diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml
index 3f8fe62..b30901e 100644
--- a/.github/workflows/release-branch.yml
+++ b/.github/workflows/release-branch.yml
@@ -10,6 +10,7 @@ on:
- 'docs/**'
- 'examples/**'
- 'test/**'
+ - 'README.*'
permissions:
contents: write
diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml
index f86352b..b31232b 100644
--- a/.github/workflows/release-published.yml
+++ b/.github/workflows/release-published.yml
@@ -11,4 +11,4 @@ permissions:
jobs:
terraform-module:
- uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main
+ uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main
diff --git a/README.md b/README.md
index 61c5596..a188c31 100644
--- a/README.md
+++ b/README.md
@@ -99,10 +99,6 @@ We highly recommend that in your code you pin the version to the exact version y
using so that your infrastructure remains stable, and update versions in a
systematic way so that they do not catch you by surprise.
-Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)),
-the registry shows many of our inputs as required when in fact they are optional.
-The table below correctly indicates which inputs are required.
-
Note: add `${var.ssh_key_pair}` private key to the `ssh agent`.
@@ -226,7 +222,7 @@ Available targets:
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.13 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
| [aws](#requirement\_aws) | >= 2.0 |
## Providers
@@ -278,7 +274,6 @@ Available targets:
| [availability\_zone](#input\_availability\_zone) | Availability Zone the instance is launched in. If not set, will be launched in the first AZ of the region | `string` | `""` | no |
| [comparison\_operator](#input\_comparison\_operator) | The arithmetic operation to use when comparing the specified Statistic and Threshold. Possible values are: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold | `string` | `"GreaterThanOrEqualToThreshold"` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
-| [create\_default\_security\_group](#input\_create\_default\_security\_group) | Create default Security Group with only Egress traffic allowed | `bool` | `true` | no |
| [default\_alarm\_action](#input\_default\_alarm\_action) | Default alarm action | `string` | `"action/actions/AWS_EC2.InstanceId.Reboot/1.0"` | no |
| [delete\_on\_termination](#input\_delete\_on\_termination) | Whether the volume should be destroyed on instance termination | `bool` | `true` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
@@ -333,7 +328,6 @@ Available targets:
| [tags](#input\_tags) | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no |
| [user\_data](#input\_user\_data) | Instance user data. Do not pass gzip-compressed data via this argument | `string` | `""` | no |
| [vpc\_id](#input\_vpc\_id) | The ID of the VPC that the instance security group belongs to | `string` | n/a | yes |
-| [welcome\_message](#input\_welcome\_message) | Welcome message | `string` | `""` | no |
## Outputs
diff --git a/cloud_watch_alarm.tf b/cloud_watch_alarm.tf
index fa82890..ed022c5 100644
--- a/cloud_watch_alarm.tf
+++ b/cloud_watch_alarm.tf
@@ -16,7 +16,7 @@ resource "aws_cloudwatch_metric_alarm" "default" {
threshold = var.metric_threshold
dimensions = {
- InstanceId = sort(aws_instance.default.*.id)[count.index]
+ InstanceId = sort(aws_instance.default[*].id)[count.index]
}
alarm_actions = [
diff --git a/docs/terraform.md b/docs/terraform.md
index 0432a77..0c267c3 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -3,7 +3,7 @@
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.13 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
| [aws](#requirement\_aws) | >= 2.0 |
## Providers
@@ -55,7 +55,6 @@
| [availability\_zone](#input\_availability\_zone) | Availability Zone the instance is launched in. If not set, will be launched in the first AZ of the region | `string` | `""` | no |
| [comparison\_operator](#input\_comparison\_operator) | The arithmetic operation to use when comparing the specified Statistic and Threshold. Possible values are: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold | `string` | `"GreaterThanOrEqualToThreshold"` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
-| [create\_default\_security\_group](#input\_create\_default\_security\_group) | Create default Security Group with only Egress traffic allowed | `bool` | `true` | no |
| [default\_alarm\_action](#input\_default\_alarm\_action) | Default alarm action | `string` | `"action/actions/AWS_EC2.InstanceId.Reboot/1.0"` | no |
| [delete\_on\_termination](#input\_delete\_on\_termination) | Whether the volume should be destroyed on instance termination | `bool` | `true` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
@@ -110,7 +109,6 @@
| [tags](#input\_tags) | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no |
| [user\_data](#input\_user\_data) | Instance user data. Do not pass gzip-compressed data via this argument | `string` | `""` | no |
| [vpc\_id](#input\_vpc\_id) | The ID of the VPC that the instance security group belongs to | `string` | n/a | yes |
-| [welcome\_message](#input\_welcome\_message) | Welcome message | `string` | `""` | no |
## Outputs
diff --git a/eni.tf b/eni.tf
index 1c48122..1280823 100644
--- a/eni.tf
+++ b/eni.tf
@@ -5,7 +5,7 @@ locals {
resource "aws_network_interface" "additional" {
count = local.additional_ips_count * var.instance_count
subnet_id = var.subnet
- security_groups = compact(concat(module.security_group.*.id, var.security_groups))
+ security_groups = compact(concat(module.security_group[*].id, var.security_groups))
tags = module.label.tags
depends_on = [aws_instance.default]
@@ -13,8 +13,8 @@ resource "aws_network_interface" "additional" {
resource "aws_network_interface_attachment" "additional" {
count = local.additional_ips_count * var.instance_count
- instance_id = aws_instance.default.*.id[count.index % var.instance_count]
- network_interface_id = aws_network_interface.additional.*.id[count.index]
+ instance_id = aws_instance.default[*].id[count.index % var.instance_count]
+ network_interface_id = aws_network_interface.additional[*].id[count.index]
device_index = 1 + count.index
depends_on = [aws_instance.default]
}
@@ -22,6 +22,6 @@ resource "aws_network_interface_attachment" "additional" {
resource "aws_eip" "additional" {
count = local.additional_ips_count * var.instance_count
vpc = true
- network_interface = aws_network_interface.additional.*.id[count.index]
+ network_interface = aws_network_interface.additional[*].id[count.index]
depends_on = [aws_instance.default]
}
diff --git a/examples/basic/versions.tf b/examples/basic/versions.tf
new file mode 100644
index 0000000..d8dd1a4
--- /dev/null
+++ b/examples/basic/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.0"
+ }
+ }
+}
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index c315806..7f2c024 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -3,20 +3,22 @@ provider "aws" {
}
module "vpc" {
- source = "cloudposse/vpc/aws"
- version = "0.18.1"
- cidr_block = "172.16.0.0/16"
+ source = "cloudposse/vpc/aws"
+ version = "2.1.0"
+
+ ipv4_primary_cidr_block = "172.16.0.0/16"
context = module.this.context
}
module "subnets" {
- source = "cloudposse/dynamic-subnets/aws"
- version = "0.33.0"
+ source = "cloudposse/dynamic-subnets/aws"
+ version = "2.3.0"
+
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
- igw_id = module.vpc.igw_id
- cidr_block = module.vpc.vpc_cidr_block
+ igw_id = [module.vpc.igw_id]
+ ipv4_cidr_block = [module.vpc.vpc_cidr_block]
nat_gateway_enabled = false
nat_instance_enabled = false
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
new file mode 100644
index 0000000..d8dd1a4
--- /dev/null
+++ b/examples/complete/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.0"
+ }
+ }
+}
diff --git a/main.tf b/main.tf
index 08600ae..ea88a2b 100644
--- a/main.tf
+++ b/main.tf
@@ -13,8 +13,8 @@ locals {
locals {
public_ips = compact(
concat(
- coalescelist(aws_eip.default.*.public_ip, aws_instance.default.*.public_ip),
- coalescelist(aws_eip.additional.*.public_ip, [""])
+ coalescelist(aws_eip.default[*].public_ip, aws_instance.default[*].public_ip),
+ coalescelist(aws_eip.additional[*].public_ip, [""])
)
)
@@ -68,7 +68,7 @@ module "label" {
resource "aws_iam_instance_profile" "default" {
count = signum(local.instance_count)
name = module.label.id
- role = join("", aws_iam_role.default.*.name)
+ role = join("", aws_iam_role.default[*].name)
}
resource "aws_iam_role" "default" {
@@ -89,16 +89,16 @@ resource "aws_instance" "default" {
ebs_optimized = var.ebs_optimized
disable_api_termination = var.disable_api_termination
user_data = var.user_data
- iam_instance_profile = join("", aws_iam_instance_profile.default.*.name)
+ iam_instance_profile = join("", aws_iam_instance_profile.default[*].name)
associate_public_ip_address = var.associate_public_ip_address
key_name = signum(length(var.ssh_key_pair)) == 1 ? var.ssh_key_pair : module.ssh_key_pair.key_name
subnet_id = var.subnet
monitoring = var.monitoring
- private_ip = concat(var.private_ips, [""])[min(length(var.private_ips), count.index)]
+ private_ip = concat(var.private_ips, [null])[min(length(var.private_ips), count.index)]
source_dest_check = var.source_dest_check
ipv6_address_count = var.ipv6_address_count < 0 ? null : var.ipv6_address_count
ipv6_addresses = length(var.ipv6_addresses) > 0 ? var.ipv6_addresses : null
- vpc_security_group_ids = compact(concat(module.security_group.*.id, var.security_groups))
+ vpc_security_group_ids = compact(concat(module.security_group[*].id, var.security_groups))
root_block_device {
volume_type = local.root_volume_type
@@ -138,7 +138,7 @@ module "ssh_key_pair" {
resource "aws_eip" "default" {
count = local.count_default_ips
- network_interface = aws_instance.default.*.primary_network_interface_id[count.index]
+ network_interface = aws_instance.default[*].primary_network_interface_id[count.index]
vpc = true
depends_on = [aws_instance.default]
tags = module.this.tags
@@ -158,6 +158,6 @@ resource "aws_ebs_volume" "default" {
resource "aws_volume_attachment" "default" {
count = signum(local.instance_count) == 1 ? var.ebs_volume_count * local.instance_count : 0
device_name = element(slice(var.ebs_device_names, 0, floor(var.ebs_volume_count * local.instance_count / max(local.instance_count, 1))), count.index)
- volume_id = aws_ebs_volume.default.*.id[count.index]
- instance_id = aws_instance.default.*.id[count.index]
+ volume_id = aws_ebs_volume.default[*].id[count.index]
+ instance_id = aws_instance.default[*].id[count.index]
}
diff --git a/outputs.tf b/outputs.tf
index fbf6efb..b066365 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -5,12 +5,12 @@ output "public_ips" {
output "private_ips" {
description = "Private IPs of instances"
- value = aws_instance.default.*.private_ip
+ value = aws_instance.default[*].private_ip
}
output "private_dns" {
description = "Private DNS records of instances"
- value = aws_instance.default.*.private_dns
+ value = aws_instance.default[*].private_dns
}
output "public_dns" {
@@ -20,7 +20,7 @@ output "public_dns" {
output "ids" {
description = "Disambiguated IDs list"
- value = aws_instance.default.*.id
+ value = aws_instance.default[*].id
}
output "name" {
@@ -45,7 +45,7 @@ output "ssh_key_pem_path" {
output "security_group_ids" {
description = "ID on the new AWS Security Group associated with creating instance"
- value = compact(concat(module.security_group.*.id, var.security_groups))
+ value = compact(concat(module.security_group[*].id, var.security_groups))
}
output "security_group_id" {
@@ -65,30 +65,30 @@ output "security_group_name" {
output "role_names" {
description = "Names of AWS IAM Roles associated with creating instance"
- value = compact(aws_iam_role.default.*.name)
+ value = compact(aws_iam_role.default[*].name)
}
output "alarm_ids" {
description = "CloudWatch Alarm IDs"
- value = aws_cloudwatch_metric_alarm.default.*.id
+ value = aws_cloudwatch_metric_alarm.default[*].id
}
output "eni_to_eip_map" {
description = "Map of ENI with EIP"
value = zipmap(
- aws_network_interface.additional.*.id,
- aws_eip.additional.*.public_ip
+ aws_network_interface.additional[*].id,
+ aws_eip.additional[*].public_ip
)
}
output "ebs_ids" {
description = "IDs of EBSs"
- value = aws_ebs_volume.default.*.id
+ value = aws_ebs_volume.default[*].id
}
output "primary_network_interface_ids" {
description = "IDs of the instance's primary network interface"
- value = aws_instance.default.*.primary_network_interface_id
+ value = aws_instance.default[*].primary_network_interface_id
}
output "eip_per_instance_count" {
diff --git a/variables.tf b/variables.tf
index 914b741..9d3cdaa 100644
--- a/variables.tf
+++ b/variables.tf
@@ -210,12 +210,6 @@ variable "delete_on_termination" {
default = true
}
-variable "welcome_message" {
- type = string
- description = "Welcome message"
- default = ""
-}
-
variable "comparison_operator" {
type = string
description = "The arithmetic operation to use when comparing the specified Statistic and Threshold. Possible values are: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold"
@@ -264,12 +258,6 @@ variable "default_alarm_action" {
default = "action/actions/AWS_EC2.InstanceId.Reboot/1.0"
}
-variable "create_default_security_group" {
- type = bool
- description = "Create default Security Group with only Egress traffic allowed"
- default = true
-}
-
variable "additional_ips_count" {
type = number
description = "Count of additional EIPs"
diff --git a/versions.tf b/versions.tf
index c2352c7..ebead97 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,5 +1,5 @@
terraform {
- required_version = ">= 0.13"
+ required_version = ">= 1.0"
required_providers {
aws = {