v2.2.0

`.editorconfig` Typo @milldr (#50)

what

fixed intent typo

why

should be spelled "indent"

references

https://cloudposse.slack.com/archives/C01EY65H1PA/p1685638634845009

Sync github @max-lobur (#47)

Rebuild github dir from the template

v2.1.0

• No changes

v2.0.1

🐛 Bug Fixes

Properly handle enabled = false @Nuru (#45)

what

• Properly handle enabled = false

why

• Fixes #43

v2.0.0 Breaking changes

For details about migrating from v1 to v2, read the migration documentation.

Version 1 of this module had a flaw in that it tried to create new security group rules before deleting the old ones, which the Terraform provider does not handle properly and caused most attempted changes to fail. Version 2 resolves this issue by also creating a new security group when the rules change, installing the new rules in the new security group, then changing the security group assignments. Read the README and the migration documentation for more details.

Document migration from v1 to v2 @Nuru (#42)

what

• Document migration from v1 to v2 of this module
• Fix #40

why

• Serious issues exist in v1, causing v2 to have different defaults and new settings. Documentation is needed to guide users on how to upgrade while minimizing service interruptions.

references

• Closes #40

Fixes the link for examples/complete/main.tf @jdmedeiros (#41)

Fixes the link for examples/complete/main.tf on the README.md file.

v2.0.0-rc1 Default to "create before destroy"

• Trade-offs between "create before destroy" and service interruptions clarified in README
• New feature flag preserve_security_group_id added to provide some control over when a new security group will be created to replace the existing one

Possibly breaking changes:

• create_before_destroy default changed from false to true
• With new defaults, any change to a security group rule will cause the security group itself to be replaced. Fixes #34
• Require Terraform v1.0.0 or later

More accurate control of create before destroy behaviors @Nuru (#35)

note

README and code are (hopefully) final.

This will be released as v2.0.0-rc1 due to changed defaults, requirement for Terraform 1.0, and possible service interruption when upgrading. Migration document TBD.

what

• Make create_before_destroy default to true for security groups
• Introduce preserve_security_group_id to control replacement of security group when rules change

why

• In most cases, replacing a security group with create_before_destroy = false will fail with an error because you cannot destroy a security group while it is associated with a resource
• Fixes #34

references

• Fixes #34
• hashicorp/terraform-provider-aws#25173
• hashicorp/terraform#31316

v1.0.1

🐛 Bug Fixes

Handle `self = false`, add warning about `compact` and `sort` @Nuru (#33)

what

• Handle self = false
• Add warning about compact and sort

why

• Setting self = false in a rule (meaning the rule does not apply to the security group it is being associated with) was causing an empty rule to be created and/or causing conflicts with other rule elements. Now it works like self = null works.
• Explain some causes of the dreaded "Invalid for_each argument" error and what to do to fix it.

references

• hashicorp/terraform#31035
• hashicorp/terraform#30937 (comment)

v1.0.0 Initial release with production Semantic Versioning

Initial release with production Semantic Versioning, part of Cloud Posse's general policy to convert to production versioning as we make updates to relatively mature modules.

This version is functionally equivalent to v0.4.3. The only differences are to the support framework (for things like developing and testing the module).

git.io->cloudposse.tools update and test framework update @dylanbannon (#32)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

Rename the exported `security-group-inputs` file to `security-group-variables` @aknysh (#31)

what

• Rename the exported security-group-inputs.tf file to security-group-variables.tf

why

• Standardize on file names with variables for specific resources.
  For example, we have spotinst-variables.tf for Spot, security-group-variables.tf for SG, etc.

v0.4.3

Update recommended inputs and outputs @Nuru (#26)

what

• Update recommended inputs and outputs

why

• Changes based on experience implementing several modules

🚀 Enhancements

Rename the exported `security_group_inputs.tf` file to `security-group-inputs.tf` @aknysh (#30)

what

• Rename the exported security_group_inputs.tf file to security-group-inputs.tf
• Update GitHub workflows and LICENSE

why

• Our naming convention is to use kebab-case for all files. Having a file in snake_case (after adding it to a repo) together with all the other files in kebab-case in the same repo does not look correct
• Keep up to date

v0.4.2

🐛 Bug Fixes

Correctly extract security group name for tags @Nuru (#25)

what

• Correctly extract security group name from var.security_group_name list when setting tags

why

• Type mismatch error otherwise

v0.4.1

🐛 Bug Fixes

Fix bad markup (unclosed `details` block) in README.yaml @Nuru (#24)

what

• Fix bad markup (unclosed details block) in README.yaml

why

• Incorrectly hides most of README