From 8d7f1ff82a72b910530df8f71dcab6d9359e13ca Mon Sep 17 00:00:00 2001 From: Michael Barrientos Date: Mon, 23 Mar 2020 23:15:19 -0700 Subject: [PATCH] Update docstrings (#182) Update docstringsUpdates docstrings for rds-ca-2019 cert typos and several other places where terraform-docs changed formatting. --- .travis.yml | 19 +++++++++++++++---- aws-acm-cert/README.md | 2 +- aws-aurora-mysql/README.md | 6 +++--- aws-aurora-mysql/variables.tf | 2 +- aws-aurora/README.md | 2 +- aws-aurora/variables.tf | 2 +- aws-ecs-job-fargate/module_test.go | 14 ++++++++++++++ aws-ecs-job/module_test.go | 14 ++++++++++++++ aws-ecs-service-fargate/README.md | 6 +++--- aws-ecs-service-fargate/alb.tf | 2 +- aws-ecs-service-fargate/module_test.go | 14 ++++++++++++++ aws-ecs-service-fargate/service.tf | 2 +- aws-ecs-service/README.md | 6 +++--- aws-ecs-service/alb.tf | 2 +- aws-ecs-service/module_test.go | 14 ++++++++++++++ aws-ecs-service/service.tf | 2 +- aws-iam-role-cloudfront-poweruser/README.md | 2 +- aws-iam-role-crossacct/README.md | 2 +- aws-redis-node/main.tf | 2 +- aws-s3-private-bucket/README.md | 2 +- 20 files changed, 92 insertions(+), 25 deletions(-) create mode 100644 aws-ecs-job-fargate/module_test.go create mode 100644 aws-ecs-job/module_test.go create mode 100644 aws-ecs-service-fargate/module_test.go create mode 100644 aws-ecs-service/module_test.go diff --git a/.travis.yml b/.travis.yml index affbd5af..ded26f1a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,7 +6,7 @@ dist: trusty cache: pip install: # terraform - - travis_retry wget -t 10 -O terraform.zip https://releases.hashicorp.com/terraform/0.12.19/terraform_0.12.19_linux_amd64.zip + - travis_retry wget -t 10 -O terraform.zip https://releases.hashicorp.com/terraform/0.12.24/terraform_0.12.24_linux_amd64.zip - unzip terraform.zip - mv terraform ~/bin/ - chmod +x ~/bin/terraform @@ -14,9 +14,9 @@ install: - travis_retry wget -t 10 -O terraform-provider-bless.tar https://github.com/chanzuckerberg/terraform-provider-bless/releases/download/v0.2.10/terraform-provider-bless_0.2.10_linux_amd64.tar.gz - tar -C ~/bin -xzf terraform-provider-bless.tar # terraform-docs - # - wget -t 10 -O terraform-docs https://github.com/segmentio/terraform-docs/releases/download/v0.6.0/terraform-docs-v0.6.0-linux-amd64 - # - mv terraform-docs ~/bin/terraform-docs - # - chmod +x ~/bin/terraform-docs + - wget -t 10 -O terraform-docs https://github.com/segmentio/terraform-docs/releases/download/v0.8.2/terraform-docs-v0.8.2-linux-amd64 + - mv terraform-docs ~/bin/terraform-docs + - chmod +x ~/bin/terraform-docs # awscli - pip install awscli --upgrade --user - aws configure set aws_access_key_id $CI1_AWS_ACCESS_KEY_ID --profile cztack-ci-1 @@ -49,3 +49,14 @@ env: - secure: EzbYu45kuUeC56EVsLHdzhrLZc7tqUJAq5ayK1ccYYQbBkfrRYvFYbY2KHm/F7xQqqH8mai/LLTL9Z3VCbi60GVw/ywdQZR3Hv+KRClrl3+UccpoR0y4WxMERp6yjy7rwvcjg37J/mxjyQUyyUVahj/bLB9Sst/M6/OWbrK9SIO8l/ZynBBEm2PPqelwwIg+kpOatKY/mwBsaLl3i/lirR6kSE3gJMU/v8e+ecQRW2wsZ5u+ZiwfIuYI0a2GIt8UpI0H1tgZHh4aT+ArKICTkggWJTxqKy21xyEUe7frku8SUmyRBdu1h2O3Xz/qQ4tzUgDPaDMaxL/9L5Xm0K9RkhANTGXzmVBtVOtohdLL4Jn6VHcedPH2thm47+fWSwr1MaMI8o4RJro9B5mj1uDOz4W4rac6RXkPERB3IeBR2+g138TT1CxpaawrS/E92uDOggJ1/lpVyKFGwP1JoCJsz+yhxRgvEIUIR4mPDU6MqPOjZEr2ub9YK3AWDBMzyF41BLx1Rpd/ChN8LzEX0HrpGx3dNhh8LPxum1/8O0GpZFQZcex44FLp8UB7j4zC1KDo44SKUPcNM31GHiDKMN/uWvCSlN56c0rnZ/a/aWNUUipaXKJmnbU/IyAsLIMb6pXVxbSID2hq7hh1LFv7i/bp4tDNNrW8hLrCeQkYjzdE+Jo= - secure: U/daF6UvK+oUEMT/10O+li4+VLZcEBAlGv22M31T1KYbNItM6oNOhKqE/QG29K98X3naw07tdpfFnPdgDBokaZXIXJr853pCDevjrrg8+HtgTAoRZMDtnVSQRrpT/o44U3bxuGAhCAEq4QBrqgdWhYLoBcw1qv3sg4FhBAOR5DFm4L/+uZ4d7RvYBBk4yed9H1l/Av67ps9klZ70VAQ2JB1sGWyD2wiajaZh+nP5Z4TE1j+XdKKpOeAuAS0oml5onXk8i/fOTmi3pplbaWsQjQjQXH0JzKsqi1aqieevTCMt4GBHjKaU34i9TmMprL9bxCCHrI3s4xJ+gi5LAaV8hjliKuAIwPqq7dcx/JwH7pDxLTLzycGWTG9HHgE26sp+OFCTG54ed47Y/4jttEBl6jyV7C9jNKi6GcJ/+qgXZ596tKBY6+oPNjoduA9aMkuQ7HGlbOsYdul1xGSwZB1G4Z/Xwt/6VFgtjdbxkNAkfkJGh2drPP7oZ4xbWS8AF3Ww5ELdlrk+mNh18h9UBITD65UGvasYBXQy5ufnHiojn7ZXXhGEt9gvJKCLYMrqRQYHZzQPym7iMwfqrY/YSsuGbO2QulXNlvX04854PDIf/AQzdzCYkI1ADQ6L8TQzMXSgqpr0LrQloUdVKugP0As2ykQ9vT9YfG1wbrR4yAybNz4= - secure: vgbr7f5EUve/KKGP+H72Vp9AO3VsW+N1GapoUE4SVH26S3pMV+rk+5uzZI4c/qhuKN0K9mUGjn96R6/SApE6WhgFq6IiRKMEv3LqKUO08iV1nbyRSln55d8ndzNiZwx+s6hKEv85qIOJpEqRDY8u3e1BrO88nFLlY/rFBIlbcy+6zZcOuAxH6DWaYYlxWob2N3DCJypCBNIivMGzVfEEqF+ltVaYS5dpSPowBthQUPY2+/Qc3v6e4+VXZuFJ28FzsOmWryHdgqrxptCx/7nPVxS3N1wX1T+GPmiLd4UCZqThT0hN//67g03LmlQr0+HxmnGPSDWEEg3PfzrvNeHbEG5Pb9mXVJ8Rt6hn2FYUqLqbfh7SAsTIZ2FKPoRo0kQWGGqjs/yyHbEw5HDTxtdyVnpoYIJW7HrsNeyQyEugwca0/nBmzlBYxqm5lhBDhsIay3uZ21y7ZQ70L8vubhx80VzyqqC4DAT6oJ5V9Y4EfG3SG6B33ZBCe0ej1LWRdeLR7SarW/R22dyCs1gY2cxy5yWrDJDtZBtHRIpvK0Y9mjTEHaFogatLaPaNK33s3lNuXh2asbhktG80PjdJpcLQaqhziTjFPV8OMtBtgI5vAOiIHiXw3s1Er5Ct2HcmpWTTQbRPoPMkKubJEq9bYlrLTsqNPimtkfEZm0aryRvL0+U= + +stages: + - check + - test + +jobs: + include: + - stage: check + script: make check-docs + - stage: check + script: make lint diff --git a/aws-acm-cert/README.md b/aws-acm-cert/README.md index d6f80856..454189c8 100644 --- a/aws-acm-cert/README.md +++ b/aws-acm-cert/README.md @@ -41,7 +41,7 @@ module "cert" { |------|-------------|------|---------|:-----:| | allow\_validation\_record\_overwrite | Allow the overwrite of validation records. This is needed if you are creating certificates in multiple regions. | `string` | `true` | no | | aws\_route53\_zone\_id | n/a | `string` | n/a | yes | -| cert\_domain\_name | Like www.foo.bar.com or \*.foo.bar.com | `string` | n/a | yes | +| cert\_domain\_name | Like www.foo.bar.com or *.foo.bar.com | `string` | n/a | yes | | cert\_subject\_alternative\_names | A map of | `map` | `{}` | no | | env | Env for tagging and naming. See [doc](../README.md#consistent-tagging). | `string` | n/a | yes | | owner | Owner for tagging and naming. See [doc](../README.md#consistent-tagging). | `string` | n/a | yes | diff --git a/aws-aurora-mysql/README.md b/aws-aurora-mysql/README.md index b477961a..5c8383d6 100644 --- a/aws-aurora-mysql/README.md +++ b/aws-aurora-mysql/README.md @@ -41,13 +41,13 @@ No provider. |------|-------------|------|---------|:-----:| | apply\_immediately | If false changes will not be applied until next maintenance window. | `string` | `false` | no | | backtrack\_window | Turns on Backgrack for this many seconds. [Doc](https://aws.amazon.com/blogs/aws/amazon-aurora-backtrack-turn-back-time/) | `string` | `0` | no | -| ca\_cert\_identifier | Identifier for the certificate authority. 9 is the latest available version. | `string` | `"rds-ca-2019"` | no | +| ca\_cert\_identifier | Identifier for the certificate authority. rds-ca-2019 is the latest available version. | `string` | `"rds-ca-2019"` | no | | database\_name | The name of the database to be created in the cluster. | `string` | n/a | yes | | database\_password | Password for user that will be created. | `string` | n/a | yes | | database\_subnet\_group | The name of an existing database subnet group to use. | `string` | n/a | yes | | database\_username | Default user to be created. | `string` | n/a | yes | | db\_deletion\_protection | n/a | `string` | `false` | no | -| db\_parameters | Instance params you can set. [Doc](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Reference.html#AuroraMySQL.Reference.Parameters.Instance) | `list` | 
[
  {
    "apply_method": "pending-reboot",
    "name": "general_log",
    "value": 1
  },
  {
    "apply_method": "pending-reboot",
    "name": "slow_query_log",
    "value": "1"
  },
  {
    "apply_method": "pending-reboot",
    "name": "long_query_time",
    "value": "0"
  },
  {
    "apply_method": "pending-reboot",
    "name": "log_output",
    "value": "file"
  },
  {
    "apply_method": "pending-reboot",
    "name": "log_queries_not_using_indexes",
    "value": "1"
  }
]
| no | +| db\_parameters | Instance params you can set. [Doc](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Reference.html#AuroraMySQL.Reference.Parameters.Instance) | `list` | 
[
  {
    "apply_method": "pending-reboot",
    "name": "general_log",
    "value": 1
  },
  {
    "apply_method": "pending-reboot",
    "name": "slow_query_log",
    "value": "1"
  },
  {
    "apply_method": "pending-reboot",
    "name": "long_query_time",
    "value": "0"
  },
  {
    "apply_method": "pending-reboot",
    "name": "log_output",
    "value": "file"
  },
  {
    "apply_method": "pending-reboot",
    "name": "log_queries_not_using_indexes",
    "value": "1"
  }
]
| no | | engine\_version | n/a | `string` | `"5.7"` | no | | env | Env for tagging and naming. See [doc](../README.md#consistent-tagging). | `string` | n/a | yes | | iam\_database\_authentication\_enabled | n/a | `string` | `false` | no | @@ -60,7 +60,7 @@ No provider. | performance\_insights\_enabled | n/a | `string` | `false` | no | | project | Project for tagging and naming. See [doc](../README.md#consistent-tagging) | `string` | n/a | yes | | publicly\_accessible | Avoid doing this - it gives access to the open internet. | `string` | `false` | no | -| rds\_cluster\_parameters | Cluster params you can set. [Doc](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Reference.html#AuroraMySQL.Reference.Parameters.Cluster) | `list` | 
[
  {
    "apply_method": "pending-reboot",
    "name": "character_set_server",
    "value": "utf8"
  },
  {
    "apply_method": "pending-reboot",
    "name": "character_set_client",
    "value": "utf8"
  }
]
| no | +| rds\_cluster\_parameters | Cluster params you can set. [Doc](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Reference.html#AuroraMySQL.Reference.Parameters.Cluster) | `list` | 
[
  {
    "apply_method": "pending-reboot",
    "name": "character_set_server",
    "value": "utf8"
  },
  {
    "apply_method": "pending-reboot",
    "name": "character_set_client",
    "value": "utf8"
  }
]
| no | | service | Service for tagging and naming. See [doc](../README.md#consistent-tagging). | `string` | n/a | yes | | skip\_final\_snapshot | When you destroy a database RDS will, by default, take snapshot. Set this to skip that step. | `string` | `false` | no | | vpc\_id | The id of the existing VPC in which this cluster should be created. | `string` | n/a | yes | diff --git a/aws-aurora-mysql/variables.tf b/aws-aurora-mysql/variables.tf index aad72440..6d56ef5d 100755 --- a/aws-aurora-mysql/variables.tf +++ b/aws-aurora-mysql/variables.tf @@ -170,6 +170,6 @@ variable "engine_version" { variable ca_cert_identifier { type = string - description = "Identifier for the certificate authority. 9 is the latest available version." + description = "Identifier for the certificate authority. rds-ca-2019 is the latest available version." default = "rds-ca-2019" } diff --git a/aws-aurora/README.md b/aws-aurora/README.md index 94300729..c8ef4164 100644 --- a/aws-aurora/README.md +++ b/aws-aurora/README.md @@ -15,7 +15,7 @@ This is a low-level module for creating AWS Aurora clusters. We strongly reccome |------|-------------|------|---------|:-----:| | apply\_immediately | n/a | `bool` | `false` | no | | backtrack\_window | n/a | `number` | `0` | no | -| ca\_cert\_identifier | Identifier for the certificate authority. Use rds-ca-2015 for anything new. | `string` | `"rds-ca-2019"` | no | +| ca\_cert\_identifier | Identifier for the certificate authority. Use rds-ca-2019 for anything new. | `string` | `"rds-ca-2019"` | no | | database\_name | n/a | `string` | n/a | yes | | database\_password | n/a | `string` | n/a | yes | | database\_subnet\_group | n/a | `string` | n/a | yes | diff --git a/aws-aurora/variables.tf b/aws-aurora/variables.tf index c8441743..48f94483 100755 --- a/aws-aurora/variables.tf +++ b/aws-aurora/variables.tf @@ -132,6 +132,6 @@ variable "db_deletion_protection" { variable ca_cert_identifier { type = string - description = "Identifier for the certificate authority. Use rds-ca-2015 for anything new." + description = "Identifier for the certificate authority. Use rds-ca-2019 for anything new." default = "rds-ca-2019" } diff --git a/aws-ecs-job-fargate/module_test.go b/aws-ecs-job-fargate/module_test.go new file mode 100644 index 00000000..940f0a4a --- /dev/null +++ b/aws-ecs-job-fargate/module_test.go @@ -0,0 +1,14 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestAWSECSJobFargate(t *testing.T) { + options := &terraform.Options{ + TerraformDir: ".", + } + terraform.Init(t, options) +} diff --git a/aws-ecs-job/module_test.go b/aws-ecs-job/module_test.go new file mode 100644 index 00000000..106ac4b3 --- /dev/null +++ b/aws-ecs-job/module_test.go @@ -0,0 +1,14 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestAWSECSJob(t *testing.T) { + options := &terraform.Options{ + TerraformDir: ".", + } + terraform.Init(t, options) +} diff --git a/aws-ecs-service-fargate/README.md b/aws-ecs-service-fargate/README.md index 1d64faa8..1b45c59a 100644 --- a/aws-ecs-service-fargate/README.md +++ b/aws-ecs-service-fargate/README.md @@ -166,12 +166,12 @@ service = false` argument can be removed. | extra\_tags | Extra tags that will be added to components created by this module. | `map(string)` | `{}` | no | | health\_check\_grace\_period\_seconds | Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 7200. | `number` | `60` | no | | health\_check\_interval | Time between health checks of the underlying service. | `number` | n/a | yes | -| health\_check\_matcher | Range of HTTP status codes considered success for health checks. [Doc](https://www.terraform.io/docs/providers/aws/r/lb\_target\_group.html#matcher) | `string` | `"200-399"` | no | +| health\_check\_matcher | Range of HTTP status codes considered success for health checks. [Doc](https://www.terraform.io/docs/providers/aws/r/lb_target_group.html#matcher) | `string` | `"200-399"` | no | | health\_check\_path | n/a | `string` | `"/"` | no | | health\_check\_timeout | Timeout for a health check of the underlying service. | `number` | n/a | yes | | internal\_lb | n/a | `bool` | `false` | no | | lb\_idle\_timeout\_seconds | n/a | `number` | `60` | no | -| lb\_ingress\_cidrs | n/a | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | +| lb\_ingress\_cidrs | n/a | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | | lb\_ingress\_security\_group\_ids | n/a | `list(string)` | `[]` | no | | lb\_subnets | List of subnets in which to deploy the load balancer. | `list(string)` | n/a | yes | | manage\_task\_definition | If false, Terraform will not touch the task definition for the ECS service after initial creation | `bool` | `true` | no | @@ -186,7 +186,7 @@ service = false` argument can be removed. | subdomain | Subdomain in the zone. Final domain name will be subdomain.zone | `string` | n/a | yes | | tag\_service | Apply cost tags to the ECS service. Only specify false for backwards compatibility with old ECS services. | `bool` | `true` | no | | task\_definition | JSON to describe task. If omitted, defaults to a stub task that is expected to be managed outside of Terraform. | `string` | n/a | yes | -| task\_egress\_cidrs | CIDRs the task is allowed to communicate with for outbound traffic. | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | +| task\_egress\_cidrs | CIDRs the task is allowed to communicate with for outbound traffic. | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | | task\_egress\_security\_group\_ids | Security groups the task is allowed to communicate with for outbound traffic. Only used if awsvpc\_network is true. | `list(string)` | `[]` | no | | task\_role\_arn | n/a | `string` | n/a | yes | | task\_subnets | List of subnets in which to deploy the task for awsvpc networking mode. | `list(string)` | `[]` | no | diff --git a/aws-ecs-service-fargate/alb.tf b/aws-ecs-service-fargate/alb.tf index ffdac298..fc77f5a6 100644 --- a/aws-ecs-service-fargate/alb.tf +++ b/aws-ecs-service-fargate/alb.tf @@ -80,7 +80,7 @@ resource "aws_lb_listener" "https" { module "alb-sg" { source = "terraform-aws-modules/security-group/aws" - version = "3.1.0" + version = "3.4.0" name = "${local.name}-alb" description = "Security group for ${var.internal_lb ? "internal" : "internet facing"} ALB" vpc_id = var.vpc_id diff --git a/aws-ecs-service-fargate/module_test.go b/aws-ecs-service-fargate/module_test.go new file mode 100644 index 00000000..49aa8147 --- /dev/null +++ b/aws-ecs-service-fargate/module_test.go @@ -0,0 +1,14 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestAWSECSServiceFargate(t *testing.T) { + options := &terraform.Options{ + TerraformDir: ".", + } + terraform.Init(t, options) +} diff --git a/aws-ecs-service-fargate/service.tf b/aws-ecs-service-fargate/service.tf index 5b165ec6..b2e9bc31 100644 --- a/aws-ecs-service-fargate/service.tf +++ b/aws-ecs-service-fargate/service.tf @@ -6,7 +6,7 @@ locals { module "container-sg" { source = "terraform-aws-modules/security-group/aws" - version = "3.1.0" + version = "3.4.0" name = local.name description = "ECS ingress port" vpc_id = var.vpc_id diff --git a/aws-ecs-service/README.md b/aws-ecs-service/README.md index 515e382b..402e4206 100644 --- a/aws-ecs-service/README.md +++ b/aws-ecs-service/README.md @@ -158,12 +158,12 @@ service = false` argument can be removed. | extra\_tags | Extra tags that will be added to components created by this module. | `map(string)` | `{}` | no | | health\_check\_grace\_period\_seconds | Seconds to ignore failing load balancer health checks on newly instantiated tasks to prevent premature shutdown, up to 7200. | `number` | `60` | no | | health\_check\_interval | Time between health checks of the underlying service. | `number` | n/a | yes | -| health\_check\_matcher | Range of HTTP status codes considered success for health checks. [Doc](https://www.terraform.io/docs/providers/aws/r/lb\_target\_group.html#matcher) | `string` | `"200-399"` | no | +| health\_check\_matcher | Range of HTTP status codes considered success for health checks. [Doc](https://www.terraform.io/docs/providers/aws/r/lb_target_group.html#matcher) | `string` | `"200-399"` | no | | health\_check\_path | n/a | `string` | `"/"` | no | | health\_check\_timeout | Timeout for a health check of the underlying service. | `number` | n/a | yes | | internal\_lb | n/a | `bool` | `false` | no | | lb\_idle\_timeout\_seconds | n/a | `number` | `60` | no | -| lb\_ingress\_cidrs | n/a | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | +| lb\_ingress\_cidrs | n/a | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | | lb\_ingress\_security\_group\_ids | n/a | `list(string)` | `[]` | no | | lb\_subnets | List of subnets in which to deploy the load balancer. | `list(string)` | n/a | yes | | manage\_task\_definition | If false, Terraform will not touch the task definition for the ECS service after initial creation | `bool` | `true` | no | @@ -178,7 +178,7 @@ service = false` argument can be removed. | subdomain | Subdomain in the zone. Final domain name will be subdomain.zone | `string` | n/a | yes | | tag\_service | Apply cost tags to the ECS service. Only specify false for backwards compatibility with old ECS services. | `bool` | `true` | no | | task\_definition | JSON to describe task. If omitted, defaults to a stub task that is expected to be managed outside of Terraform. | `string` | n/a | yes | -| task\_egress\_cidrs | CIDR blocks the task is allowed to communicate with for outbound traffic. Only used if awsvpc\_network\_mode is true. | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | +| task\_egress\_cidrs | CIDR blocks the task is allowed to communicate with for outbound traffic. Only used if awsvpc\_network\_mode is true. | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | | task\_egress\_security\_group\_ids | Security groups the task is allowed to communicate with for outbound traffic. Only used if awsvpc\_network\_mode is true. | `list(string)` | `[]` | no | | task\_role\_arn | n/a | `string` | n/a | yes | | task\_subnets | List of subnets in which to deploy the task for awsvpc networking mode. Only used if awsvpc\_network\_mode is true. | `list(string)` | `[]` | no | diff --git a/aws-ecs-service/alb.tf b/aws-ecs-service/alb.tf index 7f15ecb8..c351b58d 100644 --- a/aws-ecs-service/alb.tf +++ b/aws-ecs-service/alb.tf @@ -81,7 +81,7 @@ resource "aws_lb_listener" "https" { module "alb-sg" { source = "terraform-aws-modules/security-group/aws" - version = "3.1.0" + version = "3.4.0" name = "${local.name}-alb" description = "Security group for ${var.internal_lb ? "internal" : "internet facing"} ALB" vpc_id = var.vpc_id diff --git a/aws-ecs-service/module_test.go b/aws-ecs-service/module_test.go new file mode 100644 index 00000000..62284f53 --- /dev/null +++ b/aws-ecs-service/module_test.go @@ -0,0 +1,14 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestAWSECSService(t *testing.T) { + options := &terraform.Options{ + TerraformDir: ".", + } + terraform.Init(t, options) +} diff --git a/aws-ecs-service/service.tf b/aws-ecs-service/service.tf index f71bd35f..39b66351 100644 --- a/aws-ecs-service/service.tf +++ b/aws-ecs-service/service.tf @@ -6,7 +6,7 @@ locals { module "container-sg" { source = "terraform-aws-modules/security-group/aws" - version = "3.1.0" + version = "3.4.0" create = var.awsvpc_network_mode name = local.name description = "ECS ingress port" diff --git a/aws-iam-role-cloudfront-poweruser/README.md b/aws-iam-role-cloudfront-poweruser/README.md index 71972c5a..98114d61 100644 --- a/aws-iam-role-cloudfront-poweruser/README.md +++ b/aws-iam-role-cloudfront-poweruser/README.md @@ -15,7 +15,7 @@ This module will create a role which is granted poweruser control over AWS Cloud |------|-------------|------|---------|:-----:| | iam\_path | n/a | `string` | `"/"` | no | | role\_name | Name of the role to create | `string` | n/a | yes | -| s3\_bucket\_prefixes | Limits role permissions to buckets with specific prefixes. Empty for all buckets. | `list` | 
[
  ""
]
| no | +| s3\_bucket\_prefixes | Limits role permissions to buckets with specific prefixes. Empty for all buckets. | `list` | 
[
  ""
]
| no | | saml\_idp\_arn | The AWS SAML IDP arn to establish a trust relationship. Ignored if empty or not provided. | `string` | `""` | no | | source\_account\_id | The source AWS account to establish a trust relationship. Ignored if empty or not provided. | `string` | `""` | no | diff --git a/aws-iam-role-crossacct/README.md b/aws-iam-role-crossacct/README.md index 7ec86893..d897162a 100644 --- a/aws-iam-role-crossacct/README.md +++ b/aws-iam-role-crossacct/README.md @@ -28,7 +28,7 @@ module "group" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:-----:| | iam\_path | The IAM path to put this role in. | `string` | `"/"` | no | -| oidc | A list of AWS OIDC IDPs to establish a trust relationship for this role. | 
list(object(
    {
      idp_arn : string,          # the AWS IAM IDP arn
      client_ids : list(string), # a list of oidc client ids
      provider : string          # your provider url, such as foo.okta.com
    }
  ))
| `[]` | no | +| oidc | A list of AWS OIDC IDPs to establish a trust relationship for this role. | 
list(object(
    {
      idp_arn : string,          # the AWS IAM IDP arn
      client_ids : list(string), # a list of oidc client ids
      provider : string          # your provider url, such as foo.okta.com
    }
  ))
| `[]` | no | | role\_name | The name of the role. | `string` | n/a | yes | | saml\_idp\_arn | The AWS SAML IDP arn to establish a trust relationship. Ignored if empty or not provided. | `string` | `""` | no | | source\_account\_id | The source AWS account to establish a trust relationship. Ignored if empty or not provided. | `string` | `""` | no | diff --git a/aws-redis-node/main.tf b/aws-redis-node/main.tf index 177a2a28..89fb87c4 100755 --- a/aws-redis-node/main.tf +++ b/aws-redis-node/main.tf @@ -13,7 +13,7 @@ locals { module "sg" { source = "terraform-aws-modules/security-group/aws" - version = "3.1.0" + version = "3.4.0" name = local.name description = "Allow traffic to Redis." vpc_id = var.vpc_id diff --git a/aws-s3-private-bucket/README.md b/aws-s3-private-bucket/README.md index 20f281e4..6bcca2a4 100644 --- a/aws-s3-private-bucket/README.md +++ b/aws-s3-private-bucket/README.md @@ -14,7 +14,7 @@ | bucket\_policy | n/a | `string` | `""` | no | | enable\_versioning | Keep old versions of overwritten S3 objects. | `bool` | `true` | no | | env | n/a | `string` | n/a | yes | -| lifecycle\_rules | List of maps containing configuration of object lifecycle management. | `list` | 
[
  {
    "enabled": true,
    "expiration": {
      "expired_object_delete_marker": true
    },
    "noncurrent_version_expiration": {
      "days": 365
    },
    "noncurrent_version_transition": {
      "days": 30,
      "storage_class": "STANDARD_IA"
    }
  }
]
| no | +| lifecycle\_rules | List of maps containing configuration of object lifecycle management. | `any` | 
[
  {
    "enabled": true,
    "expiration": {
      "expired_object_delete_marker": true
    },
    "noncurrent_version_expiration": {
      "days": 365
    },
    "noncurrent_version_transition": {
      "days": 30,
      "storage_class": "STANDARD_IA"
    }
  }
]
| no | | owner | n/a | `string` | n/a | yes | | project | n/a | `string` | n/a | yes | | service | n/a | `string` | n/a | yes |