v0.16.0

🚀 Enhancements

feat(mwaa): add `worker_replacement_strategy` variable @RoseSecurity (#74)

## what

• Added the worker_replacement_strategy variable to both the root and example modules, allowing users to choose between "FORCED" and "GRACEFUL" strategies for replacing Airflow workers during updates. Includes input validation to ensure only valid values are used. (variables.tf, examples/complete/variables.tf)
• Updated the aws_mwaa_environment resource to use the new worker_replacement_strategy variable, ensuring the chosen strategy is applied to the environment. (main.tf)
• Passed the new variable through the example module wiring, so it can be set in example deployments. (examples/complete/main.tf)
• Set a default value for worker_replacement_strategy in the example fixture file to "FORCED". (examples/complete/fixtures.us-east-2.tfvars)

why

• This adds support for configuring the worker replacement strategy for Apache Airflow environments managed by this Terraform module. Users can now specify whether workers should be replaced in a "FORCED" or "GRACEFUL" manner during environment updates. The change introduces new variables, updates resource definitions, and ensures input validation for the new setting.

references

• Closes #73

v0.15.0

• No changes

v0.14.0

feat: add additional mwaa environment options to adjust number of running web servers and schedulers @artiombarb (#70)

## what

Added optional parameters for MWAA environment to adjust number of running web servers and schedulers

why

• Option to adjust number of maximum and minimum web servers has been added to configure Amazon MWAA web server automatic scaling based on demand, ensuring performance without manual intervention.
• Option to adjust number of schedulers has been added to improve scheduler performance that correspondingly increases the number of available triggerers, optimising how the environment manages deferred tasks. This ensures efficient handling of tasks, promptly scheduling them to run when conditions are satisfied.

references

https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-web-server-autoscaling.html
https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html#environment-class-schedulers
https://airflow.apache.org/docs/apache-airflow/stable/administration-and-deployment/scheduler.html

v0.13.2

🤖 Automatic Updates

Fix go version in tests @osterman (#67)

## what - Update go `1.24`

why

• Error loading shared library libresolv.so.2 in Go 1.20

References

• https://sweetops.slack.com/archives/G014YEKDH4K/p1746672149263629
• golang/go#59305 (comment)
• cloudposse/terraform-aws-cloudfront-s3-cdn#294

v0.13.1

🤖 Automatic Updates

Replace Makefile with atmos.yaml @osterman (#66)

## what - Remove `Makefile` - Add `atmos.yaml`

why

• Replace build-harness with atmos for readme genration

References

• DEV-3229 Migrate from build-harness to atmos

v0.13.0

feat: add additionals policies parameters @QuentinBtd (#64)

## what

Add parameters to permit to add policies to the MWAA IAM role

why

In my case, I need to add policy to MWAA to send mail through SES.

references

v0.12.0

• No changes

v0.11.0

• No changes

v0.10.0

• No changes

v0.9.1

🤖 Automatic Updates

chore(deps): update terraform cloudposse/iam-role/aws to v0.20.0 @renovate (#61)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/iam-role/aws (source)	module	minor	0.16.2 -> 0.20.0

---

Release Notes

cloudposse/terraform-aws-iam-role (cloudposse/iam-role/aws)

v0.20.0

Compare Source

feat: support inline policies @​nitrocode (#​79)

what

• support inline policies

why

• Most of the time users want to create a specific policy for a specific role and don't realize that the same policy can be accidentally reused for another purpose which makes it difficult to delete the role and policy
• Inline policies do not need to be tagged
• If a managed policy is updated and is attached to multiple roles, now it will impact multiple roles

references

• closes #​78

🤖 Automatic Updates

Migrate new test account @​osterman (#​77)

what

• Update .github/settings.yml
• Update .github/chatops.yml files

why

• Re-apply .github/settings.yml from org level to get terratest environment
• Migrate to new test account

References

• DEV-388 Automate clean up of test account in new organization
• DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
• DEV-386 Update terratest to use new testing account with GitHub OIDC

Update .github/settings.yml @​osterman (#​76)

what

• Update .github/settings.yml
• Drop .github/auto-release.yml files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @​osterman (#​75)

what

• Update .github/settings.yml
• Drop .github/auto-release.yml files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update .github/settings.yml @​osterman (#​74)

what

• Update .github/settings.yml
• Drop .github/auto-release.yml files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @​osterman (#​72)

what

• Update workflow (.github/workflows/release.yaml) to have permission to comment on PR

why

• So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @​osterman (#​71)

what

• Update workflows (.github/workflows) to use shared workflows from .github repo

why

• Reduce nested levels of reusable workflows

Update GitHub Workflows to Fix ReviewDog TFLint Action @​osterman (#​70)

what

• Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @​osterman (#​69)

what

• Update workflows (.github/workflows/settings.yaml)

why

• Support new readme generation workflow.
• Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @​osterman (#​66)

what

• Install latest GitHub Action Workflows

why

• Use shared workflows from cldouposse/.github repository
• Simplify management of workflows from centralized hub of configuration

Bump golang.org/x/net from 0.0.0-20220421235706-1d1ef9303861 to 0.17.0 in /test/src @​dependabot (#​65)

Bumps [golang.org/x/net](https://redirect.github.com/golang/net) from 0.0.0-20220421235706-1d1ef9303861 to 0.17.0.

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Add GitHub Settings @​osterman (#​62)

what

• Install a repository config (.github/settings.yaml)

why

• Programmatically manage GitHub repo settings

Update Scaffolding @​osterman (#​60)

what

• Reran make readme to rebuild README.md from README.yaml
• Migrate to square badges
• Add scaffolding for repo settings and Mergify

why

• Upstream template changed in the .github repo
• Work better with repository rulesets
• Modernize look & feel

v0.19.0

Compare Source

IAM Role name length limit @​goruha (#​58)

what

• Fix IAM role name length limit

why

• Fix IAM role name length limited to 64

Sync github @​max-lobur (#​54)

Rebuild github dir from the template

v0.18.0

Compare Source

• No changes

v0.17.0

Compare Source

Update main.tf @​karinatitov (#​50)

have a chance to configure the name of the policy

what

• With this change i want to have an ability to provide a custom name for the policy

why

• the resources i'm working with were not created in the same way this module assumes
• to have a chance to configure the name of the policy

git.io->cloudposse.tools update @​dylanbannon (#​46)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on A...