Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Terraform cloudposse/iam-policy/aws to v2 #289

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update Terraform cloudposse/iam-policy/aws to v2 #289

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 3, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
cloudposse/iam-policy/aws (source) module major 0.4.0 -> 2.0.1

Release Notes

cloudposse/terraform-aws-iam-policy (cloudposse/iam-policy/aws)

v2.0.1

Compare Source

🐛 Bug Fixes

Remove problematic conditional @​Nuru (#​31)

what

  • Remove problematic conditional

why

  • local.deprecated_statements_values can be a tuple, and Terraform does not have a concept of an empty or null tuple to use as an alternative in a conditional, so you can get an error like:
The true and false result expressions must have consistent types. The 'true' tuple has length 0, but the 'false' tuple has length 2.

references

v2.0.0: Revert breaking change in 1.0, add new breaking change

Compare Source

Revert deprecated input to type "any" @​Nuru (#​30)

Breaking Change

The iam_policy input introduced in v1.0.0 has been changed from type object to type list(object). This allows multiple policy objects to be provided, but more importantly, allows no input or allows the iam_policy input to be used along with the deprecated iam_policy_statements input.

Reversion of Breaking Change

In v1.0.0, the iam_policy_statements input was deprecated, but it was also converted from type any to type map(object), which was how it was documented. However, it was, in practice, allowed to be a list or a map, and many users were supplying lists. This made it an unintentional breaking change for those users.

In this release, iam_policy_statements (while still deprecated) is reverted to type any and accepts both a map and a list.

what

  • Revert iam_policy_statements back to type = any
  • Convert iam_policy input to list
  • Update documentation

why

  • Preserve backward compatibility with pre v1.0 module
  • Enable all inputs to be used in any combination
  • Reflect changes to usage, remove leftovers from initial template

v1.0.1

Compare Source

🚀 Enhancements

fix: support JSON inputs for policy document when IAM policy/statements are not set as Terraform objects @​gberenice (#​28)

what

  • Consider JSON source policy documents in the recently added precondition block.

why

│ Error: Resource precondition failed
│ 
│   on .terraform/modules/iam_policy/main.tf line 90, in data "aws_iam_policy_document" "this":
│   90:       condition     = var.iam_policy_statements != null || var.iam_policy != null
│     ├────────────────
│     │ var.iam_policy is null
│     │ var.iam_policy_statements is null
│ 
│ Exactly 1 of var.iam_policy and var.iam_policy_statments may be used, preferably var.iam_policy.

references

  • N/A

v1.0.0: Accept policy as fully defined object

Compare Source

Breaking Change (updated)

The iam_policy_statements input has been converted from type = any to type = map(object), as the documented (though not enforced by Terraform) input type was a map of IAM Policy Statement objects. While the object type was backward compatible, in practice, the input accepted a list as well as a map, and the majority of (later) surveyed users of this module were providing lists. This release broke those clients. Version 2.0.0 of this module reverts the type change and restores backward compatibility with pre-1.0.0 versions of this module.

The new iam_policy input is of type object. In v2.0.0, this is changed to type list(object).

What's Changed

New Contributors

Full Changelog: cloudposse/terraform-aws-iam-policy@0.4.0...1.0.0

v0.5.0

Compare Source

Add conditions @​nitrocode (#​19)

what

  • Add conditions

why

  • Full example

references

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner January 3, 2025 18:02
@renovate renovate bot added the auto-update label Jan 3, 2025
@renovate renovate bot force-pushed the renovate/cloudposse-iam-policy-aws-2.x branch from 5c3886b to ec7d0a0 Compare January 3, 2025 18:26
@renovate renovate bot force-pushed the renovate/cloudposse-iam-policy-aws-2.x branch from ec7d0a0 to 75f8069 Compare January 3, 2025 18:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
auto-update terraform
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants