Releases: streamnative/terraform-aws-cloud
v2.3.1-alpha
What's Changed
Full Changelog: v2.3.0-alpha...v2.3.1-alpha
Contributors
Assets 2
v2.3.0-alpha
Overview
This release has many improvements to the module and has no breaking changes. Most notably:
- Enhancements to the
managed-cloudsubmodule used for creating StreamNative's vendor access in a customer's AWS account. In particular, we now allow for the option to remove theiam:CreatePolicycapabilities to close any potential privilege escalation paths. - Configuration support for Istio ingress-gateway resources to create an Internal or Internet-facing NLB
- Support for AWS China
- Enabled support for providing custom
userdata.shand AMIs for the EKS node groups - Updates to default add-ons
What's Changed
- [module/vpc] Allow for finer grained VPC configuration by @jrsdav in #65
- [module/manaded-cloud] Improved security @jrsdav in #72 #79
- [istio] Configure Internal or Internet-Facing NLB by @jdmaguire in #71
- [aws-cn] Support AWS China by @maxsxu in #70, #77
- [eks/node-groups] Enable passing of custom AMI and userdata.sh for Node Groups by @jrsdav in #74
- Update addons to latest versions by @jrsdav in #80
New Contributors
- @jdmaguire made their first contribution in #73
Full Changelog: v2.2.4-alpha...v2.3.0-alpha
Contributors
Assets 2
v2.2.4-alpha
What's Changed
Full Changelog: v2.2.3-alpha...v2.2.4-alpha
Contributors
Assets 2
v2.2.3-alpha
Contributors
Assets 2
v2.2.2-alpha
What's Changed
Full Changelog: v2.2.1-alpha...v2.2.2-alpha
Contributors
Assets 2
v2.2.1-alpha
Patch
Full Changelog: v2.2.0-alpha...v2.2.1-alpha
Contributors
Assets 2
v2.2.0-alpha
What's Changed
This release updates the IAM policies in the managed-cloud sub-module used for StreamNative's vendor access.
- Add the ability for bootstrap to manage r53 zones by @addisonj in #50
- Add missing permission to management policy needed by control plane by @jrsdav in #47
- Removed kubeconfig file by @jrsdav in #51
Removed inputs
The variable inputs kubeconfig_output_path and write_kubeconfig have been removed from the module. The module will no longer create a .kubeconfig file for the EKS cluster that gets created. To access the cluster, use the awscli update-kubeconfig sub-command.
Full Changelog: v2.1.0-alpha...v2.2.0-alpha
Contributors
Assets 2
v2.1.0-alpha
Improvements/Bug Fixes
Improvement
- Shortened the names of the IAM Roles for various cluster add-on services. This addresses an issue where occasionally a add-on would fail to install because the resource name bumped into character length limits.
For existing resources managed by this module, this change will result in a delete/re-create of IAM Roles used by installed add-ons. There will be a brief disruption of add-on functionality (1-2 minutes) while the change is reconciled on the cluster, but it should not impact a running Pulsar cluster.
Bug Fix
- The values being passed to the
cert-managerhelm chart were invalid, resulting in permission issues due to a misconfigured KSA.
Full Changelog: v2.0.3-alpha...v2.1.0-alpha
v2.0.3-alpha
Bug fixes
- Fixed a conditional issue in the
managed-cloudsubmodule for IAM policies that use theiam:CreateServiceLinkedRoleaction - Fixed a formatting issue with node taints when
var.enable_func_poolis set totrue
v2.0.2-alpha
managed-cloud
A small update for the managed-cloud submodule, primarily focused on IAM resources for StreamNative's Vendor access into Cloud Managed environments.
Other than IAM policy changes, some other notable items:
- Added a CloudFormation template which mirrors
managed-cloudfunctionality - Removed use of
template_filein themanaged-cloudmodule in favor of the nativetemplatefile()function