Releases: cloudposse/terraform-aws-elastic-beanstalk-environment
Releases · cloudposse/terraform-aws-elastic-beanstalk-environment
0.3.5
0.3.4
Fix Security Group ingress rules
what
- Removed the ingress rule from EC2 Security Group
ingress {
from_port = 0
to_port = 0
protocol = -1
cidr_blocks = ["0.0.0.0/0"]
}why
- Bad security practice
- Too broad access from any IP address by default
- Access should be controlled by provided Security Groups instead of IP ranges
- Was overriding the next ingress rule for the same Security Group
ingress {
from_port = 0
to_port = 0
protocol = -1
security_groups = ["${var.security_groups}"]
}0.3.3
0.3.2
Add variable for environment tier
0.3.1 Add variable for environment tier (#22)
0.3.0: Added timeout variable (#20)
What
- Added configurable timeout
Why
- For huge and complex envs 20 minutes to became ready is not enough
Allow elb proxy ssh
Add SSH Forwarding (#16) * Added ssh listener * Fix type cast * Fix type cast * Fix type cast * Fix type cast * Fix type cast * Added option to manage ssh port
Add `ec2_instance_profile_role_name` to outputs
what
- Added
ec2_instance_profile_role_nameto outputs
why
- To be able to attach additional
aws_iam_role_policy_attachment's to the instance profile role from other modules
0.2.7: Add notifications (#13)
* Adde notifications * Added support of different notificaton targets
Add `AmazonEC2ContainerRegistryReadOnly` policy to provide read-only access to `ECR` repositories
What
- Add
AmazonEC2ContainerRegistryReadOnlymanaged policy toEB
Why
-
To provide read-only access to all Amazon ECR repositories in the account
-
When
CodePipelinebuilds and pushesDockerimages toECRand then deploys the fileDockerrun.aws.jsontoEBwith theECRrepo URL specified,EBneeds permissions to pull theDockerimage from the ECR repo to deploy it toEC2instances