment name here
runs-on: ubuntu-latest
...
...
steps:
...
# Assume role in Cloud Platform
- uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }}          # <-- environment scoped secret
aws-region: ${{ vars.ECR_REGION }}          # <-- environment scoped variable

... (truncated)

Commits
  • 6e9c083 Merge pull request #109 from ministryofjustice/repo-vars-condition
  • b09aa1e readme update
  • 79ccaaf readme update
  • 073f0e3 set repo vars resource creation dependency on environments list
  • 0b52bb9 Merge pull request #103 from ministryofjustice/ecr-example-01
  • 4a5633d Update example to use the latest release
  • 0386403 Merge pull request #101 from ministryofjustice/tf-validation
  • 2dc4c13 feat(action): add setup go to pipeline
  • 5915061 feat(action): add action for unit test
  • 115f8bd feat(Go): add unit tests for validation of tf
  • Additional commits viewable in compare view

Updates hashicorp/aws from 5.31.0 to 5.49.0

Release notes

Sourced from hashicorp/aws's releases.

v5.49.0

FEATURES:

  • New Data Source: aws_datazone_environment_blueprint (#36600)
  • New Resource: aws_bedrockagent_data_source (#37158)
  • New Resource: aws_datazone_domain (#36600)
  • New Resource: aws_datazone_environment_blueprint_configuration (#36600)

ENHANCEMENTS:

  • data-source/aws_iam_policy_document: Add minified_json attribute (#35677)
  • resource/aws_dynamodb_table_export: Add plan-time validation of table_arn (#37288)
  • resource/aws_kms_key: Add rotation_period_in_days argument (#37140)
  • resource/aws_securitylake_subscriber_notification: Better handles importing resource (#37332)
  • resource/aws_securitylake_subscriber_notification: Deprecates endpoint_id in favor of subscriber_endpoint (#37332)
  • resource/aws_securitylake_subscriber_notification: Handles configuration.https_notification_configuration.authorization_api_key_value as sensitive value (#37332)

BUG FIXES:

  • data-source/aws_fsx_ontap_storage_virtual_machine: Correctly set tags on Read (#37353)
  • data-source/aws_rds_orderable_db_instance: Fix InvalidParameterValue: Invalid value 3412 for MaxRecords. Must be between 20 and 1000 errors (#37251)
  • data-source/aws_resourceexplorer2_search: Fix 401 unauthorized error due to missing view_arn in the AWS API request (#36778)
  • data-source/aws_resourceexplorer2_search: Fix panic caused by bad mappping between Terraform and AWS schemas (#36778)
  • data-source/aws_resourceexplorer2_search: Fix state persistence and data types (#36778)
  • resource/aws_bedrockagent_agent: Fix to use the configured prepare_agent value (or default value of true when omitted) for all create and update operations (#37405)
  • resource/aws_elasticsearch_domain: Fix handling of unset auto_tune_options.rollback_on_disable argument (#37394)
  • resource/aws_fsx_ontap_storage_virtual_machine: Correctly set tags and tags_all on resource Read (#37353)
  • resource/aws_fsx_openzfs_file_system: Correctly set tags and tags_all on resource Read (#37353)
  • resource/aws_kms_custom_key_store: Change trust_anchor_certificate to ForceNew (#37092)
  • resource/aws_opensearch_domain: Fix handling of unset auto_tune_options.rollback_on_disable argument (#37394)
  • resource/aws_opensearch_domain: Wait for auto_tune_options to be applied during creation (#37394)
  • resource/aws_securitylake_aws_log_source: Correctly handles unspecified source_version (#36268)
  • resource/aws_securitylake_aws_log_source: Prevents errors when creating multiple log sources concurrently (#36268)
  • resource/aws_securitylake_custom_log_source: Prevents errors when creating multiple log sources concurrently (#36268)
  • resource/aws_securitylake_custom_log_source: Validates length of source_name parameter (#36268)
  • resource/aws_securitylake_subscriber: Allow more than one log source (#36268)
  • resource/aws_securitylake_subscriber: Correctly handles unspecified access_type (#36268)
  • resource/aws_securitylake_subscriber: Correctly handles unspecified source_version parameter for aws_log_source_resource and custom_log_source_resource (#36268)
  • resource/aws_securitylake_subscriber: Correctly requires source_name parameter for aws_log_source_resource and custom_log_source_resource (#36268)
  • resource/aws_securitylake_subscriber_notification: No longer recreates resource when not needed (#37332)
  • resource/aws_securitylake_subscriber_notification: Requires value for configuration.https_notification_configuration.endpoint (#37332)
  • resource/provider: Change the AWS SDK for Go v2 API client BackoffDelayer to maintain behavioral compatibility with AWS SDK for Go v1 (#37404)

v5.48.0

FEATURES:

  • New Resource: aws_bedrockagent_agent_knowledge_base_association (#37185)

ENHANCEMENTS:

... (truncated)

Changelog

Sourced from hashicorp/aws's changelog.

5.49.0 (May 10, 2024)

FEATURES:

  • New Data Source: aws_datazone_environment_blueprint (#36600)
  • New Resource: aws_bedrockagent_data_source (#37158)
  • New Resource: aws_datazone_domain (#36600)
  • New Resource: aws_datazone_environment_blueprint_configuration (#36600)

ENHANCEMENTS:

  • data-source/aws_iam_policy_document: Add minified_json attribute (#35677)
  • resource/aws_dynamodb_table_export: Add plan-time validation of table_arn (#37288)
  • resource/aws_kms_key: Add rotation_period_in_days argument (#37140)
  • resource/aws_securitylake_subscriber_notification: Better handles importing resource (#37332)
  • resource/aws_securitylake_subscriber_notification: Deprecates endpoint_id in favor of subscriber_endpoint (#37332)
  • resource/aws_securitylake_subscriber_notification: Handles configuration.https_notification_configuration.authorization_api_key_value as sensitive value (#37332)

BUG FIXES:

  • data-source/aws_fsx_ontap_storage_virtual_machine: Correctly set tags on Read (#37353)
  • data-source/aws_rds_orderable_db_instance: Fix InvalidParameterValue: Invalid value 3412 for MaxRecords. Must be between 20 and 1000 errors (#37251)
  • data-source/aws_resourceexplorer2_search: Fix 401 unauthorized error due to missing view_arn in the AWS API request (#36778)
  • data-source/aws_resourceexplorer2_search: Fix panic caused by bad mappping between Terraform and AWS schemas (#36778)
  • data-source/aws_resourceexplorer2_search: Fix state persistence and data types (#36778)
  • resource/aws_bedrockagent_agent: Fix to use the configured prepare_agent value (or default value of true when omitted) for all create and update operations (#37405)
  • resource/aws_elasticsearch_domain: Fix handling of unset auto_tune_options.rollback_on_disable argument (#37394)
  • resource/aws_fsx_ontap_storage_virtual_machine: Correctly set tags and tags_all on resource Read (#37353)
  • resource/aws_fsx_openzfs_file_system: Correctly set tags and tags_all on resource Read (#37353)
  • resource/aws_kms_custom_key_store: Change trust_anchor_certificate to ForceNew (#37092)
  • resource/aws_opensearch_domain: Fix handling of unset auto_tune_options.rollback_on_disable argument (#37394)
  • resource/aws_opensearch_domain: Wait for auto_tune_options to be applied during creation (#37394)
  • resource/aws_securitylake_aws_log_source: Correctly handles unspecified source_version (#36268)
  • resource/aws_securitylake_aws_log_source: Prevents errors when creating multiple log sources concurrently (#36268)
  • resource/aws_securitylake_custom_log_source: Prevents errors when creating multiple log sources concurrently (#36268)
  • resource/aws_securitylake_custom_log_source: Validates length of source_name parameter (#36268)
  • resource/aws_securitylake_subscriber: Allow more than one log source (#36268)
  • resource/aws_securitylake_subscriber: Correctly handles unspecified access_type (#36268)
  • resource/aws_securitylake_subscriber: Correctly handles unspecified source_version parameter for aws_log_source_resource and custom_log_source_resource (#36268)
  • resource/aws_securitylake_subscriber: Correctly requires source_name parameter for aws_log_source_resource and custom_log_source_resource (#36268)
  • resource/aws_securitylake_subscriber_notification: No longer recreates resource when not needed (#37332)
  • resource/aws_securitylake_subscriber_notification: Requires value for configuration.https_notification_configuration.endpoint (#37332)
  • resource/provider: Change the AWS SDK for Go v2 API client BackoffDelayer to maintain behavioral compatibility with AWS SDK for Go v1 (#37404)

5.48.0 (May 2, 2024)

FEATURES:

  • New Resource: aws_bedrockagent_agent_knowledge_base_association (#37185)

... (truncated)

Commits
  • 5547244 Update CHANGELOG.md for #37405
  • aa32010 r/aws_bedrockagent_agent: use configured prepare_agent value
  • ef68be1 r/aws_bedrockagent_agent(doc): document prepare_agent argument, cleanup
  • 3736c10 Merge pull request #37408 from hashicorp/t-literal-endpoint-string-constant
  • 10ff2e4 yaml: Whitespace
  • e330179 worklink: Use constants for strings
  • 71d211c wafv2: Use constants for strings
  • d32ced5 wafregional: Use constants for strings
  • d8f31d8 waf: Use constants for strings
  • 3a6d488 transfer: Use constants for strings
  • Additional commits viewable in compare view

Updates integrations/github from 5.42.0 to 6.2.1

Release notes

Sourced from integrations/github's releases.

v6.2.1

What's Changed

🐛 Bugfixes

🛠️ Maintenance

New Contributors

Full Changelog: https://github.com/integrations/terraform-provider-github/compare/v6.2.0...v6.2.1

v6.2.0

What's Changed

Features

Bugfixes

🛠️ Maintenance

Full Changelog: https://github.com/integrations/terraform-provider-github/compare/v6.1.0...v6.2.0

v6.1.0

What's Changed

New Contributors

... (truncated)

Commits
  • e1f5feb chore(organization_webhook): fix insecure_ssl (#2196)
  • e3d487b chore(actions_runner_group): fix missing schema id (#2195)
  • 0ff85ac build(deps): bump github.com/golangci/golangci-lint (#2209)
  • 4c8424f build(deps): bump actions/add-to-project from 0.6.0 to 0.6.1 (#2210)
  • 84e8d55 Feat: Fixes abandoned PR #2017: Add support for the require_last_push_approva...
  • b1243e4 feat: add github_enterprise_actions_runner_group (#2158)
  • 5e090bc build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#2194)
  • af693fd fix(data_source_github_rest_api): store raw body in state (#2152)
  • 30e6176 build(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (#2189)
  • dd57a50 docs: configure release notes categories based on labels (#2184)
  • Additional commits viewable in compare view

Updates terraform-aws-modules/acm/aws from 5.0.0 to 5.0.1

Release notes

Sourced from terraform-aws-modules/acm/aws's releases.

v5.0.1

5.0.1 (2024-03-06)

Bug Fixes

  • Update CI workflow versions to remove deprecated runtime warnings (#151) (859fb3c)
Changelog

Sourced from terraform-aws-modules/acm/aws's changelog.

5.0.1 (2024-03-06)

Bug Fixes

  • Update CI workflow versions to remove deprecated runtime warnings (#151) (859fb3c)
Commits
  • f421377 chore(release): version 5.0.1 [skip ci]
  • 859fb3c fix: Update CI workflow versions to remove deprecated runtime warnings (#151)
  • See full diff in compare view

Updates terraform-aws-modules/s3-bucket/aws from 2.14.0 to 4.1.2

Release notes

Sourced from terraform-aws-modules/s3-bucket/aws's releases.

v4.1.2

4.1.2 (2024-04-16)

Bug Fixes

  • Typo in description of access_log_delivery_policy_source_buckets variable (#278) (b4a5347)

v4.1.1

4.1.1 (2024-03-06)

Bug Fixes

  • Update CI workflow versions to remove deprecated runtime warnings (#274) (ca372ac)

v4.1.0

4.1.0 (2024-01-26)

Features

  • Allow override of the default tags override (#261) (f9e1740)

v4.0.1

4.0.1 (2024-01-13)

Bug Fixes

v4.0.0

4.0.0 (2024-01-13)

⚠ BREAKING CHANGES

  • upd versions.tf to require >= 5.27

Features

  • logging: change logging variable type to any (2c45bde)
  • logging: Date based partitioning for access-logs (59f65af)
  • upd versions.tf to require >= 5.27 (7a4aab6)

v3.15.2

3.15.2 (2024-01-12)

... (truncated)

Changelog

Sourced from terraform-aws-modules/s3-bucket/aws's changelog.

4.1.2 (2024-04-16)

Bug Fixes

  • Typo in description of access_log_delivery_policy_source_buckets variable (#278) (b4a5347)

4.1.1 (2024-03-06)

Bug Fixes

  • Update CI workflow versions to remove deprecated runtime warnings (#274) (ca372ac)

4.1.0 (2024-01-26)

Features

  • Allow override of the default tags override (#261) (f9e1740)

4.0.1 (2024-01-13)

Bug Fixes

4.0.0 (2024-01-13)

⚠ BREAKING CHANGES

  • upd versions.tf to require >= 5.27

Features

  • logging: change logging variable type to any (2c45bde)
  • logging: Date based partitioning for access-logs (59f65af)
  • upd versions.tf to require >= 5.27 (7a4aab6)

3.15.2 (2024-01-12)

Bug Fixes

  • Add China regions to elb_service_accounts (#264) (c6870d5)

3.15.1 (2023-08-26)

... (truncated)

Commits
  • 8a0b697 chore(release): version 4.1.2 [skip ci]
  • b4a5347 fix: Typo in description of access_log_delivery_policy_source_buckets varia...
  • cd61253 chore(release): version 4.1.1 [skip ci]
  • ca372ac fix: Update CI workflow versions to remove deprecated runtime warnings (#274)
  • 3a1c80b chore(release): version 4.1.0 [skip ci]
  • f9e1740 feat: Allow override of the default tags override (#261)
  • fccafe5 chore(release): version 4.0.1 [skip ci]
  • 116f79b fix: Fixed routing rule condition (#270)
  • 12361ab chore(release): version 4.0.0 [skip ci]
  • b3885bb Updated Terraform versions everywhere to 1.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot[bot] avatar May 15 '24 09:05 dependabot[bot]