v0.7.1

feat: support vpc endpoints @dudymas (#52)

## what

• add vpc endpoints to endpoint type config

why

• private Api Gateways need to connect to an endpoint for dns to work
  appropriately

references

• https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-api-create.html

🤖 Automatic Updates

Migrate new test account @osterman (#51)

## what - Update `.github/settings.yml` - Update `.github/chatops.yml` files

why

• Re-apply .github/settings.yml from org level to get terratest environment
• Migrate to new test account

References

• DEV-388 Automate clean up of test account in new organization
• DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
• DEV-386 Update terratest to use new testing account with GitHub OIDC

Update .github/settings.yml @osterman (#47)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @osterman (#45)

## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

• So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#44)

## what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repo

why

• Reduce nested levels of reusable workflows

v0.7.0

🚀 Enhancements

Added variable for cloudwatch Full Request and Response Logs: data_trace_enabled @sheilman16 (#43)

Repeat of PR 36 with requested updates from main and to readme.

what

• Added variable data_trace_enabled to the aws_api_gateway_method_settings resource
• This change allows for configuration of CloudWatch logging setting "Full Request and Response Logs" available in the AWS UI. [2]

why

The variable logging_level controls CloudWatch log setting in the AWS UI for OFF, INFO, and ERROR, but doesn't include an option for "Full Request and Response Logs". In the AWS UI for API GW, there's an additional option, "Full Request and Response Logs", as shown in the screenshot:

According to terraform documentation, the variable data_trace_enabled = true is required in conjunction with logging_level = "INFO" to enable "Full Request and Response Logs". This is added to the aws_api_gateway_method_settings resource in the settings code block [2]:

settings {
    logging_level      = "INFO"
    metrics_enabled    = true
    data_trace_enabled = true
  }

references

[1] Terraform resource:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings

[2] Closed Issue with Terraform citing solution
hashicorp/terraform-provider-aws#35863 (comment)

🤖 Automatic Updates

Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#42)

what

• Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @osterman (#41)

what

• Update workflows (.github/workflows/settings.yaml)

why

• Support new readme generation workflow.
• Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#40)

what

• Install latest GitHub Action Workflows

why

• Use shared workflows from cldouposse/.github repository
• Simplify management of workflows from centralized hub of configuration

Add GitHub Settings @osterman (#39)

what

• Install a repository config (.github/settings.yaml)

why

• Programmatically manage GitHub repo settings

Update Scaffolding @osterman (#37)

what

• Reran make readme to rebuild README.md from README.yaml
• Migrate to square badges
• Add scaffolding for repo settings and Mergify

why

• Upstream template changed in the .github repo
• Work better with repository rulesets
• Modernize look & feel

v0.6.0

Fix error when create private API Gateway with resource policy @ByJacob (#25)

what

• add relations between aws_api_gateway_deployment and aws_api_gateway_rest_api_policy

why

╷
│ Error: creating API Gateway Deployment: BadRequestException: Private REST API doesn't have a resource policy attached to it
│ 
│   with module.api_gwt.aws_api_gateway_deployment.this[0],
│   on ../../modules/api-gwt/main.tf line 39, in resource "aws_api_gateway_deployment" "this":
│   39: resource "aws_api_gateway_deployment" "this" {
│ 
╵

references

• https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies-create-attach.html

v0.5.0

🤖 Automatic Updates

Update Terraform cloudposse/iam-role/aws to v0.19.0 (main) @renovate (#31)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/iam-role/aws (source)	module	minor	0.16.1 -> 0.19.0

---

Release Notes

cloudposse/terraform-aws-iam-role (cloudposse/iam-role/aws)

v0.19.0

Compare Source

IAM Role name length limit @​goruha (#​58)

what

• Fix IAM role name length limit

why

• Fix IAM role name length limited to 64

Sync github @​max-lobur (#​54)

Rebuild github dir from the template

v0.18.0

Compare Source

• No changes

v0.17.0

Compare Source

Update main.tf @​karinatitov (#​50)

have a chance to configure the name of the policy

what

• With this change i want to have an ability to provide a custom name for the policy

why

• the resources i'm working with were not created in the same way this module assumes
• to have a chance to configure the name of the policy

git.io->cloudposse.tools update @​dylanbannon (#​46)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

v0.16.2

Compare Source

🚀 Enhancements

Add enabled check to data source @​nitrocode (#​45)

what

• Add enabled check to data source
• Add TestExamplesCompleteDisabled check

why

• Prevent creation if enabled is false

references

• https://github.com/cloudposse/terraform-aws-s3-bucket/pull/148

---

Update Terraform cloudposse/cloudwatch-logs/aws to v0.6.8 (main) @renovate (#30)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/cloudwatch-logs/aws (source)	module	patch	0.6.5 -> 0.6.8

---

Release Notes

cloudposse/terraform-aws-cloudwatch-logs (cloudposse/cloudwatch-logs/aws)

v0.6.8

Compare Source

🚀 Enhancements

Fix mistake in policy. Part2 @​ramses999 (#​39)

what

This is just a continuation of the fix https://github.com/cloudposse/terraform-aws-cloudwatch-logs/pull/38.
Prod environment tested. That's how it works correctly.

v0.6.7

Compare Source

🚀 Enhancements

Fix mistake in policy @​ramses999 (#​38)

what

Fix mistake in policy

why

The policy is created simply by ARN without the ":" construct, which is necessary to create the correct policy for the role.
Without this ":" construct, the policy is created, but it does not work correctly.
This error was discovered when I tried to create a cloudwatch group in the cloudtrail module.
I got the response "Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Access denied. Verify in IAM that the role has adequate permissions."
After studying the code, I realized that I need to add the construction ":*" in a couple of lines.
My solution looks like this, I need to replace the lines in file :

This line:
join("", aws_cloudwatch_log_group.default..arn),
replaced by
"${join("", aws_cloudwatch_log_group.default..arn)}:*"
You need to do this in both identical lines.

Perhaps you can suggest a better solution, I'm new to terraforming.

references

https://github.com/cloudposse/terraform-aws-cloudwatch-logs/issues/37
https://github.com/cloudposse/terraform-aws-cloudwatch-logs/blob/master/iam.tf#L55

v0.6.6

Compare Source

🤖 Automatic Updates

Update Terraform cloudposse/iam-role/aws to v0.16.2 @​renovate (#​33)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/iam-role/aws (source)	module	patch	0.16.1 -> 0.16.2

---

---

v0.4.0

Fix typo in example @vanastassiou (#19)

what

• Fixes typo in example module syntax

why

• Consistent spelling is good

references

• n/a

Sync github @max-lobur (#24)

Rebuild github dir from the template

v0.3.1

Add optional custom stage name @joshmello (#16)

what

Allows the api gateway stage name to be set by the user instead of using stage from null label

why

While using module.this.stage works well; there may be use cases for a custom stage name or if people use environment in place of stage with the null label module.

references

n/a

git.io->cloudposse.tools update @dylanbannon (#15)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

v0.3.0

Add policy boundary, iam_tags_enabled and update to cloudwatch_logs module @jamengual (#13)

what

• Add policy boundary to cloudwatch-log module
• Add iam_tags_enable option for cloudwatch-log module
• Update to cloudwatch-log module to new version

why

• Updating upstream dependencies and input variables.

v0.2.0

Add stage arn output @mwakaba2 (#12)

what

• Added gateway's stage arn to output.
• Updated readme to include the new output.

why

• The stage arn is needed when defining associations between API gateway stage and a WAF, specifically in the WAF's association resource arns list in cloudposse/terraform-aws-waf module.

v0.1.0

add support for private link @mcalhoun (#11)

what

• Add support for VPC Private Link

why

• To allow API Gateway to communicate with resources within a VPC

references

• AWS Documentation

v0.0.2

fix release badge @mcalhoun (#6)

what

• Fix the broken release badge

fix release badge @mcalhoun (#5)

what

• Fix the broken latest releases badge