Skip to content

Releases: cloudposse/terraform-aws-amplify-app

v1.2.0

23 Jan 02:36
@cloudposse-releaser cloudposse-releaser
v1.2.0
f573b8a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.0 Latest
Latest
fix: adjust default value for custom headers variable @RoseSecurity (#47) ## what
  • The default custom header is currently an empty string which fails the following provider validation:
	"custom_headers": {
		Type:         schema.TypeString,
		Optional:     true,
		Computed:     true,
		ValidateFunc: validation.StringLenBetween(1, 25000),
	},

Which produces the following error:

│ Error: expected length of custom_headers to be in the range (1 - 25000), got

│   with module.amplify_app.aws_amplify_app.default[0],
│   on .terraform/e98d/modules/amplify_app/main.tf line 28, in resource "aws_amplify_app" "default":
│   28:   custom_headers                = var.custom_headers
  • This changes the default value to null for the custom_headers variable

why

Fixes the following error:

Planning failed. Terraform encountered an error while generating this plan.


│ Error: expected length of custom_headers to be in the range (1 - 25000), got

│   with module.amplify_app.aws_amplify_app.default[0],
│   on .terraform/infra/modules/amplify_app/main.tf line 28, in resource "aws_amplify_app" "default":
│   28:   custom_headers                = var.custom_headers

references

Contributors

RoseSecurity
Assets 2
Loading

v1.1.1

21 Jan 20:06
@cloudposse-releaser cloudposse-releaser
v1.1.1
824d0f5
Compare
Choose a tag to compare
v1.1.1
feat: amplify custom headers configuration @oycyc (#46) ## what

Allow setting custom headers in Amplify

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/amplify_app#custom-headers
From Terraform docs:
image

why

As said in the AWS Amplify docs:
"Custom HTTP headers enable you to specify headers for every HTTP response. Response headers can be used for debugging, security, and informational purposes. You can specify headers in the Amplify console, or by downloading and editing an app's customHttp.yml file and saving it in the project's root directory."

https://docs.aws.amazon.com/amplify/latest/userguide/custom-headers.html

references

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/amplify_app#custom-headers

🤖 Automatic Updates

Migrate new test account @osterman (#42) ## what - Update `.github/settings.yml` - Update `.github/chatops.yml` files

why

  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account

References

  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @osterman (#41) ## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub

Contributors

osterman and oycyc
Assets 2
Loading

v1.1.0

15 Jul 16:36
@cloudposse-releaser cloudposse-releaser
1.1.0
6277327
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.0
fix: Basic authentication configuration at the branch level @sestrella (#15)

what

Module consumers cannot pass a custom basic_auth_credentials per branch using the existing variables. At the branch level, there is also a typo on enable_basic_auth.

why

The changes made in this PR allow consumers to configure different basic authentication credentials for each branch.

🤖 Automatic Updates

chore(deps): bump the go_modules group in /test/src with 5 updates @dependabot (#40)

Bumps the go_modules group in /test/src with 5 updates:

Package From To
github.com/hashicorp/go-getter 1.7.1 1.7.5
golang.org/x/crypto 0.1.0 0.17.0
golang.org/x/net 0.8.0 0.10.0
google.golang.org/grpc 1.51.0 1.56.3
google.golang.org/protobuf 1.31.0 1.33.0

Updates github.com/hashicorp/go-getter from 1.7.1 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

New Contributors

Full Changelog: hashicorp/go-getter@v1.7.4...v1.7.5

v1.7.4

What's Changed

Full Changelog: hashicorp/go-getter@v1.7.3...v1.7.4

v1.7.3

What's Changed

New Contributors

Full Changelog: hashicorp/go-getter@v1.7.2...v1.7.3

v1.7.2

What's Changed

Full Changelog: hashicorp/go-getter@v1.7.1...v1.7.2

Commits
  • 5a63fd9 Merge pull request #497 from hashicorp/fix-git-update
  • 5b7ec5f fetch tags on update and fix tests
  • 9906874 recreate git config during update to prevent config alteration
  • 268c11c escape user provide string to git (#483)
  • 975961f Merge pull request #433 from adrian-bl/netrc-fix
  • 0298a22 Merge pull request #459 from hashicorp/jbardin/setup-git-env
  • c70d9c9 don't change GIT_SSH_COMMAND if there's no keyfile
  • 3d5770f Merge pull request #458 from hashicorp/tsccr-auto-pinning/trusted/2023-09-18
  • 0688979 Result of tsccr-helper -log-level=info -pin-all-workflows .
  • e66f244 Merge pull request #454 from hashicorp/tsccr-auto-pinning/trusted/2023-09-11
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.1.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • 325b735 ssh/test: skip TestSSHCLIAuth on Windows
  • 1eadac5 go.mod: update golang.org/x dependencies
  • b2d7c26 ssh: add (*Client).DialContext method
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.8.0 to 0.10.0

Commits
  • daac0ce go.mod: update golang.org/x dependencies
  • 82780d6 http2: don't reuse connections that are experiencing errors
  • 0bfab66 ipv4, ipv6: drop redundant skip checks based on GOOS
  • 938ff15 ipv4, ipv6, nettest: skip unsupported tests on wasip1
  • eb1572c html: another shot at security doc
Read more

Contributors

osterman, sestrella, and dependabot
Assets 2
Loading

v1.0.1

25 Nov 19:16
@github-actions github-actions
1.0.1
ddd84ef
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.1

🚀 Enhancements

default `var.domains` to `{}` @kevcube (#17)

what

  • if not specified, terraform errors trying to iterate over null

why

  • iterating with this module and wanted to use blank config, terraform errored.

references

Contributors

kevcube
Assets 2
Loading

v1.0.0

27 Jul 20:29
@github-actions github-actions
1.0.0
c495a4e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0
Update Amplify domain config @aknysh (#12)

what

  • Update Amplify domain config
  • Update tests
  • Update module versions

why

  • Allow associating multiple domains to an Amplify app

references

Contributors

aknysh
Assets 2
Loading

v0.3.0

24 May 19:22
@github-actions github-actions
0.3.0
fa90481
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.3.0
Feature/add id output @Dvelezs94 (#9)

what

  • Add amplify app Id as output

why

  • Useful for adding notifications through SNS and other cases
Sync github @max-lobur (#7)

Rebuild github dir from the template

Contributors

max-lobur and Dvelezs94
Assets 2
Loading

v0.2.1

21 Apr 19:37
@cloudpossebot cloudpossebot
0.2.1
a2e25b6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.1

🚀 Enhancements

Add `sub_domains` output @aknysh (#5)

what

  • Add sub_domains output

why

  • Needed to create DNS CNAME records in the custom domain DNS zone to point to the Amplify app
sub_domains = toset([
{
  "branch_name" = "dev"
  "dns_record" = "dev CNAME d3id0e13ftymve.cloudfront.net"
  "prefix" = "dev"
  "verified" = false
},
{
  "branch_name" = "main"
  "dns_record" = " CNAME d3id0e13ftymve.cloudfront.net"
  "prefix" = ""
  "verified" = false
},
])

Contributors

aknysh
Assets 2
Loading

v0.2.0

20 Apr 22:18
@cloudpossebot cloudpossebot
0.2.0
9043680
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.0
Add a variable to provide a list of IAM policy actions for the IAM service role for the Amplify app. Update custom domain configuration @aknysh (#4)

what

  • Add a variable to provide a list of IAM policy actions for the IAM service role for the Amplify app
  • Update custom domain configuration. Add a new variable domain_config

why

  • Amplify apps without a backend don't need an IAM role. Amplify apps with a backend need an IAM role, but many of them don't need a full set of actions as defined in the default set for the role. Allow specifying a custom set of actions for the IAM role. For example, for Amplify apps with server-side rendering, only the following IAM permissions are required (see Amazon CloudWatch Logs for SSR apps for more info)

    logs:CreateLogStream
logs:CreateLogGroup
logs:DescribeLogGroups
logs:PutLogEvents

  • Update custom domain configuration. Add a new variable domain_config. A custom domain is app-wide, not branch-wide, and needs to be specified in a separate variable (not part of the app's environments)

Contributors

aknysh
Assets 2
Loading

v0.1.0

18 Apr 03:34
@cloudpossebot cloudpossebot
0.1.0
ee4582a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.0
Terraform module to provision AWS Amplify apps, backend environments, branches, domain associations, and webhooks @nitrocode (#2)

what

why

  • Terraform module to provision AWS Amplify apps, backend environments, branches, domain associations, and webhooks

references

notes

  • test/terratest will not succeed since Amplify needs a GitHUb Personal Access Token (PAT) to be able to work with a repository
Error: creating Amplify App (eg-ue2-test-amplify-lzcegv): BadRequestException: 
There was an issue setting up your repository. Please try again later.({"message":"Bad credentials",
"documentation_url":"https://docs.github.com/rest"})

The PAT can be read from SSM or ASM in the amplify-app component that uses this module

data "aws_ssm_parameter" "github_pat" {
  name            = var.github_personal_access_token_secret_path
  with_decryption = true
}

Contributors

nitrocode
Assets 2
Loading